Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/oQamNnOe5T5nIYQEHPRqQXGQjIg.roa
File: oQamNnOe5T5nIYQEHPRqQXGQjIg.roa (raw, json)
Hash identifier: wjgcU9yRznIEf8wuTWofBSKmkBYug6IPiU6SJqQ0J+U=
Subject key identifier: A1:06:A6:36:73:9E:E5:3E:67:21:84:04:1C:F4:6A:41:71:90:8C:88
Certificate issuer: /CN=d629010cdb0b312c32e07aaf9b720d73d3bcd3ab
Certificate serial: 018CC4250BB3C97D10EF4CF8E65FBA3313E3
Authority key identifier: D6:29:01:0C:DB:0B:31:2C:32:E0:7A:AF:9B:72:0D:73:D3:BC:D3:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1ikBDNsLMSwy4Hqvm3INc9O806s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/oQamNnOe5T5nIYQEHPRqQXGQjIg.roa
Signing time: Mon 01 Jan 2024 08:30:11 +0000
ROA not before: Mon 01 Jan 2024 08:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206757
IP address blocks: 195.10.218.0/24 maxlen: 24
203.78.160.0/24 maxlen: 24
116.204.252.0/22 maxlen: 24
185.218.236.0/22 maxlen: 24
201.148.168.0/22 maxlen: 24
45.147.16.0/22 maxlen: 24
193.16.151.0/24 maxlen: 24
193.16.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/1ikBDNsLMSwy4Hqvm3INc9O806s.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/1ikBDNsLMSwy4Hqvm3INc9O806s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1ikBDNsLMSwy4Hqvm3INc9O806s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:0b:b3:c9:7d:10:ef:4c:f8:e6:5f:ba:33:13:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d629010cdb0b312c32e07aaf9b720d73d3bcd3ab
Validity
Not Before: Jan 1 08:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a106a636739ee53e672184041cf46a4171908c88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:55:ff:27:20:09:a4:0a:b2:2e:98:d4:c2:6f:
42:1c:4b:da:8a:a2:32:9b:eb:51:d2:bb:6e:38:91:
81:d9:49:97:63:9e:27:32:4a:7e:a3:ae:80:02:c6:
76:4a:6b:c8:76:cc:c1:df:50:44:07:ff:80:cf:6b:
22:ec:8e:82:b8:b4:67:2b:ee:09:05:db:96:47:4c:
9d:58:86:71:b0:5f:8e:d3:95:7a:03:95:f6:28:bc:
ce:d8:cf:11:ec:ca:d5:47:d8:3f:29:bd:d4:36:60:
0e:50:e4:c2:f0:c7:ec:c3:ff:d0:df:56:a5:0a:a1:
68:cf:d2:13:ce:ad:06:b0:df:4c:aa:a6:c3:47:72:
2a:36:d4:90:00:ae:a3:cf:3f:ec:e3:88:96:df:94:
dd:8d:69:8c:4d:b9:96:87:28:0a:c8:32:48:7f:4d:
06:38:77:9b:8d:26:b6:68:18:bc:e9:49:4a:a0:9a:
e7:65:b1:b5:69:13:09:51:ce:9f:1e:90:88:f4:32:
88:c7:5f:4b:33:0d:fa:ff:37:1f:80:bb:50:3c:3e:
72:66:10:f6:a6:dd:4c:00:d6:6b:16:c8:10:c7:15:
b7:95:5f:20:ea:33:86:a0:9d:04:d5:0a:c1:70:76:
0a:63:f9:84:29:75:cf:d7:02:1f:8e:3f:9f:63:5b:
3d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:06:A6:36:73:9E:E5:3E:67:21:84:04:1C:F4:6A:41:71:90:8C:88
X509v3 Authority Key Identifier:
keyid:D6:29:01:0C:DB:0B:31:2C:32:E0:7A:AF:9B:72:0D:73:D3:BC:D3:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1ikBDNsLMSwy4Hqvm3INc9O806s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/oQamNnOe5T5nIYQEHPRqQXGQjIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/194c1e-9710-4d35-823b-5dd33994a241/1/1ikBDNsLMSwy4Hqvm3INc9O806s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.16.0/22
