Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/OQp90hR9J2o05x-6fg9osEzan-A.roa
File: OQp90hR9J2o05x-6fg9osEzan-A.roa (raw, json)
Hash identifier: X6X76vcWoxHaPWOCaNTADjGicK6MyXLydj9rGbif4Ns=
Subject key identifier: 39:0A:7D:D2:14:7D:27:6A:34:E7:1F:BA:7E:0F:68:B0:4C:DA:9F:E0
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 018FA113880F4CAAFF618B370AC8D9C1FE75
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/OQp90hR9J2o05x-6fg9osEzan-A.roa
Signing time: Wed 22 May 2024 16:12:42 +0000
ROA not before: Wed 22 May 2024 16:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12722
IP address blocks: 2.59.48.0/24 maxlen: 24
31.222.240.0/24 maxlen: 24
31.222.243.0/24 maxlen: 24
31.222.250.0/24 maxlen: 24
37.221.80.0/24 maxlen: 24
45.11.22.0/24 maxlen: 24
45.14.220.0/24 maxlen: 24
45.14.221.0/24 maxlen: 24
45.80.120.0/22 maxlen: 22
45.89.68.0/24 maxlen: 24
45.89.71.0/24 maxlen: 24
91.188.220.0/24 maxlen: 24
94.158.188.0/24 maxlen: 24
176.56.35.0/24 maxlen: 24
176.56.36.0/24 maxlen: 24
176.124.34.0/24 maxlen: 24
185.202.106.0/24 maxlen: 24
185.212.112.0/24 maxlen: 24
185.234.8.0/24 maxlen: 24
188.95.71.0/24 maxlen: 24
193.3.18.0/24 maxlen: 24
193.201.114.0/24 maxlen: 24
194.32.240.0/24 maxlen: 24
195.18.26.0/24 maxlen: 24
195.69.148.0/24 maxlen: 24
195.69.150.0/24 maxlen: 24
195.225.96.0/24 maxlen: 24
213.109.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 00:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a1:13:88:0f:4c:aa:ff:61:8b:37:0a:c8:d9:c1:fe:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: May 22 16:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=390a7dd2147d276a34e71fba7e0f68b04cda9fe0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:0d:37:ad:04:c7:2c:9e:b6:a7:4b:6b:72:53:
26:7f:dc:56:6d:66:a9:94:8d:92:65:27:11:53:4b:
c9:ee:d1:5b:40:92:88:9f:c9:9d:8a:4d:45:13:97:
a2:88:7d:37:f1:e1:2e:95:09:52:e4:8a:e5:ed:d2:
c7:7d:73:a4:61:45:39:06:9e:2c:6f:02:ab:99:b6:
eb:86:87:ee:6b:2e:a8:c0:a1:f7:99:68:c2:03:11:
50:67:6f:d4:74:d7:e7:c6:72:86:7f:b6:ef:ec:46:
42:bc:1b:b5:f4:56:2b:0b:c5:da:f7:47:d8:93:a0:
7c:13:10:f8:fc:f9:80:55:be:b3:ca:cb:48:b0:22:
4b:d7:62:91:41:ec:33:36:d3:27:ce:a4:c3:d3:44:
85:a4:6a:11:40:9f:4d:5d:50:00:62:ed:15:f2:b4:
ed:cf:45:6b:04:c0:4c:59:db:27:0e:a1:69:89:4d:
ca:c8:d2:87:0d:d6:73:86:db:56:23:93:ef:81:fc:
b8:6c:b1:cd:57:17:f0:95:a0:60:71:90:63:8f:3e:
4f:8d:53:7c:53:d3:ad:a9:3f:74:a7:f8:f8:23:84:
29:51:17:3a:5e:e7:ff:d9:e9:f5:58:11:c6:9e:dc:
56:59:54:48:4f:6e:1d:1d:c8:06:d7:0c:7e:16:f7:
69:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:0A:7D:D2:14:7D:27:6A:34:E7:1F:BA:7E:0F:68:B0:4C:DA:9F:E0
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/OQp90hR9J2o05x-6fg9osEzan-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.48.0/24
31.222.240.0/24
31.222.243.0/24
