Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/OUv58R4KjkXiKG5XnT6Xn9pN8L0.roa
File: OUv58R4KjkXiKG5XnT6Xn9pN8L0.roa (raw, json)
Hash identifier: Ut18efWQMzU1bins3irSLSBhtc/VH38teEJ1lPHwAEQ=
Subject key identifier: 39:4B:F9:F1:1E:0A:8E:45:E2:28:6E:57:9D:3E:97:9F:DA:4D:F0:BD
Certificate issuer: /CN=7c16e9d57efdacd3f7bc7e98496b719fadc5ae48
Certificate serial: 018CC8DEF4E19026BE0989BCBA7D548CD769
Authority key identifier: 7C:16:E9:D5:7E:FD:AC:D3:F7:BC:7E:98:49:6B:71:9F:AD:C5:AE:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fBbp1X79rNP3vH6YSWtxn63Frkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/OUv58R4KjkXiKG5XnT6Xn9pN8L0.roa
Signing time: Tue 02 Jan 2024 06:31:44 +0000
ROA not before: Tue 02 Jan 2024 06:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8823
IP address blocks: 185.240.72.0/22 maxlen: 22
94.154.2.0/24 maxlen: 24
193.35.80.0/22 maxlen: 22
2a07:2680::/29 maxlen: 29
2a0d:6140::/29 maxlen: 29
2a0c:7580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/fBbp1X79rNP3vH6YSWtxn63Frkg.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/fBbp1X79rNP3vH6YSWtxn63Frkg.mft
rsync://rpki.ripe.net/repository/DEFAULT/fBbp1X79rNP3vH6YSWtxn63Frkg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:f4:e1:90:26:be:09:89:bc:ba:7d:54:8c:d7:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c16e9d57efdacd3f7bc7e98496b719fadc5ae48
Validity
Not Before: Jan 2 06:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=394bf9f11e0a8e45e2286e579d3e979fda4df0bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:03:5c:1f:24:cb:68:8f:fc:05:66:06:d0:da:
fc:76:28:01:42:9b:75:6d:a6:63:a1:f2:fb:3f:68:
2b:04:51:e1:7e:5e:de:9c:af:c8:bf:7e:77:23:32:
c5:80:a8:bd:43:77:e6:d7:a1:a4:90:0a:da:21:a1:
57:6e:1c:a1:e3:c2:b8:69:a2:68:bd:a6:2e:15:fd:
cc:96:25:7d:d2:a7:b5:ef:06:3f:cf:88:6e:49:24:
96:e5:1c:69:7b:ab:32:bb:92:47:6b:76:66:14:69:
4a:df:e9:9f:e7:fe:99:cd:6f:e3:ea:0d:83:3e:f4:
16:2d:79:d5:fc:17:e4:33:a0:02:67:2b:90:80:de:
1f:3a:1c:56:42:71:00:ef:14:f0:c4:f8:0c:de:19:
cd:54:51:60:10:04:fe:85:33:2d:9b:4c:00:db:5d:
04:e4:4e:73:43:44:58:45:2c:81:4d:76:b4:40:04:
1b:3e:d9:fa:02:6f:c2:60:8b:97:b8:3e:04:d8:5f:
f5:2a:6d:57:f0:35:0f:63:59:b9:70:b7:bd:45:67:
f3:07:b2:2c:e0:ed:40:07:9b:5d:c0:62:5d:fc:ef:
3d:ca:4e:6c:a8:99:30:aa:9b:a7:d6:89:21:8b:28:
f1:ec:af:8a:c5:93:94:85:e4:09:15:ec:84:00:dd:
9b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:4B:F9:F1:1E:0A:8E:45:E2:28:6E:57:9D:3E:97:9F:DA:4D:F0:BD
X509v3 Authority Key Identifier:
keyid:7C:16:E9:D5:7E:FD:AC:D3:F7:BC:7E:98:49:6B:71:9F:AD:C5:AE:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fBbp1X79rNP3vH6YSWtxn63Frkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/OUv58R4KjkXiKG5XnT6Xn9pN8L0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/f197d0-a540-4882-a67a-b8a232eff2f6/1/fBbp1X79rNP3vH6YSWtxn63Frkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.2.0/24
