Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/oDM0Cv-MceD1qmxUAJiVKueMxxI.roa
File: oDM0Cv-MceD1qmxUAJiVKueMxxI.roa (raw, json)
Hash identifier: fcjJ9pYwN8VOkh3JRMjiKpWvdFJ1RjN9yu7uspw4GVQ=
Subject key identifier: A0:33:34:0A:FF:8C:71:E0:F5:AA:6C:54:00:98:95:2A:E7:8C:C7:12
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 018CC94CC85949626291CF572E9EB7E32BA2
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/oDM0Cv-MceD1qmxUAJiVKueMxxI.roa
Signing time: Tue 02 Jan 2024 08:31:41 +0000
ROA not before: Tue 02 Jan 2024 08:31:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49562
IP address blocks: 185.2.172.0/23 maxlen: 23
185.2.172.0/22 maxlen: 22
2a02:80c0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:c8:59:49:62:62:91:cf:57:2e:9e:b7:e3:2b:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Jan 2 08:31:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a033340aff8c71e0f5aa6c540098952ae78cc712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:1c:bf:6d:5f:c0:57:c9:3f:84:03:b5:0b:1d:
cf:de:d6:23:10:55:0f:80:2e:f3:13:b4:63:6b:d5:
3d:60:54:72:17:60:46:a0:97:77:04:f6:63:4c:fc:
03:24:7b:3b:83:e1:64:16:3a:50:1c:c6:8a:46:b4:
7d:59:18:44:a4:ac:cc:d9:89:24:ff:22:31:fc:e1:
ed:b5:e8:a1:fe:22:ea:e6:1b:61:f7:1a:df:c8:89:
87:9c:ed:30:61:aa:f1:2b:64:0d:fa:28:8a:b7:4f:
01:87:29:96:02:69:e1:a3:56:8d:6a:ff:1d:39:15:
07:81:99:37:02:e3:48:58:3d:3a:d3:31:57:c6:2d:
8a:20:e3:e5:72:96:45:07:a2:af:c8:98:d3:c5:6a:
e4:2e:1b:69:26:48:39:6f:ab:eb:a5:e4:20:24:27:
60:8d:fb:60:60:54:b3:bb:d6:bb:e9:19:2c:c9:33:
1b:45:a7:f9:af:97:fc:94:d3:59:5c:84:4b:58:9a:
1b:de:22:59:0e:00:49:9d:63:d9:20:ce:62:40:27:
77:bb:5f:18:1f:87:1d:e7:94:8b:19:dd:9d:f0:df:
2e:ab:a5:fe:c0:18:a5:fc:32:40:e1:24:4a:89:27:
d2:c1:0d:8c:b5:1d:9e:54:08:e1:12:ab:34:01:92:
c6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:33:34:0A:FF:8C:71:E0:F5:AA:6C:54:00:98:95:2A:E7:8C:C7:12
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/oDM0Cv-MceD1qmxUAJiVKueMxxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.2.172.0/22
IPv6:
2a02:80c0::/30
Signature Algorithm: sha256WithRSAEncryption
7c:be:92:2d:ca:e8:a7:2c:97:c2:16:0c:03:4f:3e:71:5a:dd:
84:8c:4e:f0:26:fd:4c:25:d7:1e:93:73:ae:e7:85:1a:6c:26:
1f:d2:45:30:f2:19:5a:0a:56:88:e5:69:cb:d7:12:6f:8d:c0:
ee:31:67:70:8c:61:66:54:2b:32:fa:7a:35:7f:bd:96:a2:8a:
1c:e9:e3:77:9b:7d:e3:ef:ba:4f:5e:f1:2d:9d:bc:a0:af:e5:
b4:dd:b4:ab:a3:bc:31:00:95:fa:79:78:03:b9:6d:61:bf:a5:
40:3d:42:8d:ac:01:d2:04:df:cf:dc:c8:62:53:cc:fe:58:b5:
8f:b1:f5:fd:b6:c1:15:35:81:a0:dc:65:95:5a:2e:8a:38:8c:
89:11:c0:74:83:79:fa:c4:f3:26:65:c5:e8:aa:85:61:ed:d9:
d4:5f:11:f2:6f:6b:04:51:44:a8:74:a9:4c:61:ac:55:eb:f2:
23:55:25:c1:07:ea:79:71:a9:04:17:e3:08:c6:b3:6d:91:da:
ff:52:cf:27:30:fd:db:98:f3:a9:5b:ae:72:f3:21:b4:cc:d7:
b7:28:ff:c1:46:6a:6b:f3:07:2d:bc:10:61:5a:e2:33:ec:1b:
a2:12:3b:ff:26:f9:90:45:d2:95:ed:b3:e6:ad:5c:39:fb:e0:
bf:62:e6:58
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTMhZSWJikc9XLp634yuiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjQwMTAyMDgzMTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDMzMzQwYWZmOGM3MWUwZjVhYTZjNTQwMDk4OTUyYWU3OGNjNzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBy/bV/AV8k/hAO1Cx3P3tYjEFUP
gC7zE7Rja9U9YFRyF2BGoJd3BPZjTPwDJHs7g+FkFjpQHMaKRrR9WRhEpKzM2Ykk
/yIx/OHtteih/iLq5hth9xrfyImHnO0wYarxK2QN+iiKt08BhymWAmnho1aNav8d
ORUHgZk3AuNIWD060zFXxi2KIOPlcpZFB6KvyJjTxWrkLhtpJkg5b6vrpeQgJCdg
jftgYFSzu9a76RksyTMbRaf5r5f8lNNZXIRLWJob3iJZDgBJnWPZIM5iQCd3u18Y
H4cd55SLGd2d8N8uq6X+wBil/DJA4SRKiSfSwQ2MtR2eVAjhEqs0AZLGMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKAzNAr/jHHg9apsVACYlSrnjMcSMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvb0RNMEN2LU1jZUQxcW14VUFKaVZLdWVNeHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQKsMA0E
AgACMAcDBQIqAoDAMA0GCSqGSIb3DQEBCwUAA4IBAQB8vpItyuinLJfCFgwDTz5x
Wt2EjE7wJv1MJdcek3Ou54UabCYf0kUw8hlaClaI5WnL1xJvjcDuMWdwjGFmVCsy
+no1f72Woooc6eN3m33j77pPXvEtnbygr+W03bSro7wxAJX6eXgDuW1hv6VAPUKN
rAHSBN/P3MhiU8z+WLWPsfX9tsEVNYGg3GWVWi6KOIyJEcB0g3n6xPMmZcXoqoVh
7dnUXxHyb2sEUUSodKlMYaxV6/IjVSXBB+p5cakEF+MIxrNtkdr/Us8nMP3bmPOp
W65y8yG0zNe3KP/BRmpr8wctvBBhWuIz7BuiEjv/JvmQRdKV7bPmrVw5++C/YuZY
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:09:21 2024 by rpki-client on console-fra.rpki-client.org