Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/oS0sKQ_YnJZGhVF4253wLpKDXM4.roa
File: oS0sKQ_YnJZGhVF4253wLpKDXM4.roa (raw, json)
Hash identifier: Nhr5VtYmceIz7D3wQB2+a9K1FrQ79+8D35M+b16R+xg=
Subject key identifier: A1:2D:2C:29:0F:D8:9C:96:46:85:51:78:DB:9D:F0:2E:92:83:5C:CE
Certificate issuer: /CN=2532a5cf2ba18c753edc95ee20b666293df02d5b
Certificate serial: 018CC8701168EF1533A1801DA95C1BB5B714
Authority key identifier: 25:32:A5:CF:2B:A1:8C:75:3E:DC:95:EE:20:B6:66:29:3D:F0:2D:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTKlzyuhjHU-3JXuILZmKT3wLVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/oS0sKQ_YnJZGhVF4253wLpKDXM4.roa
Signing time: Tue 02 Jan 2024 04:30:36 +0000
ROA not before: Tue 02 Jan 2024 04:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33849
IP address blocks: 77.32.225.0/24 maxlen: 24
77.32.230.0/24 maxlen: 24
195.211.14.0/24 maxlen: 24
195.211.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/JTKlzyuhjHU-3JXuILZmKT3wLVs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/JTKlzyuhjHU-3JXuILZmKT3wLVs.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTKlzyuhjHU-3JXuILZmKT3wLVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:11:68:ef:15:33:a1:80:1d:a9:5c:1b:b5:b7:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2532a5cf2ba18c753edc95ee20b666293df02d5b
Validity
Not Before: Jan 2 04:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a12d2c290fd89c9646855178db9df02e92835cce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:9a:24:14:72:81:8d:d2:00:03:f6:c1:c4:1a:
65:08:7b:16:fa:81:4f:30:3c:ec:5c:e9:e7:f2:2a:
fd:8e:ab:42:d0:2f:78:b4:22:f9:60:e3:9d:93:03:
60:fe:43:5f:06:f1:ea:f1:cf:7f:c8:02:d5:5b:aa:
24:2f:ef:d5:8b:d5:15:cd:a0:7e:4b:e5:3c:27:b2:
e1:51:af:38:8a:36:90:41:17:85:73:0e:4a:e8:e0:
ff:d2:58:cb:1e:1f:3c:97:80:b0:64:db:7d:3d:93:
63:b7:0a:eb:9f:b0:87:8f:c0:7f:e9:f1:3d:65:aa:
13:26:84:a5:c7:20:39:ae:28:f0:18:06:2c:90:bf:
7e:33:14:7f:8c:d7:63:6c:93:a1:59:bd:0e:7b:95:
11:da:11:24:5b:52:ac:82:cb:46:8d:10:d5:2a:14:
09:e1:6f:6f:b4:25:dc:6e:da:43:ee:8f:93:b1:37:
62:12:07:76:9d:6e:d7:12:ea:b7:23:69:49:14:a3:
1e:f5:dc:78:1e:08:ba:7c:84:51:9f:5f:16:d8:a9:
e6:6d:00:05:a0:d0:af:da:42:63:17:2c:a4:ff:fb:
b3:f5:9e:1b:ce:ec:37:5a:82:ee:75:0e:b8:f2:cd:
f2:b3:40:f9:8b:98:9b:d7:08:2d:b0:03:b6:64:b3:
fd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2D:2C:29:0F:D8:9C:96:46:85:51:78:DB:9D:F0:2E:92:83:5C:CE
X509v3 Authority Key Identifier:
keyid:25:32:A5:CF:2B:A1:8C:75:3E:DC:95:EE:20:B6:66:29:3D:F0:2D:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTKlzyuhjHU-3JXuILZmKT3wLVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/oS0sKQ_YnJZGhVF4253wLpKDXM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/1e02fa-f823-41c8-86b2-151cf61de83e/1/JTKlzyuhjHU-3JXuILZmKT3wLVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.32.225.0/24
