Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/OajaLW5uUMsTBNX-p7-gXMLFu7E.roa
File: OajaLW5uUMsTBNX-p7-gXMLFu7E.roa (raw, json)
Hash identifier: t1CF4PsDspiiP0DQz6TnawuOdgUdp8I8+kc+vpvtt/U=
Subject key identifier: 39:A8:DA:2D:6E:6E:50:CB:13:04:D5:FE:A7:BF:A0:5C:C2:C5:BB:B1
Certificate issuer: /CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Certificate serial: 0192DC0AEFBDDBE42880024B1F4D07DE07C9
Authority key identifier: D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/OajaLW5uUMsTBNX-p7-gXMLFu7E.roa
Signing time: Wed 30 Oct 2024 06:09:17 +0000
ROA not before: Wed 30 Oct 2024 06:09:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43260
IP address blocks: 185.85.72.0/24 maxlen: 24
185.85.73.0/24 maxlen: 24
185.85.74.0/24 maxlen: 24
185.85.75.0/24 maxlen: 24
185.160.29.0/24 maxlen: 24
185.160.30.0/24 maxlen: 24
185.160.31.0/24 maxlen: 24
2a05:abc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:0a:ef:bd:db:e4:28:80:02:4b:1f:4d:07:de:07:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Validity
Not Before: Oct 30 06:09:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39a8da2d6e6e50cb1304d5fea7bfa05cc2c5bbb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:a0:0e:d7:4e:88:52:6f:aa:2f:4f:6d:87:42:
b7:3f:75:c5:de:bc:c0:cf:8f:4d:c3:b6:05:db:bb:
11:ea:6c:e7:85:a7:ca:bd:af:80:93:3d:40:c7:19:
52:58:e1:71:ee:8b:d4:ef:a6:c1:7d:9a:7d:7e:b9:
98:c6:c0:c2:5e:09:13:72:5a:24:6b:43:c8:58:5b:
a2:45:f9:66:8d:36:4d:ae:a7:9b:04:9a:86:3a:8f:
3d:d1:10:c3:ca:c1:3d:0e:b0:41:61:dc:b6:a9:47:
f6:96:c6:58:f5:14:00:87:5e:37:2f:e8:a8:f2:01:
87:6b:59:87:a2:1f:9b:86:f4:fb:6e:ca:ad:b9:c6:
42:43:27:0e:bd:d8:22:b5:71:61:5f:8b:d9:72:82:
06:9a:95:da:61:72:ed:03:82:d5:69:a1:81:86:d4:
24:b5:ec:c3:2f:06:8f:97:5d:88:1a:82:0b:bf:53:
16:f5:68:bc:4f:04:fe:3c:7d:c8:a7:2f:8e:85:75:
31:d9:e2:3f:1b:9b:05:56:8a:85:f3:49:8e:2a:ec:
22:83:da:ed:3f:e2:0d:2c:5a:f1:cd:24:f6:cc:4d:
75:d0:fc:c9:62:b9:88:c8:c5:8e:86:63:65:c1:19:
e7:ac:13:26:cc:d5:dd:71:dd:02:f8:3d:9b:96:54:
e1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:A8:DA:2D:6E:6E:50:CB:13:04:D5:FE:A7:BF:A0:5C:C2:C5:BB:B1
X509v3 Authority Key Identifier:
keyid:D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/OajaLW5uUMsTBNX-p7-gXMLFu7E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.72.0/22
185.160.29.0-185.160.31.255
IPv6:
2a05:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
