Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/OBKmHO7_tvQEUlikmplaW6BAcmY.roa
File: OBKmHO7_tvQEUlikmplaW6BAcmY.roa (raw, json)
Hash identifier: zMv3sIm0u2b5nS/NdoUlucScFaCADV5a94ddXw1w9fo=
Subject key identifier: 38:12:A6:1C:EE:FF:B6:F4:04:52:58:A4:9A:99:5A:5B:A0:40:72:66
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018FB3A6C729C869FDAA167528E7A2AABE10
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/OBKmHO7_tvQEUlikmplaW6BAcmY.roa
Signing time: Sun 26 May 2024 06:46:42 +0000
ROA not before: Sun 26 May 2024 06:46:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 37.218.208.0/21 maxlen: 24
37.218.216.0/21 maxlen: 24
82.163.68.0/22 maxlen: 24
149.126.88.0/22 maxlen: 24
185.86.140.0/23 maxlen: 24
185.86.142.0/23 maxlen: 24
188.215.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:b3:a6:c7:29:c8:69:fd:aa:16:75:28:e7:a2:aa:be:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: May 26 06:46:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3812a61ceeffb6f4045258a49a995a5ba0407266
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e3:45:bc:2e:95:58:18:ec:b4:d6:74:29:59:
3f:1e:c8:ae:8e:b0:15:db:d8:48:99:7f:bc:f1:29:
5b:5e:f7:5e:40:2f:7a:3f:f0:3d:fc:91:f9:7b:28:
e1:0b:62:d4:f4:d1:68:6c:e5:b6:66:01:1d:2c:94:
3c:18:4a:64:bc:d2:4d:ca:c4:fc:b1:8d:35:a9:7b:
73:19:60:c4:e0:af:2d:c6:98:56:9d:22:11:69:f8:
92:00:eb:3f:60:0f:41:66:16:2d:c0:cc:c2:52:bd:
4a:8e:6d:94:7c:f1:07:a4:0c:30:75:6c:b6:ad:f0:
a7:22:b7:9c:a4:b2:b0:12:e0:a7:64:a6:6d:53:3c:
64:cf:bc:94:05:d0:f2:48:90:9a:e6:21:05:e7:6f:
da:4e:85:66:08:95:24:d2:af:19:3e:78:28:ae:83:
54:7b:ff:e6:b8:86:9b:02:12:d6:2e:d8:36:44:8d:
6b:46:93:2a:cf:ab:60:46:0c:6f:bb:f0:8d:6d:c6:
a8:88:02:d2:1b:39:d1:0a:32:c0:48:5a:01:8c:cf:
0d:7a:5a:99:fd:45:00:9d:3a:91:69:27:89:42:2e:
19:9b:53:38:62:9d:42:4c:91:41:3a:b4:eb:f5:f5:
b4:1f:4d:87:ab:96:00:44:de:5a:ad:d8:6c:28:6e:
e9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:12:A6:1C:EE:FF:B6:F4:04:52:58:A4:9A:99:5A:5B:A0:40:72:66
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/OBKmHO7_tvQEUlikmplaW6BAcmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.218.208.0/20
82.163.68.0/22
149.126.88.0/22
185.86.140.0/22
188.215.124.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:02:74:b0:96:44:2c:db:d2:80:4d:78:60:5e:64:75:0f:ce:
9a:11:28:04:78:e3:b1:8d:05:6c:18:ca:45:fa:fc:2d:7e:9e:
92:70:82:c0:1e:95:92:88:c0:2e:bd:ff:16:d2:4d:5d:c3:91:
c6:e6:d9:43:2f:80:5a:34:f3:51:3b:d0:d3:a7:64:2f:54:01:
5b:15:b9:77:e2:bc:30:b3:5e:f6:02:81:3a:a6:02:77:09:29:
bc:18:66:78:89:a2:98:d5:85:8f:78:7c:a0:f8:8a:90:b2:dc:
63:fd:81:e0:22:7a:62:12:b5:21:37:66:8d:56:44:ee:60:6f:
61:67:0d:5a:f9:00:f6:38:e1:7b:83:bc:eb:0a:2d:a3:53:72:
f3:dc:ea:58:ea:ba:af:ab:0c:12:00:92:73:93:08:48:53:5e:
b5:9a:73:4b:67:a2:52:c1:12:7d:53:04:78:e7:70:d8:f7:c7:
ea:03:7f:a9:51:9b:d2:b2:08:e7:02:7f:f9:d8:06:5d:f0:55:
e7:a3:eb:77:e8:a4:fc:86:30:5b:2f:2e:b0:83:c4:50:d6:a0:
4a:f6:fe:7d:a9:37:ed:d8:f7:8f:76:25:43:45:b5:3c:47:5b:
5b:28:b5:e8:78:40:86:a8:93:4d:b6:30:aa:ff:51:76:4a:ab:
56:82:7c:47
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+zpscpyGn9qhZ1KOeiqr4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNTI2MDY0NjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODEyYTYxY2VlZmZiNmY0MDQ1MjU4YTQ5YTk5NWE1YmEwNDA3MjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeNFvC6VWBjstNZ0KVk/HsiujrAV
29hImX+88SlbXvdeQC96P/A9/JH5eyjhC2LU9NFobOW2ZgEdLJQ8GEpkvNJNysT8
sY01qXtzGWDE4K8txphWnSIRafiSAOs/YA9BZhYtwMzCUr1Kjm2UfPEHpAwwdWy2
rfCnIrecpLKwEuCnZKZtUzxkz7yUBdDySJCa5iEF52/aToVmCJUk0q8ZPngoroNU
e//muIabAhLWLtg2RI1rRpMqz6tgRgxvu/CNbcaoiALSGznRCjLASFoBjM8NelqZ
/UUAnTqRaSeJQi4Zm1M4Yp1CTJFBOrTr9fW0H02Hq5YARN5ardhsKG7pIwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDgSphzu/7b0BFJYpJqZWlugQHJmMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvT0JLbUhPN190dlFFVWxpa21wbGFXNkJBY21ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEJdrQAwQC
UqNEAwQClX5YAwQCuVaMAwQCvNd8MA0GCSqGSIb3DQEBCwUAA4IBAQCOAnSwlkQs
29KATXhgXmR1D86aESgEeOOxjQVsGMpF+vwtfp6ScILAHpWSiMAuvf8W0k1dw5HG
5tlDL4BaNPNRO9DTp2QvVAFbFbl34rwws172AoE6pgJ3CSm8GGZ4iaKY1YWPeHyg
+IqQstxj/YHgInpiErUhN2aNVkTuYG9hZw1a+QD2OOF7g7zrCi2jU3Lz3OpY6rqv
qwwSAJJzkwhIU161mnNLZ6JSwRJ9UwR453DY98fqA3+pUZvSsgjnAn/52AZd8FXn
o+t36KT8hjBbLy6wg8RQ1qBK9v59qTft2PePdiVDRbU8R1tbKLXoeECGqJNNtjCq
/1F2SqtWgnxH
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:36:00 2024 by rpki-client on console-fra.rpki-client.org