Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/Odi4WYes3OXwXlLTUd9x8p-ZMOA.roa
File: Odi4WYes3OXwXlLTUd9x8p-ZMOA.roa (raw, json)
Hash identifier: dxZRYMNsGRsO7KFuuFOoy1iL1cFO4rYgNwEHsF2RNhc=
Subject key identifier: 39:D8:B8:59:87:AC:DC:E5:F0:5E:52:D3:51:DF:71:F2:9F:99:30:E0
Certificate issuer: /CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Certificate serial: 018CC26D0BE13A6A73C31B81DE00EC9B1CE2
Authority key identifier: 88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/Odi4WYes3OXwXlLTUd9x8p-ZMOA.roa
Signing time: Mon 01 Jan 2024 00:29:35 +0000
ROA not before: Mon 01 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61964
IP address blocks: 185.199.11.0/24 maxlen: 24
80.244.33.0/24 maxlen: 24
80.244.32.0/24 maxlen: 24
80.244.39.0/24 maxlen: 24
185.17.202.0/24 maxlen: 24
2a0a:9741::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/iC-gGQL06MNH8hFuRkXaGmtOCWI.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/iC-gGQL06MNH8hFuRkXaGmtOCWI.mft
rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:0b:e1:3a:6a:73:c3:1b:81:de:00:ec:9b:1c:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=882fa01902f4e8c347f2116e4645da1a6b4e0962
Validity
Not Before: Jan 1 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39d8b85987acdce5f05e52d351df71f29f9930e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:8a:1d:0a:e7:be:66:04:e9:df:1d:5e:e9:16:
8b:80:69:3e:cb:46:1a:5b:c4:0b:d6:01:55:d8:b9:
35:23:82:e2:96:79:49:7e:5e:01:ca:67:43:66:e3:
00:48:99:65:b6:03:1e:84:a5:67:30:cb:a9:81:3c:
bb:10:a7:7b:d7:80:3c:26:d9:48:32:87:54:13:0a:
e6:a9:03:6f:f2:0b:14:48:e3:49:ff:da:04:51:02:
9d:6d:f9:2c:f7:40:94:f8:41:2a:a2:25:a7:3e:5f:
ab:8b:fb:89:c9:52:ab:90:c5:b4:00:dc:be:a7:74:
50:48:81:ed:6e:d2:8f:a9:4f:3e:7b:5f:80:75:27:
14:06:40:88:00:f7:ee:cc:02:06:f3:6f:01:e6:c3:
e4:4d:47:fc:ba:ac:8e:77:2e:7d:cd:fc:be:16:6e:
12:16:bc:4d:a1:7c:29:1d:c4:15:5d:6a:21:60:55:
ee:39:3a:8a:bf:f4:02:f1:e4:3b:e9:e4:8a:24:cf:
53:76:c3:79:da:ce:91:42:d2:34:c0:3b:87:99:70:
e1:fc:c9:7f:75:d3:73:12:e3:8a:4a:1f:67:6b:44:
5b:aa:23:2f:93:b1:be:d9:24:7f:e9:94:b1:ec:8f:
ad:84:a8:e0:63:ab:e2:74:df:ec:3c:64:78:5c:ae:
22:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:D8:B8:59:87:AC:DC:E5:F0:5E:52:D3:51:DF:71:F2:9F:99:30:E0
X509v3 Authority Key Identifier:
keyid:88:2F:A0:19:02:F4:E8:C3:47:F2:11:6E:46:45:DA:1A:6B:4E:09:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iC-gGQL06MNH8hFuRkXaGmtOCWI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/Odi4WYes3OXwXlLTUd9x8p-ZMOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/ec0981-d682-4f7b-b210-5c2d265705e0/1/iC-gGQL06MNH8hFuRkXaGmtOCWI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.32.0/23
