Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/oZXThHCHGodqajA7pJwUzCapKcs.roa
File: oZXThHCHGodqajA7pJwUzCapKcs.roa (raw, json)
Hash identifier: 9V7Fx5BxVj/I+oUoUIZ2GsE+CkuX/118YG1Z6F1M5To=
Subject key identifier: A1:95:D3:84:70:87:1A:87:6A:6A:30:3B:A4:9C:14:CC:26:A9:29:CB
Certificate issuer: /CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Certificate serial: 018CC2DB454F92F7388F076F5CAF2A457D99
Authority key identifier: E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/oZXThHCHGodqajA7pJwUzCapKcs.roa
Signing time: Mon 01 Jan 2024 02:29:59 +0000
ROA not before: Mon 01 Jan 2024 02:29:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206943
IP address blocks: 185.102.48.0/22 maxlen: 23
31.42.128.0/20 maxlen: 20
178.218.128.0/21 maxlen: 21
178.218.136.0/21 maxlen: 21
31.42.144.0/20 maxlen: 20
178.159.64.0/20 maxlen: 20
185.171.30.0/23 maxlen: 23
185.171.28.0/23 maxlen: 23
185.183.90.0/23 maxlen: 23
185.183.88.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:45:4f:92:f7:38:8f:07:6f:5c:af:2a:45:7d:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e319d0cd65593d969e8d45382a194aaa73c0ff8c
Validity
Not Before: Jan 1 02:29:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a195d38470871a876a6a303ba49c14cc26a929cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:0b:5e:6f:b7:84:48:3c:86:da:4a:8b:57:60:
f6:1f:3f:42:68:72:01:97:21:1d:d6:78:02:3b:f1:
a0:9d:c8:46:94:ca:5e:59:49:c1:cf:f8:24:ce:58:
68:90:fd:b1:94:21:ec:f3:73:a7:b4:15:aa:f1:a6:
3d:62:7c:70:0f:f6:fd:3a:16:93:be:53:75:eb:06:
d0:5d:66:a9:b2:ca:e3:a8:f7:71:9f:f5:98:85:7c:
af:73:52:98:cf:6c:3e:ab:db:b4:1d:1b:69:ce:94:
7e:92:bd:fb:32:ef:fc:e6:18:06:3c:fe:6d:f7:95:
76:6e:f5:bf:86:c8:e3:db:fb:ca:bb:c9:ab:b7:be:
cb:2f:51:68:07:ef:76:fe:74:7d:16:fc:ce:df:14:
b1:43:ab:95:cd:a2:0f:d3:3c:68:3a:79:6a:90:ba:
b6:dc:e0:2d:a9:14:1c:0c:50:2a:85:2b:1a:0c:3d:
d3:04:88:f9:68:8b:4f:f9:26:06:be:f6:a9:d1:c7:
bf:00:87:57:80:75:25:4c:23:87:bb:0b:11:88:2b:
47:1d:0c:1d:86:92:84:31:45:ce:94:ff:89:53:de:
0f:a6:0a:e0:e8:b0:bc:7d:97:30:a7:91:fd:96:a5:
ed:00:12:24:a2:0f:07:a3:c9:ae:79:ba:0c:99:a5:
15:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:95:D3:84:70:87:1A:87:6A:6A:30:3B:A4:9C:14:CC:26:A9:29:CB
X509v3 Authority Key Identifier:
keyid:E3:19:D0:CD:65:59:3D:96:9E:8D:45:38:2A:19:4A:AA:73:C0:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4xnQzWVZPZaejUU4KhlKqnPA_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/oZXThHCHGodqajA7pJwUzCapKcs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/ae869c-812c-4cd6-baf9-217cf93845bc/1/4xnQzWVZPZaejUU4KhlKqnPA_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.128.0/19
