Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/a01fd3-a867-42c6-9a0e-df651b966b2b/1/oXCEEkPhKlmR88VIpyyok4M55eg.roa
File: oXCEEkPhKlmR88VIpyyok4M55eg.roa (raw, json)
Hash identifier: okiWSZt3K2ciUrgPS7FYS783ahbsoW2xVeb865ghwpc=
Subject key identifier: A1:70:84:12:43:E1:2A:59:91:F3:C5:48:A7:2C:A8:93:83:39:E5:E8
Certificate issuer: /CN=2a36d678c4bbcac24ae6bea9a24c995c48d593f0
Certificate serial: 018CC726D606F4953B252AD3581E62FCA48D
Authority key identifier: 2A:36:D6:78:C4:BB:CA:C2:4A:E6:BE:A9:A2:4C:99:5C:48:D5:93:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KjbWeMS7ysJK5r6pokyZXEjVk_A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/a01fd3-a867-42c6-9a0e-df651b966b2b/1/oXCEEkPhKlmR88VIpyyok4M55eg.roa
Signing time: Mon 01 Jan 2024 22:31:00 +0000
ROA not before: Mon 01 Jan 2024 22:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204028
IP address blocks: 185.118.199.0/24 maxlen: 24
185.118.196.0/24 maxlen: 24
185.118.196.0/22 maxlen: 24
213.170.142.0/24 maxlen: 24
185.118.197.0/24 maxlen: 24
185.118.198.0/24 maxlen: 24
2a06:9500::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/a01fd3-a867-42c6-9a0e-df651b966b2b/1/KjbWeMS7ysJK5r6pokyZXEjVk_A.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/a01fd3-a867-42c6-9a0e-df651b966b2b/1/KjbWeMS7ysJK5r6pokyZXEjVk_A.mft
rsync://rpki.ripe.net/repository/DEFAULT/KjbWeMS7ysJK5r6pokyZXEjVk_A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:d6:06:f4:95:3b:25:2a:d3:58:1e:62:fc:a4:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a36d678c4bbcac24ae6bea9a24c995c48d593f0
Validity
Not Before: Jan 1 22:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a170841243e12a5991f3c548a72ca8938339e5e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:05:a9:57:8f:97:68:9d:ae:18:bd:c8:9b:d7:
ad:15:92:71:34:82:bf:6b:5c:74:62:70:97:4a:f3:
7e:ae:ca:12:59:fa:09:8d:66:25:4d:0d:38:43:14:
90:d7:8d:f1:f6:78:7a:d9:63:a9:f4:f5:93:67:f2:
5a:6b:ef:96:4a:46:e4:08:4f:d9:e5:64:04:78:b3:
e9:12:ed:c4:5a:e4:20:6b:26:81:61:8d:f6:fd:02:
41:d5:12:e5:6a:7a:71:e2:e4:91:03:f9:6c:3a:dc:
0c:76:e4:7c:08:80:f7:b0:34:16:a4:99:b9:15:42:
5b:1f:65:9e:9c:1b:1c:15:e4:c3:d7:4d:e7:e5:dc:
1a:58:ab:61:28:d2:48:74:f9:4f:89:cf:bc:30:3b:
fc:02:d5:e1:73:72:66:fb:c9:11:f6:10:12:4c:d2:
4a:74:85:dd:de:6a:17:0d:01:e4:a1:cf:d2:55:a1:
45:1e:33:16:75:44:40:1e:c4:01:d3:58:60:54:13:
4a:9b:3b:b1:0c:b2:6f:16:4d:cf:ac:8e:51:b4:21:
e4:80:9f:28:db:93:d4:17:52:e4:99:e3:1a:5a:5d:
c3:a6:97:08:45:ef:64:8a:2c:95:4f:e1:cf:79:5b:
af:f0:3c:2c:77:c1:24:6f:60:cb:be:49:2c:4c:ba:
c5:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:70:84:12:43:E1:2A:59:91:F3:C5:48:A7:2C:A8:93:83:39:E5:E8
X509v3 Authority Key Identifier:
