Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/a0SjMImekPxTMhxflVUxKkfI67U.roa
File: a0SjMImekPxTMhxflVUxKkfI67U.roa (raw, json)
Hash identifier: KX3Evs5O+FtvHFmurNlWzhI7z5fW54IpRDhPGUSydds=
Subject key identifier: 6B:44:A3:30:89:9E:90:FC:53:32:1C:5F:95:55:31:2A:47:C8:EB:B5
Certificate issuer: /CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Certificate serial: 018CC6B788D3851D91232CA898E09DA0B0B6
Authority key identifier: 38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/a0SjMImekPxTMhxflVUxKkfI67U.roa
Signing time: Mon 01 Jan 2024 20:29:26 +0000
ROA not before: Mon 01 Jan 2024 20:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206853
IP address blocks: 192.33.163.0/24 maxlen: 24
188.127.252.0/24 maxlen: 24
192.35.205.0/24 maxlen: 24
176.110.105.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:88:d3:85:1d:91:23:2c:a8:98:e0:9d:a0:b0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a0c8826c18bcd513aaa7e52081ff9fd37919fb
Validity
Not Before: Jan 1 20:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b44a330899e90fc53321c5f9555312a47c8ebb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:ef:31:fa:29:d2:03:41:65:16:14:9b:56:aa:
12:a5:26:75:35:f7:b3:1e:7d:a4:5a:0e:96:24:ec:
0f:e2:31:fe:5a:e4:17:0d:8e:20:9c:e8:c9:e8:8a:
22:9a:07:46:a3:16:bf:0e:a5:14:cc:8f:85:20:0f:
9d:03:ec:ff:56:da:27:86:4b:e5:8e:e9:c6:6a:11:
23:8a:d3:f3:a5:98:a9:96:90:23:4f:25:0a:d8:8b:
bf:9b:68:67:2e:07:0b:f9:01:c9:37:70:42:ac:aa:
ff:7e:87:54:03:3b:fb:71:42:ce:2e:e0:14:5e:98:
f8:8a:b3:7e:ce:c2:6a:d7:07:71:9e:6e:bd:6f:eb:
e9:9b:b0:84:52:6b:4b:71:27:15:53:28:b4:28:0c:
fb:f2:7f:2e:22:e7:8e:0d:69:20:21:29:47:47:76:
1e:6a:5f:0d:c2:9b:5c:3b:e7:e7:1c:41:a3:71:5e:
3b:b5:e0:5c:bb:72:0c:55:64:0d:d8:f9:b6:3e:99:
74:d5:92:d8:5b:69:cf:38:4d:72:04:cb:0f:fb:70:
46:62:f5:75:b5:72:52:18:d5:0d:2e:cb:6c:7d:26:
8a:14:a3:11:2b:e8:14:12:2f:9f:e8:8f:82:09:af:
5a:e2:92:29:bf:6e:89:15:fd:71:a1:be:c3:8c:21:
5d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:44:A3:30:89:9E:90:FC:53:32:1C:5F:95:55:31:2A:47:C8:EB:B5
X509v3 Authority Key Identifier:
keyid:38:A0:C8:82:6C:18:BC:D5:13:AA:A7:E5:20:81:FF:9F:D3:79:19:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKDIgmwYvNUTqqflIIH_n9N5Gfs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/a0SjMImekPxTMhxflVUxKkfI67U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/29638b-12ca-49ef-94e9-0502a6a54aab/1/OKDIgmwYvNUTqqflIIH_n9N5Gfs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.110.105.0/24
188.127.252.0/24
