Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/f30d2b-2abd-4872-b17e-fbdf94a11e6f/1/oZmk7xWCb1-QKVVK04is46djDXA.roa
File: oZmk7xWCb1-QKVVK04is46djDXA.roa (raw, json)
Hash identifier: +ar5azbyx2ZcHWY97d5SxH+RQlc7dnu66SmAxiatKvE=
Subject key identifier: A1:99:A4:EF:15:82:6F:5F:90:29:55:4A:D3:88:AC:E3:A7:63:0D:70
Certificate issuer: /CN=73df91fb3c68ceb8650ee19a63ce40b3c592a56b
Certificate serial: 018CC72705E0DB2243D09F47321B20254215
Authority key identifier: 73:DF:91:FB:3C:68:CE:B8:65:0E:E1:9A:63:CE:40:B3:C5:92:A5:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c9-R-zxozrhlDuGaY85As8WSpWs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/f30d2b-2abd-4872-b17e-fbdf94a11e6f/1/oZmk7xWCb1-QKVVK04is46djDXA.roa
Signing time: Mon 01 Jan 2024 22:31:12 +0000
ROA not before: Mon 01 Jan 2024 22:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50655
IP address blocks: 178.20.168.0/21 maxlen: 21
178.20.174.0/24 maxlen: 24
2a00:1d38::/32 maxlen: 32
2a00:1d38:fa::/48 maxlen: 48
2a00:1d38:feed::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/f30d2b-2abd-4872-b17e-fbdf94a11e6f/1/c9-R-zxozrhlDuGaY85As8WSpWs.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/f30d2b-2abd-4872-b17e-fbdf94a11e6f/1/c9-R-zxozrhlDuGaY85As8WSpWs.mft
rsync://rpki.ripe.net/repository/DEFAULT/c9-R-zxozrhlDuGaY85As8WSpWs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:05:e0:db:22:43:d0:9f:47:32:1b:20:25:42:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73df91fb3c68ceb8650ee19a63ce40b3c592a56b
Validity
Not Before: Jan 1 22:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a199a4ef15826f5f9029554ad388ace3a7630d70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e2:09:43:9e:6b:2c:33:b9:28:bc:28:9e:35:
fd:32:ed:f9:01:da:79:1f:71:45:19:0c:09:e1:e1:
7a:50:22:5c:21:3c:ec:e1:81:00:6a:8f:ea:e4:ef:
3e:ee:da:68:8f:74:59:37:b7:f5:78:bc:7c:ca:19:
28:f3:16:5c:79:0b:c8:89:86:88:f1:5a:08:39:fc:
d1:4f:57:35:11:72:fb:64:f2:f9:17:72:b5:6d:23:
e8:8f:23:aa:1f:a1:a5:45:e4:2c:e7:3f:0e:de:e8:
3e:c2:5d:e8:62:fc:0f:69:36:10:ff:ed:1c:34:9f:
8d:83:94:76:13:fd:bf:75:ef:6e:a9:c3:c0:af:7d:
7f:60:99:9c:09:b9:a6:1b:91:fd:f7:99:29:c1:f7:
86:08:54:d5:09:2d:56:1a:2b:a0:f1:72:ac:c2:4f:
08:0b:e7:3e:36:75:a6:8c:94:25:32:0f:6d:d9:75:
8b:11:eb:e9:9b:15:db:da:73:d5:fd:98:ad:cd:6e:
31:83:3e:8a:9c:67:96:ac:99:6d:19:14:ee:33:d5:
2a:05:a3:7e:3a:ea:e7:14:f1:b0:0b:55:1b:10:ec:
d0:b4:ad:05:81:47:03:26:b3:d3:75:72:bc:b1:2a:
8b:57:8a:7d:a7:96:3d:d3:3a:42:e7:a9:75:43:d3:
0e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:99:A4:EF:15:82:6F:5F:90:29:55:4A:D3:88:AC:E3:A7:63:0D:70
X509v3 Authority Key Identifier:
