Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/o7HBtAU1rmzeFohwhsT0F0j1Ofs.roa
File: o7HBtAU1rmzeFohwhsT0F0j1Ofs.roa (raw, json)
Hash identifier: PVM1K1sqnxkWM1CoWjMLZJhvyh/i95PXaPiLyypE1+E=
Subject key identifier: A3:B1:C1:B4:05:35:AE:6C:DE:16:88:70:86:C4:F4:17:48:F5:39:FB
Certificate issuer: /CN=e1ba4b2867dad38b73a46918241efc72a21262f7
Certificate serial: 018CC56E1CFB13BDAC9E02049D9824B33FC6
Authority key identifier: E1:BA:4B:28:67:DA:D3:8B:73:A4:69:18:24:1E:FC:72:A2:12:62:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4bpLKGfa04tzpGkYJB78cqISYvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/o7HBtAU1rmzeFohwhsT0F0j1Ofs.roa
Signing time: Mon 01 Jan 2024 14:29:37 +0000
ROA not before: Mon 01 Jan 2024 14:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50226
IP address blocks: 89.16.192.0/19 maxlen: 24
185.228.40.0/22 maxlen: 22
185.56.124.0/22 maxlen: 22
2a00:17e8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/4bpLKGfa04tzpGkYJB78cqISYvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/4bpLKGfa04tzpGkYJB78cqISYvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/4bpLKGfa04tzpGkYJB78cqISYvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1c:fb:13:bd:ac:9e:02:04:9d:98:24:b3:3f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1ba4b2867dad38b73a46918241efc72a21262f7
Validity
Not Before: Jan 1 14:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3b1c1b40535ae6cde16887086c4f41748f539fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:25:41:53:12:f2:8e:a0:43:d9:6a:d4:b8:43:
69:04:a8:03:fb:d5:a7:16:28:03:78:d0:67:e2:26:
a8:6b:1a:fd:2f:49:02:0e:61:21:8b:91:fa:c1:34:
ac:6c:27:55:00:19:3f:78:9d:30:c9:ad:c4:44:a1:
50:ad:34:71:20:af:86:91:02:0d:f9:e3:71:34:10:
c1:95:36:c8:8e:a6:e8:7a:f2:62:7e:62:3d:f2:9c:
52:95:89:49:b5:ab:d7:82:9e:e2:02:66:8a:69:f0:
c0:62:7a:82:ef:64:29:16:06:e5:33:71:8f:7f:ba:
f6:84:cb:17:d4:2e:1e:7f:1b:fa:08:7c:3d:5c:58:
ac:2e:2f:bf:a3:f1:70:37:c0:98:99:49:be:7d:50:
cf:79:88:90:e7:47:2f:76:51:c8:f1:f8:40:2a:01:
85:cf:bb:96:85:84:7a:66:b3:6a:0e:68:c1:c3:cd:
cc:f7:af:2b:dc:e2:00:2a:c3:fe:60:12:56:2a:75:
f5:0b:28:70:31:37:bc:25:9c:e0:09:59:bb:45:e6:
2e:45:e0:79:ae:79:d5:97:d1:d3:08:89:dc:6f:67:
f2:c6:ab:62:88:43:08:bc:eb:9e:5e:e6:5c:72:93:
1a:2a:f4:18:23:a9:45:f0:9f:42:ba:2d:0b:d5:05:
57:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:B1:C1:B4:05:35:AE:6C:DE:16:88:70:86:C4:F4:17:48:F5:39:FB
X509v3 Authority Key Identifier:
keyid:E1:BA:4B:28:67:DA:D3:8B:73:A4:69:18:24:1E:FC:72:A2:12:62:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4bpLKGfa04tzpGkYJB78cqISYvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/o7HBtAU1rmzeFohwhsT0F0j1Ofs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/689109-1723-4bf1-b63a-dc64ae72578e/1/4bpLKGfa04tzpGkYJB78cqISYvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.16.192.0/19
