Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/O-j_WULPQ0YdtD1cGc6kgrYddSw.roa
File: O-j_WULPQ0YdtD1cGc6kgrYddSw.roa (raw, json)
Hash identifier: sBCSLL9e2UNaWz8NZTNqncvR6UopSCwIStIDVC/J4dw=
Subject key identifier: 3B:E8:FF:59:42:CF:43:46:1D:B4:3D:5C:19:CE:A4:82:B6:1D:75:2C
Certificate issuer: /CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Certificate serial: 018D7AF249D22C9A21EB3623B295F5CC9950
Authority key identifier: 95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/O-j_WULPQ0YdtD1cGc6kgrYddSw.roa
Signing time: Mon 05 Feb 2024 20:25:15 +0000
ROA not before: Mon 05 Feb 2024 20:25:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62651
IP address blocks: 185.147.214.0/24 maxlen: 24
2a03:efc0:900::/40 maxlen: 40
2a03:efc0:1700::/40 maxlen: 40
2a03:efc0:2300::/40 maxlen: 40
2a03:efc0:2500::/40 maxlen: 40
2a03:efc0:2700::/40 maxlen: 40
2a03:efc0:2900::/40 maxlen: 40
2a03:efc0:3100::/40 maxlen: 40
2a03:efc0:3300::/40 maxlen: 40
2a03:efc0:3500::/40 maxlen: 40
2a03:efc0:3700::/40 maxlen: 40
2a03:efc0:4100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:f2:49:d2:2c:9a:21:eb:36:23:b2:95:f5:cc:99:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9502d8b8269c6b07f814acf0c7ed729b3f4b5984
Validity
Not Before: Feb 5 20:25:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3be8ff5942cf43461db43d5c19cea482b61d752c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:e6:09:37:30:71:10:4c:59:32:3d:26:1b:1d:
f7:ab:d0:49:f6:56:3f:57:00:42:4a:30:78:a7:be:
bd:48:ff:c2:dd:5e:2e:07:4e:ca:4f:ec:f7:8a:87:
b8:e4:e0:20:0b:f8:64:fd:6f:54:ea:90:39:30:cd:
fb:9c:28:1b:d1:55:5f:83:3b:69:7e:3f:ac:2d:b4:
bd:73:3c:81:e3:d1:10:1a:40:ae:6e:7e:0d:b8:48:
6d:95:6f:8a:22:ab:f4:25:91:cf:5d:81:82:ec:0f:
06:31:c2:3f:ff:9b:3f:84:a5:37:c4:a4:cd:37:04:
81:5b:60:b6:8e:c8:1f:07:00:f9:09:02:be:d5:1c:
d1:ff:c1:4b:43:4d:21:02:0f:17:44:3c:45:00:81:
d1:1d:24:af:cf:3d:89:6e:d4:1b:9c:bf:e0:8b:15:
73:fc:33:78:25:af:38:db:4f:16:10:86:0e:ee:ca:
80:f1:8d:3b:17:43:c4:e7:ed:a8:dc:73:34:e4:3e:
4f:15:bb:d1:f8:94:e3:96:5f:6b:21:a4:81:e9:ce:
51:8c:9d:cb:96:6a:18:fa:4d:9a:c7:47:18:79:55:
27:28:39:df:94:ea:c1:fd:97:e3:aa:ea:e1:b3:79:
bc:de:cc:9d:45:a3:4b:a2:81:55:fa:9e:79:e5:50:
2c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:E8:FF:59:42:CF:43:46:1D:B4:3D:5C:19:CE:A4:82:B6:1D:75:2C
X509v3 Authority Key Identifier:
keyid:95:02:D8:B8:26:9C:6B:07:F8:14:AC:F0:C7:ED:72:9B:3F:4B:59:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lQLYuCacawf4FKzwx-1ymz9LWYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/O-j_WULPQ0YdtD1cGc6kgrYddSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/9decaf-47eb-4349-9e86-01b8bb6ad90a/1/lQLYuCacawf4FKzwx-1ymz9LWYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.147.214.0/24
IPv6:
2a03:efc0:900::/40
2a03:efc0:1700::/40
