Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/OJx5-AGDYhS-ZEGcNRE2e9hM3Ek.roa
File: OJx5-AGDYhS-ZEGcNRE2e9hM3Ek.roa (raw, json)
Hash identifier: K458QRJb12LJ4/5aOnMjO5NXs3Aza0mRAFnjS9UyHNI=
Subject key identifier: 38:9C:79:F8:01:83:62:14:BE:64:41:9C:35:11:36:7B:D8:4C:DC:49
Certificate issuer: /CN=37778681361b1fff87ce398402efa63869e5bfd1
Certificate serial: 0192DC091A5E9BB2546B7BE9A44E4386376B
Authority key identifier: 37:77:86:81:36:1B:1F:FF:87:CE:39:84:02:EF:A6:38:69:E5:BF:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N3eGgTYbH_-HzjmEAu-mOGnlv9E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/OJx5-AGDYhS-ZEGcNRE2e9hM3Ek.roa
Signing time: Wed 30 Oct 2024 06:07:17 +0000
ROA not before: Wed 30 Oct 2024 06:07:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203971
IP address blocks: 185.118.48.0/22 maxlen: 22
185.118.48.0/24 maxlen: 24
185.118.49.0/24 maxlen: 24
185.118.50.0/24 maxlen: 24
185.118.51.0/24 maxlen: 24
185.222.92.0/22 maxlen: 22
185.222.92.0/24 maxlen: 24
185.222.93.0/24 maxlen: 24
185.222.94.0/24 maxlen: 24
185.222.95.0/24 maxlen: 24
2a06:91c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/N3eGgTYbH_-HzjmEAu-mOGnlv9E.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/N3eGgTYbH_-HzjmEAu-mOGnlv9E.mft
rsync://rpki.ripe.net/repository/DEFAULT/N3eGgTYbH_-HzjmEAu-mOGnlv9E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:09:1a:5e:9b:b2:54:6b:7b:e9:a4:4e:43:86:37:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37778681361b1fff87ce398402efa63869e5bfd1
Validity
Not Before: Oct 30 06:07:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=389c79f801836214be64419c3511367bd84cdc49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:be:f3:1a:af:44:7e:53:4b:d6:8d:c8:ba:2a:
a1:d0:93:8a:6d:85:7e:64:62:a1:e5:b2:43:73:97:
2d:af:61:2b:2d:40:98:fe:f2:a7:ad:41:9f:1a:16:
33:93:00:77:1e:8e:07:d2:cd:d3:b5:c9:0b:a5:1d:
2a:1d:02:fe:d7:40:a3:ba:ab:8e:ca:8a:3e:22:4d:
f0:f7:71:cf:4f:82:d4:9f:aa:ab:7b:ba:0f:e0:65:
e4:e3:70:c3:b8:38:0e:df:09:4b:68:4c:52:d7:7c:
90:5b:1f:dc:53:f1:08:93:6a:57:54:80:b8:0b:99:
9f:9b:53:d0:0b:f3:62:8c:82:f1:f2:c0:0f:36:3a:
f9:45:a8:05:90:56:30:42:fd:47:f3:54:91:e2:46:
f6:37:99:37:dc:8a:21:58:ef:1b:93:14:6f:3c:cb:
7a:0d:f6:25:9a:67:0b:bc:c5:14:8f:4b:db:d3:9f:
59:61:9d:e2:bb:67:14:69:ca:2c:a2:d7:36:44:88:
a6:90:60:ce:f9:a4:81:15:8e:8c:a6:79:eb:dd:e2:
30:63:60:6a:4b:e3:ba:f5:6b:9a:c5:05:67:d7:19:
67:f7:a0:90:aa:20:87:e6:0a:21:dc:da:9d:64:23:
4f:d3:99:eb:2a:05:6f:1e:55:0a:6e:06:29:6f:a6:
ff:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:9C:79:F8:01:83:62:14:BE:64:41:9C:35:11:36:7B:D8:4C:DC:49
X509v3 Authority Key Identifier:
keyid:37:77:86:81:36:1B:1F:FF:87:CE:39:84:02:EF:A6:38:69:E5:BF:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N3eGgTYbH_-HzjmEAu-mOGnlv9E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/OJx5-AGDYhS-ZEGcNRE2e9hM3Ek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/660cca-c1aa-4558-ad1e-e53f904a1f58/1/N3eGgTYbH_-HzjmEAu-mOGnlv9E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.48.0/22
