Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ORR2xlrxhGgbv04xpTdEmIm1wdo.roa
File: ORR2xlrxhGgbv04xpTdEmIm1wdo.roa (raw, json)
Hash identifier: wjnzYz92RrH8gchoTBMBWcZzKVL6neVyvShnEezsMLI=
Subject key identifier: 39:14:76:C6:5A:F1:84:68:1B:BF:4E:31:A5:37:44:98:89:B5:C1:DA
Certificate issuer: /CN=7242a13715fc5578cdc05aaaa68c6a413cdbc9f5
Certificate serial: 018CC72588D62D6F61AF17D7DAC6661C9D35
Authority key identifier: 72:42:A1:37:15:FC:55:78:CD:C0:5A:AA:A6:8C:6A:41:3C:DB:C9:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ckKhNxX8VXjNwFqqpoxqQTzbyfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ORR2xlrxhGgbv04xpTdEmIm1wdo.roa
Signing time: Mon 01 Jan 2024 22:29:34 +0000
ROA not before: Mon 01 Jan 2024 22:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47568
IP address blocks: 94.100.36.0/23 maxlen: 23
94.100.32.0/23 maxlen: 23
185.122.24.0/23 maxlen: 23
185.122.27.0/24 maxlen: 24
185.122.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ckKhNxX8VXjNwFqqpoxqQTzbyfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ckKhNxX8VXjNwFqqpoxqQTzbyfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ckKhNxX8VXjNwFqqpoxqQTzbyfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 17:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:88:d6:2d:6f:61:af:17:d7:da:c6:66:1c:9d:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7242a13715fc5578cdc05aaaa68c6a413cdbc9f5
Validity
Not Before: Jan 1 22:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=391476c65af184681bbf4e31a537449889b5c1da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:47:5a:7c:b4:a4:d7:ca:b9:29:11:fe:b1:fa:
ae:f4:99:9e:d8:fe:21:9a:8e:7b:e6:08:8a:cd:0b:
89:de:12:3c:8c:f5:f2:09:6c:5b:86:05:cc:90:03:
98:9c:76:b0:6b:e7:a0:16:6d:61:b4:54:2f:f0:70:
07:53:a5:3c:d9:56:80:ba:3c:5e:04:87:e7:4a:eb:
26:17:5b:59:5e:6a:88:4d:42:cc:11:8c:c4:b4:55:
4c:6f:61:f4:61:41:5e:c1:ce:b4:56:56:61:7e:76:
3f:93:ec:76:b6:14:46:c1:2c:cd:95:fe:3d:3c:78:
5f:77:1a:0f:2d:64:a0:cc:9f:24:2f:58:ff:26:10:
6c:89:9c:53:4b:40:e2:45:b1:aa:01:91:71:4f:d7:
98:8d:13:8b:4a:15:4a:45:38:4e:2a:fe:aa:bc:4e:
e8:38:c3:0c:9c:88:c1:1a:8f:54:56:ba:39:d1:49:
f4:bc:b0:97:13:e4:b1:04:a2:9d:64:b8:66:b5:31:
4a:78:c0:12:bd:fd:dc:3e:1f:86:79:c8:40:46:60:
0d:85:9b:1f:e4:86:6d:27:63:22:08:00:5f:8f:e8:
df:71:3d:c2:a6:d0:66:57:0f:77:77:28:0f:49:42:
f8:04:0b:48:5d:30:69:bf:f7:51:da:40:82:56:81:
4a:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:14:76:C6:5A:F1:84:68:1B:BF:4E:31:A5:37:44:98:89:B5:C1:DA
X509v3 Authority Key Identifier:
keyid:72:42:A1:37:15:FC:55:78:CD:C0:5A:AA:A6:8C:6A:41:3C:DB:C9:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ckKhNxX8VXjNwFqqpoxqQTzbyfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ORR2xlrxhGgbv04xpTdEmIm1wdo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/90aa1e-0098-4fda-9829-a15ccf5b413e/1/ckKhNxX8VXjNwFqqpoxqQTzbyfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.100.32.0/23
