Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/OG7XJqiNG-qIinZ3PxfWhndyOK8.roa
File: OG7XJqiNG-qIinZ3PxfWhndyOK8.roa (raw, json)
Hash identifier: ElrU0DblKTV1UupE+a/5Ip/HRi+8mspjeYBcKFp6M3I=
Subject key identifier: 38:6E:D7:26:A8:8D:1B:EA:88:8A:76:77:3F:17:D6:86:77:72:38:AF
Certificate issuer: /CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Certificate serial: 018CC5DC021550D8D0757919F714C9123E2A
Authority key identifier: 6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/OG7XJqiNG-qIinZ3PxfWhndyOK8.roa
Signing time: Mon 01 Jan 2024 16:29:39 +0000
ROA not before: Mon 01 Jan 2024 16:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25192
IP address blocks: 193.29.206.0/24 maxlen: 30
194.0.14.0/24 maxlen: 30
194.0.12.0/23 maxlen: 30
212.237.229.0/24 maxlen: 24
185.43.132.0/24 maxlen: 24
185.43.132.0/22 maxlen: 22
185.43.133.0/24 maxlen: 24
217.31.192.0/20 maxlen: 30
185.43.134.0/24 maxlen: 24
185.43.135.0/24 maxlen: 24
2001:678:10::/47 maxlen: 64
2001:678:1::/48 maxlen: 64
2001:148f:fffd::/48 maxlen: 48
2001:678:f::/48 maxlen: 64
2001:148f:fffb::/48 maxlen: 48
2001:1488::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.mft
rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:02:15:50:d8:d0:75:79:19:f7:14:c9:12:3e:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Validity
Not Before: Jan 1 16:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=386ed726a88d1bea888a76773f17d686777238af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:fd:f0:a6:62:39:ec:ff:a2:db:40:b9:56:56:
fc:3c:f1:56:15:47:37:12:79:00:2c:ee:ec:ee:e3:
63:a3:b3:e7:61:e8:94:c5:b4:e6:18:c0:39:f8:1b:
42:b0:31:d7:bb:7d:ca:70:6a:40:3d:e1:67:12:46:
42:44:3e:f5:f1:c1:1f:18:21:d3:5d:18:cf:88:a3:
27:1e:5e:51:bb:81:11:dd:69:af:f9:fc:18:23:0d:
22:45:c1:92:cb:be:c1:fc:1a:51:11:95:d6:c2:58:
7d:05:7b:f0:0d:f0:75:6f:c1:e5:1a:e0:4f:21:5b:
16:5b:2e:cb:6f:59:a5:dc:df:39:ac:a2:ff:41:ca:
d2:5f:7a:d4:31:25:a1:2c:a5:40:2c:a2:df:56:07:
49:6d:ca:20:6c:ec:40:30:a4:0b:26:7e:45:71:1b:
9e:6f:ba:86:4b:ea:c0:94:75:39:c0:9c:31:b2:59:
f7:3b:21:7c:d1:aa:14:c9:de:7f:af:8a:02:7c:c6:
19:4d:05:04:e3:dd:17:99:a9:3b:23:f1:86:69:7c:
b6:44:5d:2c:04:a8:bb:1b:7f:af:4f:f2:c2:1f:4a:
b9:66:75:a2:42:6a:4a:59:02:7d:d1:91:01:da:b0:
8b:8c:cf:fc:d9:f5:fd:e2:ce:40:28:2a:55:63:9d:
7b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:6E:D7:26:A8:8D:1B:EA:88:8A:76:77:3F:17:D6:86:77:72:38:AF
X509v3 Authority Key Identifier:
keyid:6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/OG7XJqiNG-qIinZ3PxfWhndyOK8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.132.0/22
193.29.206.0/24
194.0.12.0-194.0.14.255
212.237.229.0/24
217.31.192.0/20
IPv6:
2001:678:1::/48
2001:678:f::-2001:678:11:ffff:ffff:ffff:ffff:ffff
2001:1488::/32
2001:148f:fffb::/48
2001:148f:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
04:6b:8b:00:b6:27:6e:c5:78:4c:c5:5f:49:c0:f6:40:8e:b7:
b2:10:be:fa:ab:a1:f3:be:45:ab:83:4d:4b:d0:9f:6b:9a:65:
48:67:34:09:a4:cb:9d:0e:ae:f7:97:ee:85:ce:59:e9:3e:45:
df:6e:08:1d:60:e6:c1:5a:fa:66:f0:42:66:00:62:b2:df:d6:
95:b1:5b:4c:57:dc:12:36:cd:27:e7:3e:3e:c1:43:12:ea:fc:
c8:12:f2:c6:86:79:07:cb:07:85:d3:e7:2c:10:1f:9f:45:60:
76:1b:2d:6d:95:28:0e:38:b0:e0:3f:b0:86:a6:5c:e7:00:fa:
ca:19:63:2e:47:0d:f0:cc:c7:d1:4a:52:41:8c:51:93:5e:93:
54:f3:1c:8d:10:b9:ed:f3:bc:d8:67:cf:91:dd:ab:f6:d8:43:
5f:f0:61:6c:ba:c2:26:3b:e0:2d:54:53:ee:17:ce:9e:7c:e3:
e0:2d:80:14:f6:df:77:09:78:17:b2:d8:bf:a7:f9:4f:4d:94:
09:a5:ce:78:43:d9:52:e5:01:df:36:be:36:c7:a7:e2:71:86:
2e:c4:6c:f4:d1:26:4a:ba:9c:81:d0:43:fa:db:69:73:13:9f:
03:64:ab:b6:05:6d:16:a6:77:25:d8:56:58:3f:94:8c:0e:d6:
c4:c4:81:29
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYzF3AIVUNjQdXkZ9xTJEj4qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTdmZmU4MjJiM2JhN2JjMTk0ZGI3YTczNGM4NWVmY2Vm
MmYyODMwHhcNMjQwMTAxMTYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODZlZDcyNmE4OGQxYmVhODg4YTc2NzczZjE3ZDY4Njc3NzIzOGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP3wpmI57P+i20C5Vlb8PPFWFUc3
EnkALO7s7uNjo7PnYeiUxbTmGMA5+BtCsDHXu33KcGpAPeFnEkZCRD718cEfGCHT
XRjPiKMnHl5Ru4ER3Wmv+fwYIw0iRcGSy77B/BpREZXWwlh9BXvwDfB1b8HlGuBP
IVsWWy7Lb1ml3N85rKL/QcrSX3rUMSWhLKVALKLfVgdJbcogbOxAMKQLJn5FcRue
b7qGS+rAlHU5wJwxsln3OyF80aoUyd5/r4oCfMYZTQUE490Xmak7I/GGaXy2RF0s
BKi7G3+vT/LCH0q5ZnWiQmpKWQJ90ZEB2rCLjM/82fX94s5AKCpVY5172wIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFDhu1yaojRvqiIp2dz8X1oZ3cjivMB8GA1UdIwQY
MBaAFGpX/+gis7p7wZTbenNMhe/O8vKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2It
Y2EwYzYyNjIxMDk4LzEvT0c3WEpxaU5HLXFJaW5aM1B4ZldobmR5T0s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2ItY2EwYzYyNjIxMDk4
LzEvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDAsBAIAATAmAwQCuSuEAwQA
wR3OMAwDBALCAAwDBADCAA4DBADU7eUDBATZH8AwPAQCAAIwNgMHACABBngAATAS
AwcAIAEGeAAPAwcBIAEGeAAQAwUAIAEUiAMHACABFI//+wMHACABFI///TANBgkq
hkiG9w0BAQsFAAOCAQEABGuLALYnbsV4TMVfScD2QI63shC++quh875Fq4NNS9Cf
a5plSGc0CaTLnQ6u95fuhc5Z6T5F324IHWDmwVr6ZvBCZgBist/WlbFbTFfcEjbN
J+c+PsFDEur8yBLyxoZ5B8sHhdPnLBAfn0VgdhstbZUoDjiw4D+whqZc5wD6yhlj
LkcN8MzH0UpSQYxRk16TVPMcjRC57fO82GfPkd2r9thDX/BhbLrCJjvgLVRT7hfO
nnzj4C2AFPbfdwl4F7LYv6f5T02UCaXOeEPZUuUB3za+Nsen4nGGLsRs9NEmSrqc
gdBD+ttpcxOfA2SrtgVtFqZ3JdhWWD+UjA7WxMSBKQ==
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:07:13 2024 by rpki-client on console-ams.rpki-client.org