185.222.92.0/22
IPv6:
2a06:91c0::/29
Signature Algorithm: sha256WithRSAEncryption
05:a9:07:19:dd:3f:8a:29:1d:6c:4e:5c:9a:7f:76:ed:fe:6c:
29:20:7b:b7:a8:4d:54:e0:99:9d:9e:34:7a:b6:ce:dc:73:01:
eb:c0:59:15:40:8e:ff:0a:75:5b:ff:9b:0a:30:77:0b:e2:f1:
8a:c8:96:32:dc:68:cd:98:b9:c9:65:39:a8:b6:2a:3a:c7:2b:
88:bd:74:45:b2:84:51:b5:ae:f6:b2:44:cc:01:2b:36:70:63:
64:c5:e4:4d:84:f5:fd:87:18:83:90:26:24:ef:f0:99:74:10:
80:d0:5c:3d:a6:2c:9b:1d:0a:a7:c7:0f:24:ab:ae:89:d6:8c:
b4:1a:2d:09:d1:db:ae:f9:61:de:4a:75:d9:ff:c9:00:03:5b:
d8:cc:a9:00:5a:35:32:00:80:d4:b0:85:56:71:f9:6e:4f:c4:
f2:cd:73:be:b5:1f:ce:36:c6:b0:58:64:b8:02:60:3b:f7:65:
4c:fb:7c:b5:ee:03:17:c7:22:d6:04:71:69:f6:02:96:3f:08:
b7:9a:d9:7a:58:b1:fa:bf:bd:3c:e0:b4:d2:e9:19:a7:fd:f9:
59:bc:f4:60:18:4e:ba:87:94:af:08:39:d5:4c:e5:ce:ee:ed:
46:72:e7:02:c5:49:b3:96:70:ea:1c:4b:80:e5:e5:88:e4:34:
f7:46:02:bf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZLcCRpem7JUa3vppE5DhjdrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3Nzc4NjgxMzYxYjFmZmY4N2NlMzk4NDAyZWZhNjM4Njll
NWJmZDEwHhcNMjQxMDMwMDYwNzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODljNzlmODAxODM2MjE0YmU2NDQxOWMzNTExMzY3YmQ4NGNkYzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvb7zGq9EflNL1o3Iuiqh0JOKbYV+
ZGKh5bJDc5ctr2ErLUCY/vKnrUGfGhYzkwB3Ho4H0s3TtckLpR0qHQL+10CjuquO
yoo+Ik3w93HPT4LUn6qre7oP4GXk43DDuDgO3wlLaExS13yQWx/cU/EIk2pXVIC4
C5mfm1PQC/NijILx8sAPNjr5RagFkFYwQv1H81SR4kb2N5k33IohWO8bkxRvPMt6
DfYlmmcLvMUUj0vb059ZYZ3iu2cUacosotc2RIimkGDO+aSBFY6Mpnnr3eIwY2Bq
S+O69WuaxQVn1xln96CQqiCH5goh3NqdZCNP05nrKgVvHlUKbgYpb6b/GwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDicefgBg2IUvmRBnDURNnvYTNxJMB8GA1UdIwQY
MBaAFDd3hoE2Gx//h845hALvpjhp5b/RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjNlR2dUWWJIXy1IemptRUF1LW1PR25sdjlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82NjBjY2EtYzFhYS00NTU4LWFkMWUt
ZTUzZjkwNGExZjU4LzEvT0p4NS1BR0RZaFMtWkVHY05SRTJlOWhNM0VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC82NjBjY2EtYzFhYS00NTU4LWFkMWUtZTUzZjkwNGExZjU4
LzEvTjNlR2dUWWJIXy1IemptRUF1LW1PR25sdjlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXYwAwQC
ud5cMA0EAgACMAcDBQMqBpHAMA0GCSqGSIb3DQEBCwUAA4IBAQAFqQcZ3T+KKR1s
Tlyaf3bt/mwpIHu3qE1U4JmdnjR6ts7ccwHrwFkVQI7/CnVb/5sKMHcL4vGKyJYy
3GjNmLnJZTmotio6xyuIvXRFsoRRta72skTMASs2cGNkxeRNhPX9hxiDkCYk7/CZ
dBCA0Fw9piybHQqnxw8kq66J1oy0Gi0J0duu+WHeSnXZ/8kAA1vYzKkAWjUyAIDU
sIVWcfluT8TyzXO+tR/ONsawWGS4AmA792VM+3y17gMXxyLWBHFp9gKWPwi3mtl6
WLH6v7084LTS6Rmn/flZvPRgGE66h5SvCDnVTOXO7u1GcucCxUmzlnDqHEuA5eWI
5DT3RgK/
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:41:25 2024 by rpki-client on console-ams.rpki-client.org