Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/O9Ev7xS6ciwXVK_ONVKEROdFh3c.roa
File: O9Ev7xS6ciwXVK_ONVKEROdFh3c.roa (raw, json)
Hash identifier: ozdnAnxlTkVp3NrypRhMFMxsv6JvG3phsbeS9aYBLKk=
Subject key identifier: 3B:D1:2F:EF:14:BA:72:2C:17:54:AF:CE:35:52:84:44:E7:45:87:77
Certificate issuer: /CN=a5472b1473bc781b70440315c83d119c8abc86fc
Certificate serial: 018CC64B84A08A4637F17D44738A6A5B72B8
Authority key identifier: A5:47:2B:14:73:BC:78:1B:70:44:03:15:C8:3D:11:9C:8A:BC:86:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pUcrFHO8eBtwRAMVyD0RnIq8hvw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/O9Ev7xS6ciwXVK_ONVKEROdFh3c.roa
Signing time: Mon 01 Jan 2024 18:31:27 +0000
ROA not before: Mon 01 Jan 2024 18:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2860
IP address blocks: 89.109.64.0/18 maxlen: 18
188.125.192.0/19 maxlen: 19
185.80.76.0/22 maxlen: 22
213.138.224.0/19 maxlen: 19
95.172.160.0/19 maxlen: 19
213.190.192.0/19 maxlen: 19
159.255.48.0/20 maxlen: 20
83.223.160.0/19 maxlen: 19
84.23.192.0/19 maxlen: 19
2a00:d180::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/pUcrFHO8eBtwRAMVyD0RnIq8hvw.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/pUcrFHO8eBtwRAMVyD0RnIq8hvw.mft
rsync://rpki.ripe.net/repository/DEFAULT/pUcrFHO8eBtwRAMVyD0RnIq8hvw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:84:a0:8a:46:37:f1:7d:44:73:8a:6a:5b:72:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5472b1473bc781b70440315c83d119c8abc86fc
Validity
Not Before: Jan 1 18:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bd12fef14ba722c1754afce35528444e7458777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:73:1a:77:43:69:96:03:af:a9:43:81:ef:e0:
7a:10:bc:5e:c5:61:ed:86:7e:4c:b9:79:45:27:bf:
e9:f7:05:75:0a:7e:d2:43:38:b1:20:32:27:ea:92:
76:13:14:ce:56:45:7b:1a:52:40:48:36:70:6e:2e:
87:a3:7a:4d:f7:53:3d:73:85:3f:74:e5:f1:1c:46:
6a:76:55:80:7d:d5:e6:9b:40:19:69:de:30:b6:5e:
aa:e5:d0:8a:01:8f:e3:f6:d5:a3:9d:f2:92:dd:32:
56:22:f4:1a:b8:bd:48:e3:43:91:aa:0a:de:ef:68:
40:8c:85:07:df:bb:e0:cf:6e:4c:74:32:c6:a5:d4:
00:17:e7:97:b1:64:cb:63:21:33:ad:63:43:d7:34:
ac:ee:e6:09:aa:ff:e3:9d:92:ae:2b:3f:9a:78:10:
69:ac:79:58:46:66:82:f5:7e:1e:d9:04:2e:4e:a8:
9f:cc:e9:7f:c3:7b:ee:a3:5b:e4:2a:f0:01:e4:b7:
e1:c3:d6:8c:fa:69:e2:74:04:3d:39:d4:14:7c:3d:
27:17:a7:0a:0f:4f:73:a8:63:82:9e:e8:ff:66:c9:
ee:dc:ed:2c:00:49:57:17:20:19:70:fc:db:9a:4e:
20:6c:d7:22:2d:e9:66:39:62:01:b5:5e:98:80:11:
9d:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D1:2F:EF:14:BA:72:2C:17:54:AF:CE:35:52:84:44:E7:45:87:77
X509v3 Authority Key Identifier:
keyid:A5:47:2B:14:73:BC:78:1B:70:44:03:15:C8:3D:11:9C:8A:BC:86:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pUcrFHO8eBtwRAMVyD0RnIq8hvw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/O9Ev7xS6ciwXVK_ONVKEROdFh3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/30112f-0e9d-4fc8-b854-b1565b255854/1/pUcrFHO8eBtwRAMVyD0RnIq8hvw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.223.160.0/19
