Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/oCX2I8DK9iprDPDB2ySN-0pfhxs.roa
File: oCX2I8DK9iprDPDB2ySN-0pfhxs.roa (raw, json)
Hash identifier: YwqQXmWxHAEkUq2k0oeta+pssG6f92R7DD9Ifnrrovw=
Subject key identifier: A0:25:F6:23:C0:CA:F6:2A:6B:0C:F0:C1:DB:24:8D:FB:4A:5F:87:1B
Certificate issuer: /CN=109b05a35d4109a1e4a834ccadacdd2c6f56b05a
Certificate serial: 018CC6B85B6B5F4378A42512713F3AEAD041
Authority key identifier: 10:9B:05:A3:5D:41:09:A1:E4:A8:34:CC:AD:AC:DD:2C:6F:56:B0:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EJsFo11BCaHkqDTMrazdLG9WsFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/oCX2I8DK9iprDPDB2ySN-0pfhxs.roa
Signing time: Mon 01 Jan 2024 20:30:19 +0000
ROA not before: Mon 01 Jan 2024 20:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197667
IP address blocks: 185.139.43.0/24 maxlen: 24
185.139.40.0/22 maxlen: 22
185.139.41.0/24 maxlen: 24
185.139.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/EJsFo11BCaHkqDTMrazdLG9WsFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/EJsFo11BCaHkqDTMrazdLG9WsFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/EJsFo11BCaHkqDTMrazdLG9WsFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:5b:6b:5f:43:78:a4:25:12:71:3f:3a:ea:d0:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=109b05a35d4109a1e4a834ccadacdd2c6f56b05a
Validity
Not Before: Jan 1 20:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a025f623c0caf62a6b0cf0c1db248dfb4a5f871b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:53:a2:c6:3a:6d:47:51:98:6b:7e:05:68:c0:
3c:41:f6:34:d1:66:ba:49:cd:5d:5f:ef:75:9c:07:
03:38:57:94:f9:86:5b:52:8d:95:12:c8:70:fa:e1:
1f:d4:ea:67:1e:84:32:8d:17:7d:27:96:39:c4:a0:
db:62:12:cc:f4:68:56:58:15:c6:bc:2c:36:a8:3b:
d9:2e:58:c1:78:c4:d4:8f:27:32:12:15:93:77:51:
b2:e6:00:b7:de:82:38:14:28:f2:6e:e7:aa:a9:00:
9d:f6:bd:f5:9c:24:1f:3c:fa:e1:42:e5:32:06:ac:
c9:7e:5c:26:27:31:96:55:7b:33:36:03:13:ec:28:
7a:9d:a2:00:66:88:60:23:dc:5c:82:a3:ea:37:3f:
a0:f2:19:f5:82:78:da:fe:9d:08:2d:46:a6:fa:f2:
d6:a4:a6:bd:e5:a8:ad:8f:86:1b:8d:0d:62:da:03:
8f:80:99:44:b4:3e:54:50:de:63:12:43:b5:50:8f:
3c:f0:39:b8:10:08:52:74:3b:dd:1f:1c:1b:21:fc:
b3:12:fd:2b:5e:7e:ca:6f:9b:89:cc:45:90:05:d8:
87:7b:39:7d:81:0d:86:43:ae:36:e7:cd:9a:96:89:
4f:f9:9f:60:eb:12:20:2d:76:e1:44:46:c0:b4:5c:
43:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:25:F6:23:C0:CA:F6:2A:6B:0C:F0:C1:DB:24:8D:FB:4A:5F:87:1B
X509v3 Authority Key Identifier:
keyid:10:9B:05:A3:5D:41:09:A1:E4:A8:34:CC:AD:AC:DD:2C:6F:56:B0:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EJsFo11BCaHkqDTMrazdLG9WsFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/oCX2I8DK9iprDPDB2ySN-0pfhxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/caac0e-5268-423a-afb0-449152f1d3b7/1/EJsFo11BCaHkqDTMrazdLG9WsFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.40.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:10:d6:38:5d:59:6c:0b:ea:2e:67:40:37:60:98:40:98:00:
