Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/rdiJXUzqNhNWOFnHydpuohkPlds.roa
File: rdiJXUzqNhNWOFnHydpuohkPlds.roa (raw, json)
Hash identifier: alz7KMxNKY4Ogql4EMIotQB4EgvwtO1HrT3Cdc88+iU=
Subject key identifier: AD:D8:89:5D:4C:EA:36:13:56:38:59:C7:C9:DA:6E:A2:19:0F:95:DB
Certificate issuer: /CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
Certificate serial: 018CC5DC305F936B996B0FA70F400A2AD927
Authority key identifier: 3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/rdiJXUzqNhNWOFnHydpuohkPlds.roa
Signing time: Mon 01 Jan 2024 16:29:51 +0000
ROA not before: Mon 01 Jan 2024 16:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60855
IP address blocks: 164.131.80.0/24 maxlen: 24
164.131.160.0/24 maxlen: 24
164.131.198.0/23 maxlen: 23
164.131.198.0/24 maxlen: 24
164.131.197.0/24 maxlen: 24
164.131.199.0/24 maxlen: 24
164.131.125.0/24 maxlen: 24
164.131.124.0/23 maxlen: 23
164.131.124.0/24 maxlen: 24
164.131.127.0/24 maxlen: 24
164.131.126.0/23 maxlen: 23
164.131.126.0/24 maxlen: 24
164.131.130.0/23 maxlen: 23
164.131.130.0/24 maxlen: 24
164.131.132.0/23 maxlen: 23
164.131.132.0/24 maxlen: 24
164.131.131.0/24 maxlen: 24
164.131.133.0/24 maxlen: 24
164.131.143.0/24 maxlen: 24
164.131.142.0/24 maxlen: 24
164.131.142.0/23 maxlen: 23
164.131.212.0/23 maxlen: 24
164.131.214.0/23 maxlen: 24
164.131.224.0/24 maxlen: 24
164.131.226.0/23 maxlen: 24
164.131.233.0/24 maxlen: 24
164.131.232.0/23 maxlen: 23
164.131.232.0/24 maxlen: 24
164.131.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:30:5f:93:6b:99:6b:0f:a7:0f:40:0a:2a:d9:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a936d2f298e6cfd56604573d1ef9e0e8299b529
Validity
Not Before: Jan 1 16:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=add8895d4cea3613563859c7c9da6ea2190f95db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:75:66:b7:f1:49:4c:59:5a:a7:8f:f1:a6:7e:
be:8c:c4:eb:f7:78:b3:bc:6b:2e:74:ce:90:a7:60:
d5:f8:1b:ab:3f:76:ec:7e:23:24:31:ab:2b:63:4e:
68:3b:f1:2d:b1:8c:96:f1:ed:6c:20:ad:e5:2a:fc:
ce:fb:e7:ba:b3:25:a4:3a:6b:59:06:94:ae:3d:d7:
08:13:f0:45:32:6f:55:cb:58:88:1f:b0:e6:08:cd:
b8:ef:32:a2:3d:45:36:a9:40:f5:30:74:34:1e:9f:
e6:06:5b:69:fb:3f:ef:9f:ad:7b:0c:e3:32:41:8f:
ea:0c:ba:b0:dd:ad:d6:ca:c8:eb:f1:04:00:60:04:
53:25:e7:71:80:54:9c:50:18:d2:1b:c6:66:37:12:
50:4f:05:dc:50:5f:f5:27:70:2b:c6:15:22:99:29:
fa:9e:e3:0a:51:ce:eb:57:5f:50:ca:ff:87:50:fc:
05:c5:bd:57:e6:e5:da:f0:e2:9f:e4:cc:38:81:4f:
df:a5:88:cd:14:48:a2:a7:2c:8a:cf:06:f4:73:63:
11:0d:c3:1d:4f:80:06:89:34:4c:fd:db:04:9f:7a:
ae:2e:c5:85:7d:58:09:9c:54:52:1d:50:97:0c:60:
eb:e2:01:65:6d:a4:b9:c6:bd:c2:30:76:bd:09:84:
06:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:D8:89:5D:4C:EA:36:13:56:38:59:C7:C9:DA:6E:A2:19:0F:95:DB
X509v3 Authority Key Identifier:
