Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/osK2E3A1m-tkPuAqLvIwUlC0h-c.roa
File: osK2E3A1m-tkPuAqLvIwUlC0h-c.roa (raw, json)
Hash identifier: Z+zjo5pgNUIG+rlk5Yg/HnuciyW7siiF/WiW+/DL9CU=
Subject key identifier: A2:C2:B6:13:70:35:9B:EB:64:3E:E0:2A:2E:F2:30:52:50:B4:87:E7
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 01926D2E6D319EAB403E1B47C99CD459132E
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/osK2E3A1m-tkPuAqLvIwUlC0h-c.roa
Signing time: Tue 08 Oct 2024 17:30:12 +0000
ROA not before: Tue 08 Oct 2024 17:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1199
IP address blocks: 145.102.136.0/22 maxlen: 22
145.111.0.0/16 maxlen: 16
145.152.0.0/13 maxlen: 13
2001:610:5ea::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:6d:2e:6d:31:9e:ab:40:3e:1b:47:c9:9c:d4:59:13:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Oct 8 17:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2c2b61370359beb643ee02a2ef2305250b487e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:41:15:28:f3:a6:10:ad:25:35:50:fc:f9:fa:
be:29:f0:4b:53:66:0d:59:67:04:62:81:b3:cf:e2:
58:12:75:c8:41:88:94:4a:8b:68:ce:a5:32:fb:cd:
9b:55:99:f3:20:64:82:d3:42:30:14:c7:cb:de:28:
42:72:5b:16:fe:c0:42:18:b1:d2:ea:ac:14:50:1c:
39:35:85:32:4f:da:25:0f:0a:01:ff:e4:47:7a:01:
18:42:58:07:b1:7b:28:8d:e7:48:a4:54:2b:1f:97:
e1:c8:4e:75:0e:62:80:18:a1:59:5b:b6:79:46:1e:
c9:6a:4e:80:b1:92:b3:06:a5:0b:f1:44:01:47:68:
32:24:43:2b:16:5a:d6:e0:fb:96:84:74:cd:02:66:
c1:92:1d:9c:45:6c:79:36:01:de:70:4f:2c:27:32:
45:f8:c9:a7:58:05:94:1c:cf:0f:51:99:a5:2c:76:
48:fb:aa:e7:db:93:39:55:f4:3a:28:b4:36:c5:2e:
49:a9:c5:0c:cb:6a:3b:0c:64:77:eb:e3:e2:1a:02:
16:05:bb:f4:ac:4b:6a:17:b7:06:f5:d7:3b:88:2c:
b1:1d:0d:4f:ea:06:86:26:da:26:7c:c8:51:a1:9c:
f3:e9:2f:7a:8c:8e:54:92:61:8a:2f:33:e3:dd:3f:
00:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:C2:B6:13:70:35:9B:EB:64:3E:E0:2A:2E:F2:30:52:50:B4:87:E7
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/osK2E3A1m-tkPuAqLvIwUlC0h-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.102.136.0/22
145.111.0.0/16
145.152.0.0/13
IPv6:
2001:610:5ea::/48
Signature Algorithm: sha256WithRSAEncryption
18:8c:42:1c:e0:93:b9:a0:9f:8d:92:c0:f7:d7:0d:ff:28:d8:
71:5b:19:fe:9f:20:9b:3f:bf:94:ae:82:18:0a:53:3d:ed:1f:
d2:eb:73:77:3a:c4:5b:48:fc:15:14:ef:c7:f7:fb:78:9b:55:
c6:8f:13:b8:5e:36:89:fc:3e:ea:ef:4a:b8:46:99:c6:07:c5:
a4:50:39:6c:50:59:9c:50:c5:f4:c6:fb:a0:8b:04:72:04:1a:
ae:c2:e3:09:fd:5b:b3:77:37:f7:7a:ef:ad:82:24:92:17:67:
fb:55:90:e4:65:c5:20:90:9e:f6:6b:16:cc:eb:41:75:77:96:
c9:d9:b9:bc:1b:67:42:25:7c:d0:db:10:4d:8e:5b:18:0c:8a:
8f:56:10:8a:c1:aa:d0:7a:27:38:e5:c9:61:5c:29:a0:7f:ff:
37:ff:b6:ad:47:a1:4f:9e:81:ee:20:8a:c8:d9:18:a0:99:cb:
ca:65:3a:83:25:23:66:8a:b9:ed:7c:91:6e:23:af:d9:40:f7:
d2:c3:d0:12:2b:4b:9f:a4:c7:34:39:d8:17:96:f3:08:63:fa:
48:49:92:59:75:10:bd:d7:7a:32:9a:f9:12:55:06:3f:db:36:
c0:24:74:3e:bf:98:70:0d:fe:02:e1:cf:94:f4:96:29:c5:4d:
87:e2:77:cf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZJtLm0xnqtAPhtHyZzUWRMuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjQxMDA4MTczMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmMyYjYxMzcwMzU5YmViNjQzZWUwMmEyZWYyMzA1MjUwYjQ4N2U3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykEVKPOmEK0lNVD8+fq+KfBLU2YN
WWcEYoGzz+JYEnXIQYiUSotozqUy+82bVZnzIGSC00IwFMfL3ihCclsW/sBCGLHS
6qwUUBw5NYUyT9olDwoB/+RHegEYQlgHsXsojedIpFQrH5fhyE51DmKAGKFZW7Z5
Rh7Jak6AsZKzBqUL8UQBR2gyJEMrFlrW4PuWhHTNAmbBkh2cRWx5NgHecE8sJzJF
+MmnWAWUHM8PUZmlLHZI+6rn25M5VfQ6KLQ2xS5JqcUMy2o7DGR36+PiGgIWBbv0
rEtqF7cG9dc7iCyxHQ1P6gaGJtomfMhRoZzz6S96jI5UkmGKLzPj3T8A/wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKLCthNwNZvrZD7gKi7yMFJQtIfnMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvb3NLMkUzQTFtLXRrUHVBcUx2SXdVbEMwaC1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAWBAIAATAQAwQCkWaIAwMA
kW8DAwORmDAPBAIAAjAJAwcAIAEGEAXqMA0GCSqGSIb3DQEBCwUAA4IBAQAYjEIc
4JO5oJ+NksD31w3/KNhxWxn+nyCbP7+UroIYClM97R/S63N3OsRbSPwVFO/H9/t4
m1XGjxO4XjaJ/D7q70q4RpnGB8WkUDlsUFmcUMX0xvugiwRyBBquwuMJ/Vuzdzf3
eu+tgiSSF2f7VZDkZcUgkJ72axbM60F1d5bJ2bm8G2dCJXzQ2xBNjlsYDIqPVhCK
warQeic45clhXCmgf/83/7atR6FPnoHuIIrI2RigmcvKZTqDJSNmirntfJFuI6/Z
QPfSw9ASK0ufpMc0OdgXlvMIY/pISZJZdRC913oymvkSVQY/2zbAJHQ+v5hwDf4C
4c+U9JYpxU2H4nfP
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:48:10 2024 by rpki-client on console-fra.rpki-client.org