192.33.163.0/24
192.35.205.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:5f:98:e7:bd:9f:6a:45:05:0b:46:2b:32:55:ec:d3:17:fe:
7f:71:55:6c:ab:f0:a6:c9:79:75:f4:af:83:14:d2:d1:f4:05:
11:3e:d3:28:01:5b:93:53:a2:d4:df:37:c0:e2:b2:6d:5d:f8:
6e:4e:a1:81:29:6c:2d:83:d0:20:51:f4:f5:c0:bc:73:1b:e5:
e0:cd:c9:d2:33:52:b9:0a:27:11:a6:80:43:d3:d5:df:ec:4f:
0c:3e:43:16:c2:d1:2c:23:20:8c:18:26:a5:5d:9a:5b:62:fa:
fb:07:c0:5b:c9:dd:b9:9e:aa:79:7f:5c:ec:e5:b3:f8:d2:69:
12:76:63:80:8a:dd:1b:ad:9d:c2:4d:a2:8f:87:b8:e3:21:de:
d8:2e:02:b5:1a:da:c6:5b:4c:92:03:2f:c2:d3:60:61:37:1a:
01:d1:1c:5f:67:55:a0:67:46:b1:bb:94:54:e2:cc:5f:bb:9e:
01:e0:5a:bb:95:9e:d3:10:ca:65:69:15:5a:54:e2:d5:4c:c4:
c4:1a:b0:b2:80:2b:b9:dc:9c:2a:0e:fc:c6:87:30:29:87:2b:
2c:3e:d3:b4:e0:0b:8e:e4:f0:a3:45:5d:50:57:53:a9:1f:74:
96:e7:03:8a:6a:34:3b:3a:74:45:46:e6:cc:be:c0:71:f0:21:
13:2b:7e:7a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGt4jThR2RIyyomOCdoLC2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTBjODgyNmMxOGJjZDUxM2FhYTdlNTIwODFmZjlmZDM3
OTE5ZmIwHhcNMjQwMTAxMjAyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjQ0YTMzMDg5OWU5MGZjNTMzMjFjNWY5NTU1MzEyYTQ3YzhlYmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmO8x+inSA0FlFhSbVqoSpSZ1Nfez
Hn2kWg6WJOwP4jH+WuQXDY4gnOjJ6IoimgdGoxa/DqUUzI+FIA+dA+z/Vtonhkvl
junGahEjitPzpZiplpAjTyUK2Iu/m2hnLgcL+QHJN3BCrKr/fodUAzv7cULOLuAU
Xpj4irN+zsJq1wdxnm69b+vpm7CEUmtLcScVUyi0KAz78n8uIueODWkgISlHR3Ye
al8NwptcO+fnHEGjcV47teBcu3IMVWQN2Pm2Ppl01ZLYW2nPOE1yBMsP+3BGYvV1
tXJSGNUNLstsfSaKFKMRK+gUEi+f6I+CCa9a4pIpv26JFf1xob7DjCFdkQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGtEozCJnpD8UzIcX5VVMSpHyOu1MB8GA1UdIwQY
MBaAFDigyIJsGLzVE6qn5SCB/5/TeRn7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTkt
MDUwMmE2YTU0YWFiLzEvYTBTak1JbWVrUHhUTWh4ZmxWVXhLa2ZJNjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi8yOTYzOGItMTJjYS00OWVmLTk0ZTktMDUwMmE2YTU0YWFi
LzEvT0tESWdtd1l2TlVUcXFmbElJSF9uOU41R2ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAsG5pAwQA
vH/8AwQAwCGjAwQAwCPNMA0GCSqGSIb3DQEBCwUAA4IBAQCaX5jnvZ9qRQULRisy
VezTF/5/cVVsq/CmyXl19K+DFNLR9AURPtMoAVuTU6LU3zfA4rJtXfhuTqGBKWwt
g9AgUfT1wLxzG+XgzcnSM1K5CicRpoBD09Xf7E8MPkMWwtEsIyCMGCalXZpbYvr7
B8Bbyd25nqp5f1zs5bP40mkSdmOAit0brZ3CTaKPh7jjId7YLgK1GtrGW0ySAy/C
02BhNxoB0RxfZ1WgZ0axu5RU4sxfu54B4Fq7lZ7TEMplaRVaVOLVTMTEGrCygCu5
3JwqDvzGhzAphyssPtO04AuO5PCjRV1QV1OpH3SW5wOKajQ7OnRFRubMvsBx8CET
K356
-----END CERTIFICATE-----
Generated at Fri Jun 7 13:20:53 2024 by rpki-client on console-ams.rpki-client.org