Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/8e62e9-406d-4ab0-8fdb-d9a808ec1ab1/1/onpQFJ1dXhFdabythNaz3iW7-lc.roa
File: onpQFJ1dXhFdabythNaz3iW7-lc.roa (raw, json)
Hash identifier: Ehk33EPzJrXVBuBFBJ2Ha3ZYmQBM8w4Emcc9GxXRT3k=
Subject key identifier: A2:7A:50:14:9D:5D:5E:11:5D:69:BC:AD:84:D6:B3:DE:25:BB:FA:57
Certificate issuer: /CN=fe3d23a39ed3656f9a6064b609d02a2f6e4a3827
Certificate serial: 018EE25CA80E70C989A0FA1D538E4DF89FD8
Authority key identifier: FE:3D:23:A3:9E:D3:65:6F:9A:60:64:B6:09:D0:2A:2F:6E:4A:38:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_j0jo57TZW-aYGS2CdAqL25KOCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/8e62e9-406d-4ab0-8fdb-d9a808ec1ab1/1/onpQFJ1dXhFdabythNaz3iW7-lc.roa
Signing time: Mon 15 Apr 2024 15:25:06 +0000
ROA not before: Mon 15 Apr 2024 15:25:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198371
IP address blocks: 185.96.208.0/24 maxlen: 24
185.96.209.0/24 maxlen: 24
185.96.210.0/24 maxlen: 24
185.96.211.0/24 maxlen: 24
2a06:180::/32 maxlen: 32
2a06:181::/32 maxlen: 32
2a06:182::/32 maxlen: 32
2a06:183::/32 maxlen: 32
2a06:184::/32 maxlen: 32
2a06:185::/32 maxlen: 32
2a06:186::/32 maxlen: 32
2a06:187::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/8e62e9-406d-4ab0-8fdb-d9a808ec1ab1/1/_j0jo57TZW-aYGS2CdAqL25KOCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/8e62e9-406d-4ab0-8fdb-d9a808ec1ab1/1/_j0jo57TZW-aYGS2CdAqL25KOCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/_j0jo57TZW-aYGS2CdAqL25KOCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e2:5c:a8:0e:70:c9:89:a0:fa:1d:53:8e:4d:f8:9f:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe3d23a39ed3656f9a6064b609d02a2f6e4a3827
Validity
Not Before: Apr 15 15:25:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a27a50149d5d5e115d69bcad84d6b3de25bbfa57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d9:e9:ef:a2:1e:62:5c:9d:13:4c:08:6a:70:
be:c0:0c:44:37:14:3c:c3:22:1b:a8:51:60:97:d2:
04:44:dd:e2:64:97:56:e4:75:e3:2c:a7:9e:c9:26:
c4:bd:5c:b6:cb:6b:22:63:46:66:70:c3:32:54:42:
58:11:2a:d4:86:78:e9:4c:2e:37:9b:be:58:d2:55:
e7:58:28:69:b3:0e:11:67:fb:aa:fe:8d:73:21:e2:
61:56:f6:9d:58:d9:b5:68:e5:07:67:c9:49:06:28:
03:c1:06:e1:fe:97:ce:cd:26:a9:72:9e:f5:1a:21:
86:e9:d3:74:c6:44:e8:1b:6a:24:3b:a6:7e:97:65:
6d:47:02:7d:0c:14:57:cf:cb:76:e9:07:57:36:01:
42:e5:54:00:c3:c0:0c:c5:cf:12:fc:04:03:72:40:
37:29:35:10:7f:f3:22:be:30:f8:82:c1:a0:7a:05:
67:1f:b9:36:89:ac:e6:0c:5a:ed:df:e6:32:3a:f1:
54:98:ca:7a:30:aa:81:33:68:8b:ca:e2:0d:a0:37:
e0:83:7e:6e:bf:48:64:62:16:6f:78:df:f0:64:f9:
7c:2c:dd:a3:79:a8:92:b1:24:29:ed:43:c7:23:55:
fa:66:6a:e3:f8:31:bd:86:0c:b5:1c:bc:10:12:a8:
3c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:7A:50:14:9D:5D:5E:11:5D:69:BC:AD:84:D6:B3:DE:25:BB:FA:57
X509v3 Authority Key Identifier:
