Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/O3MNddIfwCiLnYE2NEhjmC8ONxA.roa
File: O3MNddIfwCiLnYE2NEhjmC8ONxA.roa (raw, json)
Hash identifier: Cej9h0/yKEcVSqKZG+z7qJS+GoUIxRQ4Wr2G16+o+Oo=
Subject key identifier: 3B:73:0D:75:D2:1F:C0:28:8B:9D:81:36:34:48:63:98:2F:0E:37:10
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018CC424F9612A16930B1AF707764FA8DA43
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/O3MNddIfwCiLnYE2NEhjmC8ONxA.roa
Signing time: Mon 01 Jan 2024 08:30:06 +0000
ROA not before: Mon 01 Jan 2024 08:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211567
IP address blocks: 193.35.153.0/24 maxlen: 24
185.88.173.0/24 maxlen: 24
185.250.210.0/24 maxlen: 24
194.62.52.0/24 maxlen: 24
185.243.180.0/24 maxlen: 24
109.236.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 13:40:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:f9:61:2a:16:93:0b:1a:f7:07:76:4f:a8:da:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 08:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b730d75d21fc0288b9d8136344863982f0e3710
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:0c:ef:4f:8e:a1:1e:11:46:6f:57:13:47:cd:
e7:74:82:ce:71:61:27:49:9c:70:c1:6a:ce:da:38:
bd:bf:99:84:ce:81:47:b1:32:65:e9:85:22:3a:d2:
98:2c:85:3b:bd:75:3c:52:be:b4:1e:dd:dc:af:2b:
dd:dc:96:41:1a:f4:b7:15:b9:cd:f1:96:e8:7e:8d:
d4:b5:cb:cb:fb:1c:bf:2d:55:b8:7d:2b:0e:53:57:
ed:13:44:a0:e5:2d:ea:68:dc:0c:23:e0:29:f2:8c:
b6:ea:a7:c0:8e:bd:68:47:33:0e:13:be:31:25:0c:
90:6c:99:fd:aa:cc:5b:24:7e:9f:74:90:31:e4:78:
eb:03:3e:7f:54:c7:96:47:2b:bf:43:b6:c2:6d:6f:
5a:45:e4:a4:a6:75:84:8e:27:a0:01:0b:4a:2d:57:
02:1e:e4:f2:21:6e:83:2f:67:4b:29:38:20:37:aa:
84:19:56:57:0e:f5:36:65:65:09:50:f0:13:d9:64:
79:28:fe:e9:2f:fc:9c:bb:c4:b5:1b:a5:45:8f:61:
6f:32:7a:86:14:18:75:d8:4a:cb:df:48:a1:bd:7b:
90:3e:10:d4:53:5f:1e:d5:9d:85:5f:c3:8c:14:ab:
d8:c3:18:aa:8f:77:31:ca:cd:5d:03:10:5f:45:ea:
9f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:73:0D:75:D2:1F:C0:28:8B:9D:81:36:34:48:63:98:2F:0E:37:10
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/O3MNddIfwCiLnYE2NEhjmC8ONxA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.48.0/24
185.88.173.0/24
185.243.180.0/24
185.250.210.0/24
193.35.153.0/24
194.62.52.0/24
Signature Algorithm: sha256WithRSAEncryption
72:6a:76:bc:da:68:5a:d2:a1:92:87:f9:78:06:0f:c4:d3:96:
7b:1f:c1:2d:4f:89:12:32:65:ef:11:19:1e:83:94:c7:c1:e4:
89:da:2c:de:4c:e0:21:54:ba:a1:73:15:60:50:43:c7:46:47:
30:14:d2:73:b3:44:22:4d:87:04:e3:4d:6d:60:91:36:24:5c:
dd:d4:ee:1b:46:ad:f9:e2:09:20:0a:41:65:e7:b6:9e:c7:82:
20:27:8c:bd:a7:1a:ee:e3:a7:e0:94:4a:73:0a:21:d6:1e:68:
93:1d:f0:19:e5:1e:21:aa:e1:f8:d5:54:8c:67:fd:7b:1d:21:
df:d8:79:9c:6f:48:79:d7:57:53:9b:f1:c3:fc:02:ce:b7:e7:
a9:62:4b:18:78:b9:bf:11:4c:4d:79:2c:8d:52:75:67:f1:de:
5f:de:2a:07:a0:61:35:e8:92:12:32:ff:d2:86:06:30:4b:24:
5e:cc:40:80:7c:22:da:58:e1:39:aa:9e:ab:cb:fd:76:ca:bd:
05:50:cc:2a:78:24:e1:88:3e:10:d1:5b:3f:e4:f3:e8:6b:13:
8f:96:2d:87:5c:03:90:91:e4:57:d0:93:a5:b9:36:d7:81:06:
85:7e:67:7d:2d:fc:51:6b:c2:c6:05:f6:db:13:8a:40:31:19:
3a:5f:dd:ea
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzEJPlhKhaTCxr3B3ZPqNpDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwMTAxMDgzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjczMGQ3NWQyMWZjMDI4OGI5ZDgxMzYzNDQ4NjM5ODJmMGUzNzEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApAzvT46hHhFGb1cTR83ndILOcWEn
SZxwwWrO2ji9v5mEzoFHsTJl6YUiOtKYLIU7vXU8Ur60Ht3cryvd3JZBGvS3FbnN
8Zbofo3UtcvL+xy/LVW4fSsOU1ftE0Sg5S3qaNwMI+Ap8oy26qfAjr1oRzMOE74x
JQyQbJn9qsxbJH6fdJAx5HjrAz5/VMeWRyu/Q7bCbW9aReSkpnWEjiegAQtKLVcC
HuTyIW6DL2dLKTggN6qEGVZXDvU2ZWUJUPAT2WR5KP7pL/ycu8S1G6VFj2FvMnqG
FBh12ErL30ihvXuQPhDUU18e1Z2FX8OMFKvYwxiqj3cxys1dAxBfReqfMQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDtzDXXSH8Aoi52BNjRIY5gvDjcQMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvTzNNTmRkSWZ3Q2lMbllFMk5FaGptQzhPTnhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAbewwAwQA
uVitAwQAufO0AwQAufrSAwQAwSOZAwQAwj40MA0GCSqGSIb3DQEBCwUAA4IBAQBy
ana82mha0qGSh/l4Bg/E05Z7H8EtT4kSMmXvERkeg5THweSJ2izeTOAhVLqhcxVg
UEPHRkcwFNJzs0QiTYcE401tYJE2JFzd1O4bRq354gkgCkFl57aex4IgJ4y9pxru
46fglEpzCiHWHmiTHfAZ5R4hquH41VSMZ/17HSHf2Hmcb0h511dTm/HD/ALOt+ep
YksYeLm/EUxNeSyNUnVn8d5f3ioHoGE16JISMv/ShgYwSyRezECAfCLaWOE5qp6r
y/12yr0FUMwqeCThiD4Q0Vs/5PPoaxOPli2HXAOQkeRX0JOluTbXgQaFfmd9LfxR
a8LGBfbbE4pAMRk6X93q
-----END CERTIFICATE-----
Generated at Tue Apr 30 19:22:09 2024 by rpki-client on console-fra.rpki-client.org