keyid:3A:93:6D:2F:29:8E:6C:FD:56:60:45:73:D1:EF:9E:0E:82:99:B5:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OpNtLymObP1WYEVz0e-eDoKZtSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/rdiJXUzqNhNWOFnHydpuohkPlds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/704973-1866-40d1-9a1d-b5f8ec0aad7c/1/OpNtLymObP1WYEVz0e-eDoKZtSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.131.80.0/24
164.131.124.0/22
164.131.130.0-164.131.133.255
164.131.142.0/23
164.131.160.0/24
164.131.197.0-164.131.199.255
164.131.212.0/22
164.131.224.0/24
164.131.226.0/23
164.131.232.0/23
164.131.244.0/24
Signature Algorithm: sha256WithRSAEncryption
6e:05:8b:66:2b:e4:f4:7a:7e:08:dd:3f:a3:31:de:42:45:d2:
ac:48:4f:e7:53:a3:87:54:68:a7:4f:d3:66:7c:c3:1d:f3:c0:
06:20:71:1b:3b:72:23:fc:8b:65:72:6e:a8:86:1d:93:2f:11:
71:17:50:d0:98:30:fc:e7:ba:49:99:a1:6e:da:b6:d5:1a:0d:
79:37:3f:08:59:6e:23:cf:6b:8c:91:10:e4:08:f2:a0:c3:14:
78:4a:52:a9:8b:5e:07:ad:e7:f5:7a:79:77:c9:aa:74:6f:46:
48:e2:b1:34:69:4e:f3:a5:5c:c1:01:c9:02:72:57:98:ea:04:
88:fc:82:58:d3:b0:84:0e:05:88:6b:e6:4b:d1:c7:85:1a:b6:
be:0d:c7:9c:5b:6b:63:9e:4d:40:08:cd:f4:85:1f:ed:c0:c5:
13:05:c3:99:ba:da:88:d3:cc:6b:38:b2:58:61:7f:91:41:ec:
e9:b2:37:25:cc:47:7e:25:00:ab:a5:1e:97:71:71:ec:c7:e9:
13:20:c7:a6:c7:4b:80:c9:80:fd:a5:7d:ca:27:01:94:2b:39:
fb:4d:55:2c:d8:a7:fd:bd:2b:e9:9c:4d:2b:d2:cd:1e:37:27:
33:f2:60:57:4f:fb:35:07:99:cb:38:fa:f7:63:ed:69:95:84:
f0:aa:d2:a8
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYzF3DBfk2uZaw+nD0AKKtknMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhOTM2ZDJmMjk4ZTZjZmQ1NjYwNDU3M2QxZWY5ZTBlODI5
OWI1MjkwHhcNMjQwMTAxMTYyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGQ4ODk1ZDRjZWEzNjEzNTYzODU5YzdjOWRhNmVhMjE5MGY5NWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHVmt/FJTFlap4/xpn6+jMTr93iz
vGsudM6Qp2DV+BurP3bsfiMkMasrY05oO/EtsYyW8e1sIK3lKvzO++e6syWkOmtZ
BpSuPdcIE/BFMm9Vy1iIH7DmCM247zKiPUU2qUD1MHQ0Hp/mBltp+z/vn617DOMy
QY/qDLqw3a3Wysjr8QQAYARTJedxgFScUBjSG8ZmNxJQTwXcUF/1J3ArxhUimSn6
nuMKUc7rV19Qyv+HUPwFxb1X5uXa8OKf5Mw4gU/fpYjNFEiipyyKzwb0c2MRDcMd
T4AGiTRM/dsEn3quLsWFfVgJnFRSHVCXDGDr4gFlbaS5xr3CMHa9CYQGZwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFK3YiV1M6jYTVjhZx8nabqIZD5XbMB8GA1UdIwQY
MBaAFDqTbS8pjmz9VmBFc9Hvng6CmbUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQt
YjVmOGVjMGFhZDdjLzEvcmRpSlhVenFOaE5XT0ZuSHlkcHVvaGtQbGRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy83MDQ5NzMtMTg2Ni00MGQxLTlhMWQtYjVmOGVjMGFhZDdj
LzEvT3BOdEx5bU9iUDFXWUVWejBlLWVEb0tadFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQApINQAwQC
pIN8MAwDBAGkg4IDBAGkg4QDBAGkg44DBACkg6AwDAMEAKSDxQMEA6SDwAMEAqSD
1AMEAKSD4AMEAaSD4gMEAaSD6AMEAKSD9DANBgkqhkiG9w0BAQsFAAOCAQEAbgWL
Zivk9Hp+CN0/ozHeQkXSrEhP51Ojh1Rop0/TZnzDHfPABiBxGztyI/yLZXJuqIYd
ky8RcRdQ0Jgw/Oe6SZmhbtq21RoNeTc/CFluI89rjJEQ5AjyoMMUeEpSqYteB63n
9Xp5d8mqdG9GSOKxNGlO86VcwQHJAnJXmOoEiPyCWNOwhA4FiGvmS9HHhRq2vg3H
nFtrY55NQAjN9IUf7cDFEwXDmbraiNPMaziyWGF/kUHs6bI3JcxHfiUAq6Uel3Fx
7MfpEyDHpsdLgMmA/aV9yicBlCs5+01VLNin/b0r6ZxNK9LNHjcnM/JgV0/7NQeZ
yzj692PtaZWE8KrSqA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:52:17 2024 by rpki-client on console-fra.rpki-client.org