185.240.72.0/22
193.35.80.0/22
IPv6:
2a07:2680::/29
2a0c:7580::/29
2a0d:6140::/29
Signature Algorithm: sha256WithRSAEncryption
12:53:0e:7a:56:28:02:ce:04:4c:de:9d:15:9f:7e:a9:24:08:
4e:d2:12:fe:72:14:dc:69:67:73:5f:cc:bb:1a:11:61:be:67:
5e:8e:e5:cf:53:12:87:79:a0:80:5a:8b:d9:60:34:9d:99:c5:
90:f7:84:4f:10:81:83:28:38:3a:99:21:74:e7:9d:5c:48:75:
e8:59:bf:53:b2:eb:25:2a:83:f3:e5:c8:a6:d8:df:9b:2f:83:
41:2a:68:39:e4:00:7d:05:dc:b6:79:3b:4b:49:00:7e:f2:76:
fc:9d:02:c5:28:3e:40:18:db:9f:b2:b4:bc:fd:d5:e1:e7:0b:
5d:84:2a:dd:a1:65:e2:e3:77:5d:02:b4:0c:71:39:76:a5:52:
15:08:0e:41:70:30:d2:07:f5:f8:b4:11:de:17:1a:fc:94:ca:
f2:dc:89:4e:a5:42:11:ce:aa:e4:1f:5d:83:9f:4a:ec:16:e6:
42:8e:44:f5:7f:78:e5:cc:31:cf:e2:20:d6:e9:e0:7c:1a:45:
33:0c:b4:02:fa:5a:4e:f8:63:66:97:3c:3a:cd:bf:f8:c7:3f:
b6:b1:6a:69:24:ff:75:3e:9c:c4:ea:67:18:46:23:ff:ab:3e:
af:93:e3:6a:2c:a3:4e:ca:01:9f:93:c1:97:24:96:34:0b:f2:
ff:f7:2a:09
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzI3vThkCa+CYm8un1UjNdpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjMTZlOWQ1N2VmZGFjZDNmN2JjN2U5ODQ5NmI3MTlmYWRj
NWFlNDgwHhcNMjQwMTAyMDYzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTRiZjlmMTFlMGE4ZTQ1ZTIyODZlNTc5ZDNlOTc5ZmRhNGRmMGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlANcHyTLaI/8BWYG0Nr8digBQpt1
baZjofL7P2grBFHhfl7enK/Iv353IzLFgKi9Q3fm16GkkAraIaFXbhyh48K4aaJo
vaYuFf3MliV90qe17wY/z4huSSSW5Rxpe6syu5JHa3ZmFGlK3+mf5/6ZzW/j6g2D
PvQWLXnV/BfkM6ACZyuQgN4fOhxWQnEA7xTwxPgM3hnNVFFgEAT+hTMtm0wA210E
5E5zQ0RYRSyBTXa0QAQbPtn6Am/CYIuXuD4E2F/1Km1X8DUPY1m5cLe9RWfzB7Is
4O1AB5tdwGJd/O89yk5sqJkwqpun1okhiyjx7K+KxZOUheQJFeyEAN2bbQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFDlL+fEeCo5F4ihuV50+l5/aTfC9MB8GA1UdIwQY
MBaAFHwW6dV+/azT97x+mElrcZ+txa5IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkJicDFYNzlyTlAzdkg2WVNXdHhuNjNGcmtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9mMTk3ZDAtYTU0MC00ODgyLWE2N2Et
YjhhMjMyZWZmMmY2LzEvT1V2NThSNEtqa1hpS0c1WG5UNlhuOXBOOEwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9mMTk3ZDAtYTU0MC00ODgyLWE2N2EtYjhhMjMyZWZmMmY2
LzEvZkJicDFYNzlyTlAzdkg2WVNXdHhuNjNGcmtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQAXpoCAwQC
ufBIAwQCwSNQMBsEAgACMBUDBQMqByaAAwUDKgx1gAMFAyoNYUAwDQYJKoZIhvcN
AQELBQADggEBABJTDnpWKALOBEzenRWffqkkCE7SEv5yFNxpZ3NfzLsaEWG+Z16O
5c9TEod5oIBai9lgNJ2ZxZD3hE8QgYMoODqZIXTnnVxIdehZv1Oy6yUqg/PlyKbY
35svg0EqaDnkAH0F3LZ5O0tJAH7ydvydAsUoPkAY25+ytLz91eHnC12EKt2hZeLj
d10CtAxxOXalUhUIDkFwMNIH9fi0Ed4XGvyUyvLciU6lQhHOquQfXYOfSuwW5kKO
RPV/eOXMMc/iINbp4HwaRTMMtAL6Wk74Y2aXPDrNv/jHP7axamkk/3U+nMTqZxhG
I/+rPq+T42oso07KAZ+TwZckljQL8v/3Kgk=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:50:56 2024 by rpki-client on console-ams.rpki-client.org