Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ojRQ_38REcpiLZpWwcLOuAfD-P8.roa
File: ojRQ_38REcpiLZpWwcLOuAfD-P8.roa (raw, json)
Hash identifier: Dag9PY3a87tdhINSOfkBZLOq2Tr1p2aYuCS8a18q3Rs=
Subject key identifier: A2:34:50:FF:7F:11:11:CA:62:2D:9A:56:C1:C2:CE:B8:07:C3:F8:FF
Certificate issuer: /CN=a2ed0ba8b46ef251e5a058a64a21b307d3650ddc
Certificate serial: 018CC42536FEF3F1CA5852DBE4F90131B47B
Authority key identifier: A2:ED:0B:A8:B4:6E:F2:51:E5:A0:58:A6:4A:21:B3:07:D3:65:0D:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ojRQ_38REcpiLZpWwcLOuAfD-P8.roa
Signing time: Mon 01 Jan 2024 08:30:22 +0000
ROA not before: Mon 01 Jan 2024 08:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5466
IP address blocks: 194.125.192.0/19 maxlen: 19
95.44.0.0/15 maxlen: 15
82.141.192.0/18 maxlen: 18
217.183.0.0/16 maxlen: 16
83.174.160.0/19 maxlen: 19
195.7.32.0/19 maxlen: 19
194.106.128.0/19 maxlen: 19
194.125.128.0/18 maxlen: 18
51.171.0.0/16 maxlen: 16
159.134.0.0/16 maxlen: 24
185.57.112.0/22 maxlen: 22
83.70.0.0/15 maxlen: 15
62.77.160.0/19 maxlen: 19
213.94.128.0/17 maxlen: 17
213.190.128.0/19 maxlen: 19
86.40.0.0/13 maxlen: 24
2001:bb0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ou0LqLRu8lHloFimSiGzB9NlDdw.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ou0LqLRu8lHloFimSiGzB9NlDdw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:36:fe:f3:f1:ca:58:52:db:e4:f9:01:31:b4:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2ed0ba8b46ef251e5a058a64a21b307d3650ddc
Validity
Not Before: Jan 1 08:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a23450ff7f1111ca622d9a56c1c2ceb807c3f8ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:b6:44:b5:05:31:c0:b3:27:03:eb:2a:04:8c:
1f:23:63:aa:a3:1c:5d:61:be:29:ec:b5:1c:ca:31:
81:78:56:01:e7:fa:be:a2:84:71:ee:d9:b2:81:06:
e7:87:17:a8:40:16:97:1b:8a:6a:bd:2c:0f:ba:cc:
17:43:c0:78:9d:bd:40:f1:50:9d:d7:54:f6:41:c3:
8c:18:ff:f0:07:79:3e:5f:ad:d3:85:fa:2f:5e:5a:
3e:fc:e8:30:9c:17:d0:d3:ef:fb:1b:f1:67:93:1c:
3f:71:cb:80:3b:c3:b3:0f:92:47:8b:35:11:7e:bc:
fb:b5:83:d6:9d:9f:6e:d2:99:12:d1:bc:b2:72:29:
d7:34:96:18:76:ad:77:ea:9f:6a:bf:e4:d3:66:30:
c5:ce:f7:35:33:cf:f9:a2:a3:b7:d0:f2:94:f7:5d:
5e:3d:9e:f5:80:c3:e0:3a:b6:6a:4c:ab:0c:a0:b9:
3b:47:75:6d:62:62:2e:e8:9e:8d:f9:1a:3d:95:2f:
fb:e1:9b:b6:df:0a:36:f8:ea:cd:f2:75:e8:6c:50:
83:a5:62:ab:59:5f:7a:20:83:ed:45:74:87:27:77:
ab:ed:e7:09:39:1a:73:05:d2:e9:fd:9d:09:65:92:
9d:ff:e4:d0:86:a1:05:1b:5c:af:b7:ea:77:30:7d:
d1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:34:50:FF:7F:11:11:CA:62:2D:9A:56:C1:C2:CE:B8:07:C3:F8:FF
X509v3 Authority Key Identifier:
keyid:A2:ED:0B:A8:B4:6E:F2:51:E5:A0:58:A6:4A:21:B3:07:D3:65:0D:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ou0LqLRu8lHloFimSiGzB9NlDdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ojRQ_38REcpiLZpWwcLOuAfD-P8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/5be8f7-1ad0-44bf-8b3e-791c5a85390d/1/ou0LqLRu8lHloFimSiGzB9NlDdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.171.0.0/16
