Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/O14WbOvShOR1jJio17S8djIlUo8.roa
File: O14WbOvShOR1jJio17S8djIlUo8.roa (raw, json)
Hash identifier: qgGf7H3g4HFFVKjxa9cxzOphgHm+c7yHeqRVmfrDbIw=
Subject key identifier: 3B:5E:16:6C:EB:D2:84:E4:75:8C:98:A8:D7:B4:BC:76:32:25:52:8F
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A226F55DBBBE46E5215B07A66A187
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/O14WbOvShOR1jJio17S8djIlUo8.roa
Signing time: Tue 02 Jan 2024 12:33:28 +0000
ROA not before: Tue 02 Jan 2024 12:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60286
IP address blocks: 146.120.92.0/24 maxlen: 24
146.120.92.0/23 maxlen: 24
146.120.93.0/24 maxlen: 24
95.47.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:12:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:22:6f:55:db:bb:e4:6e:52:15:b0:7a:66:a1:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b5e166cebd284e4758c98a8d7b4bc763225528f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:b2:1a:0d:ba:59:fa:ab:48:36:20:d4:56:20:
5c:b5:07:e6:62:76:09:a9:d2:a5:4e:20:3f:1a:b5:
02:72:af:5e:3c:c9:07:87:25:06:59:7c:df:ff:ef:
3e:4a:03:42:73:8c:30:4b:b8:52:60:93:ba:a7:ac:
7b:28:f3:f0:96:51:d0:2e:36:27:8d:91:3b:02:93:
40:77:68:d4:f4:31:20:47:86:80:5b:99:24:74:7a:
8e:d2:0f:e3:24:5a:6b:d2:f1:20:35:6a:c7:94:13:
fd:e9:7d:f8:75:04:86:a5:ee:77:cb:82:86:d7:7f:
e0:a3:ff:fb:24:f1:c1:d3:e2:78:0f:55:7b:2a:bf:
97:5e:6b:02:5d:19:ca:73:03:cc:cd:f0:a4:f0:09:
07:40:02:f8:ca:19:6a:05:df:47:b7:0c:24:68:0b:
a6:44:fc:80:db:64:60:84:94:f6:d5:de:d5:fe:35:
1c:a9:91:8d:8b:f2:96:16:ec:e1:1a:8c:31:3b:85:
b9:85:77:25:0f:d4:30:3d:5b:f0:3a:26:3d:84:ad:
f3:7d:ba:38:30:f5:09:83:0a:4d:cf:89:5b:cd:d4:
84:64:e4:b7:0a:dd:d8:b7:e7:b7:a2:9a:45:9f:f7:
90:78:bb:f4:a8:2c:4a:4e:d5:f9:83:85:bb:ae:c3:
08:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:5E:16:6C:EB:D2:84:E4:75:8C:98:A8:D7:B4:BC:76:32:25:52:8F
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/O14WbOvShOR1jJio17S8djIlUo8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.47.188.0/24
146.120.92.0/23
Signature Algorithm: sha256WithRSAEncryption
20:30:23:b4:b4:af:dd:77:70:41:de:82:2c:27:e2:b3:b2:ea:
19:64:68:42:0d:a1:1c:9e:78:5f:52:38:2c:02:60:d2:ce:ff:
8e:fa:00:0c:d6:12:f0:c9:f9:a2:d7:54:f7:59:84:33:f2:93:
68:a7:c5:72:48:d1:82:62:a3:49:5c:97:f2:b4:17:84:3a:2b:
1d:88:f8:21:91:31:c1:0b:bf:bf:cb:42:a3:57:36:b5:ca:e7:
f3:ee:43:78:0a:3f:ed:67:8d:a6:84:6e:01:88:8c:c2:03:5d:
32:05:ed:fb:71:17:85:68:fa:62:da:21:68:24:80:19:fc:4a:
70:fd:9d:5a:99:58:25:52:0b:1c:4c:3d:26:ce:bc:7b:d4:10:
4c:f9:58:ed:b1:d3:b1:0e:64:a7:ad:29:df:2d:32:9c:eb:03:
44:1d:25:27:14:21:72:0d:26:83:b5:fd:67:a6:8c:85:c5:a8:
f8:42:ce:7c:7c:e5:27:5a:12:6d:24:be:71:83:9a:c1:49:0b:
dc:39:aa:cb:f6:6e:63:b9:40:fc:a7:f7:90:69:40:cc:fc:30:
17:ba:7e:7f:d9:79:3c:34:b1:97:c2:59:0f:cd:96:ac:75:09:
47:13:0d:42:34:cd:2e:32:08:d4:d8:e5:4b:dd:a5:6a:ad:c0:
d9:9e:7e:69
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKiJvVdu75G5SFbB6ZqGHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjVlMTY2Y2ViZDI4NGU0NzU4Yzk4YThkN2I0YmM3NjMyMjU1MjhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzLIaDbpZ+qtINiDUViBctQfmYnYJ
qdKlTiA/GrUCcq9ePMkHhyUGWXzf/+8+SgNCc4wwS7hSYJO6p6x7KPPwllHQLjYn
jZE7ApNAd2jU9DEgR4aAW5kkdHqO0g/jJFpr0vEgNWrHlBP96X34dQSGpe53y4KG
13/go//7JPHB0+J4D1V7Kr+XXmsCXRnKcwPMzfCk8AkHQAL4yhlqBd9HtwwkaAum
RPyA22RghJT21d7V/jUcqZGNi/KWFuzhGowxO4W5hXclD9QwPVvwOiY9hK3zfbo4
MPUJgwpNz4lbzdSEZOS3Ct3Yt+e3oppFn/eQeLv0qCxKTtX5g4W7rsMI4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDteFmzr0oTkdYyYqNe0vHYyJVKPMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvTzE0V2JPdlNoT1IxakppbzE3UzhkaklsVW84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXy+8AwQB
knhcMA0GCSqGSIb3DQEBCwUAA4IBAQAgMCO0tK/dd3BB3oIsJ+KzsuoZZGhCDaEc
nnhfUjgsAmDSzv+O+gAM1hLwyfmi11T3WYQz8pNop8VySNGCYqNJXJfytBeEOisd
iPghkTHBC7+/y0KjVza1yufz7kN4Cj/tZ42mhG4BiIzCA10yBe37cReFaPpi2iFo
JIAZ/Epw/Z1amVglUgscTD0mzrx71BBM+VjtsdOxDmSnrSnfLTKc6wNEHSUnFCFy
DSaDtf1npoyFxaj4Qs58fOUnWhJtJL5xg5rBSQvcOarL9m5juUD8p/eQaUDM/DAX
un5/2Xk8NLGXwlkPzZasdQlHEw1CNM0uMgjU2OVL3aVqrcDZnn5p
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:11 2024 by rpki-client on console-fra.rpki-client.org