Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/OIycoHrm0hgQGsYzLZO8CWz2VUI.roa
File: OIycoHrm0hgQGsYzLZO8CWz2VUI.roa (raw, json)
Hash identifier: mUlVqYNYiaFrd22rLYt+/3mQnKmQ2H1WbBddT/ycfNM=
Subject key identifier: 38:8C:9C:A0:7A:E6:D2:18:10:1A:C6:33:2D:93:BC:09:6C:F6:55:42
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 0192F6673A67E017AFEF797D733DA0BC3F8D
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/OIycoHrm0hgQGsYzLZO8CWz2VUI.roa
Signing time: Mon 04 Nov 2024 09:00:13 +0000
ROA not before: Mon 04 Nov 2024 09:00:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 7018
IP address blocks: 168.199.169.0/24 maxlen: 24
168.199.234.0/24 maxlen: 24
168.199.245.0/24 maxlen: 24
185.101.255.0/24 maxlen: 24
185.226.207.0/24 maxlen: 24
192.95.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f6:67:3a:67:e0:17:af:ef:79:7d:73:3d:a0:bc:3f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Nov 4 09:00:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=388c9ca07ae6d218101ac6332d93bc096cf65542
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:66:a4:c4:00:77:ab:f4:16:d6:39:22:55:be:
7a:aa:62:9e:01:31:73:14:5a:d6:23:64:15:7c:07:
96:a8:dc:37:44:2f:6c:9f:c8:dc:9b:5b:5f:8b:3f:
a2:73:99:2b:9a:e7:20:5a:53:35:6a:ce:a5:f8:ea:
9e:6d:db:9d:b7:0f:91:9b:35:3b:dc:15:d5:57:57:
06:50:c0:c8:4c:8d:9d:5f:d5:6c:73:de:5e:af:ba:
8f:45:e4:87:e0:53:d6:19:87:58:77:ff:bf:7a:01:
04:b3:ce:5e:a4:2a:2e:29:98:96:a1:f6:43:03:6c:
5a:94:46:f1:44:23:29:a1:c9:84:ad:86:50:37:66:
ee:58:6f:6b:ec:ff:e7:aa:7f:23:1a:ef:73:73:71:
b1:2d:14:f9:2b:3e:bc:c7:89:10:c0:a7:1a:eb:38:
58:b3:60:6e:2e:95:7b:17:58:9c:52:7b:1e:bc:3d:
a0:b4:c9:39:6a:de:cc:ac:73:dc:8f:66:fe:45:ff:
2a:1e:d4:95:68:44:7e:79:e8:51:d7:17:e1:d7:db:
d0:fe:4b:7b:48:d8:f5:a9:d9:99:7b:91:44:91:40:
4a:82:ca:c5:bc:67:d5:e1:fb:55:7d:16:2f:39:8b:
5b:1c:73:98:d2:5c:11:45:99:6f:5a:46:07:bf:18:
3b:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:8C:9C:A0:7A:E6:D2:18:10:1A:C6:33:2D:93:BC:09:6C:F6:55:42
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/OIycoHrm0hgQGsYzLZO8CWz2VUI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.169.0/24
168.199.234.0/24
168.199.245.0/24
185.101.255.0/24
185.226.207.0/24
192.95.83.0/24
Signature Algorithm: sha256WithRSAEncryption
25:0d:1a:3e:09:7c:c8:47:ac:d6:3a:cd:3a:39:dd:be:6c:a6:
17:8b:5b:6b:11:7c:b7:fe:23:01:06:94:40:c0:b4:90:cb:05:
09:7d:a0:5f:38:df:1a:71:dd:d7:4c:a2:52:10:86:39:f3:92:
08:a2:f3:3c:c9:5b:77:0f:84:99:50:22:b2:74:b6:1e:43:00:
22:8b:b7:b1:a1:4c:58:f7:f3:31:bc:28:3f:12:f8:49:f3:10:
17:e9:f7:51:44:c2:20:1f:f9:8e:3b:cc:dc:b0:95:5d:a7:cb:
0c:77:d1:b6:cb:fb:e5:57:d5:07:5c:91:fc:a2:60:1d:f2:16:
74:e5:cf:c4:73:a7:51:14:9c:78:8f:3b:c3:95:86:af:43:33:
d0:43:2d:f8:92:2e:94:70:d2:f9:57:1c:f8:e8:6d:6a:46:2d:
70:9e:1d:1f:1b:06:b1:b7:8c:02:c4:a3:07:da:81:fb:8e:b9:
37:eb:e8:7c:3c:c9:d0:66:be:54:46:b9:7f:7b:47:11:4c:0b:
16:2d:1c:5c:54:29:18:48:4e:b9:4b:bc:14:c0:4d:80:35:4a:
a8:be:23:ed:c9:9c:d0:46:2e:22:40:0c:2d:d2:9e:ad:2f:04:
c2:2f:bf:58:77:b4:90:79:8b:ba:4e:ad:08:25:0b:5f:c3:6c:
16:41:57:dc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZL2Zzpn4Bev73l9cz2gvD+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQxMTA0MDkwMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODhjOWNhMDdhZTZkMjE4MTAxYWM2MzMyZDkzYmMwOTZjZjY1NTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGakxAB3q/QW1jkiVb56qmKeATFz
FFrWI2QVfAeWqNw3RC9sn8jcm1tfiz+ic5krmucgWlM1as6l+Oqebdudtw+RmzU7
3BXVV1cGUMDITI2dX9Vsc95er7qPReSH4FPWGYdYd/+/egEEs85epCouKZiWofZD
A2xalEbxRCMpocmErYZQN2buWG9r7P/nqn8jGu9zc3GxLRT5Kz68x4kQwKca6zhY
s2BuLpV7F1icUnsevD2gtMk5at7MrHPcj2b+Rf8qHtSVaER+eehR1xfh19vQ/kt7
SNj1qdmZe5FEkUBKgsrFvGfV4ftVfRYvOYtbHHOY0lwRRZlvWkYHvxg7uQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDiMnKB65tIYEBrGMy2TvAls9lVCMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvT0l5Y29Icm0waGdRR3NZekxaTzhDV3oyVlVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAqMepAwQA
qMfqAwQAqMf1AwQAuWX/AwQAueLPAwQAwF9TMA0GCSqGSIb3DQEBCwUAA4IBAQAl
DRo+CXzIR6zWOs06Od2+bKYXi1trEXy3/iMBBpRAwLSQywUJfaBfON8acd3XTKJS
EIY585IIovM8yVt3D4SZUCKydLYeQwAii7exoUxY9/MxvCg/EvhJ8xAX6fdRRMIg
H/mOO8zcsJVdp8sMd9G2y/vlV9UHXJH8omAd8hZ05c/Ec6dRFJx4jzvDlYavQzPQ
Qy34ki6UcNL5Vxz46G1qRi1wnh0fGwaxt4wCxKMH2oH7jrk36+h8PMnQZr5URrl/
e0cRTAsWLRxcVCkYSE65S7wUwE2ANUqoviPtyZzQRi4iQAwt0p6tLwTCL79Yd7SQ
eYu6Tq0IJQtfw2wWQVfc
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:17:12 2024 by rpki-client on console-ams.rpki-client.org