Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/p11_KO26kI9skLbbRwEoPXKQQkI.roa
File: p11_KO26kI9skLbbRwEoPXKQQkI.roa (raw, json)
Hash identifier: vfmu+YRhBGAn0nAAK+E0vdCLRRHvmpTS6/Dds7ZxTEA=
Subject key identifier: A7:5D:7F:28:ED:BA:90:8F:6C:90:B6:DB:47:01:28:3D:72:90:42:42
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 018CC94E33CD83A26971B06FCE60611F4F11
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/p11_KO26kI9skLbbRwEoPXKQQkI.roa
Signing time: Tue 02 Jan 2024 08:33:14 +0000
ROA not before: Tue 02 Jan 2024 08:33:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41272
IP address blocks: 46.165.64.0/18 maxlen: 18
188.7.0.0/16 maxlen: 16
80.185.0.0/16 maxlen: 16
2a00:8380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:33:cd:83:a2:69:71:b0:6f:ce:60:61:1f:4f:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Jan 2 08:33:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a75d7f28edba908f6c90b6db4701283d72904242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:22:b9:e5:2e:b9:74:fe:c7:f5:8f:2d:c6:35:
b4:6b:fe:b9:ed:78:2a:c5:cc:a7:b9:24:ca:27:6d:
e9:4d:60:93:b2:88:02:0c:48:13:d4:ab:b5:d8:e9:
0c:d3:f7:52:51:ff:d6:1f:9e:00:d7:de:f6:4c:9c:
d7:a2:b6:21:c9:41:97:3c:c3:e4:ba:21:66:d8:75:
b0:43:a6:24:58:56:1c:8e:53:78:ff:03:90:89:f1:
c5:5d:82:5b:8a:26:84:6f:f1:c9:5b:15:a9:ef:db:
ed:ed:62:c7:53:c1:0d:45:98:6d:6b:2e:b1:6b:e4:
bc:ec:82:64:04:48:fa:72:53:02:fb:04:b7:88:75:
b9:dc:9f:24:92:94:6e:7e:e9:3d:54:52:b3:7e:f7:
aa:42:da:86:6e:30:b6:f1:c1:13:e4:68:73:e6:4d:
74:41:67:1b:c6:db:d5:3d:06:a9:e8:70:b9:c9:08:
85:d1:6c:98:4e:c8:ed:56:fd:a7:04:fb:9e:70:49:
0f:a0:7c:c9:f5:f6:a2:b9:96:8c:c8:61:d5:07:75:
9b:3a:15:70:cd:38:7d:87:99:ad:38:09:dc:61:ba:
aa:8a:e3:0d:5e:fe:0b:02:2c:a6:f4:6e:0f:6d:31:
04:b0:b4:5b:e7:3f:c8:f2:df:c1:71:cc:b3:f2:5d:
b1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:5D:7F:28:ED:BA:90:8F:6C:90:B6:DB:47:01:28:3D:72:90:42:42
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/p11_KO26kI9skLbbRwEoPXKQQkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.165.64.0/18
80.185.0.0/16
188.7.0.0/16
IPv6:
2a00:8380::/32
Signature Algorithm: sha256WithRSAEncryption
09:c9:d2:5e:cd:ee:2d:72:bf:48:0b:4f:c7:ed:3d:01:41:9f:
25:b8:45:b4:9a:69:1b:72:7b:19:c3:7e:43:e8:62:bb:fb:d8:
bc:0d:7f:6c:14:4f:bd:b8:c9:42:7b:78:2b:8c:87:84:1c:4f:
be:c8:9b:4a:c4:62:7a:02:b2:68:43:7f:ba:74:d1:51:ec:1d:
ff:cc:c5:fa:8c:0f:dd:91:dd:44:9a:34:0b:b3:79:17:ef:aa:
5d:b2:6b:b7:e6:6a:23:e3:e0:88:23:bd:a3:33:f8:fd:80:03:
ef:c5:91:d1:99:fe:85:f5:ac:23:0f:8e:94:6a:a8:64:c6:9c:
fa:31:fd:9b:41:07:79:6e:cb:7a:81:5a:47:e5:bb:bd:a4:00:
1a:61:11:a1:fa:66:85:ac:16:61:af:5c:e6:fe:19:bb:13:27:
e8:ec:2c:25:13:2e:05:66:bd:76:ba:74:db:45:2e:ce:65:d7:
44:c3:2a:3e:5d:bb:47:1f:e8:39:78:cc:55:fe:a2:45:e2:f8:
cc:16:16:9b:c8:f3:0b:65:66:82:aa:c9:89:83:cb:2b:57:30:
64:6c:f6:37:47:e7:96:57:f8:c6:3d:fe:2a:3e:98:1d:e5:59:
eb:31:41:c5:02:69:f2:4b:55:66:d0:65:54:eb:4c:36:1a:52:
29:35:4c:44
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzJTjPNg6JpcbBvzmBhH08RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjQwMTAyMDgzMzE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzVkN2YyOGVkYmE5MDhmNmM5MGI2ZGI0NzAxMjgzZDcyOTA0MjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqSK55S65dP7H9Y8txjW0a/657Xgq
xcynuSTKJ23pTWCTsogCDEgT1Ku12OkM0/dSUf/WH54A1972TJzXorYhyUGXPMPk
uiFm2HWwQ6YkWFYcjlN4/wOQifHFXYJbiiaEb/HJWxWp79vt7WLHU8ENRZhtay6x
a+S87IJkBEj6clMC+wS3iHW53J8kkpRufuk9VFKzfveqQtqGbjC28cET5Ghz5k10
QWcbxtvVPQap6HC5yQiF0WyYTsjtVv2nBPuecEkPoHzJ9faiuZaMyGHVB3WbOhVw
zTh9h5mtOAncYbqqiuMNXv4LAiym9G4PbTEEsLRb5z/I8t/Bccyz8l2x1QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFKddfyjtupCPbJC220cBKD1ykEJCMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvcDExX0tPMjZrSTlza0xiYlJ3RW9QWEtRUWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAWBAIAATAQAwQGLqVAAwMA
ULkDAwC8BzANBAIAAjAHAwUAKgCDgDANBgkqhkiG9w0BAQsFAAOCAQEACcnSXs3u
LXK/SAtPx+09AUGfJbhFtJppG3J7GcN+Q+hiu/vYvA1/bBRPvbjJQnt4K4yHhBxP
vsibSsRiegKyaEN/unTRUewd/8zF+owP3ZHdRJo0C7N5F++qXbJrt+ZqI+PgiCO9
ozP4/YAD78WR0Zn+hfWsIw+OlGqoZMac+jH9m0EHeW7LeoFaR+W7vaQAGmERofpm
hawWYa9c5v4ZuxMn6OwsJRMuBWa9drp020UuzmXXRMMqPl27Rx/oOXjMVf6iReL4
zBYWm8jzC2VmgqrJiYPLK1cwZGz2N0fnllf4xj3+Kj6YHeVZ6zFBxQJp8ktVZtBl
VOtMNhpSKTVMRA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:23:08 2024 by rpki-client on console-fra.rpki-client.org