Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/f343a9-4489-457c-92c1-b6cc4d57117e/1/opZ3Cf-pQU83fu_5DpjP88_WOHE.roa
File: opZ3Cf-pQU83fu_5DpjP88_WOHE.roa (raw, json)
Hash identifier: /PN+e6ZigPKweC3Fb46lyIYw4y6TPOKwYZjvDnuR5IM=
Subject key identifier: A2:96:77:09:FF:A9:41:4F:37:7E:EF:F9:0E:98:CF:F3:CF:D6:38:71
Certificate issuer: /CN=0594f4a9b6b7fd82dd6f2fdbf393abeadd347fd1
Certificate serial: 018CC793700811ED42BDF37B3862FFC7B81A
Authority key identifier: 05:94:F4:A9:B6:B7:FD:82:DD:6F:2F:DB:F3:93:AB:EA:DD:34:7F:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZT0qba3_YLdby_b85Or6t00f9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/f343a9-4489-457c-92c1-b6cc4d57117e/1/opZ3Cf-pQU83fu_5DpjP88_WOHE.roa
Signing time: Tue 02 Jan 2024 00:29:37 +0000
ROA not before: Tue 02 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39392
IP address blocks: 46.234.96.0/19 maxlen: 19
95.168.192.0/19 maxlen: 19
46.234.121.0/24 maxlen: 24
37.235.96.0/20 maxlen: 20
95.168.223.0/24 maxlen: 24
88.86.96.0/19 maxlen: 19
2a01:28::/32 maxlen: 32
2a01:28:eeee::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/f343a9-4489-457c-92c1-b6cc4d57117e/1/BZT0qba3_YLdby_b85Or6t00f9E.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/f343a9-4489-457c-92c1-b6cc4d57117e/1/BZT0qba3_YLdby_b85Or6t00f9E.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZT0qba3_YLdby_b85Or6t00f9E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:70:08:11:ed:42:bd:f3:7b:38:62:ff:c7:b8:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0594f4a9b6b7fd82dd6f2fdbf393abeadd347fd1
Validity
Not Before: Jan 2 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2967709ffa9414f377eeff90e98cff3cfd63871
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:82:05:4e:80:0a:a2:78:3c:83:f9:e1:35:5a:
d0:97:1c:00:3c:38:8f:d8:ed:74:88:57:d7:85:a7:
56:25:d3:93:dc:cd:20:5f:88:ad:f1:a7:e6:5d:30:
c5:54:1d:d8:4b:30:58:50:99:26:8c:eb:8d:4c:f8:
90:d5:45:3f:c6:3f:e0:7d:26:0c:7c:b4:1b:1a:4a:
c7:e6:04:1a:bb:c7:a6:8c:8b:b2:77:a5:a1:fc:9e:
e2:a8:f8:75:b3:7f:e5:20:e3:2f:a1:02:b9:80:52:
c4:bf:94:1a:a9:8b:e8:be:60:6a:09:45:8a:80:9e:
1c:69:cf:8a:31:61:cb:48:c3:9d:6e:39:93:79:e4:
eb:52:c0:6f:fe:6d:e4:58:ab:5f:f5:54:6b:44:bf:
4c:a4:35:d7:0e:20:63:8b:90:34:00:fe:f5:41:8f:
8c:af:48:c9:fc:55:43:65:32:02:e1:42:e9:1e:de:
16:69:09:a9:63:9b:3c:13:f7:c5:fb:b4:23:77:c6:
be:42:a7:96:c3:41:84:53:6d:8c:a1:c2:cf:03:a7:
dd:3f:4b:ce:ac:b1:93:dc:e0:72:16:3f:0d:ff:78:
f1:19:05:37:48:80:25:e5:b8:83:34:89:26:5f:ef:
a7:52:ba:2c:9e:0c:5e:ed:1c:72:59:d4:8f:2d:b9:
38:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:96:77:09:FF:A9:41:4F:37:7E:EF:F9:0E:98:CF:F3:CF:D6:38:71
X509v3 Authority Key Identifier:
keyid:05:94:F4:A9:B6:B7:FD:82:DD:6F:2F:DB:F3:93:AB:EA:DD:34:7F:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZT0qba3_YLdby_b85Or6t00f9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/f343a9-4489-457c-92c1-b6cc4d57117e/1/opZ3Cf-pQU83fu_5DpjP88_WOHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/f343a9-4489-457c-92c1-b6cc4d57117e/1/BZT0qba3_YLdby_b85Or6t00f9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.96.0/20
46.234.96.0/19
88.86.96.0/19
95.168.192.0/19
IPv6:
2a01:28::/32
Signature Algorithm: sha256WithRSAEncryption
1b:f3:a4:3f:21:14:5d:6a:bd:02:8a:92:f7:e4:db:71:b8:cf:
08:9c:8d:7f:19:61:51:59:4e:f2:01:42:8c:77:5b:bc:54:b2:
8d:bc:2f:28:59:79:8e:5b:87:a6:9f:a7:5d:92:b6:fd:7a:e8:
b0:d9:61:7b:68:32:8e:4e:ad:67:d5:08:94:9c:d5:ec:8a:65:
11:13:e9:1d:e4:22:32:1e:b7:16:1f:b8:c1:73:4d:62:46:cd:
5a:cd:f5:ff:b2:64:21:ea:99:a8:45:2c:04:51:4e:77:83:58:
f5:79:c8:4d:fd:38:87:d2:6b:12:d0:68:fd:1c:49:22:36:05:
ab:89:52:29:02:ed:72:7f:f4:01:8b:15:12:7e:9c:6c:42:f2:
92:71:cd:68:d7:71:ab:5f:34:08:5a:a4:aa:c8:1b:cb:17:9a:
b0:7b:b4:d7:51:dd:83:81:db:ad:7b:47:6c:58:8f:24:61:3f:
a3:9f:6f:d9:4e:64:90:2b:dd:33:51:3c:8d:00:61:dc:87:c0:
c4:27:6c:86:af:cc:46:e4:37:4d:86:f5:65:c3:b3:96:55:ff:
ec:6d:27:41:77:3d:be:c2:87:3c:13:b0:b6:0c:c1:36:33:b5:
7e:4c:94:b2:de:25:13:f6:1b:ec:74:7a:22:3b:49:43:29:1c:
1e:a5:1a:62
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHk3AIEe1CvfN7OGL/x7gaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTRmNGE5YjZiN2ZkODJkZDZmMmZkYmYzOTNhYmVhZGQz
NDdmZDEwHhcNMjQwMTAyMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjk2NzcwOWZmYTk0MTRmMzc3ZWVmZjkwZTk4Y2ZmM2NmZDYzODcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAloIFToAKong8g/nhNVrQlxwAPDiP
2O10iFfXhadWJdOT3M0gX4it8afmXTDFVB3YSzBYUJkmjOuNTPiQ1UU/xj/gfSYM
fLQbGkrH5gQau8emjIuyd6Wh/J7iqPh1s3/lIOMvoQK5gFLEv5QaqYvovmBqCUWK
gJ4cac+KMWHLSMOdbjmTeeTrUsBv/m3kWKtf9VRrRL9MpDXXDiBji5A0AP71QY+M
r0jJ/FVDZTIC4ULpHt4WaQmpY5s8E/fF+7Qjd8a+QqeWw0GEU22MocLPA6fdP0vO
rLGT3OByFj8N/3jxGQU3SIAl5biDNIkmX++nUrosngxe7RxyWdSPLbk4AQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKKWdwn/qUFPN37v+Q6Yz/PP1jhxMB8GA1UdIwQY
MBaAFAWU9Km2t/2C3W8v2/OTq+rdNH/RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpUMHFiYTNfWUxkYnlfYjg1T3I2dDAwZjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC9mMzQzYTktNDQ4OS00NTdjLTkyYzEt
YjZjYzRkNTcxMTdlLzEvb3BaM0NmLXBRVTgzZnVfNURwalA4OF9XT0hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC9mMzQzYTktNDQ4OS00NTdjLTkyYzEtYjZjYzRkNTcxMTdl
LzEvQlpUMHFiYTNfWUxkYnlfYjg1T3I2dDAwZjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEJetgAwQF
LupgAwQFWFZgAwQFX6jAMA0EAgACMAcDBQAqAQAoMA0GCSqGSIb3DQEBCwUAA4IB
AQAb86Q/IRRdar0CipL35NtxuM8InI1/GWFRWU7yAUKMd1u8VLKNvC8oWXmOW4em
n6ddkrb9euiw2WF7aDKOTq1n1QiUnNXsimURE+kd5CIyHrcWH7jBc01iRs1azfX/
smQh6pmoRSwEUU53g1j1echN/TiH0msS0Gj9HEkiNgWriVIpAu1yf/QBixUSfpxs
QvKScc1o13GrXzQIWqSqyBvLF5qwe7TXUd2Dgdute0dsWI8kYT+jn2/ZTmSQK90z
UTyNAGHch8DEJ2yGr8xG5DdNhvVlw7OWVf/sbSdBdz2+woc8E7C2DME2M7V+TJSy
3iUT9hvsdHoiO0lDKRwepRpi
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:11 2024 by rpki-client on console-ams.rpki-client.org