Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/4_OFKdjn6xecVdvxdqklf1KORjE.roa
File: 4_OFKdjn6xecVdvxdqklf1KORjE.roa (raw, json)
Hash identifier: XKIdLl6ZNf2NhPl8d3i/8yy3/26v3OlNU2755u2bKCQ=
Subject key identifier: E3:F3:85:29:D8:E7:EB:17:9C:55:DB:F1:76:A9:25:7F:52:8E:46:31
Certificate issuer: /CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Certificate serial: 019079FD8E4187C82521DA3386E22034BBE6
Authority key identifier: B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/4_OFKdjn6xecVdvxdqklf1KORjE.roa
Signing time: Wed 03 Jul 2024 19:06:18 +0000
ROA not before: Wed 03 Jul 2024 19:06:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39906
IP address blocks: 77.104.192.0/18 maxlen: 24
81.92.144.0/20 maxlen: 24
94.138.96.0/19 maxlen: 24
2a02:da8:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.mft
rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:34:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:79:fd:8e:41:87:c8:25:21:da:33:86:e2:20:34:bb:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9481119afe1bff229facd4ef9c8c61b0fabeaf2
Validity
Not Before: Jul 3 19:06:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e3f38529d8e7eb179c55dbf176a9257f528e4631
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:3c:c6:13:73:28:c9:b7:48:5d:f3:d6:42:37:
21:28:2c:5b:fd:75:2e:5a:ab:22:7f:e8:c2:c3:60:
7b:eb:57:62:fc:0f:e6:af:61:8d:77:69:7b:69:31:
ee:cc:cc:a9:24:4e:13:4a:15:4a:82:26:4c:2e:36:
0e:5b:d4:cb:5c:9b:9d:2d:57:cb:5a:f6:a4:79:20:
59:27:f5:92:e9:e5:0d:2e:c3:d0:e7:ac:35:74:87:
50:fb:a1:aa:c9:4e:90:97:a5:24:37:f6:58:fc:cf:
13:ec:61:db:56:3c:89:ec:2b:c0:9d:81:6d:31:6e:
8a:68:89:c1:09:f5:15:e2:73:f5:89:88:78:00:30:
5d:73:ae:99:52:9a:b4:01:03:75:0b:b9:2f:f8:ba:
95:d5:3a:f7:0a:84:64:e2:1e:a1:7e:03:b3:e6:28:
5b:29:ab:ec:7c:77:2b:23:cc:c5:ed:0a:19:08:77:
22:1e:0d:df:47:6a:4b:fc:e2:48:b8:c4:e5:7a:11:
fb:9c:45:0f:df:c6:a8:2b:5c:5c:6c:62:28:5e:e7:
0b:63:68:da:3d:cf:a3:6f:ab:c4:6f:45:4b:07:a7:
18:09:bf:6d:83:3b:f3:33:b3:46:25:bd:a5:ee:5a:
ce:8d:07:4b:e8:9d:6f:75:4c:0a:4f:60:ad:d1:75:
2f:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:F3:85:29:D8:E7:EB:17:9C:55:DB:F1:76:A9:25:7F:52:8E:46:31
X509v3 Authority Key Identifier:
keyid:B9:48:11:19:AF:E1:BF:F2:29:FA:CD:4E:F9:C8:C6:1B:0F:AB:EA:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/4_OFKdjn6xecVdvxdqklf1KORjE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/cb0007-3ea9-4759-8d70-9b9bce15e0c6/1/uUgRGa_hv_Ip-s1O-cjGGw-r6vI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.104.192.0/18
81.92.144.0/20
