Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/OSF8LiDxq7e-LDbq47CGMYGj2qw.roa
File: OSF8LiDxq7e-LDbq47CGMYGj2qw.roa (raw, json)
Hash identifier: xBfxNdey2jWs6zqLMX5bpyIo1IxfsfS+rpVW1z48gCs=
Subject key identifier: 39:21:7C:2E:20:F1:AB:B7:BE:2C:36:EA:E3:B0:86:31:81:A3:DA:AC
Certificate issuer: /CN=c42708df93954aac601aef1835bd5d69245fb02f
Certificate serial: 018CC2DAEFB8B40A35E0DDB9720FC7D807EB
Authority key identifier: C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/OSF8LiDxq7e-LDbq47CGMYGj2qw.roa
Signing time: Mon 01 Jan 2024 02:29:37 +0000
ROA not before: Mon 01 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208582
IP address blocks: 185.211.60.0/22 maxlen: 24
185.51.8.0/22 maxlen: 24
2a01:aee0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.mft
rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ef:b8:b4:0a:35:e0:dd:b9:72:0f:c7:d8:07:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c42708df93954aac601aef1835bd5d69245fb02f
Validity
Not Before: Jan 1 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39217c2e20f1abb7be2c36eae3b0863181a3daac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:3c:a3:dd:f6:51:b6:63:30:29:0a:ed:8f:b1:
03:62:ed:22:f3:de:95:bb:58:f8:ab:a4:08:de:12:
89:a9:1c:b8:c5:cc:16:5a:9e:95:d7:83:fb:8c:e9:
12:25:8b:e1:c7:5c:03:74:e1:e0:07:7f:7f:b1:97:
df:d6:90:0b:1e:fa:fb:85:0e:7f:ea:35:55:1d:b0:
56:fe:96:86:96:04:da:8b:20:af:b3:b0:06:df:cf:
71:62:99:36:62:b5:b7:92:29:4e:4d:10:52:ad:93:
c0:47:53:bd:e3:53:f4:20:61:72:08:cb:7b:f5:c3:
f7:ff:b9:1d:62:8e:a7:22:36:0c:06:91:d1:e0:04:
5d:fd:cc:cc:06:93:76:d2:d4:70:a6:ea:e3:ba:55:
58:2d:e7:88:cf:ad:2e:47:91:be:92:a9:92:ac:06:
ef:af:ac:e4:dd:64:0b:24:e5:06:7b:8d:3e:20:ef:
33:60:6d:fa:0e:7a:a5:8f:05:f7:37:00:c9:39:76:
3b:34:32:dd:23:ad:23:b5:b3:28:46:43:f0:d7:85:
c4:f2:10:9e:f6:a2:bf:bf:e9:6a:ef:aa:da:1c:44:
24:92:b0:b8:67:23:d5:98:4a:96:a4:65:b7:ca:52:
0e:eb:a1:14:cb:6b:8e:cf:9b:5a:ed:96:0d:03:50:
4a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:21:7C:2E:20:F1:AB:B7:BE:2C:36:EA:E3:B0:86:31:81:A3:DA:AC
X509v3 Authority Key Identifier:
keyid:C4:27:08:DF:93:95:4A:AC:60:1A:EF:18:35:BD:5D:69:24:5F:B0:2F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xCcI35OVSqxgGu8YNb1daSRfsC8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/OSF8LiDxq7e-LDbq47CGMYGj2qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/f617a5-3240-48c4-b716-741c1d8dea2b/1/xCcI35OVSqxgGu8YNb1daSRfsC8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.51.8.0/22
185.211.60.0/22
