Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/o9ZjOXIUACYF6g_l8gylk2YKn9A.roa
File: o9ZjOXIUACYF6g_l8gylk2YKn9A.roa (raw, json)
Hash identifier: 9hgtZa8GcdbhVtt6R55xdCEd9BONRRY4FqD/yS4GMVU=
Subject key identifier: A3:D6:63:39:72:14:00:26:05:EA:0F:E5:F2:0C:A5:93:66:0A:9F:D0
Certificate issuer: /CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Certificate serial: 018D7E8D23C8CFB541CD095E5EBA76E7B7C7
Authority key identifier: 54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/o9ZjOXIUACYF6g_l8gylk2YKn9A.roa
Signing time: Tue 06 Feb 2024 13:13:15 +0000
ROA not before: Tue 06 Feb 2024 13:13:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49632
IP address blocks: 188.125.160.0/24 maxlen: 24
188.125.164.0/24 maxlen: 24
188.125.165.0/24 maxlen: 24
188.125.166.0/24 maxlen: 24
188.125.168.0/24 maxlen: 24
188.125.170.0/24 maxlen: 24
188.125.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.mft
rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7e:8d:23:c8:cf:b5:41:cd:09:5e:5e:ba:76:e7:b7:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=542f633f76e8d8aaeaa32b5ace16a3db3943d80c
Validity
Not Before: Feb 6 13:13:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3d663397214002605ea0fe5f20ca593660a9fd0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9b:98:72:ca:10:eb:db:8e:b5:e7:45:b9:ea:
9a:97:34:f2:c6:2e:67:65:a6:5f:84:7b:57:03:84:
ad:30:5d:22:a9:06:d3:f9:ac:f8:0e:d6:01:b4:1e:
32:79:cc:80:4b:23:f3:91:26:3a:bd:39:34:8a:77:
10:67:03:ac:c6:1b:5c:a0:96:1b:da:68:53:4e:e7:
ce:06:58:51:0b:8e:7e:c1:14:0b:e8:ed:67:e8:3e:
32:0f:5b:11:df:18:dd:a8:65:e6:bf:1c:3b:0d:8a:
4c:00:33:83:57:89:fc:c8:5d:84:59:85:ab:67:1e:
4a:fb:6d:e6:2f:d4:7f:54:34:d8:3b:df:ea:f6:f2:
cc:97:c3:ab:fc:26:c6:04:5c:59:72:35:79:b2:b0:
67:e9:2b:2f:d5:ff:50:de:5e:45:95:6e:59:87:58:
33:69:14:69:3b:6a:6f:34:1a:9d:1b:44:41:b9:8c:
88:4d:4c:92:77:0d:72:03:e7:72:f1:03:3c:5e:4d:
2a:80:0d:fd:5d:30:a5:47:cb:d6:f8:e4:98:50:2d:
3e:15:e8:87:51:c6:70:f2:e6:3b:49:c0:4e:ea:dd:
56:ec:ec:08:34:b8:3c:ab:6f:48:b9:8c:03:ae:09:
90:d1:ea:10:81:19:b9:63:c7:1a:ae:30:85:d8:48:
ad:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D6:63:39:72:14:00:26:05:EA:0F:E5:F2:0C:A5:93:66:0A:9F:D0
X509v3 Authority Key Identifier:
keyid:54:2F:63:3F:76:E8:D8:AA:EA:A3:2B:5A:CE:16:A3:DB:39:43:D8:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VC9jP3bo2Krqoytazhaj2zlD2Aw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/o9ZjOXIUACYF6g_l8gylk2YKn9A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/d6b874-aea8-4b7e-b0d2-69b953c9d5aa/1/VC9jP3bo2Krqoytazhaj2zlD2Aw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.160.0/24