94.100.36.0/23
185.122.24.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:0c:46:39:2f:01:59:31:3e:d3:3c:75:76:50:49:f5:3b:0b:
a4:c6:16:42:76:e7:35:f2:f6:c9:d1:dc:b1:cf:de:62:4d:bf:
f0:bd:fa:82:b9:d4:71:e6:1d:32:c8:87:d8:b1:44:25:48:b8:
1e:a2:e0:8a:b1:d6:c9:c9:f9:a2:7b:18:ee:07:43:a8:7e:f5:
3c:b6:3f:7c:41:8e:f9:60:cf:9b:fc:a2:b7:f5:d1:59:55:c4:
6b:96:b6:63:bf:09:50:b4:e7:a0:44:12:6a:a7:50:36:7d:0c:
17:dd:0a:fb:3f:af:7d:8a:bc:f7:df:dd:4c:87:ba:57:73:4a:
be:91:49:14:8d:53:7e:09:b7:52:77:37:10:3c:27:1c:e3:81:
9c:07:e4:7e:bb:2b:21:ed:ed:ec:30:b3:ac:a4:08:f1:f6:54:
cd:4c:2b:86:59:55:12:f8:01:40:29:2e:93:7b:ad:a3:bf:34:
43:6d:71:46:3b:7c:e9:0f:33:ea:43:61:98:dc:5e:62:ec:e2:
1c:40:15:f1:a8:4a:d5:99:b7:45:e9:ca:66:ee:3f:52:5c:3d:
fa:2e:d2:24:48:a8:7e:99:ad:b3:eb:83:99:d1:b3:2a:41:70:
f7:6a:79:d4:3d:cd:76:48:cc:ba:04:18:9f:30:68:89:4a:51:
17:14:66:c0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHJYjWLW9hrxfX2sZmHJ01MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNDJhMTM3MTVmYzU1NzhjZGMwNWFhYWE2OGM2YTQxM2Nk
YmM5ZjUwHhcNMjQwMTAxMjIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTE0NzZjNjVhZjE4NDY4MWJiZjRlMzFhNTM3NDQ5ODg5YjVjMWRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUdafLSk18q5KRH+sfqu9Jme2P4h
mo575giKzQuJ3hI8jPXyCWxbhgXMkAOYnHawa+egFm1htFQv8HAHU6U82VaAujxe
BIfnSusmF1tZXmqITULMEYzEtFVMb2H0YUFewc60VlZhfnY/k+x2thRGwSzNlf49
PHhfdxoPLWSgzJ8kL1j/JhBsiZxTS0DiRbGqAZFxT9eYjROLShVKRThOKv6qvE7o
OMMMnIjBGo9UVro50Un0vLCXE+SxBKKdZLhmtTFKeMASvf3cPh+GechARmANhZsf
5IZtJ2MiCABfj+jfcT3CptBmVw93dygPSUL4BAtIXTBpv/dR2kCCVoFKTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDkUdsZa8YRoG79OMaU3RJiJtcHaMB8GA1UdIwQY
MBaAFHJCoTcV/FV4zcBaqqaMakE828n1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2tLaE54WDhWWGpOd0ZxcXBveHFRVHpieWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi85MGFhMWUtMDA5OC00ZmRhLTk4Mjkt
YTE1Y2NmNWI0MTNlLzEvT1JSMnhscnhoR2didjA0eHBUZEVtSW0xd2RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi85MGFhMWUtMDA5OC00ZmRhLTk4MjktYTE1Y2NmNWI0MTNl
LzEvY2tLaE54WDhWWGpOd0ZxcXBveHFRVHpieWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXmQgAwQB
XmQkAwQCuXoYMA0GCSqGSIb3DQEBCwUAA4IBAQB7DEY5LwFZMT7TPHV2UEn1Owuk
xhZCduc18vbJ0dyxz95iTb/wvfqCudRx5h0yyIfYsUQlSLgeouCKsdbJyfmiexju
B0OofvU8tj98QY75YM+b/KK39dFZVcRrlrZjvwlQtOegRBJqp1A2fQwX3Qr7P699
irz3391Mh7pXc0q+kUkUjVN+CbdSdzcQPCcc44GcB+R+uysh7e3sMLOspAjx9lTN
TCuGWVUS+AFAKS6Te62jvzRDbXFGO3zpDzPqQ2GY3F5i7OIcQBXxqErVmbdF6cpm
7j9SXD36LtIkSKh+ma2z64OZ0bMqQXD3annUPc12SMy6BBifMGiJSlEXFGbA
-----END CERTIFICATE-----
Generated at Sun Jun 16 22:32:42 2024 by rpki-client on console-fra.rpki-client.org