Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/8830a4-6c83-4338-bafd-b5d1e902310a/1/OECVp6j9bUkyYM59nL4U5N8pfBw.roa
File: OECVp6j9bUkyYM59nL4U5N8pfBw.roa (raw, json)
Hash identifier: CTMybD+B4gO5eieg+TOH5X72nPPC81ORTALcgWPodS4=
Subject key identifier: 38:40:95:A7:A8:FD:6D:49:32:60:CE:7D:9C:BE:14:E4:DF:29:7C:1C
Certificate issuer: /CN=834d966d00afbc39b5958bc1a6ed5793ffc0c54d
Certificate serial: 018CC726F4E8A3A5597DFA857FF637BE63C9
Authority key identifier: 83:4D:96:6D:00:AF:BC:39:B5:95:8B:C1:A6:ED:57:93:FF:C0:C5:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g02WbQCvvDm1lYvBpu1Xk__AxU0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/8830a4-6c83-4338-bafd-b5d1e902310a/1/OECVp6j9bUkyYM59nL4U5N8pfBw.roa
Signing time: Mon 01 Jan 2024 22:31:08 +0000
ROA not before: Mon 01 Jan 2024 22:31:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61408
IP address blocks: 185.35.191.0/24 maxlen: 24
185.35.190.0/23 maxlen: 23
185.35.190.0/24 maxlen: 24
185.35.189.0/24 maxlen: 24
185.35.188.0/24 maxlen: 24
185.35.188.0/23 maxlen: 23
185.35.188.0/22 maxlen: 22
5.56.2.0/24 maxlen: 24
5.56.3.0/24 maxlen: 24
5.56.4.0/22 maxlen: 22
5.56.2.0/23 maxlen: 23
5.56.1.0/24 maxlen: 24
5.56.0.0/21 maxlen: 21
5.56.0.0/22 maxlen: 22
5.56.0.0/23 maxlen: 23
5.56.0.0/24 maxlen: 24
5.56.4.0/23 maxlen: 23
5.56.4.0/24 maxlen: 24
5.56.7.0/24 maxlen: 24
5.56.6.0/24 maxlen: 24
5.56.6.0/23 maxlen: 23
5.56.5.0/24 maxlen: 24
2a03:30c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/8830a4-6c83-4338-bafd-b5d1e902310a/1/g02WbQCvvDm1lYvBpu1Xk__AxU0.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/8830a4-6c83-4338-bafd-b5d1e902310a/1/g02WbQCvvDm1lYvBpu1Xk__AxU0.mft
rsync://rpki.ripe.net/repository/DEFAULT/g02WbQCvvDm1lYvBpu1Xk__AxU0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:f4:e8:a3:a5:59:7d:fa:85:7f:f6:37:be:63:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=834d966d00afbc39b5958bc1a6ed5793ffc0c54d
Validity
Not Before: Jan 1 22:31:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=384095a7a8fd6d493260ce7d9cbe14e4df297c1c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9b:cc:f4:6a:f2:e7:35:e1:6a:0c:ed:6f:e5:
94:90:9f:00:8a:41:fd:4a:bb:5f:a9:b1:6a:13:e4:
23:12:e2:a8:60:2e:df:f5:99:7f:50:87:44:d2:36:
a4:ee:ed:95:75:27:18:a6:71:25:cf:9b:25:f2:f9:
3b:7d:b3:4c:ff:6a:22:5c:4e:97:dc:32:e4:57:59:
48:2e:f5:76:23:5c:0e:c1:e9:b3:2f:eb:64:00:2c:
43:fa:83:bc:6b:7f:0a:31:8f:c1:54:10:42:3c:ff:
bc:52:5c:2e:a6:88:02:56:e9:48:2b:8a:81:12:52:
b2:36:03:79:e3:e8:1f:e0:9a:d7:02:6a:ad:6d:96:
b3:05:35:ba:23:90:a9:b7:32:51:50:48:52:84:a5:
10:65:c2:41:c1:35:ed:a6:7c:45:54:b0:2e:8b:97:
6c:42:e0:dd:e5:7a:01:a8:a4:20:b3:fc:1c:9b:ce:
41:36:30:76:00:e4:3d:5a:98:0b:12:e1:47:c7:4a:
ea:55:bb:15:f2:b7:93:f5:57:21:d4:c7:ac:9a:80:
46:22:cf:d8:0b:67:32:d3:a5:bd:a2:d1:9b:4b:7e:
0e:87:22:33:f5:68:17:81:d9:30:0c:2a:8d:6a:0a:
86:59:e5:3c:d6:34:a1:a4:a4:4d:49:ba:17:d6:91:
5c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:40:95:A7:A8:FD:6D:49:32:60:CE:7D:9C:BE:14:E4:DF:29:7C:1C
X509v3 Authority Key Identifier:
