Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/oO2yVx3lZ595sFR6Zff2E5bwbSE.roa
File: oO2yVx3lZ595sFR6Zff2E5bwbSE.roa (raw, json)
Hash identifier: BDJQcDuTHyXHszTXgH+DmG1lFLpoS5UsV+mAjxwd3jM=
Subject key identifier: A0:ED:B2:57:1D:E5:67:9F:79:B0:54:7A:65:F7:F6:13:96:F0:6D:21
Certificate issuer: /CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Certificate serial: 018CC50049AD2FF8673E60375E251A92A71D
Authority key identifier: 0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/oO2yVx3lZ595sFR6Zff2E5bwbSE.roa
Signing time: Mon 01 Jan 2024 12:29:39 +0000
ROA not before: Mon 01 Jan 2024 12:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15782
IP address blocks: 89.236.0.0/18 maxlen: 18
94.245.0.0/18 maxlen: 18
81.88.0.0/20 maxlen: 20
81.186.240.0/20 maxlen: 20
85.235.16.0/20 maxlen: 20
213.185.0.0/19 maxlen: 19
217.72.48.0/20 maxlen: 20
2001:7a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:49:ad:2f:f8:67:3e:60:37:5e:25:1a:92:a7:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Validity
Not Before: Jan 1 12:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0edb2571de5679f79b0547a65f7f61396f06d21
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:65:d1:7d:41:6a:eb:5c:bb:ff:2d:9c:00:d3:
f0:df:54:d0:98:13:4d:c7:0b:13:9f:f4:b1:af:32:
fd:c6:03:eb:d6:53:87:18:41:36:40:cb:7a:04:80:
ba:d6:54:d7:9b:db:40:74:39:09:6b:1c:3a:21:de:
91:82:1c:4e:1e:ef:d3:e7:2d:c8:59:f3:14:9f:d3:
f0:e8:34:ae:a7:3e:a1:b2:f5:f3:92:ae:e3:24:19:
42:bf:15:8a:98:f0:4e:00:42:a2:5f:5f:5e:a4:15:
32:ce:91:62:e6:2e:cf:7e:98:5e:61:cc:73:4f:92:
7c:1f:26:22:40:a9:51:6e:de:74:0a:ac:3b:d0:2f:
b9:7a:68:3d:e9:54:3a:64:e7:d0:63:25:05:32:8a:
f7:1e:ad:c5:73:42:57:1e:d1:58:b3:ad:9c:26:04:
9b:36:81:19:bf:b9:67:32:a8:2b:85:50:9c:49:30:
c5:10:5b:2b:aa:39:da:21:ab:ca:5a:16:6b:ec:a6:
8c:24:25:44:01:b1:76:c8:af:78:28:30:a2:19:8d:
a2:6b:cd:56:e7:3a:ec:62:71:45:b1:a9:69:2f:de:
ef:90:1c:e7:2f:7d:ba:21:d2:dd:1b:9b:45:65:43:
86:af:d2:d1:91:b9:68:8d:0a:e3:b1:0f:4b:8b:1b:
8f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:ED:B2:57:1D:E5:67:9F:79:B0:54:7A:65:F7:F6:13:96:F0:6D:21
X509v3 Authority Key Identifier:
keyid:0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/oO2yVx3lZ595sFR6Zff2E5bwbSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.88.0.0/20
81.186.240.0/20
85.235.16.0/20
89.236.0.0/18
94.245.0.0/18
213.185.0.0/19
217.72.48.0/20
IPv6:
2001:7a0::/32
Signature Algorithm: sha256WithRSAEncryption
