Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/OPLcHr0Vwh4PoID1apVr719SLgk.roa
File: OPLcHr0Vwh4PoID1apVr719SLgk.roa (raw, json)
Hash identifier: Q1Rx6h36rw3ewrKCJKHMn56TNIeMJcr3afyHhxiB5vs=
Subject key identifier: 38:F2:DC:1E:BD:15:C2:1E:0F:A0:80:F5:6A:95:6B:EF:5F:52:2E:09
Certificate issuer: /CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Certificate serial: 018CC64A03F36B45EF4438343145F98005D9
Authority key identifier: B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/OPLcHr0Vwh4PoID1apVr719SLgk.roa
Signing time: Mon 01 Jan 2024 18:29:48 +0000
ROA not before: Mon 01 Jan 2024 18:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8915
IP address blocks: 95.140.144.0/23 maxlen: 24
95.140.150.0/24 maxlen: 24
80.90.176.0/23 maxlen: 24
2a00:1818::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 03:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:03:f3:6b:45:ef:44:38:34:31:45:f9:80:05:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9ea8936f8e53063b4b3bdf0f3b15b2ae667ef13
Validity
Not Before: Jan 1 18:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38f2dc1ebd15c21e0fa080f56a956bef5f522e09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c1:dd:6d:52:31:73:7d:a7:fb:7d:28:c1:4e:
14:74:dc:d6:f8:64:5f:18:f2:5b:4e:d6:3d:49:65:
4f:99:74:5c:e8:0d:67:62:21:d2:93:57:d5:e8:08:
d1:20:05:52:1c:98:2a:8e:5a:c8:35:4d:59:01:1c:
75:1e:39:de:92:0a:f6:c1:b3:0d:9f:5b:eb:42:93:
00:9d:f9:97:47:06:62:fd:5e:85:3d:7f:a8:13:3f:
7c:97:97:f1:c2:70:84:9c:d0:99:2b:24:60:29:31:
b2:4c:7e:fa:90:64:12:9f:ce:d9:56:d3:9c:66:c5:
52:04:1e:aa:73:c5:06:53:9d:6c:1d:0d:bd:21:51:
26:1b:6f:80:9e:ed:26:74:96:09:ff:2f:af:a9:85:
a7:f5:e1:d6:c2:eb:27:9c:3d:ed:01:d9:d3:85:ac:
09:52:43:5b:59:36:7b:06:b3:7b:85:65:0d:cb:a3:
e4:d3:b7:3c:b4:75:d1:d1:4b:a6:40:f2:5f:4e:fc:
d9:55:ce:fb:24:79:89:ab:9b:66:90:70:4f:3b:4b:
2a:3e:88:d8:31:fd:82:7c:b8:a5:ca:8f:4d:19:40:
59:69:42:63:25:5a:8a:22:11:e9:a4:8f:a4:01:e1:
7f:74:c7:08:49:4c:a7:52:1d:84:42:fc:33:be:f6:
df:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F2:DC:1E:BD:15:C2:1E:0F:A0:80:F5:6A:95:6B:EF:5F:52:2E:09
X509v3 Authority Key Identifier:
keyid:B9:EA:89:36:F8:E5:30:63:B4:B3:BD:F0:F3:B1:5B:2A:E6:67:EF:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ueqJNvjlMGO0s73w87FbKuZn7xM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/OPLcHr0Vwh4PoID1apVr719SLgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/ec29e2-3440-409a-986a-b250997fc75d/1/ueqJNvjlMGO0s73w87FbKuZn7xM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.176.0/23
