Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/2d7609-2142-4a03-b11e-1148fde7aef7/1/prXeJS5mi-ks0_dAqGR4Fqv5fPA.roa
File: prXeJS5mi-ks0_dAqGR4Fqv5fPA.roa (raw, json)
Hash identifier: QQzjOBOCqXBhMJkUkPsxNvJuqoRGlZKrQrKKc2UDaY8=
Subject key identifier: A6:B5:DE:25:2E:66:8B:E9:2C:D3:F7:40:A8:64:78:16:AB:F9:7C:F0
Certificate issuer: /CN=a0a6d6b087461fdec6a5b9d52d29832d8f299c87
Certificate serial: 018CC493940277F71301E65B82A9FF40FE5E
Authority key identifier: A0:A6:D6:B0:87:46:1F:DE:C6:A5:B9:D5:2D:29:83:2D:8F:29:9C:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oKbWsIdGH97GpbnVLSmDLY8pnIc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/2d7609-2142-4a03-b11e-1148fde7aef7/1/prXeJS5mi-ks0_dAqGR4Fqv5fPA.roa
Signing time: Mon 01 Jan 2024 10:30:55 +0000
ROA not before: Mon 01 Jan 2024 10:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 80.82.4.0/24 maxlen: 24
80.82.3.0/24 maxlen: 24
80.82.0.0/24 maxlen: 24
80.82.2.0/24 maxlen: 24
80.82.1.0/24 maxlen: 24
80.82.11.0/24 maxlen: 24
80.82.10.0/24 maxlen: 24
80.82.5.0/24 maxlen: 24
80.82.7.0/24 maxlen: 24
80.82.6.0/24 maxlen: 24
80.82.9.0/24 maxlen: 24
80.82.8.0/24 maxlen: 24
80.82.12.0/24 maxlen: 24
80.82.14.0/24 maxlen: 24
80.82.13.0/24 maxlen: 24
80.82.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/2d7609-2142-4a03-b11e-1148fde7aef7/1/oKbWsIdGH97GpbnVLSmDLY8pnIc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/2d7609-2142-4a03-b11e-1148fde7aef7/1/oKbWsIdGH97GpbnVLSmDLY8pnIc.mft
rsync://rpki.ripe.net/repository/DEFAULT/oKbWsIdGH97GpbnVLSmDLY8pnIc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:94:02:77:f7:13:01:e6:5b:82:a9:ff:40:fe:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0a6d6b087461fdec6a5b9d52d29832d8f299c87
Validity
Not Before: Jan 1 10:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a6b5de252e668be92cd3f740a8647816abf97cf0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:df:99:8c:21:70:65:bc:53:01:aa:cd:71:6a:
68:2f:32:c8:aa:12:8c:0f:86:10:8b:05:c2:96:ef:
10:94:16:99:ab:b0:1b:94:f8:2b:53:be:a2:85:c6:
be:52:f2:bd:c0:0e:40:e6:29:e9:7a:2a:5c:f2:b7:
73:5f:30:92:86:44:a2:64:da:30:1d:1f:f7:f3:bd:
e3:40:f6:d7:12:41:ff:cc:9a:79:ea:5b:04:b8:2e:
75:89:2b:84:93:21:a0:25:4e:e6:32:03:29:59:01:
00:c7:97:5a:65:8e:f8:44:7c:4e:b3:f2:d8:7e:ef:
6d:a5:83:d8:66:10:e9:00:9b:49:72:fb:25:93:f8:
8c:23:16:43:4a:3d:b1:08:74:14:82:1d:a1:21:4e:
a2:fd:55:af:da:7b:86:6b:04:45:ae:e7:96:92:3a:
b0:b8:14:1b:3a:d3:0c:b8:ba:35:55:68:7b:c0:0b:
a9:e9:7b:c3:03:7e:94:2a:9d:8e:6e:05:fe:d0:6c:
97:39:7b:94:43:6f:c9:f1:ee:ac:54:30:b3:1f:59:
60:6e:55:10:ac:45:ff:37:8b:2d:9c:ec:f0:8a:cc:
c9:32:a9:47:b1:fb:a1:23:b8:cf:ab:39:cc:3b:d2:
1d:08:24:ed:28:45:c7:ee:01:af:cc:76:6b:4b:a1:
15:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:B5:DE:25:2E:66:8B:E9:2C:D3:F7:40:A8:64:78:16:AB:F9:7C:F0
X509v3 Authority Key Identifier:
