Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/OAdVmOgFkx8x5I0rGWyl0ftwTcw.roa
File: OAdVmOgFkx8x5I0rGWyl0ftwTcw.roa (raw, json)
Hash identifier: 5wgQYoBfcBy0B7vErkLCI2m5ocmPwqOfv53TfjP91/s=
Subject key identifier: 38:07:55:98:E8:05:93:1F:31:E4:8D:2B:19:6C:A5:D1:FB:70:4D:CC
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 018EA3F3748BA773CD604F7A3FF96CB1E36C
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/OAdVmOgFkx8x5I0rGWyl0ftwTcw.roa
Signing time: Wed 03 Apr 2024 12:33:45 +0000
ROA not before: Wed 03 Apr 2024 12:33:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24921
IP address blocks: 81.198.189.0/24 maxlen: 24
87.246.168.0/24 maxlen: 24
87.246.169.0/24 maxlen: 24
87.246.170.0/24 maxlen: 24
87.246.171.0/24 maxlen: 24
194.8.22.0/24 maxlen: 24
213.175.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a3:f3:74:8b:a7:73:cd:60:4f:7a:3f:f9:6c:b1:e3:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Apr 3 12:33:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38075598e805931f31e48d2b196ca5d1fb704dcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:31:22:b6:0f:dd:33:a9:a2:5d:eb:d6:58:38:
b4:12:93:4e:9b:27:d5:31:36:b2:03:85:82:06:3a:
5d:44:1b:b3:5b:a5:11:99:36:3b:5e:5f:27:79:f3:
4f:ca:34:01:39:9d:98:21:47:0c:c7:42:4b:f6:04:
f6:cc:c6:9a:0d:79:f4:9a:5e:68:aa:c5:61:6d:f6:
1c:99:a4:d2:b5:d2:d3:b0:85:4d:df:09:f4:95:4f:
88:c0:b7:22:08:df:c3:ec:2b:b5:d2:c0:1f:c0:ac:
bd:5c:6c:55:f1:05:08:f0:a1:e8:e7:68:f5:63:bd:
03:c7:5e:93:7b:ae:b0:9a:a5:f2:d6:03:d4:fb:d6:
fa:37:44:58:28:9e:c4:1a:85:c5:62:a5:46:cf:23:
1b:b7:6f:7a:ea:14:7f:8a:ca:be:f3:4e:38:d2:85:
d1:13:4a:0c:a3:ee:19:ee:02:97:34:70:ab:fc:2d:
44:7d:f7:5b:95:94:f3:fc:ad:77:6e:ea:a7:ab:1a:
32:14:e1:a9:f6:8b:41:5b:7d:39:12:20:ec:e5:c1:
8a:6f:6e:67:72:9e:d9:fd:3f:72:3d:17:2b:fc:3c:
52:4d:eb:a2:9f:e6:c8:c5:23:94:26:e3:21:ef:45:
24:e9:67:f1:fa:22:88:88:19:f7:ec:05:7b:0d:fb:
cb:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:07:55:98:E8:05:93:1F:31:E4:8D:2B:19:6C:A5:D1:FB:70:4D:CC
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/OAdVmOgFkx8x5I0rGWyl0ftwTcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.198.189.0/24
87.246.168.0/22
194.8.22.0/24
213.175.79.0/24
Signature Algorithm: sha256WithRSAEncryption
13:75:a6:9f:15:5c:22:aa:df:98:3a:a9:ec:14:a1:45:15:33:
87:57:ae:31:3a:ff:9f:ef:c9:bd:7c:09:2f:54:b0:cd:da:c5:
8d:ba:c2:25:5a:83:9e:e9:63:69:a3:ea:ea:b0:61:71:9c:37:
f6:b5:63:7d:cb:e5:db:46:72:fe:44:97:39:c1:b2:ab:1d:c6:
82:16:b5:da:94:43:c0:d9:50:bb:43:c8:f4:60:e7:67:9b:fc:
c5:42:c7:ea:d1:79:03:b0:ca:b0:eb:91:06:ee:d1:03:bf:4a:
c0:9f:a0:10:11:90:66:fb:b4:8d:a9:f2:3f:5d:91:6c:64:a6:
66:13:15:25:09:9e:e3:c6:3e:8b:95:13:b2:22:ca:17:b7:65:
7c:3d:30:bd:87:36:7b:be:2a:f6:45:13:3d:1c:66:d4:2f:2d:
d8:e8:f4:a1:aa:97:0c:b0:bd:0c:af:0d:33:15:4a:67:cb:0a:
bd:04:94:70:80:80:7a:36:f8:54:dc:74:79:eb:80:37:06:69:
92:e7:67:5a:ca:b8:c5:a3:f6:b0:94:fa:10:83:30:75:30:6a:
08:c4:e6:af:19:4f:23:49:3d:cb:5a:de:8a:9d:ab:03:f4:4c:
bf:3d:ab:dc:b8:69:d8:fd:bf:4c:a0:b1:7f:44:72:a6:89:74:
11:6a:ea:0e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY6j83SLp3PNYE96P/lsseNsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjQwNDAzMTIzMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODA3NTU5OGU4MDU5MzFmMzFlNDhkMmIxOTZjYTVkMWZiNzA0ZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTEitg/dM6miXevWWDi0EpNOmyfV
MTayA4WCBjpdRBuzW6URmTY7Xl8nefNPyjQBOZ2YIUcMx0JL9gT2zMaaDXn0ml5o
qsVhbfYcmaTStdLTsIVN3wn0lU+IwLciCN/D7Cu10sAfwKy9XGxV8QUI8KHo52j1
Y70Dx16Te66wmqXy1gPU+9b6N0RYKJ7EGoXFYqVGzyMbt2966hR/isq+80440oXR
E0oMo+4Z7gKXNHCr/C1EffdblZTz/K13buqnqxoyFOGp9otBW305EiDs5cGKb25n
cp7Z/T9yPRcr/DxSTeuin+bIxSOUJuMh70Uk6Wfx+iKIiBn37AV7DfvLcwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDgHVZjoBZMfMeSNKxlspdH7cE3MMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvT0FkVm1PZ0ZreDh4NUkwckdXeWwwZnR3VGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUca9AwQC
V/aoAwQAwggWAwQA1a9PMA0GCSqGSIb3DQEBCwUAA4IBAQATdaafFVwiqt+YOqns
FKFFFTOHV64xOv+f78m9fAkvVLDN2sWNusIlWoOe6WNpo+rqsGFxnDf2tWN9y+Xb
RnL+RJc5wbKrHcaCFrXalEPA2VC7Q8j0YOdnm/zFQsfq0XkDsMqw65EG7tEDv0rA
n6AQEZBm+7SNqfI/XZFsZKZmExUlCZ7jxj6LlROyIsoXt2V8PTC9hzZ7vir2RRM9
HGbULy3Y6PShqpcMsL0Mrw0zFUpnywq9BJRwgIB6NvhU3HR564A3BmmS52dayrjF
o/awlPoQgzB1MGoIxOavGU8jST3LWt6KnasD9Ey/PavcuGnY/b9MoLF/RHKmiXQR
auoO
-----END CERTIFICATE-----
Generated at Sun May 26 06:42:08 2024 by rpki-client on console-ams.rpki-client.org