Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/oFDRiCw38nEh76unqCzPWnrE9bA.roa
File: oFDRiCw38nEh76unqCzPWnrE9bA.roa (raw, json)
Hash identifier: 6IIQCPF1HY5MJ6sp5kCP4immAIpvSmtQPTj9lTqCM84=
Subject key identifier: A0:50:D1:88:2C:37:F2:71:21:EF:AB:A7:A8:2C:CF:5A:7A:C4:F5:B0
Certificate issuer: /CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Certificate serial: 018CC56E23361B925C04D3AD8040A3E15E49
Authority key identifier: 47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/oFDRiCw38nEh76unqCzPWnrE9bA.roa
Signing time: Mon 01 Jan 2024 14:29:38 +0000
ROA not before: Mon 01 Jan 2024 14:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42044
IP address blocks: 185.24.65.0/24 maxlen: 24
185.24.66.0/24 maxlen: 24
193.105.170.0/24 maxlen: 24
212.18.250.0/24 maxlen: 24
2a04:2b00:212::/48 maxlen: 48
2a04:2b00:200::/48 maxlen: 48
2a04:2b00:100::/48 maxlen: 48
2a04:2b02::/32 maxlen: 32
2001:67c:2630::/48 maxlen: 48
2a04:2b01::/32 maxlen: 32
2a04:2b00:6374::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.mft
rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:23:36:1b:92:5c:04:d3:ad:80:40:a3:e1:5e:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4776afb74fad5baf0a6180b49510d8b8497df8d3
Validity
Not Before: Jan 1 14:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a050d1882c37f27121efaba7a82ccf5a7ac4f5b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9b:35:77:da:a0:47:4b:40:41:f6:db:05:97:
72:6e:63:71:14:fa:7e:3f:ef:78:9e:44:ab:16:c7:
98:fd:b8:a1:ac:cf:7e:b9:c8:9b:44:cd:30:f4:16:
8a:52:b5:2d:fb:c4:f3:4e:95:8c:92:fc:9c:72:e6:
bf:85:9e:80:ee:ce:50:e0:5b:69:8f:24:05:6a:4f:
34:ed:d4:79:5b:d1:3a:35:fa:fa:90:45:39:49:5e:
b9:3b:82:2f:c4:9c:c9:1f:aa:a6:e3:61:f8:cd:70:
79:17:ed:fb:f6:f4:22:3b:20:5e:8f:e1:c8:c9:b6:
82:c6:a0:b7:1d:29:85:42:da:c9:6b:12:23:b7:ea:
e0:45:26:c9:53:70:bd:67:cd:0c:5e:ad:ee:e2:cb:
2c:e2:bd:3f:53:01:e5:0f:da:05:72:2e:d6:f6:79:
78:c8:15:1a:77:37:a8:b9:19:33:8b:a3:11:f0:52:
23:6b:2b:25:25:50:69:12:49:63:0f:c7:10:f7:7a:
54:66:a4:32:ad:68:b1:83:22:df:07:31:36:2b:d5:
f3:83:31:31:ca:bf:af:b9:69:de:2f:38:82:d5:0d:
27:34:94:cc:80:b0:65:b7:df:07:48:98:c2:2a:74:
6a:90:0b:dd:ea:84:76:ac:be:4e:74:77:33:a3:8a:
57:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:50:D1:88:2C:37:F2:71:21:EF:AB:A7:A8:2C:CF:5A:7A:C4:F5:B0
X509v3 Authority Key Identifier:
keyid:47:76:AF:B7:4F:AD:5B:AF:0A:61:80:B4:95:10:D8:B8:49:7D:F8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R3avt0-tW68KYYC0lRDYuEl9-NM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/oFDRiCw38nEh76unqCzPWnrE9bA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/f71cc2-b71d-4668-8661-0538e95f3f12/1/R3avt0-tW68KYYC0lRDYuEl9-NM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.65.0-185.24.66.255
