Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/OPzm0rPefrS1Ys5wni3S9JDSgyY.roa
File: OPzm0rPefrS1Ys5wni3S9JDSgyY.roa (raw, json)
Hash identifier: krwwbythIYVqtTZig+aRka6pT4E4HOJUELVZ1/oqARk=
Subject key identifier: 38:FC:E6:D2:B3:DE:7E:B4:B5:62:CE:70:9E:2D:D2:F4:90:D2:83:26
Certificate issuer: /CN=458d12f095053c35876b88b47685d6435421fcf2
Certificate serial: 018CC8DF95D1C3270D34C048A27DFAA5F407
Authority key identifier: 45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/OPzm0rPefrS1Ys5wni3S9JDSgyY.roa
Signing time: Tue 02 Jan 2024 06:32:25 +0000
ROA not before: Tue 02 Jan 2024 06:32:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58329
IP address blocks: 194.76.225.0/24 maxlen: 24
185.158.249.0/24 maxlen: 24
79.132.132.0/24 maxlen: 24
193.242.210.0/23 maxlen: 23
79.132.129.0/24 maxlen: 24
79.132.128.0/24 maxlen: 24
31.214.157.0/24 maxlen: 24
79.132.133.0/24 maxlen: 24
2001:67c:2ae8::/48 maxlen: 48
2a0b:7140:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:95:d1:c3:27:0d:34:c0:48:a2:7d:fa:a5:f4:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=458d12f095053c35876b88b47685d6435421fcf2
Validity
Not Before: Jan 2 06:32:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38fce6d2b3de7eb4b562ce709e2dd2f490d28326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:4b:6f:f0:37:dc:10:6b:1c:f9:33:64:8a:6c:
44:ab:a5:32:dc:d6:a0:6d:d7:eb:bf:71:81:86:2e:
bc:1a:50:4b:f4:e3:3e:5c:d1:ab:f6:56:27:e1:59:
d2:25:67:d5:5e:c5:a3:0a:88:3e:27:79:44:27:ae:
a5:00:be:43:fe:98:89:64:10:f7:02:8a:4e:3a:ed:
ad:15:be:2c:8d:54:b6:f7:b6:fc:4b:a4:ff:ef:63:
43:91:1d:a2:01:ac:76:d1:99:41:a5:07:13:68:7f:
82:1d:11:7a:6f:02:f0:15:b3:d8:5f:b6:42:a7:2c:
a8:99:c7:79:c1:43:7a:fc:23:fa:0b:96:ce:08:40:
32:49:b3:6c:fa:b7:14:4f:04:3b:1d:3e:2d:ac:83:
0b:fd:6a:25:7a:8a:99:cf:06:89:ae:ec:ea:4d:08:
96:ac:7b:25:01:dc:78:be:b8:2e:80:3c:3b:31:8f:
70:5a:4c:4c:c2:6f:7b:a1:d0:0b:83:0e:25:16:c9:
a9:8e:37:c4:69:94:1c:84:44:dc:4b:91:ef:32:07:
8f:70:e0:d9:1a:99:a2:c7:5c:d3:d6:88:6f:bf:b3:
86:63:6f:dd:c1:3b:f7:7d:8a:49:21:33:d4:86:06:
47:87:1d:43:10:a1:f0:0f:4f:49:6b:d9:7f:21:67:
f7:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:FC:E6:D2:B3:DE:7E:B4:B5:62:CE:70:9E:2D:D2:F4:90:D2:83:26
X509v3 Authority Key Identifier:
keyid:45:8D:12:F0:95:05:3C:35:87:6B:88:B4:76:85:D6:43:54:21:FC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/OPzm0rPefrS1Ys5wni3S9JDSgyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/7cecc7-f63d-43fc-b219-3955959eaf81/1/RY0S8JUFPDWHa4i0doXWQ1Qh_PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.157.0/24
79.132.128.0/23
79.132.132.0/23
185.158.249.0/24
