Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/O3Gh_6okeRiSw7glpG1_M_6crRQ.roa
File: O3Gh_6okeRiSw7glpG1_M_6crRQ.roa (raw, json)
Hash identifier: pRxDeJ3BdGOBf79VVdApMx0n3RsWf69z4LMDl/byqs4=
Subject key identifier: 3B:71:A1:FF:AA:24:79:18:92:C3:B8:25:A4:6D:7F:33:FE:9C:AD:14
Certificate issuer: /CN=bb22cf4c71a95911bd6046d05c0a8ba1646c9ead
Certificate serial: 018CC3B7253414EEF368A1415FDC3217BC3F
Authority key identifier: BB:22:CF:4C:71:A9:59:11:BD:60:46:D0:5C:0A:8B:A1:64:6C:9E:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uyLPTHGpWRG9YEbQXAqLoWRsnq0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/O3Gh_6okeRiSw7glpG1_M_6crRQ.roa
Signing time: Mon 01 Jan 2024 06:30:08 +0000
ROA not before: Mon 01 Jan 2024 06:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198721
IP address blocks: 185.199.112.0/22 maxlen: 24
94.140.28.0/22 maxlen: 24
185.29.204.0/22 maxlen: 24
188.214.0.0/22 maxlen: 24
91.238.116.0/22 maxlen: 24
85.209.112.0/22 maxlen: 24
2a00:a9a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/uyLPTHGpWRG9YEbQXAqLoWRsnq0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/uyLPTHGpWRG9YEbQXAqLoWRsnq0.mft
rsync://rpki.ripe.net/repository/DEFAULT/uyLPTHGpWRG9YEbQXAqLoWRsnq0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 13:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:25:34:14:ee:f3:68:a1:41:5f:dc:32:17:bc:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb22cf4c71a95911bd6046d05c0a8ba1646c9ead
Validity
Not Before: Jan 1 06:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b71a1ffaa24791892c3b825a46d7f33fe9cad14
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3f:ea:b9:bf:37:9d:79:57:2c:ec:0a:48:73:
3a:13:c9:4b:82:ba:b1:fa:17:36:c3:1f:03:2d:fd:
f7:7d:64:af:4c:41:48:75:9c:a8:c6:f1:47:1a:b6:
da:1a:8e:b0:c9:d5:32:8b:ed:91:3f:06:12:bd:62:
6a:ea:9f:67:c1:59:79:6e:da:cc:33:d9:c5:1f:f5:
6d:51:64:db:7a:2e:c7:c7:a3:93:3e:a3:f8:92:e9:
f4:ad:58:6d:07:f1:ff:83:c9:40:03:b0:28:65:e2:
de:4a:3a:92:7f:ab:3b:05:d1:60:19:68:69:7a:1f:
8f:c5:99:5b:79:40:bc:40:fc:b4:be:bc:c0:09:ef:
ab:c1:a9:3f:18:5c:1b:89:d1:43:49:44:8a:3c:a8:
ee:7d:b7:b0:a2:7c:96:b0:c6:80:80:e3:4c:d9:39:
a0:97:ac:aa:21:a5:60:ba:35:60:41:d3:d7:22:bd:
2e:3e:58:30:05:19:0b:75:15:01:c6:8c:14:d5:df:
42:b3:8e:3e:92:0a:be:ba:06:71:dd:45:7b:56:12:
3a:c4:eb:c7:ab:9c:29:7b:25:a4:e5:ba:ca:25:c0:
39:c5:a3:92:9b:18:21:1c:a1:ac:8a:6e:ae:de:37:
24:5c:8f:ee:75:7c:93:bf:ea:a2:13:1c:3e:e2:47:
00:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:71:A1:FF:AA:24:79:18:92:C3:B8:25:A4:6D:7F:33:FE:9C:AD:14
X509v3 Authority Key Identifier:
