Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/abe6c0-e79d-4cdd-92ad-f21363071591/1/OQdfkxEcsWjXzTOwsgApkDeMGOE.roa
File: OQdfkxEcsWjXzTOwsgApkDeMGOE.roa (raw, json)
Hash identifier: mkBzJGb8TqL2Q7+yGwEXk2J0+R45tCdOpSYCsrsDld8=
Subject key identifier: 39:07:5F:93:11:1C:B1:68:D7:CD:33:B0:B2:00:29:90:37:8C:18:E1
Certificate issuer: /CN=4c18a44d54a47a5ea97dedfd5ed8379d7eea02d0
Certificate serial: 018CC3B70F9254AE020EB8ABCCCFFB64C59A
Authority key identifier: 4C:18:A4:4D:54:A4:7A:5E:A9:7D:ED:FD:5E:D8:37:9D:7E:EA:02:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TBikTVSkel6pfe39Xtg3nX7qAtA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/abe6c0-e79d-4cdd-92ad-f21363071591/1/OQdfkxEcsWjXzTOwsgApkDeMGOE.roa
Signing time: Mon 01 Jan 2024 06:30:03 +0000
ROA not before: Mon 01 Jan 2024 06:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20874
IP address blocks: 185.111.161.0/24 maxlen: 24
185.111.162.0/24 maxlen: 24
185.111.163.0/24 maxlen: 24
185.111.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/abe6c0-e79d-4cdd-92ad-f21363071591/1/TBikTVSkel6pfe39Xtg3nX7qAtA.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/abe6c0-e79d-4cdd-92ad-f21363071591/1/TBikTVSkel6pfe39Xtg3nX7qAtA.mft
rsync://rpki.ripe.net/repository/DEFAULT/TBikTVSkel6pfe39Xtg3nX7qAtA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:0f:92:54:ae:02:0e:b8:ab:cc:cf:fb:64:c5:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c18a44d54a47a5ea97dedfd5ed8379d7eea02d0
Validity
Not Before: Jan 1 06:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39075f93111cb168d7cd33b0b2002990378c18e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:58:93:e4:1a:4d:75:af:f5:ae:c6:50:44:da:
26:6d:bb:68:eb:8a:9e:69:2f:94:29:8d:4a:4a:bf:
e0:b5:88:a4:4a:3a:2f:1d:e3:4a:aa:07:33:0d:58:
85:1c:02:14:c0:85:b2:63:38:38:42:5b:59:7d:c6:
bb:49:5d:3d:bf:17:58:92:6b:a2:d6:ca:0c:aa:bc:
a7:4f:4e:ca:df:ad:8c:a2:da:43:94:b4:f0:01:c8:
40:7a:e3:2a:6f:0d:9b:83:8f:27:14:13:67:5b:03:
13:a0:77:64:9c:85:0f:87:4f:72:26:8a:18:91:dd:
4d:96:36:c3:60:a8:81:22:b5:8f:46:ae:9a:2a:ea:
9b:aa:a9:71:f4:18:7d:2e:ef:32:bf:32:1b:4d:d3:
a0:a0:f8:1e:79:d8:65:c0:83:90:1a:c0:b1:81:56:
39:6a:b4:0e:51:6d:4b:56:4f:21:7f:16:ed:5f:e8:
19:d1:93:01:bd:5b:fe:31:a3:90:8a:a4:a6:79:00:
c3:05:58:55:47:52:7a:fe:ff:1a:74:aa:6d:ef:63:
d2:a4:79:02:a6:6a:c4:e9:06:b4:77:37:e0:f3:a6:
3b:92:db:29:64:ee:62:f5:7b:78:01:67:41:3d:83:
cf:33:3d:03:99:e7:92:06:c7:16:b5:e2:f0:13:14:
20:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:07:5F:93:11:1C:B1:68:D7:CD:33:B0:B2:00:29:90:37:8C:18:E1
X509v3 Authority Key Identifier:
keyid:4C:18:A4:4D:54:A4:7A:5E:A9:7D:ED:FD:5E:D8:37:9D:7E:EA:02:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TBikTVSkel6pfe39Xtg3nX7qAtA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/abe6c0-e79d-4cdd-92ad-f21363071591/1/OQdfkxEcsWjXzTOwsgApkDeMGOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/abe6c0-e79d-4cdd-92ad-f21363071591/1/TBikTVSkel6pfe39Xtg3nX7qAtA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.111.160.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:b5:bb:98:b9:c1:71:1c:68:cd:3b:d6:78:10:76:11:3f:2b:
6e:23:ae:79:da:50:f8:bb:b6:41:75:12:b9:b8:de:b1:78:29:
e4:3c:b7:cb:27:a7:90:7b:39:3c:70:7f:3d:57:29:11:c5:9c:
e3:50:da:c3:ae:63:10:f7:9b:05:b7:ef:c1:77:32:84:42:56:
b4:76:dd:51:8e:aa:c7:33:24:21:70:cb:47:2a:12:13:e8:d8:
81:c5:ba:d2:b8:e9:4d:e3:20:ad:e2:58:87:ef:a9:8c:12:91:
21:9a:cc:78:21:51:c4:b8:06:65:87:b8:2c:60:f4:81:69:cb:
14:16:c2:d0:98:ae:f9:d8:f3:d7:26:b9:5c:06:96:05:9f:bb:
df:b6:11:e5:a0:8e:22:2a:39:d8:83:e9:3a:d8:7b:13:df:1d:
db:9d:36:d3:e5:2b:54:93:56:d6:04:1b:b9:bf:bb:bf:8e:2e:
a6:a4:7d:39:9d:38:31:57:22:d9:30:d8:ac:23:9e:2f:b0:25:
5a:bd:d3:71:8c:0e:ee:9f:56:48:bf:d4:ff:63:a5:e9:bf:c6:
42:4c:3b:37:4d:cf:92:18:24:81:ea:52:56:30:bc:4f:2d:65:
90:dd:e0:c0:cd:fe:3c:d2:28:8d:c8:4b:6f:1d:68:81:62:0f:
4a:28:e3:90
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtw+SVK4CDrirzM/7ZMWaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjMThhNDRkNTRhNDdhNWVhOTdkZWRmZDVlZDgzNzlkN2Vl
YTAyZDAwHhcNMjQwMTAxMDYzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTA3NWY5MzExMWNiMTY4ZDdjZDMzYjBiMjAwMjk5MDM3OGMxOGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFiT5BpNda/1rsZQRNombbto64qe
aS+UKY1KSr/gtYikSjovHeNKqgczDViFHAIUwIWyYzg4QltZfca7SV09vxdYkmui
1soMqrynT07K362MotpDlLTwAchAeuMqbw2bg48nFBNnWwMToHdknIUPh09yJooY
kd1NljbDYKiBIrWPRq6aKuqbqqlx9Bh9Lu8yvzIbTdOgoPgeedhlwIOQGsCxgVY5
arQOUW1LVk8hfxbtX+gZ0ZMBvVv+MaOQiqSmeQDDBVhVR1J6/v8adKpt72PSpHkC
pmrE6Qa0dzfg86Y7ktspZO5i9Xt4AWdBPYPPMz0DmeeSBscWteLwExQgnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDkHX5MRHLFo180zsLIAKZA3jBjhMB8GA1UdIwQY
MBaAFEwYpE1UpHpeqX3t/V7YN51+6gLQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEJpa1RWU2tlbDZwZmUzOVh0ZzNuWDdxQXRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9hYmU2YzAtZTc5ZC00Y2RkLTkyYWQt
ZjIxMzYzMDcxNTkxLzEvT1FkZmt4RWNzV2pYelRPd3NnQXBrRGVNR09FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9hYmU2YzAtZTc5ZC00Y2RkLTkyYWQtZjIxMzYzMDcxNTkx
LzEvVEJpa1RWU2tlbDZwZmUzOVh0ZzNuWDdxQXRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW+gMA0G
CSqGSIb3DQEBCwUAA4IBAQAvtbuYucFxHGjNO9Z4EHYRPytuI6552lD4u7ZBdRK5
uN6xeCnkPLfLJ6eQezk8cH89VykRxZzjUNrDrmMQ95sFt+/BdzKEQla0dt1RjqrH
MyQhcMtHKhIT6NiBxbrSuOlN4yCt4liH76mMEpEhmsx4IVHEuAZlh7gsYPSBacsU
FsLQmK752PPXJrlcBpYFn7vfthHloI4iKjnYg+k62HsT3x3bnTbT5StUk1bWBBu5
v7u/ji6mpH05nTgxVyLZMNisI54vsCVavdNxjA7un1ZIv9T/Y6Xpv8ZCTDs3Tc+S
GCSB6lJWMLxPLWWQ3eDAzf480iiNyEtvHWiBYg9KKOOQ
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:49:52 2024 by rpki-client on console-fra.rpki-client.org