116.204.252.0/22
185.218.236.0/22
193.16.151.0/24
193.16.156.0/24
195.10.218.0/24
201.148.168.0/22
203.78.160.0/24
Signature Algorithm: sha256WithRSAEncryption
c1:6d:9e:35:06:55:3f:3c:02:83:f9:b5:bf:c2:db:16:67:fa:
db:ce:5f:30:84:36:a6:03:9b:27:d1:ce:7a:9d:93:6f:54:48:
df:d0:42:bf:6e:71:9f:d0:dc:f3:cd:2d:65:28:c2:3a:15:65:
3b:29:26:3a:3e:96:fa:3d:11:31:85:59:78:2f:b3:dc:ea:97:
70:f4:ae:15:6c:f3:54:24:f5:ed:da:1a:4f:f0:30:6f:0a:38:
07:9c:2a:2f:b4:5e:6d:34:1b:81:40:a0:75:2b:53:82:11:58:
51:ae:68:d2:0f:d0:ed:43:be:c9:21:6b:34:1c:d6:f9:b9:41:
b1:9d:d2:38:3e:b6:df:8e:2b:61:1b:4c:74:15:16:43:80:6f:
92:59:69:05:1b:d5:b9:07:0e:4d:24:71:d2:51:87:22:97:4b:
4d:b5:d5:b6:a8:60:c9:d0:47:24:84:42:d7:a4:a9:94:85:75:
e2:5a:80:3a:f7:f4:ad:c6:a6:cc:91:ea:b3:d3:4a:93:06:81:
bb:cd:ce:13:07:ba:d4:70:53:ce:48:b6:16:6b:53:ad:17:b0:
ef:68:66:fd:f5:71:d9:c4:8d:e9:76:97:61:3c:95:70:09:55:
8a:4f:6e:5e:f1:3e:07:dc:95:c9:ce:b2:e8:e2:e8:95:20:00:
b4:74:08:13
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzEJQuzyX0Q70z45l+6MxPjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MjkwMTBjZGIwYjMxMmMzMmUwN2FhZjliNzIwZDczZDNi
Y2QzYWIwHhcNMjQwMTAxMDgzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTA2YTYzNjczOWVlNTNlNjcyMTg0MDQxY2Y0NmE0MTcxOTA4Yzg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA31X/JyAJpAqyLpjUwm9CHEvaiqIy
m+tR0rtuOJGB2UmXY54nMkp+o66AAsZ2SmvIdszB31BEB/+Az2si7I6CuLRnK+4J
BduWR0ydWIZxsF+O05V6A5X2KLzO2M8R7MrVR9g/Kb3UNmAOUOTC8Mfsw//Q31al
CqFoz9ITzq0GsN9MqqbDR3IqNtSQAK6jzz/s44iW35TdjWmMTbmWhygKyDJIf00G
OHebjSa2aBi86UlKoJrnZbG1aRMJUc6fHpCI9DKIx19LMw36/zcfgLtQPD5yZhD2
pt1MANZrFsgQxxW3lV8g6jOGoJ0E1QrBcHYKY/mEKXXP1wIfjj+fY1s9wwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKEGpjZznuU+ZyGEBBz0akFxkIyIMB8GA1UdIwQY
MBaAFNYpAQzbCzEsMuB6r5tyDXPTvNOrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWlrQkROc0xNU3d5NEhxdm0zSU5jOU84MDZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8xOTRjMWUtOTcxMC00ZDM1LTgyM2It
NWRkMzM5OTRhMjQxLzEvb1FhbU5uT2U1VDVuSVlRRUhQUnFRWEdRaklnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8xOTRjMWUtOTcxMC00ZDM1LTgyM2ItNWRkMzM5OTRhMjQx
LzEvMWlrQkROc0xNU3d5NEhxdm0zSU5jOU84MDZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQCLZMQAwQC
dMz8AwQCudrsAwQAwRCXAwQAwRCcAwQAwwraAwQCyZSoAwQAy06gMA0GCSqGSIb3
DQEBCwUAA4IBAQDBbZ41BlU/PAKD+bW/wtsWZ/rbzl8whDamA5sn0c56nZNvVEjf
0EK/bnGf0NzzzS1lKMI6FWU7KSY6Ppb6PRExhVl4L7Pc6pdw9K4VbPNUJPXt2hpP
8DBvCjgHnCovtF5tNBuBQKB1K1OCEVhRrmjSD9DtQ77JIWs0HNb5uUGxndI4Prbf
jithG0x0FRZDgG+SWWkFG9W5Bw5NJHHSUYcil0tNtdW2qGDJ0EckhELXpKmUhXXi
WoA69/StxqbMkeqz00qTBoG7zc4TB7rUcFPOSLYWa1OtF7DvaGb99XHZxI3pdpdh
PJVwCVWKT25e8T4H3JXJzrLo4uiVIAC0dAgT
-----END CERTIFICATE-----
Generated at Sun May 19 05:02:00 2024 by rpki-client on console-fra.rpki-client.org