Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/o9k1QpzqEzlUccqRAJzqHR9jnjs.roa
File: o9k1QpzqEzlUccqRAJzqHR9jnjs.roa (raw, json)
Hash identifier: oSZ0+SJtYQGSY2Rx1ZhlXNmU/p9IMPMcjWjG1iaf1Go=
Subject key identifier: A3:D9:35:42:9C:EA:13:39:54:71:CA:91:00:9C:EA:1D:1F:63:9E:3B
Certificate issuer: /CN=097b5d1490b385a2f80c2a0324fe98e351091490
Certificate serial: 018CC493605E49568E81F0E7589FD5B2D437
Authority key identifier: 09:7B:5D:14:90:B3:85:A2:F8:0C:2A:03:24:FE:98:E3:51:09:14:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CXtdFJCzhaL4DCoDJP6Y41EJFJA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/o9k1QpzqEzlUccqRAJzqHR9jnjs.roa
Signing time: Mon 01 Jan 2024 10:30:41 +0000
ROA not before: Mon 01 Jan 2024 10:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47474
IP address blocks: 46.18.216.0/21 maxlen: 21
193.115.192.0/18 maxlen: 18
185.20.60.0/22 maxlen: 22
79.98.160.0/21 maxlen: 21
62.64.160.0/19 maxlen: 19
95.138.200.0/21 maxlen: 21
62.64.192.0/18 maxlen: 18
128.127.24.0/21 maxlen: 21
89.197.0.0/16 maxlen: 16
37.130.248.0/21 maxlen: 21
193.117.128.0/17 maxlen: 17
62.64.140.0/22 maxlen: 22
2a01:a000::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/CXtdFJCzhaL4DCoDJP6Y41EJFJA.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/CXtdFJCzhaL4DCoDJP6Y41EJFJA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CXtdFJCzhaL4DCoDJP6Y41EJFJA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:60:5e:49:56:8e:81:f0:e7:58:9f:d5:b2:d4:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=097b5d1490b385a2f80c2a0324fe98e351091490
Validity
Not Before: Jan 1 10:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3d935429cea13395471ca91009cea1d1f639e3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:13:c7:19:1c:96:f9:df:c7:07:1e:c3:0a:b7:
2a:86:27:d6:e6:44:17:6a:84:a8:e0:f5:fd:3f:21:
67:4b:c6:26:34:8e:79:7c:06:4a:bf:73:db:74:1f:
34:17:14:1f:80:05:f4:59:8a:b6:62:24:cc:6d:b0:
70:3f:66:d9:2a:00:b5:3c:d8:40:ff:7c:a1:26:6d:
f8:2c:16:47:5b:bc:3c:d2:d4:11:a3:e1:b4:4d:06:
d3:68:2f:3d:4a:c0:dc:c4:27:1a:17:2c:88:39:eb:
b2:2d:19:0b:cc:df:d5:f0:a9:87:0c:4e:2c:a9:d4:
67:0e:89:10:66:a8:56:6e:ee:09:ee:33:8c:03:2a:
e1:74:c7:68:13:8d:38:b6:29:cb:91:c5:37:ac:88:
95:da:82:ac:6e:39:27:57:6e:d6:6c:cf:1d:d9:33:
e0:00:69:b0:d0:a1:8d:a3:98:88:b2:cc:5f:f3:1d:
35:b8:51:db:f9:38:0b:39:74:f2:61:da:9f:08:bf:
bb:ac:8a:1a:a3:b7:b3:d0:6b:7c:84:ec:4c:87:ba:
76:48:e0:d3:3c:6f:3f:81:a5:d2:3d:b6:85:34:ed:
c8:66:8f:7b:39:0c:6d:8d:98:9c:59:5f:69:17:14:
cd:71:75:d1:55:48:d3:b5:ec:ea:a5:ac:d2:66:17:
5a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D9:35:42:9C:EA:13:39:54:71:CA:91:00:9C:EA:1D:1F:63:9E:3B
X509v3 Authority Key Identifier:
keyid:09:7B:5D:14:90:B3:85:A2:F8:0C:2A:03:24:FE:98:E3:51:09:14:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CXtdFJCzhaL4DCoDJP6Y41EJFJA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/o9k1QpzqEzlUccqRAJzqHR9jnjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/7e3816-8c8e-47a0-94ec-4fc9f0d2aca3/1/CXtdFJCzhaL4DCoDJP6Y41EJFJA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.130.248.0/21
