Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/O-_xr6w3eXHQ7WF4NuH7zuKXqsc.roa
File: O-_xr6w3eXHQ7WF4NuH7zuKXqsc.roa (raw, json)
Hash identifier: 8SLL/+/rgQszASnpszmHgHHQdUqetH0J9OSiGd3L0xw=
Subject key identifier: 3B:EF:F1:AF:AC:37:79:71:D0:ED:61:78:36:E1:FB:CE:E2:97:AA:C7
Certificate issuer: /CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Certificate serial: 018CC4255B5B77E50AB6852DF019ADFDE9F2
Authority key identifier: D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/O-_xr6w3eXHQ7WF4NuH7zuKXqsc.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213038
IP address blocks: 194.88.111.0/24 maxlen: 24
194.88.110.0/24 maxlen: 24
194.88.109.0/24 maxlen: 24
194.88.108.0/24 maxlen: 24
185.131.145.0/24 maxlen: 24
185.131.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 10:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5b:5b:77:e5:0a:b6:85:2d:f0:19:ad:fd:e9:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9efe9d36f5f88fdf04742c4140c7532090ab770
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3beff1afac377971d0ed617836e1fbcee297aac7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:a1:60:56:6f:b9:52:6b:93:b8:36:0d:62:b5:
28:c8:27:23:b9:3c:ea:de:e4:3f:db:d8:95:f0:ce:
85:f9:b5:21:67:58:44:63:88:4c:69:9e:16:b2:4b:
74:bb:ad:14:3c:aa:77:d2:11:dd:64:01:38:fd:f7:
e5:7a:01:d0:b3:29:fe:81:c5:e8:8e:9b:a4:e9:63:
bc:bd:87:e5:b0:4b:9a:be:67:b0:e6:33:24:9d:94:
9b:e5:f4:6d:4c:58:ba:fd:5b:87:a0:47:cf:9c:5b:
00:2d:ab:56:de:f3:4e:8e:17:83:5b:fb:3c:3e:4b:
f4:64:93:4c:14:ee:97:96:21:39:ae:ba:a4:97:d6:
33:7c:7a:0d:91:51:03:e5:f9:21:23:3a:11:8a:2d:
9c:23:5d:55:e8:c3:a6:2e:dd:d5:f2:64:44:b3:1d:
c3:fc:3e:8f:05:c4:9d:7e:c2:3f:bf:31:94:57:c5:
d2:36:31:d6:1b:bc:13:35:37:42:24:50:01:e8:7a:
e5:50:c9:cd:9d:a0:54:d2:fc:de:69:c1:20:c5:90:
0a:46:8d:1e:18:12:68:23:cf:4b:d3:30:ea:5f:df:
40:bf:38:8d:c8:5c:9e:7c:75:2d:5e:c3:e6:d8:73:
7b:eb:89:29:be:2f:b8:a6:16:01:70:8d:e4:4d:fe:
97:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EF:F1:AF:AC:37:79:71:D0:ED:61:78:36:E1:FB:CE:E2:97:AA:C7
X509v3 Authority Key Identifier:
keyid:D9:EF:E9:D3:6F:5F:88:FD:F0:47:42:C4:14:0C:75:32:09:0A:B7:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e_p029fiP3wR0LEFAx1MgkKt3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/O-_xr6w3eXHQ7WF4NuH7zuKXqsc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/55db34-fc79-4004-95c9-39f6d6425338/1/2e_p029fiP3wR0LEFAx1MgkKt3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.144.0/23