94.138.96.0/19
IPv6:
2a02:da8:5::/48
Signature Algorithm: sha256WithRSAEncryption
85:0b:f6:83:26:98:66:f4:9e:b5:4c:93:5a:22:fb:79:3e:61:
8f:b9:3c:63:56:24:41:55:64:9a:97:51:29:de:8c:ce:5d:86:
40:1c:f2:3d:83:be:31:cb:45:5c:64:1f:58:d3:e7:e0:1a:46:
28:32:24:f2:da:03:8e:f4:85:88:f8:eb:cf:89:7e:93:17:98:
95:82:73:10:c1:37:4f:e9:5b:27:ea:51:87:92:a3:d7:d0:5d:
3b:49:3c:3f:51:44:c7:60:53:f8:fb:b8:14:63:3a:5a:13:2a:
88:2d:d1:1c:fb:d3:20:4b:30:fb:bc:d4:45:63:79:16:81:68:
54:57:9d:f4:21:f6:17:1f:77:b7:f3:73:bc:38:96:83:df:ae:
e8:71:21:63:a3:9a:c7:82:9f:22:93:dd:5d:24:5b:9f:83:cc:
51:56:d2:8e:d6:23:91:d2:31:06:42:ec:36:a4:2d:8f:ef:28:
4e:ef:3e:1d:0a:25:ab:3a:03:7a:9f:b2:c0:99:ac:3c:be:a0:
4f:6d:96:80:8e:4c:ff:cc:c8:44:3a:95:f1:04:00:6c:7a:89:
ff:fe:19:e9:8f:79:e2:a1:b4:08:3f:be:e7:f6:20:ae:ef:ba:
92:07:f5:84:a9:c9:69:09:47:26:79:3a:bd:6f:83:3e:7e:a4:
49:09:be:1b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZB5/Y5Bh8glIdozhuIgNLvmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NDgxMTE5YWZlMWJmZjIyOWZhY2Q0ZWY5YzhjNjFiMGZh
YmVhZjIwHhcNMjQwNzAzMTkwNjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlM2YzODUyOWQ4ZTdlYjE3OWM1NWRiZjE3NmE5MjU3ZjUyOGU0NjMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTzGE3MoybdIXfPWQjchKCxb/XUu
Wqsif+jCw2B761di/A/mr2GNd2l7aTHuzMypJE4TShVKgiZMLjYOW9TLXJudLVfL
WvakeSBZJ/WS6eUNLsPQ56w1dIdQ+6GqyU6Ql6UkN/ZY/M8T7GHbVjyJ7CvAnYFt
MW6KaInBCfUV4nP1iYh4ADBdc66ZUpq0AQN1C7kv+LqV1Tr3CoRk4h6hfgOz5ihb
KavsfHcrI8zF7QoZCHciHg3fR2pL/OJIuMTlehH7nEUP38aoK1xcbGIoXucLY2ja
Pc+jb6vEb0VLB6cYCb9tgzvzM7NGJb2l7lrOjQdL6J1vdUwKT2Ct0XUvVwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOPzhSnY5+sXnFXb8XapJX9SjkYxMB8GA1UdIwQY
MBaAFLlIERmv4b/yKfrNTvnIxhsPq+ryMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAt
OWI5YmNlMTVlMGM2LzEvNF9PRktkam42eGVjVmR2eGRxa2xmMUtPUmpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9jYjAwMDctM2VhOS00NzU5LThkNzAtOWI5YmNlMTVlMGM2
LzEvdVVnUkdhX2h2X0lwLXMxTy1jakdHdy1yNnZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQGTWjAAwQE
UVyQAwQFXopgMA8EAgACMAkDBwAqAg2oAAUwDQYJKoZIhvcNAQELBQADggEBAIUL
9oMmmGb0nrVMk1oi+3k+YY+5PGNWJEFVZJqXUSnejM5dhkAc8j2DvjHLRVxkH1jT
5+AaRigyJPLaA470hYj468+JfpMXmJWCcxDBN0/pWyfqUYeSo9fQXTtJPD9RRMdg
U/j7uBRjOloTKogt0Rz70yBLMPu81EVjeRaBaFRXnfQh9hcfd7fzc7w4loPfruhx
IWOjmseCnyKT3V0kW5+DzFFW0o7WI5HSMQZC7DakLY/vKE7vPh0KJas6A3qfssCZ
rDy+oE9tloCOTP/MyEQ6lfEEAGx6if/+GemPeeKhtAg/vuf2IK7vupIH9YSpyWkJ
RyZ5Or1vgz5+pEkJvhs=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:22 2024 by rpki-client on console-fra.rpki-client.org