7c:b8:cb:2b:73:e4:7b:9c:51:eb:5a:9b:11:78:27:11:75:ca:
cc:3a:12:67:84:bc:19:b2:9f:15:41:73:d8:47:a7:ab:9a:d7:
01:e9:16:4f:40:6e:f0:d5:a5:16:32:41:62:40:96:66:18:07:
37:60:45:65:58:87:c5:91:57:26:a6:9a:8b:56:b7:34:ea:d1:
ec:db:96:34:3d:51:f9:8e:bf:fe:1f:4a:13:9e:b5:e0:77:68:
67:ff:e8:c7:87:05:1e:fc:40:9a:d6:37:34:b7:b3:72:9f:65:
37:c8:30:7a:c1:b7:39:5b:2b:a2:34:7d:c8:48:e8:56:59:bc:
18:f4:43:d3:ff:1f:9c:a4:6d:3e:bf:27:18:ab:d5:09:af:c4:
f1:3c:64:bb:30:d6:72:c2:91:21:15:af:a5:e4:76:d6:a8:82:
25:ef:41:30:14:1e:5c:bb:20:ec:1c:10:fa:68:29:f3:09:da:
c5:bf:f0:f5:ef:b4:18:4d:f6:54:24:a0:e0:1e:b4:10:cc:c1:
18:07:04:d3:db:2d:3c:8a:bd:46:b2:0b:f5:48:0f:9b:9d:c8:
a7:c7:82:82:c0:c9:6e:72:ba:f7:63:a4:2b:cd:a8:79:5c:2e:
bf:c9:dc:32:f5:ba:96:2b:07:c4:ac:70:0c:0e:d0:0d:b5:d2:
78:2f:25:d4
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzFAEmtL/hnPmA3XiUakqcdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTEzMDhlYWQ2YWRiMWQwODVlN2U1OTEwYTBjYjJkZTU2
YWEzMmUwHhcNMjQwMTAxMTIyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGVkYjI1NzFkZTU2NzlmNzliMDU0N2E2NWY3ZjYxMzk2ZjA2ZDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGXRfUFq61y7/y2cANPw31TQmBNN
xwsTn/SxrzL9xgPr1lOHGEE2QMt6BIC61lTXm9tAdDkJaxw6Id6RghxOHu/T5y3I
WfMUn9Pw6DSupz6hsvXzkq7jJBlCvxWKmPBOAEKiX19epBUyzpFi5i7PfpheYcxz
T5J8HyYiQKlRbt50Cqw70C+5emg96VQ6ZOfQYyUFMor3Hq3Fc0JXHtFYs62cJgSb
NoEZv7lnMqgrhVCcSTDFEFsrqjnaIavKWhZr7KaMJCVEAbF2yK94KDCiGY2ia81W
5zrsYnFFsalpL97vkBznL326IdLdG5tFZUOGr9LRkblojQrjsQ9LixuPiQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKDtslcd5WefebBUemX39hOW8G0hMB8GA1UdIwQY
MBaAFAzhMI6tatsdCF5+WRCgyy3laqMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUt
YjBiYWQxOGYwMmQwLzEvb08yeVZ4M2xaNTk1c0ZSNlpmZjJFNWJ3YlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUtYjBiYWQxOGYwMmQw
LzEvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEUVgAAwQE
UbrwAwQEVesQAwQGWewAAwQGXvUAAwQF1bkAAwQE2UgwMA0EAgACMAcDBQAgAQeg
MA0GCSqGSIb3DQEBCwUAA4IBAQB8uMsrc+R7nFHrWpsReCcRdcrMOhJnhLwZsp8V
QXPYR6ermtcB6RZPQG7w1aUWMkFiQJZmGAc3YEVlWIfFkVcmppqLVrc06tHs25Y0
PVH5jr/+H0oTnrXgd2hn/+jHhwUe/ECa1jc0t7Nyn2U3yDB6wbc5WyuiNH3ISOhW
WbwY9EPT/x+cpG0+vycYq9UJr8TxPGS7MNZywpEhFa+l5HbWqIIl70EwFB5cuyDs
HBD6aCnzCdrFv/D177QYTfZUJKDgHrQQzMEYBwTT2y08ir1Gsgv1SA+bncinx4KC
wMlucrr3Y6Qrzah5XC6/ydwy9bqWKwfErHAMDtANtdJ4LyXU
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:51:56 2024 by rpki-client on console-ams.rpki-client.org