2a03:efc0:2300::/40
2a03:efc0:2500::/40
2a03:efc0:2700::/40
2a03:efc0:2900::/40
2a03:efc0:3100::/40
2a03:efc0:3300::/40
2a03:efc0:3500::/40
2a03:efc0:3700::/40
2a03:efc0:4100::/40
Signature Algorithm: sha256WithRSAEncryption
77:93:c9:4a:d8:cf:cc:0b:0d:f0:47:a6:7c:5c:6f:78:c5:06:
bf:66:1c:53:7b:8e:0c:c7:6c:23:4c:bc:e8:6d:6e:33:b8:39:
8d:75:db:4f:86:17:92:a6:2b:c1:24:06:9c:aa:d8:07:a0:7d:
83:bf:2e:ec:ff:7b:6a:49:c1:13:7b:4b:5e:5d:04:2b:74:95:
ce:75:ea:45:29:d8:97:53:70:0e:9e:d0:0d:a5:ef:ff:94:46:
a0:96:15:6c:7d:8a:b9:7e:0e:ae:ec:11:be:61:5c:e3:22:f8:
b8:74:86:fc:18:8e:2f:ea:43:1c:b5:9f:4d:f8:b5:4b:1c:f8:
1a:9a:00:53:9a:b8:73:47:8b:56:51:9c:20:23:53:59:0e:10:
a5:96:47:b1:a9:2f:a1:13:41:2e:0c:d3:61:22:2e:c9:e4:a6:
77:a5:86:24:1d:35:c8:ce:87:ff:21:81:e1:cf:06:69:b3:a3:
db:b0:f9:5a:e6:9f:76:b8:61:ec:87:5e:d7:79:67:44:dc:fb:
b7:09:bd:51:2d:a3:bc:93:4e:37:c5:3c:c5:0f:a2:03:03:81:
8d:d5:2a:d4:ae:7a:ee:08:39:a1:4b:a7:bd:b2:5e:0b:d7:c9:
91:4a:ff:3c:3d:67:24:f9:ff:86:a9:03:57:6b:85:b6:65:34:
53:05:b1:f9
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAY168knSLJoh6zYjspX1zJlQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1MDJkOGI4MjY5YzZiMDdmODE0YWNmMGM3ZWQ3MjliM2Y0
YjU5ODQwHhcNMjQwMjA1MjAyNTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmU4ZmY1OTQyY2Y0MzQ2MWRiNDNkNWMxOWNlYTQ4MmI2MWQ3NTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiOYJNzBxEExZMj0mGx33q9BJ9lY/
VwBCSjB4p769SP/C3V4uB07KT+z3ioe45OAgC/hk/W9U6pA5MM37nCgb0VVfgztp
fj+sLbS9czyB49EQGkCubn4NuEhtlW+KIqv0JZHPXYGC7A8GMcI//5s/hKU3xKTN
NwSBW2C2jsgfBwD5CQK+1RzR/8FLQ00hAg8XRDxFAIHRHSSvzz2JbtQbnL/gixVz
/DN4Ja84208WEIYO7sqA8Y07F0PE5+2o3HM05D5PFbvR+JTjll9rIaSB6c5RjJ3L
lmoY+k2ax0cYeVUnKDnflOrB/Zfjqurhs3m83sydRaNLooFV+p555VAsWwIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFDvo/1lCz0NGHbQ9XBnOpIK2HXUsMB8GA1UdIwQY
MBaAFJUC2LgmnGsH+BSs8Mftcps/S1mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYt
MDFiOGJiNmFkOTBhLzEvTy1qX1dVTFBRMFlkdEQxY0djNmtncllkZFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS85ZGVjYWYtNDdlYi00MzQ5LTllODYtMDFiOGJiNmFkOTBh
LzEvbFFMWXVDYWNhd2Y0Rkt6d3gtMXltejlMV1lRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjAMBAIAATAGAwQAuZPWMF4E
AgACMFgDBgAqA+/ACQMGACoD78AXAwYAKgPvwCMDBgAqA+/AJQMGACoD78AnAwYA
KgPvwCkDBgAqA+/AMQMGACoD78AzAwYAKgPvwDUDBgAqA+/ANwMGACoD78BBMA0G
CSqGSIb3DQEBCwUAA4IBAQB3k8lK2M/MCw3wR6Z8XG94xQa/ZhxTe44Mx2wjTLzo
bW4zuDmNddtPhheSpivBJAacqtgHoH2Dvy7s/3tqScETe0teXQQrdJXOdepFKdiX
U3AOntANpe//lEaglhVsfYq5fg6u7BG+YVzjIvi4dIb8GI4v6kMctZ9N+LVLHPga
mgBTmrhzR4tWUZwgI1NZDhCllkexqS+hE0EuDNNhIi7J5KZ3pYYkHTXIzof/IYHh
zwZps6PbsPla5p92uGHsh17XeWdE3Pu3Cb1RLaO8k043xTzFD6IDA4GN1SrUrnru
CDmhS6e9sl4L18mRSv88PWck+f+GqQNXa4W2ZTRTBbH5
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:02:38 2024 by rpki-client on console-fra.rpki-client.org