Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/0AtOMx3GMp8OKbd0zDtyhgNvnMI.roa
File: 0AtOMx3GMp8OKbd0zDtyhgNvnMI.roa (raw, json)
Hash identifier: XntkTQYx6zbxMxgEUFM5FghV6Ex6L9BfGOqifyM6IRg=
Subject key identifier: D0:0B:4E:33:1D:C6:32:9F:0E:29:B7:74:CC:3B:72:86:03:6F:9C:C2
Certificate issuer: /CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Certificate serial: 018CC726DCE1116CFEC5B872C9EFEDDBE8BA
Authority key identifier: 65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/0AtOMx3GMp8OKbd0zDtyhgNvnMI.roa
Signing time: Mon 01 Jan 2024 22:31:02 +0000
ROA not before: Mon 01 Jan 2024 22:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 4637
IP address blocks: 193.82.192.0/19 maxlen: 24
195.153.124.0/24 maxlen: 24
217.151.32.0/20 maxlen: 24
154.32.0.0/16 maxlen: 24
195.153.74.0/24 maxlen: 24
193.82.159.0/24 maxlen: 24
193.117.32.0/19 maxlen: 24
195.153.108.0/22 maxlen: 22
195.153.19.0/24 maxlen: 24
193.82.96.0/19 maxlen: 24
193.82.128.0/19 maxlen: 24
146.101.0.0/16 maxlen: 24
154.8.0.0/19 maxlen: 24
154.8.32.0/20 maxlen: 24
195.153.216.0/24 maxlen: 24
195.153.217.0/24 maxlen: 24
2a02:1620::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:dc:e1:11:6c:fe:c5:b8:72:c9:ef:ed:db:e8:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=653f55629121b60fb19c97f99c75dd6f015dd6e8
Validity
Not Before: Jan 1 22:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d00b4e331dc6329f0e29b774cc3b7286036f9cc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4f:80:75:a2:f4:d6:f4:4a:df:6a:52:45:94:
36:3e:0f:bc:9a:ae:a0:c1:6f:30:e1:dc:95:e2:6f:
29:5f:80:9c:91:d2:b9:51:43:71:f1:e1:cd:40:b2:
aa:3a:7f:71:88:01:19:94:6d:40:6d:1d:c4:c8:cb:
59:5d:b0:b8:71:b6:9e:08:91:2c:ea:8f:c0:00:ff:
94:82:a2:9d:7d:9b:79:b7:eb:88:55:9f:7b:f9:73:
e7:6e:3a:bf:1a:aa:a9:c1:c9:9e:10:e4:15:8e:bd:
17:46:b1:66:c7:42:68:7b:9a:7c:a2:79:a3:f4:c0:
9d:c2:0a:e3:0a:7e:37:dc:1a:d9:a3:92:77:d4:b7:
59:b5:0d:ee:e3:5a:d3:2b:40:3b:1d:20:31:08:0a:
cc:9f:f5:db:96:5e:9f:42:c6:b2:dc:59:e9:f6:91:
41:0c:0c:ee:0a:90:10:9c:9b:b8:b9:5d:88:ee:bc:
d3:97:ba:56:a0:39:9c:7b:dd:87:74:c3:85:68:d2:
c1:a5:de:9b:2f:8a:00:43:47:b9:fa:20:b2:1c:e1:
45:8b:da:8f:eb:b0:1a:35:54:c9:f6:f3:50:6d:cf:
1e:72:de:73:a4:57:f4:96:0f:9e:84:16:01:5c:98:
5f:ec:2b:cb:4f:a1:52:84:61:24:e7:58:a9:d4:45:
33:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:0B:4E:33:1D:C6:32:9F:0E:29:B7:74:CC:3B:72:86:03:6F:9C:C2
X509v3 Authority Key Identifier:
keyid:65:3F:55:62:91:21:B6:0F:B1:9C:97:F9:9C:75:DD:6F:01:5D:D6:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/0AtOMx3GMp8OKbd0zDtyhgNvnMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/74cf3b-9f5c-4f5e-96c4-2926d281b514/1/ZT9VYpEhtg-xnJf5nHXdbwFd1ug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.101.0.0/16
154.8.0.0-154.8.47.255
154.32.0.0/16