keyid:83:4D:96:6D:00:AF:BC:39:B5:95:8B:C1:A6:ED:57:93:FF:C0:C5:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g02WbQCvvDm1lYvBpu1Xk__AxU0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8830a4-6c83-4338-bafd-b5d1e902310a/1/OECVp6j9bUkyYM59nL4U5N8pfBw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/8830a4-6c83-4338-bafd-b5d1e902310a/1/g02WbQCvvDm1lYvBpu1Xk__AxU0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.0.0/21
185.35.188.0/22
IPv6:
2a03:30c0::/32
Signature Algorithm: sha256WithRSAEncryption
97:26:1c:1f:31:11:be:98:62:a9:04:79:8f:0b:73:9f:c9:3e:
ce:c7:c4:1c:df:ed:9e:39:0e:fd:56:f7:6f:77:47:2a:30:1f:
b5:eb:45:16:5b:c4:2b:89:d0:f1:f0:22:43:8b:3b:67:84:77:
95:b4:bf:a0:4c:d5:e8:2f:e6:d4:ba:76:01:84:cf:d5:5a:c5:
41:85:56:51:8f:5a:60:d9:5e:a0:b3:cd:da:73:b8:19:77:8d:
f9:a4:97:4e:6f:77:7c:5d:0e:e6:59:37:27:e1:e4:94:56:e4:
d4:1f:18:0f:7d:c2:24:4c:c8:18:eb:18:af:b7:58:c0:2a:bb:
14:a4:98:92:46:40:87:c9:47:85:54:6c:d8:be:49:2d:e6:5b:
77:46:50:2f:cc:0b:65:b6:4a:5e:7b:76:06:aa:c2:ac:58:4a:
51:2c:eb:b9:d1:96:0a:1c:69:28:51:61:b6:bb:3d:f5:d1:81:
4c:f6:d6:6c:03:18:66:54:82:1f:b7:94:34:ec:77:12:c2:99:
ef:d8:0a:91:88:34:6d:6d:89:43:b9:a6:53:f5:c1:f5:77:55:
8b:9c:17:1e:6c:3e:c4:10:47:56:96:90:30:90:d9:70:7c:4b:
6e:be:9e:de:63:ff:dd:6f:05:cc:48:88:74:25:81:db:70:50:
fb:fd:f2:72
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJvToo6VZffqFf/Y3vmPJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzNGQ5NjZkMDBhZmJjMzliNTk1OGJjMWE2ZWQ1NzkzZmZj
MGM1NGQwHhcNMjQwMTAxMjIzMTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODQwOTVhN2E4ZmQ2ZDQ5MzI2MGNlN2Q5Y2JlMTRlNGRmMjk3YzFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJvM9Gry5zXhagztb+WUkJ8AikH9
SrtfqbFqE+QjEuKoYC7f9Zl/UIdE0jak7u2VdScYpnElz5sl8vk7fbNM/2oiXE6X
3DLkV1lILvV2I1wOwemzL+tkACxD+oO8a38KMY/BVBBCPP+8UlwupogCVulIK4qB
ElKyNgN54+gf4JrXAmqtbZazBTW6I5CptzJRUEhShKUQZcJBwTXtpnxFVLAui5ds
QuDd5XoBqKQgs/wcm85BNjB2AOQ9WpgLEuFHx0rqVbsV8reT9Vch1MesmoBGIs/Y
C2cy06W9otGbS34OhyIz9WgXgdkwDCqNagqGWeU81jShpKRNSboX1pFctQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDhAlaeo/W1JMmDOfZy+FOTfKXwcMB8GA1UdIwQY
MBaAFINNlm0Ar7w5tZWLwabtV5P/wMVNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzAyV2JRQ3Z2RG0xbFl2QnB1MVhrX19BeFUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC84ODMwYTQtNmM4My00MzM4LWJhZmQt
YjVkMWU5MDIzMTBhLzEvT0VDVnA2ajliVWt5WU01OW5MNFU1TjhwZkJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC84ODMwYTQtNmM4My00MzM4LWJhZmQtYjVkMWU5MDIzMTBh
LzEvZzAyV2JRQ3Z2RG0xbFl2QnB1MVhrX19BeFUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBTgAAwQC
uSO8MA0EAgACMAcDBQAqAzDAMA0GCSqGSIb3DQEBCwUAA4IBAQCXJhwfMRG+mGKp
BHmPC3OfyT7Ox8Qc3+2eOQ79Vvdvd0cqMB+160UWW8QridDx8CJDiztnhHeVtL+g
TNXoL+bUunYBhM/VWsVBhVZRj1pg2V6gs83ac7gZd435pJdOb3d8XQ7mWTcn4eSU
VuTUHxgPfcIkTMgY6xivt1jAKrsUpJiSRkCHyUeFVGzYvkkt5lt3RlAvzAtltkpe
e3YGqsKsWEpRLOu50ZYKHGkoUWG2uz310YFM9tZsAxhmVIIft5Q07HcSwpnv2AqR
iDRtbYlDuaZT9cH1d1WLnBcebD7EEEdWlpAwkNlwfEtuvp7eY//dbwXMSIh0JYHb
cFD7/fJy
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:40:50 2024 by rpki-client on console-fra.rpki-client.org