194.88.108.0/22
Signature Algorithm: sha256WithRSAEncryption
8a:a2:33:aa:a2:be:2f:2a:83:e9:5c:c7:85:3a:fa:8d:bb:17:
d0:a1:8e:17:cd:bc:37:a6:0f:f5:0f:4a:0d:be:eb:af:a6:c8:
9e:56:93:ce:d2:aa:44:74:96:d6:68:3c:36:7f:d7:09:8e:a2:
c3:f9:6a:c7:11:8f:f0:f5:0b:39:f4:91:42:08:73:3d:c1:ee:
bb:74:75:58:28:21:47:1c:05:21:10:0a:46:8a:e5:bf:9c:27:
8d:34:e8:a7:08:13:b4:4a:c5:a3:52:f1:12:73:17:0a:97:34:
9f:db:ef:aa:50:e7:be:b6:e0:b7:b5:fa:eb:95:76:12:53:80:
e4:db:21:8f:0c:73:50:7d:c2:63:e1:d5:61:14:3f:39:dc:fa:
77:5a:44:98:ae:ac:37:07:b3:94:49:82:81:28:33:9e:c6:66:
97:55:45:4e:81:8c:bf:9e:39:53:ba:c8:fb:ac:6d:1f:de:8e:
2e:4f:48:37:9e:96:14:b2:f3:c2:42:0c:b2:0c:88:b9:62:8b:
e2:cd:0e:d9:83:8f:91:36:75:43:1e:95:a5:9b:9e:29:aa:b4:
2e:fb:a2:e1:6e:d0:09:80:f2:fd:33:ba:28:d5:af:ed:05:0d:
8d:2d:e6:89:ec:0f:3b:6a:c3:87:26:e6:4b:71:80:05:6c:51:
d9:84:ef:a2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJVtbd+UKtoUt8Bmt/enyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZWZlOWQzNmY1Zjg4ZmRmMDQ3NDJjNDE0MGM3NTMyMDkw
YWI3NzAwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmVmZjFhZmFjMzc3OTcxZDBlZDYxNzgzNmUxZmJjZWUyOTdhYWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgKFgVm+5UmuTuDYNYrUoyCcjuTzq
3uQ/29iV8M6F+bUhZ1hEY4hMaZ4Wskt0u60UPKp30hHdZAE4/fflegHQsyn+gcXo
jpuk6WO8vYflsEuavmew5jMknZSb5fRtTFi6/VuHoEfPnFsALatW3vNOjheDW/s8
Pkv0ZJNMFO6XliE5rrqkl9YzfHoNkVED5fkhIzoRii2cI11V6MOmLt3V8mREsx3D
/D6PBcSdfsI/vzGUV8XSNjHWG7wTNTdCJFAB6HrlUMnNnaBU0vzeacEgxZAKRo0e
GBJoI89L0zDqX99AvziNyFyefHUtXsPm2HN764kpvi+4phYBcI3kTf6XDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDvv8a+sN3lx0O1heDbh+87il6rHMB8GA1UdIwQY
MBaAFNnv6dNvX4j98EdCxBQMdTIJCrdwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1Yzkt
MzlmNmQ2NDI1MzM4LzEvTy1feHI2dzNlWEhRN1dGNE51SDd6dUtYcXNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC81NWRiMzQtZmM3OS00MDA0LTk1YzktMzlmNmQ2NDI1MzM4
LzEvMmVfcDAyOWZpUDN3UjBMRUZBeDFNZ2tLdDNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuYOQAwQC
wlhsMA0GCSqGSIb3DQEBCwUAA4IBAQCKojOqor4vKoPpXMeFOvqNuxfQoY4Xzbw3
pg/1D0oNvuuvpsieVpPO0qpEdJbWaDw2f9cJjqLD+WrHEY/w9Qs59JFCCHM9we67
dHVYKCFHHAUhEApGiuW/nCeNNOinCBO0SsWjUvEScxcKlzSf2++qUOe+tuC3tfrr
lXYSU4Dk2yGPDHNQfcJj4dVhFD853Pp3WkSYrqw3B7OUSYKBKDOexmaXVUVOgYy/
njlTusj7rG0f3o4uT0g3npYUsvPCQgyyDIi5YovizQ7Zg4+RNnVDHpWlm54pqrQu
+6LhbtAJgPL9M7oo1a/tBQ2NLeaJ7A87asOHJuZLcYAFbFHZhO+i
-----END CERTIFICATE-----
Generated at Wed May 15 17:02:36 2024 by rpki-client on console-ams.rpki-client.org