Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/OUdw0gOa5bFPdIja9fTWWS8SLrw.roa
File: OUdw0gOa5bFPdIja9fTWWS8SLrw.roa (raw, json)
Hash identifier: DoIBtGdcvlySHoWHn5X2zkZGn/RKDogMgBeAyFh40ks=
Subject key identifier: 39:47:70:D2:03:9A:E5:B1:4F:74:88:DA:F5:F4:D6:59:2F:12:2E:BC
Certificate issuer: /CN=54791dde2c9bdea366ce7ec6c5a800c5da633454
Certificate serial: 018CC4253E98545F3D11E7AE6B49CB0F8120
Authority key identifier: 54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/OUdw0gOa5bFPdIja9fTWWS8SLrw.roa
Signing time: Mon 01 Jan 2024 08:30:24 +0000
ROA not before: Mon 01 Jan 2024 08:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212772
IP address blocks: 185.113.28.0/22 maxlen: 24
94.140.14.0/23 maxlen: 24
45.156.136.0/22 maxlen: 24
92.255.56.0/24 maxlen: 24
217.72.12.0/22 maxlen: 24
46.243.228.0/22 maxlen: 24
92.255.68.0/22 maxlen: 24
92.255.84.0/24 maxlen: 24
2a10:50c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3e:98:54:5f:3d:11:e7:ae:6b:49:cb:0f:81:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54791dde2c9bdea366ce7ec6c5a800c5da633454
Validity
Not Before: Jan 1 08:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=394770d2039ae5b14f7488daf5f4d6592f122ebc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:ff:88:f1:00:d5:c4:00:53:99:de:11:7c:4a:
b2:68:41:b7:2a:c9:6b:62:b0:f0:d9:db:4e:dd:fc:
7c:1c:83:5d:da:8a:fb:b2:71:8d:b8:6d:8c:62:37:
2a:74:91:f5:39:21:01:ca:d0:83:77:32:3a:4a:66:
cc:53:a5:d8:86:1b:90:78:7a:68:77:ab:7f:07:af:
91:76:af:e5:f8:b5:13:53:fc:aa:fb:a6:9e:ee:66:
3f:ad:6b:e1:32:8e:44:30:dd:ac:0b:50:91:7d:a4:
ee:70:8e:90:13:c4:2a:b2:55:87:47:19:54:9f:6e:
64:43:77:78:e5:b2:e2:52:50:f8:35:bb:f8:f0:2c:
1a:7e:1c:f1:5b:9b:c7:b7:77:fe:66:98:c7:03:2b:
b0:78:57:da:53:b8:d7:32:3e:67:73:79:a8:7a:b3:
6f:5b:88:41:bb:21:0b:6c:b1:3c:95:fa:c0:b9:f8:
99:0c:08:0d:6a:68:25:51:fd:a6:eb:7c:63:81:15:
84:4d:30:c9:f0:16:c5:f4:5d:5c:ae:78:2d:9f:c4:
57:d9:48:9d:d4:44:4f:4f:b7:f0:73:9b:08:4f:86:
cb:9f:4c:7c:70:0a:7d:26:ba:d3:f1:9e:ce:e9:22:
1b:5d:77:b9:6a:77:3c:41:74:67:22:72:3a:ff:88:
31:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:47:70:D2:03:9A:E5:B1:4F:74:88:DA:F5:F4:D6:59:2F:12:2E:BC
X509v3 Authority Key Identifier:
keyid:54:79:1D:DE:2C:9B:DE:A3:66:CE:7E:C6:C5:A8:00:C5:DA:63:34:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VHkd3iyb3qNmzn7GxagAxdpjNFQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/OUdw0gOa5bFPdIja9fTWWS8SLrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/17e567-9e44-444a-ac64-18b34bea9b06/1/VHkd3iyb3qNmzn7GxagAxdpjNFQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.136.0/22
46.243.228.0/22
92.255.56.0/24
92.255.68.0/22
92.255.84.0/24
94.140.14.0/23
185.113.28.0/22