193.82.96.0-193.82.159.255
193.82.192.0/19
193.117.32.0/19
195.153.19.0/24
195.153.74.0/24
195.153.108.0/22
195.153.124.0/24
195.153.216.0/23
217.151.32.0/20
IPv6:
2a02:1620::/32
Signature Algorithm: sha256WithRSAEncryption
10:c9:a5:db:70:2a:37:bc:83:ab:15:c7:f8:52:93:ff:0f:6a:
3f:91:15:5a:96:08:3c:81:a8:de:a5:38:81:ea:c4:4a:fb:00:
ab:1a:df:41:4c:c1:ef:9d:0d:5e:73:d6:3c:01:7a:e8:76:05:
e3:ed:2f:75:fa:1e:9a:72:74:86:1f:5a:49:98:2f:e2:a6:a5:
f0:b0:61:7a:9d:0f:6a:07:49:e0:0a:52:0d:ca:7c:45:35:d2:
69:e5:8e:cd:a6:88:2e:79:7a:47:99:8f:9e:23:8f:8b:87:50:
08:d3:f1:47:fa:75:ba:66:15:bf:1d:52:7d:1e:cd:d5:2f:1c:
29:2f:fa:9a:86:ce:54:4e:4f:91:3c:0c:ad:4b:5a:d6:7b:2b:
b4:a5:e6:a6:34:9b:8f:a1:4c:31:73:da:2b:ba:93:e7:3a:cb:
67:24:d2:c1:35:49:3b:3b:a0:a5:76:a2:fc:cd:2e:be:a0:bc:
31:bc:7e:9c:c1:70:06:c0:b4:96:37:1e:54:39:04:12:ff:05:
01:67:c4:19:35:30:31:f3:83:74:ac:f9:75:04:f7:e3:09:af:
3e:e1:f4:d6:60:56:14:85:d6:a3:89:9a:c6:75:f4:b1:a3:62:
3b:38:78:ca:31:e3:07:96:8e:b2:a6:22:10:39:61:3d:66:fd:
01:81:21:c9
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAYzHJtzhEWz+xbhyye/t2+i6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1M2Y1NTYyOTEyMWI2MGZiMTljOTdmOTljNzVkZDZmMDE1
ZGQ2ZTgwHhcNMjQwMTAxMjIzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDBiNGUzMzFkYzYzMjlmMGUyOWI3NzRjYzNiNzI4NjAzNmY5Y2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuk+AdaL01vRK32pSRZQ2Pg+8mq6g
wW8w4dyV4m8pX4CckdK5UUNx8eHNQLKqOn9xiAEZlG1AbR3EyMtZXbC4cbaeCJEs
6o/AAP+UgqKdfZt5t+uIVZ97+XPnbjq/GqqpwcmeEOQVjr0XRrFmx0Joe5p8onmj
9MCdwgrjCn433BrZo5J31LdZtQ3u41rTK0A7HSAxCArMn/Xbll6fQsay3Fnp9pFB
DAzuCpAQnJu4uV2I7rzTl7pWoDmce92HdMOFaNLBpd6bL4oAQ0e5+iCyHOFFi9qP
67AaNVTJ9vNQbc8ect5zpFf0lg+ehBYBXJhf7CvLT6FShGEk51ip1EUzLwIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFNALTjMdxjKfDim3dMw7coYDb5zCMB8GA1UdIwQY
MBaAFGU/VWKRIbYPsZyX+Zx13W8BXdboMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQt
MjkyNmQyODFiNTE0LzEvMEF0T014M0dNcDhPS2JkMHpEdHloZ052bk1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NGNmM2ItOWY1Yy00ZjVlLTk2YzQtMjkyNmQyODFiNTE0
LzEvWlQ5VllwRWh0Zy14bkpmNW5IWGRid0ZkMXVnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBbBAIAATBVAwMAkmUwCwMD
A5oIAwQEmgggAwMAmiAwDAMEBcFSYAMEBcFSgAMEBcFSwAMEBcF1IAMEAMOZEwME
AMOZSgMEAsOZbAMEAMOZfAMEAcOZ2AMEBNmXIDANBAIAAjAHAwUAKgIWIDANBgkq
hkiG9w0BAQsFAAOCAQEAEMml23AqN7yDqxXH+FKT/w9qP5EVWpYIPIGo3qU4gerE
SvsAqxrfQUzB750NXnPWPAF66HYF4+0vdfoemnJ0hh9aSZgv4qal8LBhep0PagdJ
4ApSDcp8RTXSaeWOzaaILnl6R5mPniOPi4dQCNPxR/p1umYVvx1SfR7N1S8cKS/6
mobOVE5PkTwMrUta1nsrtKXmpjSbj6FMMXPaK7qT5zrLZyTSwTVJOzugpXai/M0u
vqC8Mbx+nMFwBsC0ljceVDkEEv8FAWfEGTUwMfODdKz5dQT34wmvPuH01mBWFIXW
o4maxnX0saNiOzh4yjHjB5aOsqYiEDlhPWb9AYEhyQ==
-----END CERTIFICATE-----
Generated at Wed May 8 21:34:10 2024 by rpki-client on console-ams.rpki-client.org