Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/t80-OTjveQq7E1uzjTwi8q4xuwY.roa
File: t80-OTjveQq7E1uzjTwi8q4xuwY.roa (raw, json)
Hash identifier: 0Q8AoFo0yij/NSGYNgAW2Xeq7suc/mBsKV0d/kcroAY=
Subject key identifier: B7:CD:3E:39:38:EF:79:0A:BB:13:5B:B3:8D:3C:22:F2:AE:31:BB:06
Certificate issuer: /CN=e19cbb88d2b1a896658506778662e75c732a67e7
Certificate serial: 0191B2457892FCD0CA9FD584E34FFFC00B70
Authority key identifier: E1:9C:BB:88:D2:B1:A8:96:65:85:06:77:86:62:E7:5C:73:2A:67:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/t80-OTjveQq7E1uzjTwi8q4xuwY.roa
Signing time: Mon 02 Sep 2024 10:26:22 +0000
ROA not before: Mon 02 Sep 2024 10:26:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59659
IP address blocks: 5.159.120.0/21 maxlen: 21
185.220.88.0/22 maxlen: 22
2a07:c9c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.mft
rsync://rpki.ripe.net/repository/DEFAULT/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b2:45:78:92:fc:d0:ca:9f:d5:84:e3:4f:ff:c0:0b:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e19cbb88d2b1a896658506778662e75c732a67e7
Validity
Not Before: Sep 2 10:26:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b7cd3e3938ef790abb135bb38d3c22f2ae31bb06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:ca:ab:18:82:33:a2:fe:32:ae:84:51:10:5e:
a1:ec:04:c6:ed:46:6d:e9:b0:0c:a9:34:f1:61:42:
47:e2:18:06:dc:55:b5:03:ec:ac:8a:c4:29:39:06:
48:ef:37:8b:05:ba:1b:08:20:46:5e:09:55:51:2b:
31:c3:69:09:4a:13:0e:5d:e8:a1:12:3d:0f:93:72:
db:08:54:c5:07:24:5f:c1:51:e7:3f:ff:40:9c:1e:
31:a3:0b:ee:e4:21:15:6a:c5:ac:84:e6:21:8a:6d:
ad:35:08:f6:8d:e3:69:8b:41:0d:2b:ef:42:86:fb:
d6:fe:b3:c2:9f:7e:87:7f:37:93:62:a4:0e:ac:58:
ab:47:9f:f8:c2:2e:7b:73:59:f8:a8:3c:67:07:b9:
99:7a:87:3f:12:49:4b:0a:ef:f2:ff:4b:bb:8e:42:
b1:6c:6f:f4:eb:4d:c5:5d:7e:ad:da:96:e9:13:c9:
00:0e:4e:6a:e6:98:76:02:82:39:70:b2:eb:e9:70:
00:06:f3:97:bd:db:a8:a9:d2:e1:2d:07:96:7f:72:
0d:fa:79:ad:fe:53:02:24:17:c9:3e:33:12:73:e8:
7a:49:21:37:9b:88:a9:e1:c6:05:66:21:3d:1a:f0:
57:f1:de:3d:57:12:55:62:53:0a:57:23:04:4b:de:
da:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:CD:3E:39:38:EF:79:0A:BB:13:5B:B3:8D:3C:22:F2:AE:31:BB:06
X509v3 Authority Key Identifier:
keyid:E1:9C:BB:88:D2:B1:A8:96:65:85:06:77:86:62:E7:5C:73:2A:67:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/t80-OTjveQq7E1uzjTwi8q4xuwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/ad1216-b71d-4557-a086-efea63d06f80/1/4Zy7iNKxqJZlhQZ3hmLnXHMqZ-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.159.120.0/21
185.220.88.0/22
IPv6:
2a07:c9c0::/29