62.77.160.0/19
82.141.192.0/18
83.70.0.0/15
83.174.160.0/19
86.40.0.0/13
95.44.0.0/15
159.134.0.0/16
185.57.112.0/22
194.106.128.0/19
194.125.128.0-194.125.223.255
195.7.32.0/19
213.94.128.0/17
213.190.128.0/19
217.183.0.0/16
IPv6:
2001:bb0::/29
Signature Algorithm: sha256WithRSAEncryption
09:cd:f4:b5:fc:23:5c:75:4c:f3:89:8a:99:c7:e9:b3:26:f4:
03:70:e0:9f:d0:2c:fc:8b:c9:1c:9d:81:bf:f5:ea:11:b7:59:
81:eb:86:8b:2c:fe:be:37:c3:98:66:1e:6b:ce:c1:13:05:2f:
29:79:56:b2:52:e7:a7:44:71:f6:be:3d:6a:36:97:dc:1a:ef:
f6:ac:3e:31:4c:48:36:d4:dc:23:db:74:df:58:89:54:74:71:
56:3e:f4:7d:f0:04:f0:f0:10:7e:45:5d:8a:c9:71:04:7b:4b:
00:3d:1a:58:22:c8:59:86:1e:fe:e3:b5:69:73:d7:bb:a8:1e:
93:5f:4e:ec:68:1b:5f:dd:10:39:23:50:ca:79:9f:34:5b:6f:
ed:f3:54:d7:bd:ed:38:e8:0f:5f:69:2b:53:b1:b1:a0:05:35:
23:16:1c:c7:37:5a:6f:8d:30:d0:1e:2f:6e:e5:f7:e2:e3:28:
d7:71:cd:c5:4e:f3:3c:80:03:5b:50:7f:31:a2:90:d5:2a:61:
09:9b:1e:22:24:49:d9:c8:bb:ab:c7:c5:7b:46:26:25:78:5b:
b1:e7:d2:16:7a:9c:8a:81:22:83:5a:bd:5b:30:97:c1:c9:9b:
6f:21:a2:66:be:5a:6b:9f:c8:e7:f6:30:33:b4:77:3d:66:87:
47:25:e6:f2
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAYzEJTb+8/HKWFLb5PkBMbR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZWQwYmE4YjQ2ZWYyNTFlNWEwNThhNjRhMjFiMzA3ZDM2
NTBkZGMwHhcNMjQwMTAxMDgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjM0NTBmZjdmMTExMWNhNjIyZDlhNTZjMWMyY2ViODA3YzNmOGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhbZEtQUxwLMnA+sqBIwfI2Oqoxxd
Yb4p7LUcyjGBeFYB5/q+ooRx7tmygQbnhxeoQBaXG4pqvSwPuswXQ8B4nb1A8VCd
11T2QcOMGP/wB3k+X63ThfovXlo+/OgwnBfQ0+/7G/Fnkxw/ccuAO8OzD5JHizUR
frz7tYPWnZ9u0pkS0byycinXNJYYdq136p9qv+TTZjDFzvc1M8/5oqO30PKU911e
PZ71gMPgOrZqTKsMoLk7R3VtYmIu6J6N+Ro9lS/74Zu23wo2+OrN8nXobFCDpWKr
WV96IIPtRXSHJ3er7ecJORpzBdLp/Z0JZZKd/+TQhqEFG1yvt+p3MH3RRwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFKI0UP9/ERHKYi2aVsHCzrgHw/j/MB8GA1UdIwQY
MBaAFKLtC6i0bvJR5aBYpkohswfTZQ3cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3UwTHFMUnU4bEhsb0ZpbVNpR3pCOU5sRGR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC81YmU4ZjctMWFkMC00NGJmLThiM2Ut
NzkxYzVhODUzOTBkLzEvb2pSUV8zOFJFY3BpTFpwV3djTE91QWZELVA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC81YmU4ZjctMWFkMC00NGJmLThiM2UtNzkxYzVhODUzOTBk
LzEvb3UwTHFMUnU4bEhsb0ZpbVNpR3pCOU5sRGR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwYgQCAAEwXAMDADOrAwQF
Pk2gAwQGUo3AAwMBU0YDBAVTrqADAwNWKAMDAV8sAwMAn4YDBAK5OXADBAXCaoAw
DAMEB8J9gAMEBcJ9wAMEBcMHIAMEB9VegAMEBdW+gAMDANm3MA0EAgACMAcDBQMg
AQuwMA0GCSqGSIb3DQEBCwUAA4IBAQAJzfS1/CNcdUzziYqZx+mzJvQDcOCf0Cz8
i8kcnYG/9eoRt1mB64aLLP6+N8OYZh5rzsETBS8peVayUuenRHH2vj1qNpfcGu/2
rD4xTEg21Nwj23TfWIlUdHFWPvR98ATw8BB+RV2KyXEEe0sAPRpYIshZhh7+47Vp
c9e7qB6TX07saBtf3RA5I1DKeZ80W2/t81TXve046A9faStTsbGgBTUjFhzHN1pv
jTDQHi9u5ffi4yjXcc3FTvM8gANbUH8xopDVKmEJmx4iJEnZyLurx8V7RiYleFux
59IWepyKgSKDWr1bMJfByZtvIaJmvlprn8jn9jAztHc9ZodHJeby
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:46:20 2024 by rpki-client on console-ams.rpki-client.org