Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/owr80a4xtVqzYXfHca1sE65ekPo.roa
File: owr80a4xtVqzYXfHca1sE65ekPo.roa (raw, json)
Hash identifier: G9O4wY3qR0BkTMSCP05EYXSjl5ayQV1aJUM4/0UIJFU=
Subject key identifier: A3:0A:FC:D1:AE:31:B5:5A:B3:61:77:C7:71:AD:6C:13:AE:5E:90:FA
Certificate issuer: /CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Certificate serial: 018CC794658375173B1C0B3AF44171CDD9F1
Authority key identifier: AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/owr80a4xtVqzYXfHca1sE65ekPo.roa
Signing time: Tue 02 Jan 2024 00:30:40 +0000
ROA not before: Tue 02 Jan 2024 00:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12859
IP address blocks: 185.84.140.0/22 maxlen: 24
185.63.152.0/22 maxlen: 24
185.103.172.0/22 maxlen: 24
2a05:a640::/29 maxlen: 64
2a03:7e0::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.mft
rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:65:83:75:17:3b:1c:0b:3a:f4:41:71:cd:d9:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad1d2a562c7db21151b4a0926b8d6feeacef8857
Validity
Not Before: Jan 2 00:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a30afcd1ae31b55ab36177c771ad6c13ae5e90fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a5:af:d6:01:a8:7d:f4:3c:61:e4:52:64:d7:
2b:6c:1e:77:a4:99:2d:92:b7:90:aa:24:aa:02:a2:
49:5b:ea:3a:11:1a:23:de:6d:fb:94:71:11:23:5e:
28:9f:10:51:04:f4:2b:cb:fa:7c:20:3d:75:e5:3f:
bc:68:e5:15:89:c8:1d:65:4e:14:e9:37:cf:57:1a:
6d:20:23:77:2a:1f:3e:4f:ce:8f:b1:29:f3:53:1e:
89:1a:8f:82:21:39:64:d4:1c:20:df:c5:e2:b2:fc:
db:d5:62:ce:a3:02:33:c5:ed:e9:b0:a8:11:0b:8a:
10:5a:4a:90:85:30:5d:be:dc:ea:02:6d:09:76:6c:
04:80:16:bb:d7:dd:da:a1:65:2e:cf:4c:65:2d:6e:
5d:66:2d:39:80:3e:41:fe:fc:e5:f9:a9:17:67:05:
5a:78:71:35:ca:c6:9b:f1:fb:d1:d0:fb:42:8f:e9:
37:55:2c:16:02:c9:16:d8:c8:f8:42:29:6b:d7:d4:
78:29:a6:5b:b1:71:b3:98:7e:75:36:5a:a5:97:5e:
34:71:23:ec:b1:c3:27:be:6f:7f:04:60:7a:16:03:
33:a6:5d:88:02:9b:a5:cf:b5:d1:33:43:5a:a6:61:
9e:97:4e:ef:4f:87:bb:29:60:e9:33:7a:8d:09:f2:
78:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:0A:FC:D1:AE:31:B5:5A:B3:61:77:C7:71:AD:6C:13:AE:5E:90:FA
X509v3 Authority Key Identifier:
keyid:AD:1D:2A:56:2C:7D:B2:11:51:B4:A0:92:6B:8D:6F:EE:AC:EF:88:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rR0qVix9shFRtKCSa41v7qzviFc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/owr80a4xtVqzYXfHca1sE65ekPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/83acd7-5e1a-49f9-b409-32936c3a4a9d/1/rR0qVix9shFRtKCSa41v7qzviFc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.152.0/22