185.56.124.0/22
185.228.40.0/22
IPv6:
2a00:17e8::/29
Signature Algorithm: sha256WithRSAEncryption
6f:60:1b:8f:f1:79:a5:b0:39:c9:77:9e:7d:cb:68:ba:8b:ec:
75:da:08:78:55:eb:c9:60:29:0a:bb:38:ea:2d:b6:78:85:dc:
b0:06:86:e2:49:28:2e:65:cd:0b:a8:28:30:b3:73:ab:f7:27:
e2:75:af:d8:3d:8f:0d:0e:28:c4:c7:83:5c:39:56:c6:a9:c6:
67:34:d8:8d:26:d5:c4:5a:7d:5d:fd:83:98:f8:6d:47:1b:cd:
03:e0:14:7e:8c:d8:57:47:59:59:39:e2:bc:81:94:7a:a6:6e:
cc:33:b1:62:f5:1a:ae:9c:d0:0d:a8:de:af:33:eb:82:73:f8:
3e:85:95:ff:4a:d1:cc:fd:33:7f:ac:78:d1:1f:8a:e5:71:7a:
07:8f:60:99:d5:d5:9d:45:97:51:86:5d:9c:6e:2d:45:f8:7d:
ae:aa:df:c3:ce:b5:d2:99:22:fa:2c:76:37:ad:0c:f7:4b:13:
17:4d:ff:31:8a:d5:86:e4:90:ce:52:d8:e5:dd:7f:ea:ca:46:
2f:a6:36:ae:12:85:71:b9:37:7f:69:5a:8b:73:f8:4a:b4:a3:
32:65:1e:7f:71:ad:20:60:43:32:85:40:03:d6:fa:21:76:51:
f6:b0:dc:a6:24:a4:56:e0:5e:09:d3:4b:ea:0b:72:a0:54:0e:
85:6a:ce:02
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFbhz7E72sngIEnZgksz/GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxYmE0YjI4NjdkYWQzOGI3M2E0NjkxODI0MWVmYzcyYTIx
MjYyZjcwHhcNMjQwMTAxMTQyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2IxYzFiNDA1MzVhZTZjZGUxNjg4NzA4NmM0ZjQxNzQ4ZjUzOWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9yVBUxLyjqBD2WrUuENpBKgD+9Wn
FigDeNBn4iaoaxr9L0kCDmEhi5H6wTSsbCdVABk/eJ0wya3ERKFQrTRxIK+GkQIN
+eNxNBDBlTbIjqboevJifmI98pxSlYlJtavXgp7iAmaKafDAYnqC72QpFgblM3GP
f7r2hMsX1C4efxv6CHw9XFisLi+/o/FwN8CYmUm+fVDPeYiQ50cvdlHI8fhAKgGF
z7uWhYR6ZrNqDmjBw83M968r3OIAKsP+YBJWKnX1CyhwMTe8JZzgCVm7ReYuReB5
rnnVl9HTCIncb2fyxqtiiEMIvOueXuZccpMaKvQYI6lF8J9Cui0L1QVXhwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKOxwbQFNa5s3haIcIbE9BdI9Tn7MB8GA1UdIwQY
MBaAFOG6Syhn2tOLc6RpGCQe/HKiEmL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNGJwTEtHZmEwNHR6cEdrWUpCNzhjcUlTWXZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82ODkxMDktMTcyMy00YmYxLWI2M2Et
ZGM2NGFlNzI1NzhlLzEvbzdIQnRBVTFybXplRm9od2hzVDBGMGoxT2ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82ODkxMDktMTcyMy00YmYxLWI2M2EtZGM2NGFlNzI1Nzhl
LzEvNGJwTEtHZmEwNHR6cEdrWUpCNzhjcUlTWXZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFWRDAAwQC
uTh8AwQCueQoMA0EAgACMAcDBQMqABfoMA0GCSqGSIb3DQEBCwUAA4IBAQBvYBuP
8XmlsDnJd559y2i6i+x12gh4VevJYCkKuzjqLbZ4hdywBobiSSguZc0LqCgws3Or
9yfida/YPY8NDijEx4NcOVbGqcZnNNiNJtXEWn1d/YOY+G1HG80D4BR+jNhXR1lZ
OeK8gZR6pm7MM7Fi9RqunNANqN6vM+uCc/g+hZX/StHM/TN/rHjRH4rlcXoHj2CZ
1dWdRZdRhl2cbi1F+H2uqt/DzrXSmSL6LHY3rQz3SxMXTf8xitWG5JDOUtjl3X/q
ykYvpjauEoVxuTd/aVqLc/hKtKMyZR5/ca0gYEMyhUAD1vohdlH2sNymJKRW4F4J
00vqC3KgVA6Fas4C
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:40 2024 by rpki-client on console-fra.rpki-client.org