31.222.250.0/24
37.221.80.0/24
45.11.22.0/24
45.14.220.0/23
45.80.120.0/22
45.89.68.0/24
45.89.71.0/24
91.188.220.0/24
94.158.188.0/24
176.56.35.0-176.56.36.255
176.124.34.0/24
185.202.106.0/24
185.212.112.0/24
185.234.8.0/24
188.95.71.0/24
193.3.18.0/24
193.201.114.0/24
194.32.240.0/24
195.18.26.0/24
195.69.148.0/24
195.69.150.0/24
195.225.96.0/24
213.109.206.0/24
Signature Algorithm: sha256WithRSAEncryption
41:5a:0d:58:8c:a9:83:cd:85:c6:64:21:ef:b1:fc:56:b2:25:
b6:96:c2:6c:f5:a3:2e:87:1c:e4:01:5a:66:9c:fe:01:1a:41:
ed:10:81:36:dc:3b:c9:e0:50:c4:45:bf:af:07:d3:8b:84:5c:
d1:a7:02:a0:ca:18:53:51:a7:e1:d1:90:a6:a5:d1:2b:c0:7b:
fb:b9:ec:07:6b:65:0c:5a:2c:96:56:dc:09:52:95:d5:c5:61:
01:7a:c9:d3:b7:74:6f:a3:c1:15:ff:92:b5:78:31:25:ac:a5:
e0:f7:5a:61:f4:48:52:43:16:8d:fe:95:dd:74:e5:c9:e7:f0:
1c:3e:16:c6:ad:94:9c:a9:a4:9a:f2:bc:cd:da:2b:f4:43:a7:
ab:06:a9:78:16:c2:68:29:57:7d:30:4d:73:04:a6:a1:8a:53:
ef:e6:68:67:d3:2d:fc:dd:3d:f2:13:52:4c:0f:1a:db:68:df:
56:1a:e4:77:08:a8:69:6a:a1:1c:9b:81:e1:e7:dc:02:ff:45:
60:f9:91:d9:55:51:7c:88:0c:08:af:a7:e1:42:21:64:1b:65:
83:03:fc:17:76:fb:6f:16:e8:b8:fa:13:00:2a:c6:3c:23:0a:
44:f5:59:3c:2e:9e:95:d8:fd:2d:39:d7:24:40:21:3a:a0:31:
2f:23:04:3a
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAY+hE4gPTKr/YYs3CsjZwf51MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjQwNTIyMTYxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTBhN2RkMjE0N2QyNzZhMzRlNzFmYmE3ZTBmNjhiMDRjZGE5ZmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1A03rQTHLJ62p0trclMmf9xWbWap
lI2SZScRU0vJ7tFbQJKIn8mdik1FE5eiiH038eEulQlS5Irl7dLHfXOkYUU5Bp4s
bwKrmbbrhofuay6owKH3mWjCAxFQZ2/UdNfnxnKGf7bv7EZCvBu19FYrC8Xa90fY
k6B8ExD4/PmAVb6zystIsCJL12KRQewzNtMnzqTD00SFpGoRQJ9NXVAAYu0V8rTt
z0VrBMBMWdsnDqFpiU3KyNKHDdZzhttWI5Pvgfy4bLHNVxfwlaBgcZBjjz5PjVN8
U9OtqT90p/j4I4QpURc6Xuf/2en1WBHGntxWWVRIT24dHcgG1wx+FvdpSwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFDkKfdIUfSdqNOcfun4PaLBM2p/gMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvT1FwOTBoUjlKMm8wNXgtNmZnOW9zRXphbi1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAC
OzADBAAf3vADBAAf3vMDBAAf3voDBAAl3VADBAAtCxYDBAEtDtwDBAItUHgDBAAt
WUQDBAAtWUcDBABbvNwDBABenrwwDAMEALA4IwMEALA4JAMEALB8IgMEALnKagME
ALnUcAMEALnqCAMEALxfRwMEAMEDEgMEAMHJcgMEAMIg8AMEAMMSGgMEAMNFlAME
AMNFlgMEAMPhYAMEANVtzjANBgkqhkiG9w0BAQsFAAOCAQEAQVoNWIypg82FxmQh
77H8VrIltpbCbPWjLocc5AFaZpz+ARpB7RCBNtw7yeBQxEW/rwfTi4Rc0acCoMoY
U1Gn4dGQpqXRK8B7+7nsB2tlDFosllbcCVKV1cVhAXrJ07d0b6PBFf+StXgxJayl
4PdaYfRIUkMWjf6V3XTlyefwHD4Wxq2UnKmkmvK8zdor9EOnqwapeBbCaClXfTBN
cwSmoYpT7+ZoZ9Mt/N098hNSTA8a22jfVhrkdwioaWqhHJuB4efcAv9FYPmR2VVR
fIgMCK+n4UIhZBtlgwP8F3b7bxbouPoTACrGPCMKRPVZPC6eldj9LTnXJEAhOqAx
LyMEOg==
-----END CERTIFICATE-----
Generated at Wed Jun 26 09:53:54 2024 by rpki-client on console-fra.rpki-client.org