188.125.164.0-188.125.166.255
188.125.168.0/24
188.125.170.0/24
188.125.174.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:5c:7f:3d:40:a4:35:ac:dd:6d:7e:e5:ad:4b:06:85:83:0d:
f2:54:24:22:65:2c:39:71:c1:ab:fb:d0:69:d4:7d:40:c8:f0:
3f:cb:8d:cb:59:29:23:5e:f7:93:eb:7e:09:9c:fc:50:62:b1:
5f:2b:e2:31:94:13:ef:31:40:a9:35:c8:80:a4:5d:db:c2:94:
41:a2:b1:17:ad:69:0d:d0:0d:cf:e7:c8:6d:b3:0e:b6:b7:c8:
a1:c5:16:e6:08:df:ff:e3:44:15:32:44:37:86:e4:a5:ea:d7:
ce:fd:cd:ec:9c:d8:16:de:e8:13:2a:42:e8:e8:70:ae:39:63:
07:ae:b1:d5:d1:56:7b:f7:38:49:34:a2:2e:c9:19:7d:62:16:
fe:e9:7d:bb:dc:21:a3:52:a8:de:50:9c:65:9a:ec:c9:21:91:
a3:06:52:0f:00:b5:85:fb:0f:6f:aa:b1:f2:55:be:38:3e:d7:
65:59:9d:db:88:5d:e9:29:18:ca:48:37:51:d7:13:1e:e7:6b:
02:ad:b6:45:4a:49:8f:a9:f5:c3:85:ef:d9:e9:8a:fa:d3:6a:
94:50:6e:27:14:10:a4:4f:77:0f:79:cb:c4:1a:e5:26:6c:d3:
b8:8d:fd:84:b3:a4:6a:4b:fe:a3:62:c2:84:d1:fc:99:c7:10:
4b:56:8d:23
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY1+jSPIz7VBzQleXrp257fHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MmY2MzNmNzZlOGQ4YWFlYWEzMmI1YWNlMTZhM2RiMzk0
M2Q4MGMwHhcNMjQwMjA2MTMxMzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Q2NjMzOTcyMTQwMDI2MDVlYTBmZTVmMjBjYTU5MzY2MGE5ZmQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5uYcsoQ69uOtedFueqalzTyxi5n
ZaZfhHtXA4StMF0iqQbT+az4DtYBtB4yecyASyPzkSY6vTk0incQZwOsxhtcoJYb
2mhTTufOBlhRC45+wRQL6O1n6D4yD1sR3xjdqGXmvxw7DYpMADODV4n8yF2EWYWr
Zx5K+23mL9R/VDTYO9/q9vLMl8Or/CbGBFxZcjV5srBn6Ssv1f9Q3l5FlW5Zh1gz
aRRpO2pvNBqdG0RBuYyITUySdw1yA+dy8QM8Xk0qgA39XTClR8vW+OSYUC0+FeiH
UcZw8uY7ScBO6t1W7OwINLg8q29IuYwDrgmQ0eoQgRm5Y8carjCF2EitEQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKPWYzlyFAAmBeoP5fIMpZNmCp/QMB8GA1UdIwQY
MBaAFFQvYz926Niq6qMrWs4Wo9s5Q9gMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDIt
NjliOTUzYzlkNWFhLzEvbzlaak9YSVVBQ1lGNmdfbDhneWxrMllLbjlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS9kNmI4NzQtYWVhOC00YjdlLWIwZDItNjliOTUzYzlkNWFh
LzEvVkM5alAzYm8yS3Jxb3l0YXpoYWoyemxEMkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAvH2gMAwD
BAK8faQDBAC8faYDBAC8fagDBAC8faoDBAC8fa4wDQYJKoZIhvcNAQELBQADggEB
ALxcfz1ApDWs3W1+5a1LBoWDDfJUJCJlLDlxwav70GnUfUDI8D/LjctZKSNe95Pr
fgmc/FBisV8r4jGUE+8xQKk1yICkXdvClEGisRetaQ3QDc/nyG2zDra3yKHFFuYI
3//jRBUyRDeG5KXq1879zeyc2Bbe6BMqQujocK45YweusdXRVnv3OEk0oi7JGX1i
Fv7pfbvcIaNSqN5QnGWa7MkhkaMGUg8AtYX7D2+qsfJVvjg+12VZnduIXekpGMpI
N1HXEx7nawKttkVKSY+p9cOF79npivrTapRQbicUEKRPdw95y8Qa5SZs07iN/YSz
pGpL/qNiwoTR/JnHEEtWjSM=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:19:42 2024 by rpki-client on console-ams.rpki-client.org