185.84.140.0/22
185.103.172.0/22
IPv6:
2a03:7e0::/32
2a05:a640::/29
Signature Algorithm: sha256WithRSAEncryption
5b:cc:db:12:0e:f3:7c:f6:d6:b4:09:33:6f:d4:dd:88:f7:ff:
fa:3d:41:c2:ac:bc:9a:37:67:af:0c:8d:df:88:bc:72:54:21:
89:13:37:c1:7b:c3:66:a7:8b:3b:e7:4e:d8:2f:f4:ab:e5:37:
4a:d6:9e:69:03:6d:71:2d:31:25:73:9f:24:73:f9:f6:3e:92:
7c:21:6d:a1:cc:cc:3d:69:c4:af:4c:86:19:aa:79:e6:5f:31:
07:51:16:de:76:e2:a1:d7:51:55:ad:4a:72:6e:f1:19:4a:91:
87:8a:f9:96:e3:a9:33:28:d6:97:44:3b:95:c4:cb:6d:76:ca:
58:a6:5e:51:6b:b0:41:3d:7d:11:79:68:03:e8:d8:36:b1:35:
86:3f:f9:49:79:15:fe:60:a4:d5:50:91:53:47:c9:a9:95:37:
4b:7b:dd:2a:f8:cb:4a:49:29:77:17:d8:e4:21:b8:ea:50:e5:
21:54:c1:fa:d0:89:96:a0:0b:e7:53:bf:b3:fc:68:99:96:9e:
b8:3c:f3:f4:93:71:11:f7:97:cb:ea:e5:2d:43:61:59:fc:b7:
5a:33:19:e4:6a:6e:d6:23:64:ee:a8:53:67:da:2b:92:48:47:
8d:5d:02:ba:f0:a3:fb:63:db:46:ff:2c:20:9b:a7:95:a5:06:
6b:e2:23:a5
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzHlGWDdRc7HAs69EFxzdnxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMWQyYTU2MmM3ZGIyMTE1MWI0YTA5MjZiOGQ2ZmVlYWNl
Zjg4NTcwHhcNMjQwMTAyMDAzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzBhZmNkMWFlMzFiNTVhYjM2MTc3Yzc3MWFkNmMxM2FlNWU5MGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqWv1gGoffQ8YeRSZNcrbB53pJkt
kreQqiSqAqJJW+o6ERoj3m37lHERI14onxBRBPQry/p8ID115T+8aOUVicgdZU4U
6TfPVxptICN3Kh8+T86PsSnzUx6JGo+CITlk1Bwg38Xisvzb1WLOowIzxe3psKgR
C4oQWkqQhTBdvtzqAm0JdmwEgBa7193aoWUuz0xlLW5dZi05gD5B/vzl+akXZwVa
eHE1ysab8fvR0PtCj+k3VSwWAskW2Mj4Qilr19R4KaZbsXGzmH51Nlqll140cSPs
scMnvm9/BGB6FgMzpl2IApulz7XRM0NapmGel07vT4e7KWDpM3qNCfJ4IQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFKMK/NGuMbVas2F3x3GtbBOuXpD6MB8GA1UdIwQY
MBaAFK0dKlYsfbIRUbSgkmuNb+6s74hXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDkt
MzI5MzZjM2E0YTlkLzEvb3dyODBhNHh0VnF6WVhmSGNhMXNFNjVla1BvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS84M2FjZDctNWUxYS00OWY5LWI0MDktMzI5MzZjM2E0YTlk
LzEvclIwcVZpeDlzaEZSdEtDU2E0MXY3cXp2aUZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuT+YAwQC
uVSMAwQCuWesMBQEAgACMA4DBQAqAwfgAwUDKgWmQDANBgkqhkiG9w0BAQsFAAOC
AQEAW8zbEg7zfPbWtAkzb9TdiPf/+j1Bwqy8mjdnrwyN34i8clQhiRM3wXvDZqeL
O+dO2C/0q+U3StaeaQNtcS0xJXOfJHP59j6SfCFtoczMPWnEr0yGGap55l8xB1EW
3nbioddRVa1Kcm7xGUqRh4r5luOpMyjWl0Q7lcTLbXbKWKZeUWuwQT19EXloA+jY
NrE1hj/5SXkV/mCk1VCRU0fJqZU3S3vdKvjLSkkpdxfY5CG46lDlIVTB+tCJlqAL
51O/s/xomZaeuDzz9JNxEfeXy+rlLUNhWfy3WjMZ5Gpu1iNk7qhTZ9orkkhHjV0C
uvCj+2PbRv8sIJunlaUGa+IjpQ==
-----END CERTIFICATE-----
Generated at Sun Sep 29 00:30:27 2024 by rpki-client on console-fra.rpki-client.org