Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/oQ_v_nGWNWyYLb1au1t997S3g-c.roa
File: oQ_v_nGWNWyYLb1au1t997S3g-c.roa (raw, json)
Hash identifier: pEFogLmZMfexChumb9eVRS+ZD3iXeENkhmPxE6n5TpQ=
Subject key identifier: A1:0F:EF:FE:71:96:35:6C:98:2D:BD:5A:BB:5B:7D:F7:B4:B7:83:E7
Certificate issuer: /CN=6ed0392ac7660bd1460fa1d5031d1840d01b9412
Certificate serial: 018CC6B7DF4053B3FBF5F30050B7144B473C
Authority key identifier: 6E:D0:39:2A:C7:66:0B:D1:46:0F:A1:D5:03:1D:18:40:D0:1B:94:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/oQ_v_nGWNWyYLb1au1t997S3g-c.roa
Signing time: Mon 01 Jan 2024 20:29:48 +0000
ROA not before: Mon 01 Jan 2024 20:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34240
IP address blocks: 217.11.48.0/20 maxlen: 20
89.238.64.0/18 maxlen: 18
2.59.84.0/22 maxlen: 22
89.238.80.0/24 maxlen: 24
89.238.85.0/24 maxlen: 24
85.116.192.0/19 maxlen: 19
2a00:1828::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/btA5KsdmC9FGD6HVAx0YQNAblBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/btA5KsdmC9FGD6HVAx0YQNAblBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:df:40:53:b3:fb:f5:f3:00:50:b7:14:4b:47:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed0392ac7660bd1460fa1d5031d1840d01b9412
Validity
Not Before: Jan 1 20:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a10feffe7196356c982dbd5abb5b7df7b4b783e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:d7:1a:79:9b:b3:88:fc:b6:26:ec:6f:84:66:
eb:77:c9:99:11:e9:bc:e0:cd:ae:94:03:e2:74:5a:
96:9b:1f:76:11:b9:ac:88:6f:47:da:0d:66:73:86:
f6:17:89:d6:f6:b1:87:0f:ca:8d:52:cc:db:fa:fb:
f9:f4:e8:e1:6e:e2:5c:c3:9d:b5:df:cb:c7:c3:aa:
f3:8c:b4:6c:34:15:ab:6d:bd:33:1a:ad:eb:f8:74:
68:c4:1f:d1:5b:f8:e3:82:39:b4:4a:27:e0:12:5d:
5b:ec:63:5e:63:84:3c:12:2f:73:ce:5c:90:9b:39:
ce:9d:5d:67:e6:76:f7:60:30:d2:13:3b:67:b0:67:
aa:25:b4:ef:20:1f:5b:e3:bd:c7:75:6c:1b:ea:88:
5c:05:a9:74:7b:ff:88:9f:cb:8e:8c:89:57:4e:67:
32:28:31:52:72:23:1b:17:b4:0d:e0:48:45:05:f4:
c9:df:2d:a0:47:50:27:ca:ec:42:3c:34:71:84:74:
1e:b7:64:d3:b4:77:67:21:57:34:d7:6a:b8:eb:c0:
09:e4:c3:6b:17:6b:4d:f7:8c:0a:47:d6:ea:c3:d5:
66:37:a8:18:4a:e0:47:73:04:48:88:8f:77:43:a3:
8d:74:04:3c:8f:ff:54:4c:a4:65:e7:32:69:53:78:
4b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:0F:EF:FE:71:96:35:6C:98:2D:BD:5A:BB:5B:7D:F7:B4:B7:83:E7
X509v3 Authority Key Identifier:
keyid:6E:D0:39:2A:C7:66:0B:D1:46:0F:A1:D5:03:1D:18:40:D0:1B:94:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/oQ_v_nGWNWyYLb1au1t997S3g-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/btA5KsdmC9FGD6HVAx0YQNAblBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.84.0/22
85.116.192.0/19
