Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/OQOMqdQYrX73ibHTTsMa62iAn2E.roa
File: OQOMqdQYrX73ibHTTsMa62iAn2E.roa (raw, json)
Hash identifier: jdVBxxaWaoB6OUCTe3jk9cYoyspepx3uRLClI4HtRWE=
Subject key identifier: 39:03:8C:A9:D4:18:AD:7E:F7:89:B1:D3:4E:C3:1A:EB:68:80:9F:61
Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial: 018CC8DCD73B2F4F57B7CA6AD6C29CBB7918
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/OQOMqdQYrX73ibHTTsMa62iAn2E.roa
Signing time: Tue 02 Jan 2024 06:29:25 +0000
ROA not before: Tue 02 Jan 2024 06:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14340
IP address blocks: 194.145.16.0/21 maxlen: 24
159.92.0.0/16 maxlen: 24
161.71.0.0/17 maxlen: 24
163.79.128.0/17 maxlen: 24
151.106.128.0/20 maxlen: 24
185.79.140.0/22 maxlen: 24
194.145.0.0/20 maxlen: 24
85.222.128.0/19 maxlen: 24
163.76.128.0/17 maxlen: 24
151.106.216.0/22 maxlen: 24
161.71.128.0/17 maxlen: 24
151.106.220.0/22 maxlen: 24
151.106.144.0/20 maxlen: 24
160.8.0.0/16 maxlen: 24
2a03:5d60::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:d7:3b:2f:4f:57:b7:ca:6a:d6:c2:9c:bb:79:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
Validity
Not Before: Jan 2 06:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39038ca9d418ad7ef789b1d34ec31aeb68809f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:62:e8:19:b9:05:4e:2d:af:7e:6e:b2:5c:94:
c0:4c:cb:2e:c6:4a:82:1b:d6:46:58:a6:49:02:f4:
32:cd:59:eb:e5:6d:89:9c:17:7a:71:0b:7a:d3:56:
db:1f:bc:97:27:38:e7:dd:d6:14:8a:4d:9e:90:e5:
0e:75:bc:8a:30:5b:65:92:a7:d6:93:ae:ea:ec:3d:
26:ff:18:0d:5a:dc:18:28:0c:ee:cd:66:a2:b7:19:
ec:96:43:8b:cc:ed:e3:b0:26:29:aa:2f:9f:f9:97:
91:fb:00:f2:dc:ff:d6:d9:1b:b3:b4:49:fd:67:84:
ba:f9:cb:e6:2c:14:57:a7:a6:13:27:e3:ba:cb:53:
01:c9:6b:91:c7:5e:a0:60:68:01:fa:5d:5a:f2:27:
e4:ac:5b:c0:75:4c:59:a3:cc:c4:53:72:45:7b:27:
b1:91:57:cb:ea:9f:53:35:0f:cd:a0:73:b7:0c:c6:
f5:9b:f3:9e:8e:72:fc:4d:37:d8:1b:77:53:df:b6:
d8:39:15:4d:7f:30:da:53:34:d8:08:25:3b:c8:a3:
d8:ca:33:1c:1b:b0:b2:f9:f3:7a:77:5e:9a:28:90:
5f:08:f5:2d:48:94:3f:28:03:d4:ce:c0:02:5a:d9:
ce:5f:e0:e8:82:4c:04:8b:70:66:4b:64:eb:13:af:
c3:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:03:8C:A9:D4:18:AD:7E:F7:89:B1:D3:4E:C3:1A:EB:68:80:9F:61
X509v3 Authority Key Identifier:
keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/OQOMqdQYrX73ibHTTsMa62iAn2E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.128.0/19
151.106.128.0/19
151.106.216.0/21
159.92.0.0/16
160.8.0.0/16
161.71.0.0/16
163.76.128.0/17
163.79.128.0/17
185.79.140.0/22