178.159.64.0/20
178.218.128.0/20
185.102.48.0/22
185.171.28.0/22
185.183.88.0/22
Signature Algorithm: sha256WithRSAEncryption
08:19:45:57:5c:b3:50:c8:56:bf:36:8a:52:59:45:c7:ed:1b:
85:79:50:7a:71:88:68:ba:27:a0:4d:eb:34:44:da:4f:a6:be:
b1:c7:34:9b:1a:15:36:8c:bf:5e:60:ed:2f:fc:e0:0a:68:0b:
1c:fc:0d:f0:78:14:89:c3:a5:b3:bb:6f:cd:11:02:31:d2:3d:
d5:78:66:5b:fa:1c:49:33:00:ba:6c:32:2c:f9:94:06:a7:d1:
5d:77:a2:84:79:1b:7c:1e:f0:92:fa:c5:e1:a5:ae:99:54:a0:
5a:af:98:dd:63:c3:bc:8d:6d:78:2b:c2:ab:55:6b:0e:49:5f:
34:5e:6b:73:5e:88:64:9c:0e:7f:d4:3d:96:27:6e:00:21:6f:
a4:2e:1f:18:92:33:a5:ee:95:0a:64:07:6e:d0:d6:0c:6e:1a:
93:79:16:82:1e:30:f5:6d:b5:7d:ac:16:b6:ef:d6:6e:c6:48:
ab:61:f6:f5:7a:06:08:ce:5b:b8:80:d7:9b:d2:28:dd:fa:bf:
80:b4:c0:10:fe:47:1a:49:32:bd:a7:1e:5f:4d:af:90:e2:a8:
6b:d7:c7:35:0c:dc:31:98:c8:3e:8f:4b:20:ad:b4:61:77:e0:
b0:80:a6:aa:f2:43:74:cc:0a:9c:7e:5e:fe:34:4d:3e:73:bf:
b1:e3:a7:37
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzC20VPkvc4jwdvXK8qRX2ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzMTlkMGNkNjU1OTNkOTY5ZThkNDUzODJhMTk0YWFhNzNj
MGZmOGMwHhcNMjQwMTAxMDIyOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTk1ZDM4NDcwODcxYTg3NmE2YTMwM2JhNDljMTRjYzI2YTkyOWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAggteb7eESDyG2kqLV2D2Hz9CaHIB
lyEd1ngCO/GgnchGlMpeWUnBz/gkzlhokP2xlCHs83OntBWq8aY9YnxwD/b9OhaT
vlN16wbQXWapssrjqPdxn/WYhXyvc1KYz2w+q9u0HRtpzpR+kr37Mu/85hgGPP5t
95V2bvW/hsjj2/vKu8mrt77LL1FoB+92/nR9FvzO3xSxQ6uVzaIP0zxoOnlqkLq2
3OAtqRQcDFAqhSsaDD3TBIj5aItP+SYGvvap0ce/AIdXgHUlTCOHuwsRiCtHHQwd
hpKEMUXOlP+JU94Ppgrg6LC8fZcwp5H9lqXtABIkog8Ho8mueboMmaUV3wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKGV04RwhxqHamowO6ScFMwmqSnLMB8GA1UdIwQY
MBaAFOMZ0M1lWT2Wno1FOCoZSqpzwP+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjkt
MjE3Y2Y5Mzg0NWJjLzEvb1pYVGhIQ0hHb2RxYWpBN3BKd1V6Q2FwS2NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9hZTg2OWMtODEyYy00Y2Q2LWJhZjktMjE3Y2Y5Mzg0NWJj
LzEvNHhuUXpXVlpQWmFlalVVNEtobEtxblBBXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQFHyqAAwQE
sp9AAwQEstqAAwQCuWYwAwQCuascAwQCubdYMA0GCSqGSIb3DQEBCwUAA4IBAQAI
GUVXXLNQyFa/NopSWUXH7RuFeVB6cYhouiegTes0RNpPpr6xxzSbGhU2jL9eYO0v
/OAKaAsc/A3weBSJw6Wzu2/NEQIx0j3VeGZb+hxJMwC6bDIs+ZQGp9Fdd6KEeRt8
HvCS+sXhpa6ZVKBar5jdY8O8jW14K8KrVWsOSV80XmtzXohknA5/1D2WJ24AIW+k
Lh8YkjOl7pUKZAdu0NYMbhqTeRaCHjD1bbV9rBa279ZuxkirYfb1egYIzlu4gNeb
0ijd+r+AtMAQ/kcaSTK9px5fTa+Q4qhr18c1DNwxmMg+j0sgrbRhd+CwgKaq8kN0
zAqcfl7+NE0+c7+x46c3
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:53:52 2024 by rpki-client on console-fra.rpki-client.org