77.32.230.0/24
195.211.14.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:9b:c1:47:8e:73:8d:37:79:2b:d8:d7:a0:f8:49:45:c8:5f:
7b:a8:89:a7:9a:07:10:f1:39:58:8b:92:0e:49:07:6e:2b:fb:
fc:a7:32:52:4e:80:63:11:bd:21:3c:73:39:ae:85:97:61:cd:
72:90:06:91:5d:b0:22:45:6a:99:bc:4c:62:64:43:82:98:50:
b9:62:de:27:b0:79:63:51:57:ce:34:c8:3e:86:9b:25:f6:c7:
53:09:33:58:fb:34:dc:cc:bc:59:b3:21:bd:77:76:d8:c2:21:
87:b2:d7:3c:6e:10:cc:e5:bf:b7:2b:8b:73:3d:03:27:e1:15:
3c:5c:7b:75:02:bf:9a:ef:d2:63:45:7a:29:3b:1b:c4:1f:65:
c8:3c:24:2d:69:b8:41:87:d1:8c:a2:00:80:38:d3:29:1b:f0:
88:98:31:80:36:c1:b6:1c:ac:32:28:7e:f8:e5:88:a0:d3:c2:
6d:c3:60:31:10:05:a1:c0:cd:ff:f6:c6:86:56:16:ec:dc:b0:
a7:37:06:35:f2:6e:b9:41:04:e1:95:d2:7a:9d:86:59:78:88:
ab:d9:3b:93:1f:37:fc:b4:4e:62:51:0d:86:f4:89:ad:e5:01:
dc:98:1c:14:e7:fb:69:aa:69:d8:15:ea:32:f6:de:82:67:76:
33:fe:ca:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIcBFo7xUzoYAdqVwbtbcUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1MzJhNWNmMmJhMThjNzUzZWRjOTVlZTIwYjY2NjI5M2Rm
MDJkNWIwHhcNMjQwMTAyMDQzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTJkMmMyOTBmZDg5Yzk2NDY4NTUxNzhkYjlkZjAyZTkyODM1Y2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApJokFHKBjdIAA/bBxBplCHsW+oFP
MDzsXOnn8ir9jqtC0C94tCL5YOOdkwNg/kNfBvHq8c9/yALVW6okL+/Vi9UVzaB+
S+U8J7LhUa84ijaQQReFcw5K6OD/0ljLHh88l4CwZNt9PZNjtwrrn7CHj8B/6fE9
ZaoTJoSlxyA5rijwGAYskL9+MxR/jNdjbJOhWb0Oe5UR2hEkW1KsgstGjRDVKhQJ
4W9vtCXcbtpD7o+TsTdiEgd2nW7XEuq3I2lJFKMe9dx4Hgi6fIRRn18W2KnmbQAF
oNCv2kJjFyyk//uz9Z4bzuw3WoLudQ648s3ys0D5i5ib1wgtsAO2ZLP9JwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKEtLCkP2JyWRoVReNud8C6Sg1zOMB8GA1UdIwQY
MBaAFCUypc8roYx1PtyV7iC2Zik98C1bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRLbHp5dWhqSFUtM0pYdUlMWm1LVDN3TFZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8xZTAyZmEtZjgyMy00MWM4LTg2YjIt
MTUxY2Y2MWRlODNlLzEvb1Mwc0tRX1luSlpHaFZGNDI1M3dMcEtEWE00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8xZTAyZmEtZjgyMy00MWM4LTg2YjItMTUxY2Y2MWRlODNl
LzEvSlRLbHp5dWhqSFUtM0pYdUlMWm1LVDN3TFZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATSDhAwQA
TSDmAwQBw9MOMA0GCSqGSIb3DQEBCwUAA4IBAQA8m8FHjnONN3kr2Neg+ElFyF97
qImnmgcQ8TlYi5IOSQduK/v8pzJSToBjEb0hPHM5roWXYc1ykAaRXbAiRWqZvExi
ZEOCmFC5Yt4nsHljUVfONMg+hpsl9sdTCTNY+zTczLxZsyG9d3bYwiGHstc8bhDM
5b+3K4tzPQMn4RU8XHt1Ar+a79JjRXopOxvEH2XIPCQtabhBh9GMogCAONMpG/CI
mDGANsG2HKwyKH745Yig08Jtw2AxEAWhwM3/9saGVhbs3LCnNwY18m65QQThldJ6
nYZZeIir2TuTHzf8tE5iUQ2G9Imt5QHcmBwU5/tpqmnYFeoy9t6CZ3Yz/soH
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:56 2024 by rpki-client on console-ams.rpki-client.org