Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/OF0Tds_yoVVZrujhX8OiJkd5FCs.roa
File: OF0Tds_yoVVZrujhX8OiJkd5FCs.roa (raw, json)
Hash identifier: Qbszzdj1O9BQLQXPtoq+LoQqT7skmlvuN2i8oJCGiTE=
Subject key identifier: 38:5D:13:76:CF:F2:A1:55:59:AE:E8:E1:5F:C3:A2:26:47:79:14:2B
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DACA84348DCFEBA59EBE1713B360FF
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/OF0Tds_yoVVZrujhX8OiJkd5FCs.roa
Signing time: Mon 01 Jan 2024 02:29:27 +0000
ROA not before: Mon 01 Jan 2024 02:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201153
IP address blocks: 45.155.48.0/22 maxlen: 24
80.209.255.0/24 maxlen: 24
185.81.76.0/22 maxlen: 24
185.142.100.0/22 maxlen: 24
95.214.108.0/22 maxlen: 24
195.181.255.0/24 maxlen: 24
212.237.255.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 04:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:ca:84:34:8d:cf:eb:a5:9e:be:17:13:b3:60:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=385d1376cff2a15559aee8e15fc3a2264779142b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:04:d3:2c:9c:70:9d:5c:50:93:e7:4a:7b:10:
6d:b2:bf:2e:25:d9:0d:15:68:fe:2c:0a:97:4d:ed:
a9:9e:2a:44:7c:24:09:bf:d5:2d:02:4a:fc:ad:f8:
68:ac:57:6f:ab:92:19:b2:f2:91:40:76:35:90:70:
d4:8d:97:4a:56:e3:9f:e9:6c:ed:68:7a:c6:e2:7e:
d9:3b:e1:dd:bb:ed:da:ba:53:e0:b8:49:a3:c1:96:
58:e2:9f:aa:d1:91:45:a9:26:a7:93:15:11:7a:3f:
49:03:95:05:5a:d9:29:fe:bb:83:78:5b:21:a3:2c:
5b:82:a1:c7:79:bc:bf:83:4a:fc:43:46:34:94:15:
e4:cf:f2:4b:95:0a:01:a2:65:59:99:41:76:cf:f7:
2b:c7:0a:64:54:9b:ea:d7:33:b4:32:68:9f:d1:51:
51:46:8e:d6:79:3f:b4:33:b8:db:f3:26:f3:83:f6:
17:eb:9e:a1:8a:68:6b:79:f0:d5:ea:9a:cd:48:68:
d5:fb:3a:40:88:35:84:29:8e:c2:d7:29:55:07:3f:
2a:35:50:64:a0:db:53:47:5f:db:83:a1:f6:ce:18:
5a:94:c1:07:26:e1:89:fc:dd:75:89:21:88:27:ea:
b2:64:0c:93:a2:54:fa:10:1f:34:b5:a9:a1:da:ed:
ff:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:5D:13:76:CF:F2:A1:55:59:AE:E8:E1:5F:C3:A2:26:47:79:14:2B
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/OF0Tds_yoVVZrujhX8OiJkd5FCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.48.0/22
80.209.255.0/24
95.214.108.0/22
185.81.76.0/22
185.142.100.0/22
195.181.255.0/24
212.237.255.0/24
Signature Algorithm: sha256WithRSAEncryption
45:82:76:7a:52:52:64:a6:7a:30:ac:af:4e:99:ea:74:be:3b:
c5:de:3b:37:7c:32:9d:30:f5:ef:8f:4d:6c:f8:d0:26:75:19:
bc:2b:6d:aa:7c:f6:9a:43:7f:09:d4:29:a1:46:a4:64:b1:e2:
92:a8:3a:8b:6b:f9:aa:8a:59:1d:d4:b9:f3:ee:36:bc:d6:eb:
ce:fb:39:66:64:74:d7:a0:68:61:78:26:2f:f7:f5:d8:9f:60:
1b:d4:c7:67:7b:6e:fa:56:ae:36:80:ff:28:fa:27:dd:32:7d:
84:dc:b8:06:6b:c2:b6:5e:62:ce:c3:ed:24:52:55:77:6f:26:
91:ab:7d:e4:b4:b2:f1:90:2f:d1:79:f3:87:91:bb:32:a9:56:
0a:cb:55:b0:5f:11:25:f5:40:0c:85:23:fe:73:a3:f4:62:2d:
ce:17:fa:bd:11:12:ff:40:07:ea:5e:e5:39:53:35:69:62:9e:
05:30:8b:33:67:b0:8a:3c:11:75:33:95:95:36:11:1a:57:6e:
10:73:42:5e:d9:d3:db:ee:2d:c4:9e:ea:e0:ca:96:26:1d:03:
1d:cb:6b:8a:b8:d1:ab:1e:7a:1f:c0:9f:c3:18:ec:81:5a:ae:
4e:a3:a6:a1:9c:01:08:72:36:8f:25:e7:55:82:96:bc:c5:66:
c8:ef:f0:99
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzC2sqENI3P66WevhcTs2D/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODVkMTM3NmNmZjJhMTU1NTlhZWU4ZTE1ZmMzYTIyNjQ3NzkxNDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArgTTLJxwnVxQk+dKexBtsr8uJdkN
FWj+LAqXTe2pnipEfCQJv9UtAkr8rfhorFdvq5IZsvKRQHY1kHDUjZdKVuOf6Wzt
aHrG4n7ZO+Hdu+3aulPguEmjwZZY4p+q0ZFFqSankxURej9JA5UFWtkp/ruDeFsh
oyxbgqHHeby/g0r8Q0Y0lBXkz/JLlQoBomVZmUF2z/crxwpkVJvq1zO0Mmif0VFR
Ro7WeT+0M7jb8ybzg/YX656himhrefDV6prNSGjV+zpAiDWEKY7C1ylVBz8qNVBk
oNtTR1/bg6H2zhhalMEHJuGJ/N11iSGIJ+qyZAyTolT6EB80tamh2u3/EwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDhdE3bP8qFVWa7o4V/DoiZHeRQrMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvT0YwVGRzX3lvVlZacnVqaFg4T2lKa2Q1RkNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCLZswAwQA
UNH/AwQCX9ZsAwQCuVFMAwQCuY5kAwQAw7X/AwQA1O3/MA0GCSqGSIb3DQEBCwUA
A4IBAQBFgnZ6UlJkpnowrK9Omep0vjvF3js3fDKdMPXvj01s+NAmdRm8K22qfPaa
Q38J1CmhRqRkseKSqDqLa/mqilkd1Lnz7ja81uvO+zlmZHTXoGhheCYv9/XYn2Ab
1Mdne276Vq42gP8o+ifdMn2E3LgGa8K2XmLOw+0kUlV3byaRq33ktLLxkC/RefOH
kbsyqVYKy1WwXxEl9UAMhSP+c6P0Yi3OF/q9ERL/QAfqXuU5UzVpYp4FMIszZ7CK
PBF1M5WVNhEaV24Qc0Je2dPb7i3EnurgypYmHQMdy2uKuNGrHnofwJ/DGOyBWq5O
o6ahnAEIcjaPJedVgpa8xWbI7/CZ
-----END CERTIFICATE-----
Generated at Sun Jun 2 11:22:54 2024 by rpki-client on console-ams.rpki-client.org