Signature Algorithm: sha256WithRSAEncryption
9b:f4:53:c7:f0:30:22:91:35:77:f7:77:4f:d4:e9:75:9b:66:
08:43:b1:01:e2:f0:b7:de:5d:3d:96:b0:89:26:53:35:6d:a8:
ae:b2:8e:83:cc:36:89:3b:fe:a6:11:34:ef:5e:ce:98:78:72:
96:1d:09:be:eb:56:c9:aa:8f:ac:6b:d8:c6:a9:a4:9f:b2:c1:
60:27:a7:05:9c:9b:71:ad:a6:17:aa:d8:32:6d:1d:a7:8c:23:
95:37:c4:93:f8:32:f0:8c:4c:f5:85:c4:7a:a1:9c:50:39:7c:
dc:53:02:a2:aa:a6:c7:7e:a3:f1:f7:a8:53:2c:6c:99:95:74:
0c:95:65:a2:a4:3e:3f:06:25:fe:4a:25:e5:d7:c9:2e:73:7d:
51:af:dc:da:5e:be:1b:42:57:e8:c6:89:e3:18:3d:63:30:fb:
53:a5:46:20:fe:c2:26:40:3a:ab:01:ec:2c:67:9a:96:e1:60:
dc:b6:8a:75:44:07:91:41:25:62:51:76:4b:ca:e5:ed:94:db:
ed:64:ed:d2:8a:49:e9:74:d5:0f:e2:ab:ef:58:18:b6:a4:62:
af:91:f6:24:dc:74:59:ad:2c:76:df:c6:6c:bb:01:66:2b:8c:
e3:e4:37:89:7a:ee:c8:5f:24:1f:ab:0e:13:80:04:d0:35:d5:
1d:9b:d3:dd
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZGyRXiS/NDKn9WE40//wAtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxOWNiYjg4ZDJiMWE4OTY2NTg1MDY3Nzg2NjJlNzVjNzMy
YTY3ZTcwHhcNMjQwOTAyMTAyNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiN2NkM2UzOTM4ZWY3OTBhYmIxMzViYjM4ZDNjMjJmMmFlMzFiYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApMqrGIIzov4yroRREF6h7ATG7UZt
6bAMqTTxYUJH4hgG3FW1A+ysisQpOQZI7zeLBbobCCBGXglVUSsxw2kJShMOXeih
Ej0Pk3LbCFTFByRfwVHnP/9AnB4xowvu5CEVasWshOYhim2tNQj2jeNpi0ENK+9C
hvvW/rPCn36HfzeTYqQOrFirR5/4wi57c1n4qDxnB7mZeoc/EklLCu/y/0u7jkKx
bG/0603FXX6t2pbpE8kADk5q5ph2AoI5cLLr6XAABvOXvduoqdLhLQeWf3IN+nmt
/lMCJBfJPjMSc+h6SSE3m4ip4cYFZiE9GvBX8d49VxJVYlMKVyMES97apQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLfNPjk473kKuxNbs408IvKuMbsGMB8GA1UdIwQY
MBaAFOGcu4jSsaiWZYUGd4Zi51xzKmfnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFp5N2lOS3hxSlpsaFFaM2htTG5YSE1xWi1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi9hZDEyMTYtYjcxZC00NTU3LWEwODYt
ZWZlYTYzZDA2ZjgwLzEvdDgwLU9UanZlUXE3RTF1empUd2k4cTR4dXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi9hZDEyMTYtYjcxZC00NTU3LWEwODYtZWZlYTYzZDA2Zjgw
LzEvNFp5N2lOS3hxSlpsaFFaM2htTG5YSE1xWi1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBZ94AwQC
udxYMA0EAgACMAcDBQMqB8nAMA0GCSqGSIb3DQEBCwUAA4IBAQCb9FPH8DAikTV3
93dP1Ol1m2YIQ7EB4vC33l09lrCJJlM1baiuso6DzDaJO/6mETTvXs6YeHKWHQm+
61bJqo+sa9jGqaSfssFgJ6cFnJtxraYXqtgybR2njCOVN8ST+DLwjEz1hcR6oZxQ
OXzcUwKiqqbHfqPx96hTLGyZlXQMlWWipD4/BiX+SiXl18kuc31Rr9zaXr4bQlfo
xonjGD1jMPtTpUYg/sImQDqrAewsZ5qW4WDctop1RAeRQSViUXZLyuXtlNvtZO3S
iknpdNUP4qvvWBi2pGKvkfYk3HRZrSx238ZsuwFmK4zj5DeJeu7IXyQfqw4TgATQ
NdUdm9Pd
-----END CERTIFICATE-----
Generated at Sat Nov 23 23:42:02 2024 by rpki-client on console-fra.rpki-client.org