194.145.0.0-194.145.23.255
IPv6:
2a03:5d60::/29
Signature Algorithm: sha256WithRSAEncryption
23:8a:d2:ed:4d:57:f6:29:04:73:ff:0d:81:01:7c:c6:31:76:
54:68:d0:d4:f1:29:64:e1:ac:3b:a3:ec:35:f2:78:2a:f4:8b:
ab:e7:40:1e:39:1b:1c:3d:b9:47:3a:ff:fe:bc:57:23:fc:33:
b3:81:c1:6e:63:a9:a5:0a:65:72:38:44:b8:63:cc:56:8a:3d:
bc:9b:23:3a:a8:88:b3:ba:d1:7a:f2:61:a8:eb:5b:1d:06:b5:
d9:14:d9:82:01:7a:e7:d8:85:14:81:bf:0c:12:9a:0a:a4:e7:
51:e3:59:53:41:f1:d0:f6:09:d7:18:27:4b:d6:38:7e:24:e6:
5e:80:80:2f:94:56:9f:68:72:05:81:b5:fc:b9:5e:dd:2c:b8:
ff:bf:54:90:d6:98:a7:24:ab:8b:40:fd:03:d4:f5:56:d5:51:
5b:3e:3a:11:5d:fd:1c:23:61:94:94:66:4c:9b:e8:0a:99:4a:
1e:33:40:23:4d:3c:33:df:37:bf:14:8f:e2:52:6c:9f:f0:a8:
83:f2:85:05:6f:a6:a3:84:42:b7:a9:aa:91:75:3c:b2:d7:5d:
5d:55:48:b3:e1:59:ee:f0:a1:48:74:67:4a:17:51:8e:d3:f6:
36:03:94:08:4c:12:d4:b5:f1:b1:36:65:b2:57:48:c5:24:55:
3a:46:c9:4a
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYzI3Nc7L09Xt8pq1sKcu3kYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzEzNmVkMTA5OTg1ODBhNTE3ZDk1OThhYmNhMzNkOWJh
NjY1OTkwHhcNMjQwMTAyMDYyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTAzOGNhOWQ0MThhZDdlZjc4OWIxZDM0ZWMzMWFlYjY4ODA5ZjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWLoGbkFTi2vfm6yXJTATMsuxkqC
G9ZGWKZJAvQyzVnr5W2JnBd6cQt601bbH7yXJzjn3dYUik2ekOUOdbyKMFtlkqfW
k67q7D0m/xgNWtwYKAzuzWaitxnslkOLzO3jsCYpqi+f+ZeR+wDy3P/W2RuztEn9
Z4S6+cvmLBRXp6YTJ+O6y1MByWuRx16gYGgB+l1a8ifkrFvAdUxZo8zEU3JFeyex
kVfL6p9TNQ/NoHO3DMb1m/OejnL8TTfYG3dT37bYORVNfzDaUzTYCCU7yKPYyjMc
G7Cy+fN6d16aKJBfCPUtSJQ/KAPUzsACWtnOX+DogkwEi3BmS2TrE6/DdQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFDkDjKnUGK1+94mx007DGutogJ9hMB8GA1UdIwQY
MBaAFC8xNu0QmYWApRfZWYq8oz2bpmWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYt
OTI5ZjEwNjYzMGYxLzEvT1FPTXFkUVlyWDczaWJIVFRzTWE2MmlBbjJFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYtOTI5ZjEwNjYzMGYx
LzEvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAAwQFVd6AAwQF
l2qAAwQDl2rYAwMAn1wDAwCgCAMDAKFHAwQHo0yAAwQHo0+AAwQCuU+MMAsDAwDC
kQMEA8KREDANBAIAAjAHAwUDKgNdYDANBgkqhkiG9w0BAQsFAAOCAQEAI4rS7U1X
9ikEc/8NgQF8xjF2VGjQ1PEpZOGsO6PsNfJ4KvSLq+dAHjkbHD25Rzr//rxXI/wz
s4HBbmOppQplcjhEuGPMVoo9vJsjOqiIs7rRevJhqOtbHQa12RTZggF659iFFIG/
DBKaCqTnUeNZU0Hx0PYJ1xgnS9Y4fiTmXoCAL5RWn2hyBYG1/Lle3Sy4/79UkNaY
pySri0D9A9T1VtVRWz46EV39HCNhlJRmTJvoCplKHjNAI008M983vxSP4lJsn/Co
g/KFBW+mo4RCt6mqkXU8stddXVVIs+FZ7vChSHRnShdRjtP2NgOUCEwS1LXxsTZl
sldIxSRVOkbJSg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:48:10 2024 by rpki-client on console-fra.rpki-client.org