80.244.39.0/24
185.17.202.0/24
185.199.11.0/24
IPv6:
2a0a:9741::/32
Signature Algorithm: sha256WithRSAEncryption
c3:3f:90:39:bc:0c:2e:7d:b7:b5:e8:8e:4a:de:04:d1:30:8e:
24:e1:3c:4c:25:fe:77:a4:47:44:f4:31:e5:dc:ef:b8:1e:00:
05:d2:d0:a4:51:1c:ce:c0:dd:c5:15:e6:36:d4:42:e9:88:29:
9d:87:58:dd:8f:01:0e:1e:8f:3b:d4:cf:e0:a9:f2:0c:19:ff:
0e:01:cb:65:b1:c0:ff:79:30:7d:33:f9:ad:d1:5f:08:55:32:
84:15:43:b5:2c:a4:32:0b:52:b8:7b:a6:1b:e6:40:e6:35:02:
24:9d:e1:db:01:e1:ae:fd:0a:4d:8e:b5:fa:86:2d:f4:4d:e8:
dc:65:ba:5c:19:91:1c:01:5a:f4:9d:64:f9:eb:06:ca:c2:82:
8d:3f:fc:58:6d:c1:86:28:fa:c7:ae:e8:b3:a8:28:48:3d:61:
fb:60:f3:d7:fd:c9:55:31:10:62:bc:b1:62:9c:86:f1:92:a6:
9e:6e:14:f3:e5:67:fb:e1:7a:f8:d2:1d:5a:e0:42:08:e5:d9:
7e:b1:8b:f2:a7:d9:98:99:cc:df:3e:5a:2e:b3:4f:c5:eb:bb:
38:0d:7b:6b:bc:f8:f2:30:09:ff:4f:9c:8c:f4:09:81:63:5e:
be:94:23:98:9d:ae:2a:43:48:84:7f:bb:5b:0f:15:df:4e:df:
ce:60:ca:ad
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzCbQvhOmpzwxuB3gDsmxziMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MmZhMDE5MDJmNGU4YzM0N2YyMTE2ZTQ2NDVkYTFhNmI0
ZTA5NjIwHhcNMjQwMTAxMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWQ4Yjg1OTg3YWNkY2U1ZjA1ZTUyZDM1MWRmNzFmMjlmOTkzMGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhoodCue+ZgTp3x1e6RaLgGk+y0Ya
W8QL1gFV2Lk1I4LilnlJfl4BymdDZuMASJlltgMehKVnMMupgTy7EKd714A8JtlI
ModUEwrmqQNv8gsUSONJ/9oEUQKdbfks90CU+EEqoiWnPl+ri/uJyVKrkMW0ANy+
p3RQSIHtbtKPqU8+e1+AdScUBkCIAPfuzAIG828B5sPkTUf8uqyOdy59zfy+Fm4S
FrxNoXwpHcQVXWohYFXuOTqKv/QC8eQ76eSKJM9TdsN52s6RQtI0wDuHmXDh/Ml/
ddNzEuOKSh9na0RbqiMvk7G+2SR/6ZSx7I+thKjgY6vidN/sPGR4XK4iCQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDnYuFmHrNzl8F5S01HfcfKfmTDgMB8GA1UdIwQY
MBaAFIgvoBkC9OjDR/IRbkZF2hprTgliMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAt
NWMyZDI2NTcwNWUwLzEvT2RpNFdZZXMzT1h3WGxMVFVkOXg4cC1aTU9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC9lYzA5ODEtZDY4Mi00ZjdiLWIyMTAtNWMyZDI2NTcwNWUw
LzEvaUMtZ0dRTDA2TU5IOGhGdVJrWGFHbXRPQ1dJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBUPQgAwQA
UPQnAwQAuRHKAwQAuccLMA0EAgACMAcDBQAqCpdBMA0GCSqGSIb3DQEBCwUAA4IB
AQDDP5A5vAwufbe16I5K3gTRMI4k4TxMJf53pEdE9DHl3O+4HgAF0tCkURzOwN3F
FeY21ELpiCmdh1jdjwEOHo871M/gqfIMGf8OActlscD/eTB9M/mt0V8IVTKEFUO1
LKQyC1K4e6Yb5kDmNQIkneHbAeGu/QpNjrX6hi30TejcZbpcGZEcAVr0nWT56wbK
woKNP/xYbcGGKPrHruizqChIPWH7YPPX/clVMRBivLFinIbxkqaebhTz5Wf74Xr4
0h1a4EII5dl+sYvyp9mYmczfPlous0/F67s4DXtrvPjyMAn/T5yM9AmBY16+lCOY
na4qQ0iEf7tbDxXfTt/OYMqt
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:56 2024 by rpki-client on console-ams.rpki-client.org