193.105.170.0/24
212.18.250.0/24
IPv6:
2001:67c:2630::/48
2a04:2b00:100::/48
2a04:2b00:200::/48
2a04:2b00:212::/48
2a04:2b00:6374::/48
2a04:2b01::-2a04:2b02:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
95:61:f3:ac:3b:a3:23:f2:ba:f6:0c:fc:9a:de:74:50:82:72:
5c:9a:8b:b4:08:af:6b:05:74:03:47:0c:55:2b:64:f8:fd:37:
59:b0:e1:7a:4f:a0:70:3d:cc:33:00:db:11:cf:e1:20:1f:b5:
15:1f:e5:c5:08:e9:da:73:80:85:13:57:51:84:36:43:19:1b:
f1:11:03:e6:7c:e8:63:60:54:1f:2d:34:3f:dc:df:47:c1:8a:
3d:63:fa:d7:06:5b:03:eb:2f:33:ef:35:6c:d5:d6:5d:29:ae:
fc:5d:12:2e:f1:7b:18:0c:80:97:e7:26:67:3b:7b:78:89:b6:
35:2b:97:f0:1c:37:83:82:e9:29:ac:2d:a6:f6:fb:d8:d2:4c:
7b:64:79:cf:d0:43:52:86:06:ad:5a:c1:89:0e:c8:21:49:94:
8c:a2:a5:29:f7:f9:2e:dc:12:be:7b:de:69:8a:aa:0f:f4:25:
b9:43:cf:9a:69:2e:34:7a:2f:dd:4a:06:48:07:b0:5e:a2:2d:
ba:c2:ce:e9:43:36:36:8e:d7:b8:43:82:80:bd:e1:e4:f5:43:
ff:6d:97:b5:e3:b3:04:84:5f:0e:9b:80:24:f7:4a:58:0b:91:
75:12:45:05:65:a3:53:c7:ec:e1:bb:c7:12:e7:b4:0b:c3:c9:
be:67:9b:65
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAYzFbiM2G5JcBNOtgECj4V5JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NzZhZmI3NGZhZDViYWYwYTYxODBiNDk1MTBkOGI4NDk3
ZGY4ZDMwHhcNMjQwMTAxMTQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDUwZDE4ODJjMzdmMjcxMjFlZmFiYTdhODJjY2Y1YTdhYzRmNWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvps1d9qgR0tAQfbbBZdybmNxFPp+
P+94nkSrFseY/bihrM9+ucibRM0w9BaKUrUt+8TzTpWMkvyccua/hZ6A7s5Q4Ftp
jyQFak807dR5W9E6Nfr6kEU5SV65O4IvxJzJH6qm42H4zXB5F+379vQiOyBej+HI
ybaCxqC3HSmFQtrJaxIjt+rgRSbJU3C9Z80MXq3u4sss4r0/UwHlD9oFci7W9nl4
yBUadzeouRkzi6MR8FIjayslJVBpEkljD8cQ93pUZqQyrWixgyLfBzE2K9XzgzEx
yr+vuWneLziC1Q0nNJTMgLBlt98HSJjCKnRqkAvd6oR2rL5OdHczo4pXjwIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFKBQ0YgsN/JxIe+rp6gsz1p6xPWwMB8GA1UdIwQY
MBaAFEd2r7dPrVuvCmGAtJUQ2LhJffjTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEt
MDUzOGU5NWYzZjEyLzEvb0ZEUmlDdzM4bkVoNzZ1bnFDelBXbnJFOWJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9mNzFjYzItYjcxZC00NjY4LTg2NjEtMDUzOGU5NWYzZjEy
LzEvUjNhdnQwLXRXNjhLWVlDMGxSRFl1RWw5LU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzAgBAIAATAaMAwDBAC5GEED
BAC5GEIDBADBaaoDBADUEvowQwQCAAIwPQMHACABBnwmMAMHACoEKwABAAMHACoE
KwACAAMHACoEKwACEgMHACoEKwBjdDAOAwUAKgQrAQMFACoEKwIwDQYJKoZIhvcN
AQELBQADggEBAJVh86w7oyPyuvYM/JredFCCclyai7QIr2sFdANHDFUrZPj9N1mw
4XpPoHA9zDMA2xHP4SAftRUf5cUI6dpzgIUTV1GENkMZG/ERA+Z86GNgVB8tND/c
30fBij1j+tcGWwPrLzPvNWzV1l0prvxdEi7xexgMgJfnJmc7e3iJtjUrl/AcN4OC
6SmsLab2+9jSTHtkec/QQ1KGBq1awYkOyCFJlIyipSn3+S7cEr573mmKqg/0JblD
z5ppLjR6L91KBkgHsF6iLbrCzulDNjaO17hDgoC94eT1Q/9tl7XjswSEXw6bgCT3
SlgLkXUSRQVlo1PH7OG7xxLntAvDyb5nm2U=
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:59:40 2024 by rpki-client on console-ams.rpki-client.org