Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/a1464a-2411-4cc8-a101-0aecdc5175fa/1/FtOApP1JK-2eKX_hjEPgWrMZdBM.roa
File: FtOApP1JK-2eKX_hjEPgWrMZdBM.roa (raw, json)
Hash identifier: fFP7Ifph2yQGZ7ICJ/Ang9F4wXqAsOp+daYrJKGw4zs=
Subject key identifier: 16:D3:80:A4:FD:49:2B:ED:9E:29:7F:E1:8C:43:E0:5A:B3:19:74:13
Certificate issuer: /CN=387b7561d98dacfab863058b3b9807ad823f186a
Certificate serial: 01942747F7FF4DF7BBF6351887C1264F7686
Authority key identifier: 38:7B:75:61:D9:8D:AC:FA:B8:63:05:8B:3B:98:07:AD:82:3F:18:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OHt1YdmNrPq4YwWLO5gHrYI_GGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/a1464a-2411-4cc8-a101-0aecdc5175fa/1/FtOApP1JK-2eKX_hjEPgWrMZdBM.roa
Signing time: Thu 02 Jan 2025 13:50:15 +0000
ROA not before: Thu 02 Jan 2025 13:50:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216434
IP address blocks: 195.160.64.0/24 maxlen: 24
195.160.65.0/24 maxlen: 24
195.160.66.0/24 maxlen: 24
195.160.67.0/24 maxlen: 24
195.160.68.0/24 maxlen: 24
195.160.70.0/24 maxlen: 24
195.160.71.0/24 maxlen: 24
195.160.72.0/24 maxlen: 24
195.160.74.0/24 maxlen: 24
195.160.80.0/23 maxlen: 23
195.160.88.0/24 maxlen: 24
195.160.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/a1464a-2411-4cc8-a101-0aecdc5175fa/1/OHt1YdmNrPq4YwWLO5gHrYI_GGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/a1464a-2411-4cc8-a101-0aecdc5175fa/1/OHt1YdmNrPq4YwWLO5gHrYI_GGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OHt1YdmNrPq4YwWLO5gHrYI_GGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:f7:ff:4d:f7:bb:f6:35:18:87:c1:26:4f:76:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387b7561d98dacfab863058b3b9807ad823f186a
Validity
Not Before: Jan 2 13:50:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=16d380a4fd492bed9e297fe18c43e05ab3197413
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:20:84:fb:ee:4a:63:b0:4f:51:f7:c5:80:5e:
1f:42:6c:08:af:af:15:15:0a:82:76:2f:22:e3:73:
0a:16:30:08:55:4b:f0:ee:ee:5b:54:3e:df:c2:dd:
25:27:2e:f1:57:84:89:97:7e:fd:64:0c:a5:7f:40:
62:fd:21:72:43:0a:e6:85:f8:83:58:c6:7e:9a:22:
8c:2b:33:90:00:c9:fa:13:e6:61:35:fc:0a:8c:ac:
fe:3f:ad:3e:d2:d3:48:d5:c3:9a:23:85:cd:c8:11:
6f:67:29:2e:ee:d2:47:35:9f:1a:f1:39:58:04:30:
b9:b2:dd:86:34:54:d1:ff:af:02:1a:92:4f:85:aa:
79:e8:ef:f2:f9:31:fa:9c:69:5c:2b:80:39:0a:2a:
82:3c:fa:92:3d:01:31:f5:66:9e:da:8e:d5:fe:c7:
cd:fe:f0:9f:75:ff:0e:18:c1:c9:12:8b:97:bd:8f:
c1:f4:1d:ab:a3:0f:13:70:43:27:d9:87:0e:a5:ca:
75:3e:60:f8:93:3c:15:b8:12:8f:0d:a2:6d:ab:7d:
b5:17:60:b1:78:eb:4a:ed:58:a5:67:ac:85:79:54:
f6:8f:52:4f:92:06:74:3e:7e:3c:a5:0f:a5:57:9a:
62:35:4b:6a:7a:bb:f7:76:c0:8a:12:55:68:bb:3c:
3b:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:D3:80:A4:FD:49:2B:ED:9E:29:7F:E1:8C:43:E0:5A:B3:19:74:13
X509v3 Authority Key Identifier:
keyid:38:7B:75:61:D9:8D:AC:FA:B8:63:05:8B:3B:98:07:AD:82:3F:18:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OHt1YdmNrPq4YwWLO5gHrYI_GGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/a1464a-2411-4cc8-a101-0aecdc5175fa/1/FtOApP1JK-2eKX_hjEPgWrMZdBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/a1464a-2411-4cc8-a101-0aecdc5175fa/1/OHt1YdmNrPq4YwWLO5gHrYI_GGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.160.64.0-195.160.68.255
195.160.70.0-195.160.72.255
195.160.74.0/24
195.160.80.0/23
195.160.88.0/23
Signature Algorithm: sha256WithRSAEncryption
2f:4a:82:53:f0:0e:70:55:c1:c2:de:cd:61:9e:07:bd:da:f1:
32:c4:17:19:e1:53:50:b6:bb:45:29:3c:22:9b:5b:f2:6a:32:
1e:3b:83:50:49:7f:78:0e:f9:0c:5e:79:84:6b:42:47:0b:54:
ab:17:e1:77:e2:31:ff:a5:b0:2c:24:61:8a:ed:03:23:e4:e4:
ba:15:76:58:3f:78:25:ed:4f:9f:3a:16:a3:23:64:bb:46:f6:
d9:ef:f6:0b:17:6d:d9:84:ca:c4:0a:6a:d6:0f:83:2d:d9:aa:
5e:d7:86:a1:db:47:15:b2:ad:5a:25:bc:c2:cd:ba:d2:91:b2:
8b:08:42:21:66:85:2c:d7:51:a1:b2:9a:42:55:10:c4:10:d2:
8c:45:94:78:53:4e:16:2b:ae:00:54:0a:d8:a5:bf:d3:5c:1a:
2c:b7:25:fc:a2:89:84:ce:e7:d2:9b:88:be:5f:40:55:65:a3:
0a:18:45:f0:1f:a4:59:7f:ae:d6:6c:30:9f:e5:3d:7f:53:bb:
ba:9d:98:83:66:fc:cf:2b:1e:01:2f:e5:b0:51:49:a2:5c:f4:
52:34:70:45:bd:20:e5:18:da:00:63:26:da:c3:ad:18:2f:d1:
be:ed:5d:26:52:6f:56:37:54:2c:b7:6e:1e:22:91:02:95:b6:
95:a6:b9:69
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZQnR/f/Tfe79jUYh8EmT3aGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2I3NTYxZDk4ZGFjZmFiODYzMDU4YjNiOTgwN2FkODIz
ZjE4NmEwHhcNMjUwMTAyMTM1MDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNmQzODBhNGZkNDkyYmVkOWUyOTdmZTE4YzQzZTA1YWIzMTk3NDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAriCE++5KY7BPUffFgF4fQmwIr68V
FQqCdi8i43MKFjAIVUvw7u5bVD7fwt0lJy7xV4SJl379ZAylf0Bi/SFyQwrmhfiD
WMZ+miKMKzOQAMn6E+ZhNfwKjKz+P60+0tNI1cOaI4XNyBFvZyku7tJHNZ8a8TlY
BDC5st2GNFTR/68CGpJPhap56O/y+TH6nGlcK4A5CiqCPPqSPQEx9Wae2o7V/sfN
/vCfdf8OGMHJEouXvY/B9B2row8TcEMn2YcOpcp1PmD4kzwVuBKPDaJtq321F2Cx
eOtK7VilZ6yFeVT2j1JPkgZ0Pn48pQ+lV5piNUtqerv3dsCKElVouzw7uwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFBbTgKT9SSvtnil/4YxD4FqzGXQTMB8GA1UdIwQY
MBaAFDh7dWHZjaz6uGMFizuYB62CPxhqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0h0MVlkbU5yUHE0WXdXTE81Z0hyWUlfR0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC9hMTQ2NGEtMjQxMS00Y2M4LWExMDEt
MGFlY2RjNTE3NWZhLzEvRnRPQXBQMUpLLTJlS1hfaGpFUGdXck1aZEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC9hMTQ2NGEtMjQxMS00Y2M4LWExMDEtMGFlY2RjNTE3NWZh
LzEvT0h0MVlkbU5yUHE0WXdXTE81Z0hyWUlfR0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAbDoEAD
BADDoEQwDAMEAcOgRgMEAMOgSAMEAMOgSgMEAcOgUAMEAcOgWDANBgkqhkiG9w0B
AQsFAAOCAQEAL0qCU/AOcFXBwt7NYZ4HvdrxMsQXGeFTULa7RSk8Iptb8moyHjuD
UEl/eA75DF55hGtCRwtUqxfhd+Ix/6WwLCRhiu0DI+TkuhV2WD94Je1PnzoWoyNk
u0b22e/2Cxdt2YTKxApq1g+DLdmqXteGodtHFbKtWiW8ws260pGyiwhCIWaFLNdR
obKaQlUQxBDSjEWUeFNOFiuuAFQK2KW/01waLLcl/KKJhM7n0puIvl9AVWWjChhF
8B+kWX+u1mwwn+U9f1O7up2Yg2b8zyseAS/lsFFJolz0UjRwRb0g5RjaAGMm2sOt
GC/Rvu1dJlJvVjdULLduHiKRApW2laa5aQ==
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:40:19 2025 by rpki-client