46.18.216.0/21
62.64.140.0/22
62.64.160.0-62.64.255.255
79.98.160.0/21
89.197.0.0/16
95.138.200.0/21
128.127.24.0/21
185.20.60.0/22
193.115.192.0/18
193.117.128.0/17
IPv6:
2a01:a000::/32
Signature Algorithm: sha256WithRSAEncryption
0d:1d:31:1d:04:03:14:70:63:85:11:83:9f:76:63:61:38:86:
8f:8f:f6:d9:85:9d:f3:be:7a:b3:95:6f:0a:2c:c5:0d:f1:b0:
28:ba:fe:5e:dd:7b:fc:0b:ca:a7:af:8e:23:05:b6:c5:83:1f:
20:b0:7c:8a:0d:c4:71:0a:61:ad:0e:c1:22:75:f0:15:93:e4:
dd:fb:61:86:3a:c5:07:ac:bc:21:ff:a2:81:82:c5:c7:11:ac:
a8:ed:a3:4c:f1:32:40:4b:67:39:66:51:46:fb:09:68:df:54:
88:d2:3d:a6:2e:d9:f6:4c:7b:99:3d:94:46:00:8b:2f:6a:22:
3f:7f:92:5c:7c:ad:f0:31:4f:be:90:9d:6a:c0:44:55:63:2a:
f3:ee:5f:6d:b5:1a:49:0e:0b:bb:67:5a:dd:9d:05:67:2f:f5:
7c:a8:b5:65:20:70:aa:44:c6:d7:ff:bc:69:9b:3f:0e:01:86:
e8:57:06:a4:23:a1:f0:ff:97:8d:9d:d3:ad:57:55:d3:89:ee:
19:9d:51:b7:be:76:8b:ef:8a:82:61:3b:17:0d:97:c5:91:27:
5e:19:94:20:27:f5:13:91:b1:82:f8:a9:42:f9:ed:0b:5c:be:
c3:1d:bf:6e:3a:e8:87:91:2a:ee:e9:bf:38:fc:e0:4b:bb:a3:
8c:7a:74:ac
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzEk2BeSVaOgfDnWJ/VstQ3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5N2I1ZDE0OTBiMzg1YTJmODBjMmEwMzI0ZmU5OGUzNTEw
OTE0OTAwHhcNMjQwMTAxMTAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Q5MzU0MjljZWExMzM5NTQ3MWNhOTEwMDljZWExZDFmNjM5ZTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+BPHGRyW+d/HBx7DCrcqhifW5kQX
aoSo4PX9PyFnS8YmNI55fAZKv3PbdB80FxQfgAX0WYq2YiTMbbBwP2bZKgC1PNhA
/3yhJm34LBZHW7w80tQRo+G0TQbTaC89SsDcxCcaFyyIOeuyLRkLzN/V8KmHDE4s
qdRnDokQZqhWbu4J7jOMAyrhdMdoE404tinLkcU3rIiV2oKsbjknV27WbM8d2TPg
AGmw0KGNo5iIssxf8x01uFHb+TgLOXTyYdqfCL+7rIoao7ez0Gt8hOxMh7p2SODT
PG8/gaXSPbaFNO3IZo97OQxtjZicWV9pFxTNcXXRVUjTtezqpazSZhdadwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFKPZNUKc6hM5VHHKkQCc6h0fY547MB8GA1UdIwQY
MBaAFAl7XRSQs4Wi+AwqAyT+mONRCRSQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1h0ZEZKQ3poYUw0RENvREpQNlk0MUVKRkpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC83ZTM4MTYtOGM4ZS00N2EwLTk0ZWMt
NGZjOWYwZDJhY2EzLzEvbzlrMVFwenFFemxVY2NxUkFKenFIUjlqbmpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC83ZTM4MTYtOGM4ZS00N2EwLTk0ZWMtNGZjOWYwZDJhY2Ez
LzEvQ1h0ZEZKQ3poYUw0RENvREpQNlk0MUVKRkpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDJYL4AwQD
LhLYAwQCPkCMMAsDBAU+QKADAwA+QAMEA09ioAMDAFnFAwQDX4rIAwQDgH8YAwQC
uRQ8AwQGwXPAAwQHwXWAMA0EAgACMAcDBQAqAaAAMA0GCSqGSIb3DQEBCwUAA4IB
AQANHTEdBAMUcGOFEYOfdmNhOIaPj/bZhZ3zvnqzlW8KLMUN8bAouv5e3Xv8C8qn
r44jBbbFgx8gsHyKDcRxCmGtDsEidfAVk+Td+2GGOsUHrLwh/6KBgsXHEayo7aNM
8TJAS2c5ZlFG+wlo31SI0j2mLtn2THuZPZRGAIsvaiI/f5JcfK3wMU++kJ1qwERV
Yyrz7l9ttRpJDgu7Z1rdnQVnL/V8qLVlIHCqRMbX/7xpmz8OAYboVwakI6Hw/5eN
ndOtV1XTie4ZnVG3vnaL74qCYTsXDZfFkSdeGZQgJ/UTkbGC+KlC+e0LXL7DHb9u
OuiHkSru6b84/OBLu6OMenSs
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:23:14 2024 by rpki-client on console-fra.rpki-client.org