Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/0DsAunQHMAa1anqwBnQf8L87k08.roa
File: 0DsAunQHMAa1anqwBnQf8L87k08.roa (raw, json)
Hash identifier: 4CYDsXqzeWOdfUGzwigkq/cDsm6mUcuv+UNKt0tFmmY=
Subject key identifier: D0:3B:00:BA:74:07:30:06:B5:6A:7A:B0:06:74:1F:F0:BF:3B:93:4F
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018FA106B7F0438DCBEE0AA41512E0AE5A7B
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/0DsAunQHMAa1anqwBnQf8L87k08.roa
Signing time: Wed 22 May 2024 15:58:42 +0000
ROA not before: Wed 22 May 2024 15:58:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 147.136.65.0/24 maxlen: 24
147.136.66.0/24 maxlen: 24
147.136.67.0/24 maxlen: 24
147.136.68.0/24 maxlen: 24
147.136.69.0/24 maxlen: 24
147.136.71.0/24 maxlen: 24
147.136.76.0/24 maxlen: 24
168.199.165.0/24 maxlen: 24
168.199.170.0/24 maxlen: 24
168.199.171.0/24 maxlen: 24
168.199.172.0/24 maxlen: 24
168.199.173.0/24 maxlen: 24
168.199.175.0/24 maxlen: 24
168.199.176.0/24 maxlen: 24
168.199.177.0/24 maxlen: 24
168.199.178.0/24 maxlen: 24
168.199.179.0/24 maxlen: 24
168.199.180.0/24 maxlen: 24
168.199.181.0/24 maxlen: 24
168.199.182.0/24 maxlen: 24
168.199.183.0/24 maxlen: 24
168.199.184.0/24 maxlen: 24
168.199.185.0/24 maxlen: 24
168.199.187.0/24 maxlen: 24
168.199.188.0/24 maxlen: 24
168.199.189.0/24 maxlen: 24
168.199.190.0/24 maxlen: 24
168.199.191.0/24 maxlen: 24
168.199.196.0/24 maxlen: 24
168.199.197.0/24 maxlen: 24
168.199.198.0/24 maxlen: 24
168.199.199.0/24 maxlen: 24
168.199.200.0/24 maxlen: 24
168.199.201.0/24 maxlen: 24
168.199.205.0/24 maxlen: 24
168.199.207.0/24 maxlen: 24
168.199.210.0/24 maxlen: 24
168.199.231.0/24 maxlen: 24
168.199.233.0/24 maxlen: 24
192.95.81.0/24 maxlen: 24
192.95.82.0/24 maxlen: 24
192.95.84.0/24 maxlen: 24
192.95.87.0/24 maxlen: 24
192.95.88.0/24 maxlen: 24
192.95.89.0/24 maxlen: 24
192.95.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:a1:06:b7:f0:43:8d:cb:ee:0a:a4:15:12:e0:ae:5a:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: May 22 15:58:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d03b00ba74073006b56a7ab006741ff0bf3b934f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:14:0b:4c:12:de:13:2f:31:05:0c:5a:3d:d4:
c1:f9:be:fd:2a:48:e1:90:76:f9:9f:87:64:b6:bf:
e6:c1:93:06:1d:21:df:a9:d4:61:e5:2a:03:89:37:
e2:7c:27:aa:91:75:af:32:c5:8f:c7:b4:df:b4:36:
1c:4d:19:95:48:33:2f:16:7d:87:73:ef:40:49:c8:
95:7c:f2:5a:cd:a4:6d:f1:39:f3:fa:00:2f:a4:10:
06:fe:4e:a1:b1:d5:cc:e0:28:6c:6b:61:33:28:db:
14:4d:ca:58:8b:d3:e7:6b:22:c5:7d:b0:ee:1d:c3:
24:24:e7:42:1c:02:29:ea:83:d5:04:68:07:51:c4:
f2:29:b4:93:10:15:8a:13:7e:93:f7:48:8f:d4:18:
d3:22:64:bc:04:70:61:31:3c:e8:e3:f2:42:49:94:
de:8a:24:9b:aa:a7:0d:9a:0e:44:c9:52:b2:10:43:
3e:db:a9:e9:f7:d4:db:92:53:14:6d:d8:d1:83:31:
a0:19:55:84:d5:00:12:84:c8:79:48:d5:d1:dc:19:
dd:89:ab:64:14:43:a3:31:63:da:e0:54:43:fd:82:
c7:58:da:6a:c5:53:a3:4b:29:07:31:46:5c:9d:ab:
9f:e9:c3:57:44:fc:f2:e5:ac:b7:ea:e9:a2:af:37:
90:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:3B:00:BA:74:07:30:06:B5:6A:7A:B0:06:74:1F:F0:BF:3B:93:4F
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/0DsAunQHMAa1anqwBnQf8L87k08.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.136.65.0-147.136.69.255
147.136.71.0/24
147.136.76.0/24
168.199.165.0/24
168.199.170.0-168.199.173.255
168.199.175.0-168.199.185.255
168.199.187.0-168.199.191.255
168.199.196.0-168.199.201.255
168.199.205.0/24
168.199.207.0/24
168.199.210.0/24
168.199.231.0/24
168.199.233.0/24
192.95.81.0-192.95.82.255
192.95.84.0/24
192.95.87.0-192.95.90.255
Signature Algorithm: sha256WithRSAEncryption
36:e3:52:07:f4:15:32:29:6f:f5:2f:a7:69:70:bd:bd:6c:51:
93:4f:22:4e:5f:f6:ff:4d:b7:e0:34:58:19:3d:4a:ae:67:53:
98:d5:67:95:9b:3d:ac:78:b4:72:7b:c8:f3:01:d3:c4:f2:08:
e7:26:85:86:33:ff:1f:8e:d7:ea:db:5c:b7:cf:1c:9c:6d:9a:
1f:28:26:2f:84:73:11:de:43:fe:cb:c6:7e:54:4a:67:15:e2:
bc:59:7b:e8:4a:86:f3:9c:d4:c4:69:53:97:ed:f3:52:9e:e6:
11:6b:97:66:aa:39:dd:8d:ce:77:fb:8b:03:17:cd:ba:01:8a:
8f:14:fc:3b:6d:58:4b:ec:80:15:32:38:17:b2:0b:5d:d5:e8:
16:08:67:94:4a:ab:0d:c4:1d:c0:a8:48:75:b4:22:29:68:5f:
73:7c:63:b1:ab:62:27:17:3e:2f:ba:6f:87:03:0d:4f:05:ac:
f8:e7:1a:bc:77:29:68:43:f8:34:b4:85:2c:d0:29:45:82:1a:
85:04:c6:bb:81:b3:16:3e:2b:4a:52:77:69:99:f0:b0:8b:31:
8a:ee:fe:60:3f:a3:72:e3:0d:a2:d3:fa:9c:1c:a8:ef:fd:ae:
08:1c:9f:1f:09:14:e5:92:ee:bd:32:23:b5:e0:10:a3:30:86:
57:6f:b2:22
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAY+hBrfwQ43L7gqkFRLgrlp7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwNTIyMTU1ODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDNiMDBiYTc0MDczMDA2YjU2YTdhYjAwNjc0MWZmMGJmM2I5MzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBQLTBLeEy8xBQxaPdTB+b79Kkjh
kHb5n4dktr/mwZMGHSHfqdRh5SoDiTfifCeqkXWvMsWPx7TftDYcTRmVSDMvFn2H
c+9ASciVfPJazaRt8Tnz+gAvpBAG/k6hsdXM4Chsa2EzKNsUTcpYi9PnayLFfbDu
HcMkJOdCHAIp6oPVBGgHUcTyKbSTEBWKE36T90iP1BjTImS8BHBhMTzo4/JCSZTe
iiSbqqcNmg5EyVKyEEM+26np99TbklMUbdjRgzGgGVWE1QAShMh5SNXR3Bndiatk
FEOjMWPa4FRD/YLHWNpqxVOjSykHMUZcnauf6cNXRPzy5ay36umirzeQsQIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFNA7ALp0BzAGtWp6sAZ0H/C/O5NPMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvMERzQXVuUUhNQWExYW5xd0JuUWY4TDg3azA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBnwQCAAEwgZgwDAME
AJOIQQMEAZOIRAMEAJOIRwMEAJOITAMEAKjHpTAMAwQBqMeqAwQBqMesMAwDBACo
x68DBAGox7gwDAMEAKjHuwMEBqjHgDAMAwQCqMfEAwQBqMfIAwQAqMfNAwQAqMfP
AwQAqMfSAwQAqMfnAwQAqMfpMAwDBADAX1EDBADAX1IDBADAX1QwDAMEAMBfVwME
AMBfWjANBgkqhkiG9w0BAQsFAAOCAQEANuNSB/QVMilv9S+naXC9vWxRk08iTl/2
/0234DRYGT1KrmdTmNVnlZs9rHi0cnvI8wHTxPII5yaFhjP/H47X6ttct88cnG2a
HygmL4RzEd5D/svGflRKZxXivFl76EqG85zUxGlTl+3zUp7mEWuXZqo53Y3Od/uL
AxfNugGKjxT8O21YS+yAFTI4F7ILXdXoFghnlEqrDcQdwKhIdbQiKWhfc3xjsati
Jxc+L7pvhwMNTwWs+OcavHcpaEP4NLSFLNApRYIahQTGu4GzFj4rSlJ3aZnwsIsx
iu7+YD+jcuMNotP6nByo7/2uCByfHwkU5ZLuvTIjteAQozCGV2+yIg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:42:30 2024 by rpki-client on console-fra.rpki-client.org