ef:47:89:6f:7d:96:36:f3:17:21:92:63:2c:76:55:0f:cc:7f:
7d:b5:29:86:46:9a:bb:51:1e:ab:e5:a4:b4:e1:9e:6f:f7:29:
2d:69:bb:a1:a5:30:b8:d9:c8:6d:89:c7:93:23:81:40:e5:77:
84:5b:a3:41:ea:3e:a6:06:43:b9:c9:8f:1a:a0:fb:93:36:cd:
61:d4:63:ad:a8:30:4d:d3:cc:2b:08:28:f0:2f:b1:f2:11:dc:
19:36:3e:78:4d:a7:08:20:18:13:90:35:c1:a8:34:bb:29:6e:
f9:42:ac:ca:ad:42:25:e3:01:af:35:22:5e:88:77:39:e4:32:
c1:4e:3d:f9:48:8c:17:0e:f5:d5:3c:38:b3:74:70:55:09:20:
c8:80:7b:34:64:51:7c:87:4c:45:aa:b7:36:df:aa:c0:64:05:
6f:5e:1d:2d:35:c2:56:ee:e6:e7:1e:d4:ce:e0:16:df:1f:e6:
e5:71:80:74:0e:ac:1f:c7:fe:dd:a6:2f:bb:6a:78:d4:2a:76:
4f:ab:d6:4d:3e:0e:36:17:40:97:1b:2d:ec:a5:be:dd:2c:8e:
53:a2:6a:e4:54:50:f1:b8:89:57:9f:03:4e:7a:88:f1:54:4c:
fa:f0:fc:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuFtrX0N4pCUScT866tBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwOWIwNWEzNWQ0MTA5YTFlNGE4MzRjY2FkYWNkZDJjNmY1
NmIwNWEwHhcNMjQwMTAxMjAzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDI1ZjYyM2MwY2FmNjJhNmIwY2YwYzFkYjI0OGRmYjRhNWY4NzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFOixjptR1GYa34FaMA8QfY00Wa6
Sc1dX+91nAcDOFeU+YZbUo2VEshw+uEf1OpnHoQyjRd9J5Y5xKDbYhLM9GhWWBXG
vCw2qDvZLljBeMTUjycyEhWTd1Gy5gC33oI4FCjybueqqQCd9r31nCQfPPrhQuUy
BqzJflwmJzGWVXszNgMT7Ch6naIAZohgI9xcgqPqNz+g8hn1gnja/p0ILUam+vLW
pKa95aitj4YbjQ1i2gOPgJlEtD5UUN5jEkO1UI888Dm4EAhSdDvdHxwbIfyzEv0r
Xn7Kb5uJzEWQBdiHezl9gQ2GQ642582alolP+Z9g6xIgLXbhREbAtFxDBwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKAl9iPAyvYqawzwwdskjftKX4cbMB8GA1UdIwQY
MBaAFBCbBaNdQQmh5Kg0zK2s3SxvVrBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUpzRm8xMUJDYUhrcURUTXJhemRMRzlXc0ZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9jYWFjMGUtNTI2OC00MjNhLWFmYjAt
NDQ5MTUyZjFkM2I3LzEvb0NYMkk4REs5aXByRFBEQjJ5U04tMHBmaHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9jYWFjMGUtNTI2OC00MjNhLWFmYjAtNDQ5MTUyZjFkM2I3
LzEvRUpzRm8xMUJDYUhrcURUTXJhemRMRzlXc0ZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuYsoMA0G
CSqGSIb3DQEBCwUAA4IBAQA6ENY4XVlsC+ouZ0A3YJhAmADvR4lvfZY28xchkmMs
dlUPzH99tSmGRpq7UR6r5aS04Z5v9yktabuhpTC42chticeTI4FA5XeEW6NB6j6m
BkO5yY8aoPuTNs1h1GOtqDBN08wrCCjwL7HyEdwZNj54TacIIBgTkDXBqDS7KW75
QqzKrUIl4wGvNSJeiHc55DLBTj35SIwXDvXVPDizdHBVCSDIgHs0ZFF8h0xFqrc2
36rAZAVvXh0tNcJW7ubnHtTO4BbfH+blcYB0Dqwfx/7dpi+7anjUKnZPq9ZNPg42
F0CXGy3spb7dLI5TomrkVFDxuIlXnwNOeojxVEz68Pzt
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:44:55 2024 by rpki-client on console-ams.rpki-client.org