IPv6:
2a01:aee0::/32
Signature Algorithm: sha256WithRSAEncryption
34:42:f3:7a:94:02:23:0c:e2:f1:50:f3:cf:3d:2a:9e:6c:27:
55:fa:04:e2:30:53:7b:1f:9a:96:37:52:15:29:4a:78:1e:b2:
78:41:29:81:14:97:36:44:64:a0:89:85:fd:3b:8d:ac:e2:fd:
e8:45:28:d0:ca:69:85:07:ea:1f:7c:7d:5b:e7:23:93:59:f7:
c7:ef:52:be:ed:84:09:c5:50:06:2a:ba:41:25:d4:71:96:7e:
56:17:eb:03:9e:7f:ac:66:8b:a3:33:18:08:dc:4b:0c:38:f2:
63:dd:ff:2a:46:c0:8f:d0:7e:e7:89:c8:5a:57:98:5f:98:13:
5c:e5:69:29:30:2f:16:9f:5b:c9:98:50:30:66:d6:a5:0d:66:
5e:66:1c:9f:ff:15:19:a1:09:67:ab:0d:ab:4f:37:b8:88:f8:
ff:b1:2a:c6:6f:aa:61:0b:fd:9a:7f:91:a4:c4:90:e6:d3:6b:
6b:d8:85:79:fc:24:64:96:29:67:7e:20:42:6e:68:b6:15:8c:
87:52:39:91:50:90:86:86:b0:99:bb:25:bd:33:34:8c:00:8a:
a8:62:bd:ed:10:ae:29:c5:45:22:f4:be:fd:2f:6b:99:ec:dd:
23:b7:c9:41:99:39:14:a5:71:91:32:8e:aa:4d:d7:a4:f6:47:
51:ef:34:e7
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2u+4tAo14N25cg/H2AfrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MjcwOGRmOTM5NTRhYWM2MDFhZWYxODM1YmQ1ZDY5MjQ1
ZmIwMmYwHhcNMjQwMTAxMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTIxN2MyZTIwZjFhYmI3YmUyYzM2ZWFlM2IwODYzMTgxYTNkYWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjTyj3fZRtmMwKQrtj7EDYu0i896V
u1j4q6QI3hKJqRy4xcwWWp6V14P7jOkSJYvhx1wDdOHgB39/sZff1pALHvr7hQ5/
6jVVHbBW/paGlgTaiyCvs7AG389xYpk2YrW3kilOTRBSrZPAR1O941P0IGFyCMt7
9cP3/7kdYo6nIjYMBpHR4ARd/czMBpN20tRwpurjulVYLeeIz60uR5G+kqmSrAbv
r6zk3WQLJOUGe40+IO8zYG36DnqljwX3NwDJOXY7NDLdI60jtbMoRkPw14XE8hCe
9qK/v+lq76raHEQkkrC4ZyPVmEqWpGW3ylIO66EUy2uOz5ta7ZYNA1BKNwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDkhfC4g8au3viw26uOwhjGBo9qsMB8GA1UdIwQY
MBaAFMQnCN+TlUqsYBrvGDW9XWkkX7AvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYt
NzQxYzFkOGRlYTJiLzEvT1NGOExpRHhxN2UtTERicTQ3Q0dNWUdqMnF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9mNjE3YTUtMzI0MC00OGM0LWI3MTYtNzQxYzFkOGRlYTJi
LzEveENjSTM1T1ZTcXhnR3U4WU5iMWRhU1Jmc0M4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTMIAwQC
udM8MA0EAgACMAcDBQAqAa7gMA0GCSqGSIb3DQEBCwUAA4IBAQA0QvN6lAIjDOLx
UPPPPSqebCdV+gTiMFN7H5qWN1IVKUp4HrJ4QSmBFJc2RGSgiYX9O42s4v3oRSjQ
ymmFB+offH1b5yOTWffH71K+7YQJxVAGKrpBJdRxln5WF+sDnn+sZoujMxgI3EsM
OPJj3f8qRsCP0H7nichaV5hfmBNc5WkpMC8Wn1vJmFAwZtalDWZeZhyf/xUZoQln
qw2rTze4iPj/sSrGb6phC/2af5GkxJDm02tr2IV5/CRklilnfiBCbmi2FYyHUjmR
UJCGhrCZuyW9MzSMAIqoYr3tEK4pxUUi9L79L2uZ7N0jt8lBmTkUpXGRMo6qTdek
9kdR7zTn
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:33:47 2024 by rpki-client on console-ams.rpki-client.org