193.242.210.0/23
194.76.225.0/24
IPv6:
2001:67c:2ae8::/48
2a0b:7140:6::/48
Signature Algorithm: sha256WithRSAEncryption
0b:ad:dc:39:94:66:82:3a:4c:ef:25:af:4c:05:51:a7:c8:b1:
60:80:74:84:fa:7a:d4:17:04:76:19:cf:d6:1f:e2:00:ba:e4:
8c:59:8b:32:c4:1d:d9:95:1e:01:40:f7:68:35:7a:50:85:bf:
b0:3f:f1:28:27:57:e7:c8:84:6e:84:67:47:e7:f0:fa:96:32:
77:24:b7:b9:34:eb:3d:7c:59:5d:f0:a2:a5:c1:9d:a7:aa:b6:
e4:42:c2:70:02:00:e0:7b:60:b6:85:0e:e8:bf:fb:58:bd:bf:
8d:80:5b:01:b9:c0:98:fa:a0:e5:54:2c:ce:d3:21:f6:50:13:
2f:b7:fe:0d:32:39:fa:ea:80:be:bf:ae:c6:b1:8f:dd:1c:1a:
b8:a2:a2:cd:a7:6a:2a:97:d4:6d:10:ba:2a:91:2a:04:d2:7f:
cf:c0:20:5f:98:3e:c7:82:a5:71:b0:3a:37:87:a6:16:50:37:
6a:ca:96:5b:9c:b2:ef:f4:d0:f0:4b:9d:13:a1:74:15:0d:49:
03:d3:ff:0d:82:b7:0a:ec:3e:e7:83:6d:94:5d:f8:c6:3b:b2:
2b:40:d8:16:a5:a9:6d:02:dd:d1:80:2e:d1:b5:4f:ac:83:0f:
c1:14:e9:79:db:82:94:fd:81:ab:0c:e1:52:62:61:f8:20:cb:
de:f6:cc:32
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAYzI35XRwycNNMBIon36pfQHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1OGQxMmYwOTUwNTNjMzU4NzZiODhiNDc2ODVkNjQzNTQy
MWZjZjIwHhcNMjQwMTAyMDYzMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGZjZTZkMmIzZGU3ZWI0YjU2MmNlNzA5ZTJkZDJmNDkwZDI4MzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgEtv8DfcEGsc+TNkimxEq6Uy3Nag
bdfrv3GBhi68GlBL9OM+XNGr9lYn4VnSJWfVXsWjCog+J3lEJ66lAL5D/piJZBD3
AopOOu2tFb4sjVS297b8S6T/72NDkR2iAax20ZlBpQcTaH+CHRF6bwLwFbPYX7ZC
pyyomcd5wUN6/CP6C5bOCEAySbNs+rcUTwQ7HT4trIML/WoleoqZzwaJruzqTQiW
rHslAdx4vrgugDw7MY9wWkxMwm97odALgw4lFsmpjjfEaZQchETcS5HvMgePcODZ
Gpmix1zT1ohvv7OGY2/dwTv3fYpJITPUhgZHhx1DEKHwD09Ja9l/IWf3XQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFDj85tKz3n60tWLOcJ4t0vSQ0oMmMB8GA1UdIwQY
MBaAFEWNEvCVBTw1h2uItHaF1kNUIfzyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTkt
Mzk1NTk1OWVhZjgxLzEvT1B6bTByUGVmclMxWXM1d25pM1M5SkRTZ3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS83Y2VjYzctZjYzZC00M2ZjLWIyMTktMzk1NTk1OWVhZjgx
LzEvUlkwUzhKVUZQRFdIYTRpMGRvWFdRMVFoX1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAqBAIAATAkAwQAH9adAwQB
T4SAAwQBT4SEAwQAuZ75AwQBwfLSAwQAwkzhMBgEAgACMBIDBwAgAQZ8KugDBwAq
C3FAAAYwDQYJKoZIhvcNAQELBQADggEBAAut3DmUZoI6TO8lr0wFUafIsWCAdIT6
etQXBHYZz9Yf4gC65IxZizLEHdmVHgFA92g1elCFv7A/8SgnV+fIhG6EZ0fn8PqW
Mnckt7k06z18WV3woqXBnaeqtuRCwnACAOB7YLaFDui/+1i9v42AWwG5wJj6oOVU
LM7TIfZQEy+3/g0yOfrqgL6/rsaxj90cGriios2naiqX1G0QuiqRKgTSf8/AIF+Y
PseCpXGwOjeHphZQN2rKllucsu/00PBLnROhdBUNSQPT/w2CtwrsPueDbZRd+MY7
sitA2BalqW0C3dGALtG1T6yDD8EU6XnbgpT9gasM4VJiYfggy972zDI=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:10:55 2024 by rpki-client on console-fra.rpki-client.org