84.23.192.0/19
89.109.64.0/18
95.172.160.0/19
159.255.48.0/20
185.80.76.0/22
188.125.192.0/19
213.138.224.0/19
213.190.192.0/19
IPv6:
2a00:d180::/32
Signature Algorithm: sha256WithRSAEncryption
68:e3:07:1e:62:4d:8d:77:1a:6c:c7:83:a8:e6:fd:76:49:05:
45:03:fd:fa:03:be:6c:f4:02:65:d8:55:7d:bd:a0:73:7f:d1:
3c:08:74:de:eb:a4:20:5f:a8:44:61:58:62:02:4a:dd:1f:f1:
6f:6a:2d:0d:b7:b1:96:c3:30:1f:91:41:e4:34:24:13:87:61:
cc:b4:ee:85:87:2f:2b:dd:47:bc:49:d9:a0:16:6b:cc:52:03:
83:f1:82:78:50:1e:e8:d3:7d:6b:be:2c:a7:c3:6a:ad:11:d6:
88:e8:4a:3e:0c:fb:86:a7:ff:05:79:28:10:06:f8:58:49:69:
4d:5b:ab:c9:39:d0:9f:45:40:75:bb:0b:8f:2a:de:ce:ee:72:
e8:e0:7d:75:af:b6:11:5a:17:db:6f:57:c0:b1:f8:cc:99:bb:
7b:7d:9d:97:10:55:e3:89:fd:65:a1:01:7c:b3:9a:8e:26:2c:
2e:74:24:3e:6a:5f:64:7e:b8:6a:b6:60:a1:c7:b4:1a:64:83:
b9:e4:85:c6:e0:ad:a8:f3:26:ea:af:18:2b:88:b7:b2:8e:93:
84:e4:be:3e:b5:23:f2:c8:a4:cc:a7:01:99:a6:e1:67:cf:88:
dc:e9:79:24:ac:87:be:31:fb:12:71:34:a0:92:df:ab:f5:45:
92:39:0e:21
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzGS4SgikY38X1Ec4pqW3K4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1NDcyYjE0NzNiYzc4MWI3MDQ0MDMxNWM4M2QxMTljOGFi
Yzg2ZmMwHhcNMjQwMTAxMTgzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQxMmZlZjE0YmE3MjJjMTc1NGFmY2UzNTUyODQ0NGU3NDU4Nzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HMad0NplgOvqUOB7+B6ELxexWHt
hn5MuXlFJ7/p9wV1Cn7SQzixIDIn6pJ2ExTOVkV7GlJASDZwbi6Ho3pN91M9c4U/
dOXxHEZqdlWAfdXmm0AZad4wtl6q5dCKAY/j9tWjnfKS3TJWIvQauL1I40ORqgre
72hAjIUH37vgz25MdDLGpdQAF+eXsWTLYyEzrWND1zSs7uYJqv/jnZKuKz+aeBBp
rHlYRmaC9X4e2QQuTqifzOl/w3vuo1vkKvAB5Lfhw9aM+mnidAQ9OdQUfD0nF6cK
D09zqGOCnuj/Zsnu3O0sAElXFyAZcPzbmk4gbNciLelmOWIBtV6YgBGdnwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDvRL+8UunIsF1SvzjVShETnRYd3MB8GA1UdIwQY
MBaAFKVHKxRzvHgbcEQDFcg9EZyKvIb8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFVjckZITzhlQnR3UkFNVnlEMFJuSXE4aHZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8zMDExMmYtMGU5ZC00ZmM4LWI4NTQt
YjE1NjViMjU1ODU0LzEvTzlFdjd4UzZjaXdYVktfT05WS0VST2RGaDNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8zMDExMmYtMGU5ZC00ZmM4LWI4NTQtYjE1NjViMjU1ODU0
LzEvcFVjckZITzhlQnR3UkFNVnlEMFJuSXE4aHZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQFU9+gAwQF
VBfAAwQGWW1AAwQFX6ygAwQEn/8wAwQCuVBMAwQFvH3AAwQF1YrgAwQF1b7AMA0E
AgACMAcDBQAqANGAMA0GCSqGSIb3DQEBCwUAA4IBAQBo4wceYk2Ndxpsx4Oo5v12
SQVFA/36A75s9AJl2FV9vaBzf9E8CHTe66QgX6hEYVhiAkrdH/Fvai0Nt7GWwzAf
kUHkNCQTh2HMtO6Fhy8r3Ue8SdmgFmvMUgOD8YJ4UB7o031rviynw2qtEdaI6Eo+
DPuGp/8FeSgQBvhYSWlNW6vJOdCfRUB1uwuPKt7O7nLo4H11r7YRWhfbb1fAsfjM
mbt7fZ2XEFXjif1loQF8s5qOJiwudCQ+al9kfrhqtmChx7QaZIO55IXG4K2o8ybq
rxgriLeyjpOE5L4+tSPyyKTMpwGZpuFnz4jc6XkkrIe+MfsScTSgkt+r9UWSOQ4h
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:19:40 2024 by rpki-client on console-ams.rpki-client.org