keyid:73:DF:91:FB:3C:68:CE:B8:65:0E:E1:9A:63:CE:40:B3:C5:92:A5:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9-R-zxozrhlDuGaY85As8WSpWs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f30d2b-2abd-4872-b17e-fbdf94a11e6f/1/oZmk7xWCb1-QKVVK04is46djDXA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/f30d2b-2abd-4872-b17e-fbdf94a11e6f/1/c9-R-zxozrhlDuGaY85As8WSpWs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.20.168.0/21
IPv6:
2a00:1d38::/32
Signature Algorithm: sha256WithRSAEncryption
19:e2:04:4a:60:3e:b8:f3:45:b4:46:84:f1:4e:b4:1d:09:32:
df:d2:83:da:76:37:a8:a5:57:c6:c7:cc:c9:a0:da:5e:4f:f0:
a8:b9:dc:e2:29:34:30:26:60:83:69:b5:2f:a7:d5:1e:02:fe:
b6:9a:06:2d:95:ba:12:d4:bf:0b:94:89:ac:fe:45:11:bb:28:
59:35:b7:c2:17:c3:56:58:99:1a:e1:14:b1:c0:8e:98:3d:2a:
5d:68:23:8e:72:a4:80:3b:14:e2:56:ab:fa:38:00:c1:7c:b8:
d9:9e:ed:c8:79:f9:06:8b:e1:13:fd:78:1c:fc:a2:52:8a:40:
aa:35:d0:44:93:d0:d2:77:7c:85:65:38:17:66:1f:71:32:06:
d9:74:b3:40:e4:08:8c:74:16:41:78:e1:de:87:54:9a:b8:34:
c6:14:66:f3:ce:33:1f:88:e7:d1:f0:83:ed:82:c4:cb:d7:70:
ae:6d:3d:1c:37:44:5e:9d:48:f5:ec:e5:80:fd:f1:a2:42:f9:
35:56:e9:1a:c4:1e:65:ae:38:27:86:9e:b6:5f:57:c0:df:11:
34:3c:50:c5:d4:db:e4:07:f3:4d:a3:d1:c2:26:e8:c8:63:b3:
c9:db:60:d1:f7:31:b2:53:92:a4:d4:da:fb:3a:93:fd:9a:12:
4e:55:c1:92
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJwXg2yJD0J9HMhsgJUIVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZGY5MWZiM2M2OGNlYjg2NTBlZTE5YTYzY2U0MGIzYzU5
MmE1NmIwHhcNMjQwMTAxMjIzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTk5YTRlZjE1ODI2ZjVmOTAyOTU1NGFkMzg4YWNlM2E3NjMwZDcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkOIJQ55rLDO5KLwonjX9Mu35Adp5
H3FFGQwJ4eF6UCJcITzs4YEAao/q5O8+7tpoj3RZN7f1eLx8yhko8xZceQvIiYaI
8VoIOfzRT1c1EXL7ZPL5F3K1bSPojyOqH6GlReQs5z8O3ug+wl3oYvwPaTYQ/+0c
NJ+Ng5R2E/2/de9uqcPAr31/YJmcCbmmG5H995kpwfeGCFTVCS1WGiug8XKswk8I
C+c+NnWmjJQlMg9t2XWLEevpmxXb2nPV/ZitzW4xgz6KnGeWrJltGRTuM9UqBaN+
OurnFPGwC1UbEOzQtK0FgUcDJrPTdXK8sSqLV4p9p5Y90zpC56l1Q9MOvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKGZpO8Vgm9fkClVStOIrOOnYw1wMB8GA1UdIwQY
MBaAFHPfkfs8aM64ZQ7hmmPOQLPFkqVrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzktUi16eG96cmhsRHVHYVk4NUFzOFdTcFdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9mMzBkMmItMmFiZC00ODcyLWIxN2Ut
ZmJkZjk0YTExZTZmLzEvb1ptazd4V0NiMS1RS1ZWSzA0aXM0NmRqRFhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9mMzBkMmItMmFiZC00ODcyLWIxN2UtZmJkZjk0YTExZTZm
LzEvYzktUi16eG96cmhsRHVHYVk4NUFzOFdTcFdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDshSoMA0E
AgACMAcDBQAqAB04MA0GCSqGSIb3DQEBCwUAA4IBAQAZ4gRKYD6480W0RoTxTrQd
CTLf0oPadjeopVfGx8zJoNpeT/CoudziKTQwJmCDabUvp9UeAv62mgYtlboS1L8L
lIms/kURuyhZNbfCF8NWWJka4RSxwI6YPSpdaCOOcqSAOxTiVqv6OADBfLjZnu3I
efkGi+ET/Xgc/KJSikCqNdBEk9DSd3yFZTgXZh9xMgbZdLNA5AiMdBZBeOHeh1Sa
uDTGFGbzzjMfiOfR8IPtgsTL13CubT0cN0RenUj17OWA/fGiQvk1VukaxB5lrjgn
hp62X1fA3xE0PFDF1NvkB/NNo9HCJujIY7PJ22DR9zGyU5Kk1Nr7OpP9mhJOVcGS
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:34:05 2024 by rpki-client on console-fra.rpki-client.org