keyid:FE:3D:23:A3:9E:D3:65:6F:9A:60:64:B6:09:D0:2A:2F:6E:4A:38:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_j0jo57TZW-aYGS2CdAqL25KOCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/8e62e9-406d-4ab0-8fdb-d9a808ec1ab1/1/onpQFJ1dXhFdabythNaz3iW7-lc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/8e62e9-406d-4ab0-8fdb-d9a808ec1ab1/1/_j0jo57TZW-aYGS2CdAqL25KOCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.96.208.0/22
IPv6:
2a06:180::/29
Signature Algorithm: sha256WithRSAEncryption
67:f2:d2:ce:32:2f:a3:6a:4c:93:93:12:49:a5:fc:6d:86:bb:
63:d8:d0:5d:70:59:41:68:c8:54:77:fb:77:e5:75:f0:0c:76:
23:7d:1f:57:fd:34:dd:56:51:0e:d9:f7:61:02:53:0c:c6:80:
c7:e7:d9:f6:b6:a5:16:9d:cc:fa:de:c7:80:87:0e:59:74:81:
74:fc:3b:3b:e8:f7:d1:44:b6:fd:ad:f8:1d:c8:9f:47:f5:1d:
14:f8:8b:56:0e:23:cd:1a:0f:1e:30:17:3e:47:14:f2:e3:f6:
ba:4e:f0:9f:f9:7b:86:4c:fb:6e:20:c6:b1:90:03:4c:07:81:
7d:be:29:12:a7:1e:4b:27:67:f8:d9:4b:14:bc:be:67:a5:06:
55:c3:71:05:a2:cc:3f:a8:26:ca:50:eb:cb:a3:82:9d:37:da:
bc:18:b3:6a:5a:76:a1:1e:56:62:0d:5d:27:1a:a3:94:aa:d4:
c9:d0:71:9b:ef:e4:61:8c:eb:65:29:16:a9:99:d5:eb:00:e0:
aa:4c:c3:38:1b:de:15:eb:4f:e4:a1:f4:57:53:08:05:d1:c0:
78:8d:f6:10:e5:28:db:44:07:d7:04:63:b1:f8:88:9d:6b:e8:
34:ce:7e:74:a9:c9:3c:84:b3:ab:4b:d2:ba:4e:b3:37:24:52:
fe:dc:88:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY7iXKgOcMmJoPodU45N+J/YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlM2QyM2EzOWVkMzY1NmY5YTYwNjRiNjA5ZDAyYTJmNmU0
YTM4MjcwHhcNMjQwNDE1MTUyNTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjdhNTAxNDlkNWQ1ZTExNWQ2OWJjYWQ4NGQ2YjNkZTI1YmJmYTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdnp76IeYlydE0wIanC+wAxENxQ8
wyIbqFFgl9IERN3iZJdW5HXjLKeeySbEvVy2y2siY0ZmcMMyVEJYESrUhnjpTC43
m75Y0lXnWChpsw4RZ/uq/o1zIeJhVvadWNm1aOUHZ8lJBigDwQbh/pfOzSapcp71
GiGG6dN0xkToG2okO6Z+l2VtRwJ9DBRXz8t26QdXNgFC5VQAw8AMxc8S/AQDckA3
KTUQf/MivjD4gsGgegVnH7k2iazmDFrt3+YyOvFUmMp6MKqBM2iLyuINoDfgg35u
v0hkYhZveN/wZPl8LN2jeaiSsSQp7UPHI1X6Zmrj+DG9hgy1HLwQEqg8rwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKJ6UBSdXV4RXWm8rYTWs94lu/pXMB8GA1UdIwQY
MBaAFP49I6Oe02VvmmBktgnQKi9uSjgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2owam81N1RaVy1hWUdTMkNkQXFMMjVLT0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy84ZTYyZTktNDA2ZC00YWIwLThmZGIt
ZDlhODA4ZWMxYWIxLzEvb25wUUZKMWRYaEZkYWJ5dGhOYXozaVc3LWxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy84ZTYyZTktNDA2ZC00YWIwLThmZGItZDlhODA4ZWMxYWIx
LzEvX2owam81N1RaVy1hWUdTMkNkQXFMMjVLT0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuWDQMA0E
AgACMAcDBQMqBgGAMA0GCSqGSIb3DQEBCwUAA4IBAQBn8tLOMi+jakyTkxJJpfxt
hrtj2NBdcFlBaMhUd/t35XXwDHYjfR9X/TTdVlEO2fdhAlMMxoDH59n2tqUWncz6
3seAhw5ZdIF0/Ds76PfRRLb9rfgdyJ9H9R0U+ItWDiPNGg8eMBc+RxTy4/a6TvCf
+XuGTPtuIMaxkANMB4F9vikSpx5LJ2f42UsUvL5npQZVw3EFosw/qCbKUOvLo4Kd
N9q8GLNqWnahHlZiDV0nGqOUqtTJ0HGb7+RhjOtlKRapmdXrAOCqTMM4G94V60/k
ofRXUwgF0cB4jfYQ5SjbRAfXBGOx+Iida+g0zn50qck8hLOrS9K6TrM3JFL+3Ihl
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:55 2024 by rpki-client on console-ams.rpki-client.org