95.140.144.0/23
95.140.150.0/24
IPv6:
2a00:1818::/32
Signature Algorithm: sha256WithRSAEncryption
02:e1:d8:ba:4c:52:d3:fa:cb:ff:1c:c2:ca:ce:9f:60:68:8e:
06:51:3e:47:e5:a6:6f:3e:9c:c7:1a:63:25:8e:67:10:e6:1d:
b2:da:ea:c0:89:28:e3:fd:a7:df:77:10:ec:a2:53:e7:e0:de:
2d:d3:d4:cd:ee:8b:58:e8:ef:3e:f9:f6:97:2c:a1:3e:07:23:
4e:a7:6f:a9:cc:54:d1:65:a4:70:ce:43:d5:7f:32:e5:03:60:
87:ac:e5:df:71:8b:89:a7:07:b8:09:98:56:8c:f8:51:f9:b4:
2b:b1:0a:ad:03:ae:dc:d5:0e:c0:08:16:13:be:5a:f0:b2:03:
22:2b:61:1f:c0:4b:9b:6c:52:d3:ff:82:ce:2d:ed:7f:7e:ef:
39:0d:f4:ec:75:ce:a2:9d:3b:6c:ce:be:b5:a9:88:0a:e5:4e:
4a:9b:96:26:fd:bd:b5:05:87:ef:11:59:ca:48:0c:18:e2:f4:
1c:fa:48:4e:c6:a4:da:f4:05:9e:e9:1d:a6:ad:a4:fb:ff:11:
de:33:55:dd:38:0e:d9:97:40:e2:f5:a5:c4:dd:5f:19:09:90:
23:ce:ca:dd:fd:4d:2a:a9:5d:fa:ba:85:63:2f:01:c4:9b:66:
5e:7d:9b:c3:64:16:30:20:b9:af:42:8b:4f:7e:25:c7:b2:8a:
06:f5:b1:15
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGSgPza0XvRDg0MUX5gAXZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZWE4OTM2ZjhlNTMwNjNiNGIzYmRmMGYzYjE1YjJhZTY2
N2VmMTMwHhcNMjQwMTAxMTgyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGYyZGMxZWJkMTVjMjFlMGZhMDgwZjU2YTk1NmJlZjVmNTIyZTA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMHdbVIxc32n+30owU4UdNzW+GRf
GPJbTtY9SWVPmXRc6A1nYiHSk1fV6AjRIAVSHJgqjlrINU1ZARx1Hjnekgr2wbMN
n1vrQpMAnfmXRwZi/V6FPX+oEz98l5fxwnCEnNCZKyRgKTGyTH76kGQSn87ZVtOc
ZsVSBB6qc8UGU51sHQ29IVEmG2+Anu0mdJYJ/y+vqYWn9eHWwusnnD3tAdnThawJ
UkNbWTZ7BrN7hWUNy6Pk07c8tHXR0UumQPJfTvzZVc77JHmJq5tmkHBPO0sqPojY
Mf2CfLilyo9NGUBZaUJjJVqKIhHppI+kAeF/dMcISUynUh2EQvwzvvbfjwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDjy3B69FcIeD6CA9WqVa+9fUi4JMB8GA1UdIwQY
MBaAFLnqiTb45TBjtLO98POxWyrmZ+8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEt
YjI1MDk5N2ZjNzVkLzEvT1BMY0hyMFZ3aDRQb0lEMWFwVnI3MTlTTGdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9lYzI5ZTItMzQ0MC00MDlhLTk4NmEtYjI1MDk5N2ZjNzVk
LzEvdWVxSk52amxNR08wczczdzg3RmJLdVpuN3hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBUFqwAwQB
X4yQAwQAX4yWMA0EAgACMAcDBQAqABgYMA0GCSqGSIb3DQEBCwUAA4IBAQAC4di6
TFLT+sv/HMLKzp9gaI4GUT5H5aZvPpzHGmMljmcQ5h2y2urAiSjj/affdxDsolPn
4N4t09TN7otY6O8++faXLKE+ByNOp2+pzFTRZaRwzkPVfzLlA2CHrOXfcYuJpwe4
CZhWjPhR+bQrsQqtA67c1Q7ACBYTvlrwsgMiK2EfwEubbFLT/4LOLe1/fu85DfTs
dc6inTtszr61qYgK5U5Km5Ym/b21BYfvEVnKSAwY4vQc+khOxqTa9AWe6R2mraT7
/xHeM1XdOA7Zl0Di9aXE3V8ZCZAjzsrd/U0qqV36uoVjLwHEm2ZefZvDZBYwILmv
QotPfiXHsooG9bEV
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:06:40 2024 by rpki-client on console-fra.rpki-client.org