217.72.12.0/22
IPv6:
2a10:50c0::/32
Signature Algorithm: sha256WithRSAEncryption
29:51:11:82:00:1f:4a:8e:e6:01:3a:88:82:79:ff:6d:eb:1a:
83:74:b5:a0:21:dc:20:68:54:ef:b1:1e:31:19:2e:a7:84:94:
5a:05:cf:dd:c8:ae:cc:98:ab:32:00:86:7d:a1:e5:6c:60:ee:
c7:1e:3b:24:46:28:27:bb:be:50:b1:00:17:c6:f6:30:cd:96:
b6:93:13:40:11:21:c2:0d:67:30:c0:68:3f:c1:c9:2b:29:ee:
a2:0b:5d:43:d8:07:3c:46:00:45:4e:a1:2c:40:71:df:bc:c4:
34:66:1f:36:de:8b:ce:44:5b:33:b0:da:6f:c5:19:83:d3:4c:
82:ae:28:77:34:b2:92:13:58:41:7f:cd:f4:b2:47:e1:0c:4a:
c4:72:33:ac:f4:8b:ac:3f:62:89:ff:f8:d4:45:88:c9:1f:1a:
77:87:54:62:b5:c8:e0:08:d1:b2:eb:db:3e:fc:be:12:2e:07:
6a:90:27:99:93:5b:85:91:45:8f:b5:a8:e8:c0:c5:4c:57:e9:
a7:d4:31:d2:85:5c:db:3c:3e:38:74:5c:ec:a0:c2:65:76:ae:
fb:89:c4:5c:5b:33:4f:ab:c9:55:a2:ec:9e:4d:0e:e9:5c:c1:
3a:05:cf:8a:0b:01:ed:90:5b:86:df:09:45:40:7f:b1:9d:22:
ae:7d:21:0b
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzEJT6YVF89Eeeua0nLD4EgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NzkxZGRlMmM5YmRlYTM2NmNlN2VjNmM1YTgwMGM1ZGE2
MzM0NTQwHhcNMjQwMTAxMDgzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTQ3NzBkMjAzOWFlNWIxNGY3NDg4ZGFmNWY0ZDY1OTJmMTIyZWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyP+I8QDVxABTmd4RfEqyaEG3Kslr
YrDw2dtO3fx8HINd2or7snGNuG2MYjcqdJH1OSEBytCDdzI6SmbMU6XYhhuQeHpo
d6t/B6+Rdq/l+LUTU/yq+6ae7mY/rWvhMo5EMN2sC1CRfaTucI6QE8QqslWHRxlU
n25kQ3d45bLiUlD4Nbv48CwafhzxW5vHt3f+ZpjHAyuweFfaU7jXMj5nc3moerNv
W4hBuyELbLE8lfrAufiZDAgNamglUf2m63xjgRWETTDJ8BbF9F1crngtn8RX2Uid
1ERPT7fwc5sIT4bLn0x8cAp9JrrT8Z7O6SIbXXe5anc8QXRnInI6/4gxtQIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDlHcNIDmuWxT3SI2vX01lkvEi68MB8GA1UdIwQY
MBaAFFR5Hd4sm96jZs5+xsWoAMXaYzRUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkhrZDNpeWIzcU5tem43R3hhZ0F4ZHBqTkZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi8xN2U1NjctOWU0NC00NDRhLWFjNjQt
MThiMzRiZWE5YjA2LzEvT1VkdzBnT2E1YkZQZElqYTlmVFdXUzhTTHJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi8xN2U1NjctOWU0NC00NDRhLWFjNjQtMThiMzRiZWE5YjA2
LzEvVkhrZDNpeWIzcU5tem43R3hhZ0F4ZHBqTkZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQCLZyIAwQC
LvPkAwQAXP84AwQCXP9EAwQAXP9UAwQBXowOAwQCuXEcAwQC2UgMMA0EAgACMAcD
BQAqEFDAMA0GCSqGSIb3DQEBCwUAA4IBAQApURGCAB9KjuYBOoiCef9t6xqDdLWg
IdwgaFTvsR4xGS6nhJRaBc/dyK7MmKsyAIZ9oeVsYO7HHjskRignu75QsQAXxvYw
zZa2kxNAESHCDWcwwGg/wckrKe6iC11D2Ac8RgBFTqEsQHHfvMQ0Zh823ovORFsz
sNpvxRmD00yCrih3NLKSE1hBf830skfhDErEcjOs9IusP2KJ//jURYjJHxp3h1Ri
tcjgCNGy69s+/L4SLgdqkCeZk1uFkUWPtajowMVMV+mn1DHShVzbPD44dFzsoMJl
dq77icRcWzNPq8lVouyeTQ7pXME6Bc+KCwHtkFuG3wlFQH+xnSKufSEL
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:17:11 2024 by rpki-client on console-fra.rpki-client.org