Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/OmyR1bUYd5x18CVOoCLctdVFX4k.roa
File: OmyR1bUYd5x18CVOoCLctdVFX4k.roa (raw, json)
Hash identifier: 8TO/HEs01VIA15P1yaRmpZwbWh0zAzX0Mnd3CDvELH8=
Subject key identifier: 3A:6C:91:D5:B5:18:77:9C:75:F0:25:4E:A0:22:DC:B5:D5:45:5F:89
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 0192C2A1AD83992E79DCD50598BE8AD448CC
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/OmyR1bUYd5x18CVOoCLctdVFX4k.roa
Signing time: Fri 25 Oct 2024 07:43:48 +0000
ROA not before: Fri 25 Oct 2024 07:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201453
IP address blocks: 185.160.228.0/24 maxlen: 24
185.160.229.0/24 maxlen: 24
185.160.231.0/24 maxlen: 24
185.230.144.0/24 maxlen: 24
185.232.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 13:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c2:a1:ad:83:99:2e:79:dc:d5:05:98:be:8a:d4:48:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Oct 25 07:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a6c91d5b518779c75f0254ea022dcb5d5455f89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:d8:96:9a:8e:b5:db:78:4e:27:c6:f3:01:0d:
8e:39:b5:28:82:84:89:b2:ca:11:9e:cf:5b:ce:df:
63:b9:5e:70:76:a3:d4:e0:7a:9c:d5:62:e2:4d:25:
cc:1a:a6:a4:fe:45:fc:3c:99:34:d8:0b:68:3a:fd:
e1:8a:54:d7:2f:b9:4f:77:0c:5b:a0:b9:14:39:d4:
5f:57:84:1a:5a:17:3e:18:7d:ee:1d:51:0a:4a:18:
48:42:fa:cc:87:e7:44:85:ed:c3:7a:74:5d:d4:d0:
0f:e9:6b:bf:2b:10:68:fe:05:42:dd:36:4f:9c:67:
ab:78:16:ba:18:41:15:9f:9d:fd:d8:f3:28:c0:06:
cc:01:f6:22:af:84:87:0f:ea:05:d5:fc:c2:10:bc:
cf:64:1d:bb:38:a9:26:bb:07:a7:c1:1e:b3:65:28:
b1:ff:46:d3:e7:ca:0a:fd:b8:cc:8f:da:42:2e:6d:
2f:da:f5:ee:13:3e:38:d1:62:ca:e8:9d:1a:16:68:
cd:b6:3f:55:59:11:8b:8f:3a:ff:bb:4b:81:93:84:
b4:1f:d0:56:cd:e9:ac:e6:ea:06:f1:c3:f8:bb:5c:
b6:2c:a9:99:e6:f8:bb:1b:94:9b:5c:f7:ca:83:d5:
03:6c:5d:ce:1d:72:ec:0b:be:27:2f:80:f8:a8:9c:
4e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6C:91:D5:B5:18:77:9C:75:F0:25:4E:A0:22:DC:B5:D5:45:5F:89
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/OmyR1bUYd5x18CVOoCLctdVFX4k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.160.228.0/23
185.160.231.0/24
185.230.144.0/24
185.232.135.0/24
Signature Algorithm: sha256WithRSAEncryption
16:90:9b:06:58:47:1d:97:c8:b5:81:54:24:fb:2d:5e:ca:d0:
3f:d5:27:84:70:d4:ed:cb:f7:24:d4:eb:0d:4a:6f:21:ef:9d:
89:71:1d:b0:2e:e3:64:39:d8:df:63:87:e6:41:66:fc:74:6a:
0c:2d:9e:68:96:ee:dd:32:25:0a:fa:eb:a2:4f:25:74:da:82:
05:38:00:56:0c:e3:dd:23:fc:e1:1a:15:3b:29:d6:20:1c:a3:
be:ee:47:7c:fc:21:e7:04:68:e1:49:c3:d0:3e:7e:78:ba:87:
09:50:68:c3:38:0c:74:e0:f8:24:88:80:a4:65:d1:33:03:fe:
64:22:1d:6b:f2:f3:80:44:2b:26:e3:82:fd:b9:8c:78:e9:f1:
86:20:18:4d:f0:bb:3e:af:86:44:64:2d:26:8a:0b:eb:0b:ba:
fd:0d:cc:df:6e:98:ce:f7:e8:97:ee:1c:41:67:7a:f4:cf:78:
63:9f:2b:36:0e:be:7c:52:4a:00:d0:32:f0:43:a7:a9:a9:9e:
d0:b9:65:c7:e2:58:6a:6a:c8:c0:2f:23:61:38:c7:4a:f7:93:
98:00:b0:b2:4b:a4:9f:5b:c9:95:7f:a8:dc:b5:ba:e2:c3:12:
9f:e1:8f:00:83:82:9d:3d:b0:54:82:ac:6a:9c:bf:5d:06:64:
e7:e9:d0:bf
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZLCoa2DmS553NUFmL6K1EjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjQxMDI1MDc0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZjOTFkNWI1MTg3NzljNzVmMDI1NGVhMDIyZGNiNWQ1NDU1Zjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNiWmo6123hOJ8bzAQ2OObUogoSJ
ssoRns9bzt9juV5wdqPU4Hqc1WLiTSXMGqak/kX8PJk02AtoOv3hilTXL7lPdwxb
oLkUOdRfV4QaWhc+GH3uHVEKShhIQvrMh+dEhe3DenRd1NAP6Wu/KxBo/gVC3TZP
nGereBa6GEEVn5392PMowAbMAfYir4SHD+oF1fzCELzPZB27OKkmuwenwR6zZSix
/0bT58oK/bjMj9pCLm0v2vXuEz440WLK6J0aFmjNtj9VWRGLjzr/u0uBk4S0H9BW
zems5uoG8cP4u1y2LKmZ5vi7G5SbXPfKg9UDbF3OHXLsC74nL4D4qJxO0QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDpskdW1GHecdfAlTqAi3LXVRV+JMB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvT215UjFiVVlkNXgxOENWT29DTGN0ZFZGWDRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBuaDkAwQA
uaDnAwQAueaQAwQAueiHMA0GCSqGSIb3DQEBCwUAA4IBAQAWkJsGWEcdl8i1gVQk
+y1eytA/1SeEcNTty/ck1OsNSm8h752JcR2wLuNkOdjfY4fmQWb8dGoMLZ5olu7d
MiUK+uuiTyV02oIFOABWDOPdI/zhGhU7KdYgHKO+7kd8/CHnBGjhScPQPn54uocJ
UGjDOAx04PgkiICkZdEzA/5kIh1r8vOARCsm44L9uYx46fGGIBhN8Ls+r4ZEZC0m
igvrC7r9DczfbpjO9+iX7hxBZ3r0z3hjnys2Dr58UkoA0DLwQ6epqZ7QuWXH4lhq
asjALyNhOMdK95OYALCyS6SfW8mVf6jctbriwxKf4Y8Ag4KdPbBUgqxqnL9dBmTn
6dC/
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:15:34 2024 by rpki-client on console-fra.rpki-client.org