keyid:A0:A6:D6:B0:87:46:1F:DE:C6:A5:B9:D5:2D:29:83:2D:8F:29:9C:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oKbWsIdGH97GpbnVLSmDLY8pnIc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/2d7609-2142-4a03-b11e-1148fde7aef7/1/prXeJS5mi-ks0_dAqGR4Fqv5fPA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/2d7609-2142-4a03-b11e-1148fde7aef7/1/oKbWsIdGH97GpbnVLSmDLY8pnIc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.82.0.0/20
Signature Algorithm: sha256WithRSAEncryption
a6:d4:c4:b2:01:89:79:e3:d6:0d:09:8e:f2:84:59:5f:87:1e:
7e:3c:f4:06:14:1c:f3:d7:8d:74:bf:3a:e7:23:84:4c:82:13:
19:14:48:58:e6:ac:b2:ab:d2:c8:06:c8:ce:03:f5:6e:59:d8:
59:a2:84:09:4c:ab:38:5b:01:97:63:2e:54:a9:79:74:fe:f2:
9f:c2:c1:49:a5:09:1d:a3:e6:95:21:45:cf:67:22:99:63:a6:
8e:f1:ee:66:6d:00:f3:6a:8d:ab:36:45:bb:da:05:38:11:03:
c2:1c:c2:e5:bf:df:bb:02:02:b5:0b:ef:69:f1:d1:56:f7:58:
3f:f6:4f:9b:6a:93:d5:9e:b6:f3:22:e7:c5:e0:fe:00:ed:8d:
41:b1:b4:81:2a:85:51:4a:3f:b4:88:68:1a:54:88:41:73:c1:
95:5a:5b:b0:d4:bc:cf:8e:b2:9c:7f:fb:c4:b2:74:ed:ae:aa:
fc:d3:19:56:a4:9c:b1:d4:f7:b8:cf:ab:56:93:70:07:34:e4:
dd:e6:ac:91:4e:de:06:f7:a5:33:0b:33:38:16:fb:c3:e2:cd:
df:4f:a9:2d:ea:b0:40:08:75:89:0b:cb:88:4d:69:99:94:19:
5d:52:f1:ca:f6:56:ba:df:4d:4a:85:1a:f3:66:2e:13:a2:0b:
76:7d:ce:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk5QCd/cTAeZbgqn/QP5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwYTZkNmIwODc0NjFmZGVjNmE1YjlkNTJkMjk4MzJkOGYy
OTljODcwHhcNMjQwMTAxMTAzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNmI1ZGUyNTJlNjY4YmU5MmNkM2Y3NDBhODY0NzgxNmFiZjk3Y2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjN+ZjCFwZbxTAarNcWpoLzLIqhKM
D4YQiwXClu8QlBaZq7AblPgrU76ihca+UvK9wA5A5inpeipc8rdzXzCShkSiZNow
HR/3873jQPbXEkH/zJp56lsEuC51iSuEkyGgJU7mMgMpWQEAx5daZY74RHxOs/LY
fu9tpYPYZhDpAJtJcvslk/iMIxZDSj2xCHQUgh2hIU6i/VWv2nuGawRFrueWkjqw
uBQbOtMMuLo1VWh7wAup6XvDA36UKp2ObgX+0GyXOXuUQ2/J8e6sVDCzH1lgblUQ
rEX/N4stnOzwiszJMqlHsfuhI7jPqznMO9IdCCTtKEXH7gGvzHZrS6EVxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKa13iUuZovpLNP3QKhkeBar+XzwMB8GA1UdIwQY
MBaAFKCm1rCHRh/exqW51S0pgy2PKZyHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0tiV3NJZEdIOTdHcGJuVkxTbURMWThwbkljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC8yZDc2MDktMjE0Mi00YTAzLWIxMWUt
MTE0OGZkZTdhZWY3LzEvcHJYZUpTNW1pLWtzMF9kQXFHUjRGcXY1ZlBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC8yZDc2MDktMjE0Mi00YTAzLWIxMWUtMTE0OGZkZTdhZWY3
LzEvb0tiV3NJZEdIOTdHcGJuVkxTbURMWThwbkljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQEUFIAMA0G
CSqGSIb3DQEBCwUAA4IBAQCm1MSyAYl549YNCY7yhFlfhx5+PPQGFBzz1410vzrn
I4RMghMZFEhY5qyyq9LIBsjOA/VuWdhZooQJTKs4WwGXYy5UqXl0/vKfwsFJpQkd
o+aVIUXPZyKZY6aO8e5mbQDzao2rNkW72gU4EQPCHMLlv9+7AgK1C+9p8dFW91g/
9k+bapPVnrbzIufF4P4A7Y1BsbSBKoVRSj+0iGgaVIhBc8GVWluw1LzPjrKcf/vE
snTtrqr80xlWpJyx1Pe4z6tWk3AHNOTd5qyRTt4G96UzCzM4FvvD4s3fT6kt6rBA
CHWJC8uITWmZlBldUvHK9la6301KhRrzZi4Togt2fc4G
-----END CERTIFICATE-----
Generated at Mon Nov 25 00:05:21 2024 by rpki-client on console-fra.rpki-client.org