68:9f:e6:ed:36:4b:48:52:04:37:1a:15:61:8c:a3:f6:66:19:
05:c0:4c:80:f9:d6:61:c1:b6:9f:a8:bc:e7:d9:30:1b:62:be:
53:6a:45:b3:48:a0:68:1b:6f:bd:7e:1b:6e:e6:8a:46:03:38:
ed:bf:d6:06:0a:47:ba:db:c0:be:eb:b1:cd:92:c1:eb:af:b0:
c5:5c:5f:63:8d:f8:a2:b5:9f:c3:cf:f3:01:87:58:7f:3b:9b:
86:bd:8b:8c:6e:07:6b:5f:71:7d:f6:8d:51:7f:13:7b:fe:c7:
6e:41:f8:9f:f1:f2:e2:f0:f2:cd:d9:2a:eb:d4:68:9f:06:d8:
10:9c:d6:29:20:62:8b:ea:5f:97:1d:ca:da:7d:31:2d:83:ee:
40:eb:47:dd:26:da:a4:26:29:d6:06:44:96:d0:69:9b:27:db:
e9:94:7b:bf:13:37:d5:fc:ca:5c:ea:f6:26:0f:ca:30:03:7c:
0a:25:af:64:22:f6:2e:a4:71:36:18:41:a2:7d:0d:1a:15:05:
cd:41:0d:c8:a1:5d:3b:98:19:13:7f:0e:ef:9c:af:d9:4b:b4:
f1:b0:d5:8e:47:12:20:b2:d3:5a:01:bb:1d:cc:2b:23:e7:eb:
2c:bc:6c:39:74:1d:4b:0d:b0:e7:da:26:71:ae:a0:dc:99:bb:
a3:3e:b6:70
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZLcCu+92+QogAJLH00H3gfJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTAxM2VjOGE1YzU2ZGYyNDFhOWIyNTYzZDExMWY4ZTU0
M2JmOTEwHhcNMjQxMDMwMDYwOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWE4ZGEyZDZlNmU1MGNiMTMwNGQ1ZmVhN2JmYTA1Y2MyYzViYmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KAO106IUm+qL09th0K3P3XF3rzA
z49Nw7YF27sR6mznhafKva+Akz1AxxlSWOFx7ovU76bBfZp9frmYxsDCXgkTclok
a0PIWFuiRflmjTZNrqebBJqGOo890RDDysE9DrBBYdy2qUf2lsZY9RQAh143L+io
8gGHa1mHoh+bhvT7bsqtucZCQycOvdgitXFhX4vZcoIGmpXaYXLtA4LVaaGBhtQk
tezDLwaPl12IGoILv1MW9Wi8TwT+PH3Ipy+OhXUx2eI/G5sFVoqF80mOKuwig9rt
P+INLFrxzST2zE110PzJYrmIyMWOhmNlwRnnrBMmzNXdcd0C+D2bllThwwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDmo2i1ublDLEwTV/qe/oFzCxbuxMB8GA1UdIwQY
MBaAFNHgE+yKXFbfJBqbJWPREfjlQ7+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQt
NDQwNTI4YzFlNDllLzEvT2FqYUxXNXVVTXNUQk5YLXA3LWdYTUxGdTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQtNDQwNTI4YzFlNDll
LzEvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQCuVVIMAwD
BAC5oB0DBAW5oAAwDQQCAAIwBwMFAyoFq8AwDQYJKoZIhvcNAQELBQADggEBAGif
5u02S0hSBDcaFWGMo/ZmGQXATID51mHBtp+ovOfZMBtivlNqRbNIoGgbb71+G27m
ikYDOO2/1gYKR7rbwL7rsc2SweuvsMVcX2ON+KK1n8PP8wGHWH87m4a9i4xuB2tf
cX32jVF/E3v+x25B+J/x8uLw8s3ZKuvUaJ8G2BCc1ikgYovqX5cdytp9MS2D7kDr
R90m2qQmKdYGRJbQaZsn2+mUe78TN9X8ylzq9iYPyjADfAolr2Qi9i6kcTYYQaJ9
DRoVBc1BDcihXTuYGRN/Du+cr9lLtPGw1Y5HEiCy01oBux3MKyPn6yy8bDl0HUsN
sOfaJnGuoNyZu6M+tnA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:35:21 2024 by rpki-client on console-fra.rpki-client.org