keyid:2A:36:D6:78:C4:BB:CA:C2:4A:E6:BE:A9:A2:4C:99:5C:48:D5:93:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KjbWeMS7ysJK5r6pokyZXEjVk_A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/a01fd3-a867-42c6-9a0e-df651b966b2b/1/oXCEEkPhKlmR88VIpyyok4M55eg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/a01fd3-a867-42c6-9a0e-df651b966b2b/1/KjbWeMS7ysJK5r6pokyZXEjVk_A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.118.196.0/22
213.170.142.0/24
IPv6:
2a06:9500::/29
Signature Algorithm: sha256WithRSAEncryption
af:b8:83:a4:0d:04:30:bf:1c:bd:48:93:81:37:af:89:07:cf:
bc:d6:8e:09:b3:bc:2a:82:cd:57:d1:dd:73:b3:f2:01:69:0b:
cc:4f:b5:30:30:91:6d:e6:50:d0:3f:26:c9:5d:9f:a0:30:5e:
4f:49:62:0b:7b:78:f2:fa:5b:b2:99:ef:7a:be:84:a3:e4:d1:
d4:ce:70:56:96:70:d1:89:a3:15:92:50:4b:c0:18:27:48:ee:
85:fe:92:fb:b9:88:dd:2a:68:f1:aa:73:cf:7a:83:6e:ef:cc:
79:11:13:69:d8:1d:16:ae:87:31:bd:11:ef:5e:6a:f7:fb:d3:
f5:1c:be:f6:66:39:be:95:c8:0f:26:71:bc:9e:b7:7b:34:13:
2f:72:42:44:41:89:02:45:26:dc:fd:ef:9f:a9:fa:a4:9d:57:
98:3f:18:21:e2:2b:ff:8d:a4:82:0a:94:fc:52:f3:0a:24:11:
03:28:4e:a2:b3:53:62:11:41:31:29:4e:13:4c:1f:10:b8:ab:
bd:e1:a1:e8:e5:c4:76:7f:ac:29:7e:fa:f1:10:fb:5b:d2:7a:
79:1b:10:06:98:32:02:a0:e4:b9:b5:70:35:53:dd:b3:dc:5c:
96:4d:94:90:f1:da:78:d3:10:99:fd:58:c3:3d:56:4a:b7:e7:
5e:24:5d:3d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJtYG9JU7JSrTWB5i/KSNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhMzZkNjc4YzRiYmNhYzI0YWU2YmVhOWEyNGM5OTVjNDhk
NTkzZjAwHhcNMjQwMTAxMjIzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTcwODQxMjQzZTEyYTU5OTFmM2M1NDhhNzJjYTg5MzgzMzllNWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjQWpV4+XaJ2uGL3Im9etFZJxNIK/
a1x0YnCXSvN+rsoSWfoJjWYlTQ04QxSQ143x9nh62WOp9PWTZ/Jaa++WSkbkCE/Z
5WQEeLPpEu3EWuQgayaBYY32/QJB1RLlanpx4uSRA/lsOtwMduR8CID3sDQWpJm5
FUJbH2WenBscFeTD103n5dwaWKthKNJIdPlPic+8MDv8AtXhc3Jm+8kR9hASTNJK
dIXd3moXDQHkoc/SVaFFHjMWdURAHsQB01hgVBNKmzuxDLJvFk3PrI5RtCHkgJ8o
25PUF1LkmeMaWl3DppcIRe9kiiyVT+HPeVuv8Dwsd8Ekb2DLvkksTLrFEwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKFwhBJD4SpZkfPFSKcsqJODOeXoMB8GA1UdIwQY
MBaAFCo21njEu8rCSua+qaJMmVxI1ZPwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2piV2VNUzd5c0pLNXI2cG9reVpYRWpWa19BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9hMDFmZDMtYTg2Ny00MmM2LTlhMGUt
ZGY2NTFiOTY2YjJiLzEvb1hDRUVrUGhLbG1SODhWSXB5eW9rNE01NWVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9hMDFmZDMtYTg2Ny00MmM2LTlhMGUtZGY2NTFiOTY2YjJi
LzEvS2piV2VNUzd5c0pLNXI2cG9reVpYRWpWa19BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuXbEAwQA
1aqOMA0EAgACMAcDBQMqBpUAMA0GCSqGSIb3DQEBCwUAA4IBAQCvuIOkDQQwvxy9
SJOBN6+JB8+81o4Js7wqgs1X0d1zs/IBaQvMT7UwMJFt5lDQPybJXZ+gMF5PSWIL
e3jy+luyme96voSj5NHUznBWlnDRiaMVklBLwBgnSO6F/pL7uYjdKmjxqnPPeoNu
78x5ERNp2B0WrocxvRHvXmr3+9P1HL72Zjm+lcgPJnG8nrd7NBMvckJEQYkCRSbc
/e+fqfqknVeYPxgh4iv/jaSCCpT8UvMKJBEDKE6is1NiEUExKU4TTB8QuKu94aHo
5cR2f6wpfvrxEPtb0np5GxAGmDICoOS5tXA1U92z3FyWTZSQ8dp40xCZ/VjDPVZK
t+deJF09
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:54:37 2024 by rpki-client on console-ams.rpki-client.org