89.238.64.0/18
217.11.48.0/20
IPv6:
2a00:1828::/32
Signature Algorithm: sha256WithRSAEncryption
af:4b:65:61:60:50:55:c3:d1:56:9b:c1:69:e9:c6:19:ab:73:
48:72:af:9a:3b:fc:c4:57:70:06:5f:54:f9:0f:c9:31:3f:f0:
d3:d9:e1:78:4c:1a:8a:ec:c7:28:6a:ea:d0:53:5d:a7:b9:1f:
1e:22:30:4c:b4:c1:30:97:bf:1f:ec:14:a5:ab:be:7f:34:99:
12:4d:92:6c:aa:4b:09:e7:b8:25:35:2f:ad:b5:ec:f0:e2:f3:
17:23:49:c6:c6:86:07:97:16:14:f3:d4:70:12:bf:be:68:36:
be:85:54:3e:6b:a2:2d:66:d3:9b:6f:ff:a5:36:13:58:d0:12:
7a:fd:88:51:10:07:f2:4c:1f:9e:d0:46:fd:b0:d5:d7:13:ce:
4d:87:0e:16:a2:19:64:3d:36:20:1c:59:2a:f6:00:25:f9:47:
b7:41:cf:58:3f:8d:f4:9e:43:a5:09:b6:dc:2f:c1:48:bb:7a:
44:e1:ed:32:b1:8d:a1:76:31:60:3d:61:8b:a0:2d:3f:90:c2:
ec:ac:a6:9e:ff:32:50:cd:96:29:eb:32:4c:cd:33:0f:64:b9:
bb:a3:0d:b4:0c:63:99:d9:9e:62:09:84:46:d1:a9:a2:91:af:
a1:1e:e2:a9:2e:00:41:6c:e6:02:98:ac:3b:32:ee:e1:fc:eb:
c5:2c:6a:f9
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGt99AU7P79fMAULcUS0c8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZDAzOTJhYzc2NjBiZDE0NjBmYTFkNTAzMWQxODQwZDAx
Yjk0MTIwHhcNMjQwMTAxMjAyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTBmZWZmZTcxOTYzNTZjOTgyZGJkNWFiYjViN2RmN2I0Yjc4M2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlNcaeZuziPy2JuxvhGbrd8mZEem8
4M2ulAPidFqWmx92EbmsiG9H2g1mc4b2F4nW9rGHD8qNUszb+vv59OjhbuJcw521
38vHw6rzjLRsNBWrbb0zGq3r+HRoxB/RW/jjgjm0SifgEl1b7GNeY4Q8Ei9zzlyQ
mznOnV1n5nb3YDDSEztnsGeqJbTvIB9b473HdWwb6ohcBal0e/+In8uOjIlXTmcy
KDFSciMbF7QN4EhFBfTJ3y2gR1AnyuxCPDRxhHQet2TTtHdnIVc012q468AJ5MNr
F2tN94wKR9bqw9VmN6gYSuBHcwRIiI93Q6ONdAQ8j/9UTKRl5zJpU3hLGwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKEP7/5xljVsmC29Wrtbffe0t4PnMB8GA1UdIwQY
MBaAFG7QOSrHZgvRRg+h1QMdGEDQG5QSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnRBNUtzZG1DOUZHRDZIVkF4MFlRTkFibEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83OGUwM2MtYzljNy00Yzg1LWJmZGQt
ZThiYWY5ZmZhZGY4LzEvb1Ffdl9uR1dOV3lZTGIxYXUxdDk5N1MzZy1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83OGUwM2MtYzljNy00Yzg1LWJmZGQtZThiYWY5ZmZhZGY4
LzEvYnRBNUtzZG1DOUZHRDZIVkF4MFlRTkFibEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCAjtUAwQF
VXTAAwQGWe5AAwQE2QswMA0EAgACMAcDBQAqABgoMA0GCSqGSIb3DQEBCwUAA4IB
AQCvS2VhYFBVw9FWm8Fp6cYZq3NIcq+aO/zEV3AGX1T5D8kxP/DT2eF4TBqK7Mco
aurQU12nuR8eIjBMtMEwl78f7BSlq75/NJkSTZJsqksJ57glNS+ttezw4vMXI0nG
xoYHlxYU89RwEr++aDa+hVQ+a6ItZtObb/+lNhNY0BJ6/YhREAfyTB+e0Eb9sNXX
E85Nhw4WohlkPTYgHFkq9gAl+Ue3Qc9YP430nkOlCbbcL8FIu3pE4e0ysY2hdjFg
PWGLoC0/kMLsrKae/zJQzZYp6zJMzTMPZLm7ow20DGOZ2Z5iCYRG0amika+hHuKp
LgBBbOYCmKw7Mu7h/OvFLGr5
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:55:53 2024 by rpki-client on console-fra.rpki-client.org