keyid:BB:22:CF:4C:71:A9:59:11:BD:60:46:D0:5C:0A:8B:A1:64:6C:9E:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uyLPTHGpWRG9YEbQXAqLoWRsnq0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/O3Gh_6okeRiSw7glpG1_M_6crRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/ae825f-6f54-43ea-9b83-bbaec7505d97/1/uyLPTHGpWRG9YEbQXAqLoWRsnq0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.112.0/22
91.238.116.0/22
94.140.28.0/22
185.29.204.0/22
185.199.112.0/22
188.214.0.0/22
IPv6:
2a00:a9a0::/32
Signature Algorithm: sha256WithRSAEncryption
1f:2c:f6:60:97:83:63:b1:5d:93:d3:23:9f:e0:77:33:49:19:
f3:71:17:0b:c4:60:e9:de:5e:14:6f:14:a7:5f:39:80:a9:e4:
07:52:e0:3a:96:8f:68:03:da:1a:c1:a4:98:30:5d:37:c4:ee:
68:78:b7:bb:fa:ed:30:bf:54:03:27:53:91:51:15:5e:64:b7:
72:a2:a3:cc:b1:9d:f8:c5:83:a1:b4:a8:5d:b1:08:69:c8:0a:
91:64:13:38:fa:54:d1:9a:a9:86:f3:c7:48:2d:15:d3:6c:e7:
30:fe:db:76:90:97:4f:a2:11:c6:12:b0:e9:10:50:b1:6b:76:
fd:6a:91:8a:ad:5a:dc:8a:f1:c2:41:07:fe:79:72:ce:6c:e7:
aa:93:6c:98:2a:9c:a8:de:82:5c:58:cc:0e:f4:18:5c:11:6d:
13:c8:85:1a:6b:61:e6:5d:57:47:c9:2c:83:01:13:c4:a6:fe:
97:df:fc:82:f3:09:ea:37:3a:dd:d5:9b:11:ac:c8:f2:5e:19:
fd:1a:9d:8d:64:cd:f8:f0:bc:87:5f:ee:5b:8f:b0:7a:20:4c:
4f:ea:a3:11:0a:4e:fb:b0:4c:61:b9:9d:48:54:94:f4:da:24:
98:36:64:d1:3c:3c:66:6b:b8:0e:f4:a8:d7:6b:ad:c0:77:ba:
eb:0e:06:5e
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzDtyU0FO7zaKFBX9wyF7w/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMjJjZjRjNzFhOTU5MTFiZDYwNDZkMDVjMGE4YmExNjQ2
YzllYWQwHhcNMjQwMTAxMDYzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjcxYTFmZmFhMjQ3OTE4OTJjM2I4MjVhNDZkN2YzM2ZlOWNhZDE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiz/qub83nXlXLOwKSHM6E8lLgrqx
+hc2wx8DLf33fWSvTEFIdZyoxvFHGrbaGo6wydUyi+2RPwYSvWJq6p9nwVl5btrM
M9nFH/VtUWTbei7Hx6OTPqP4kun0rVhtB/H/g8lAA7AoZeLeSjqSf6s7BdFgGWhp
eh+PxZlbeUC8QPy0vrzACe+rwak/GFwbidFDSUSKPKjufbewonyWsMaAgONM2Tmg
l6yqIaVgujVgQdPXIr0uPlgwBRkLdRUBxowU1d9Cs44+kgq+ugZx3UV7VhI6xOvH
q5wpeyWk5brKJcA5xaOSmxghHKGsim6u3jckXI/udXyTv+qiExw+4kcA7QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFDtxof+qJHkYksO4JaRtfzP+nK0UMB8GA1UdIwQY
MBaAFLsiz0xxqVkRvWBG0FwKi6FkbJ6tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXlMUFRIR3BXUkc5WUViUVhBcUxvV1JzbnEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hZTgyNWYtNmY1NC00M2VhLTliODMt
YmJhZWM3NTA1ZDk3LzEvTzNHaF82b2tlUmlTdzdnbHBHMV9NXzZjclJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hZTgyNWYtNmY1NC00M2VhLTliODMtYmJhZWM3NTA1ZDk3
LzEvdXlMUFRIR3BXUkc5WUViUVhBcUxvV1JzbnEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCVdFwAwQC
W+50AwQCXowcAwQCuR3MAwQCucdwAwQCvNYAMA0EAgACMAcDBQAqAKmgMA0GCSqG
SIb3DQEBCwUAA4IBAQAfLPZgl4NjsV2T0yOf4HczSRnzcRcLxGDp3l4UbxSnXzmA
qeQHUuA6lo9oA9oawaSYMF03xO5oeLe7+u0wv1QDJ1ORURVeZLdyoqPMsZ34xYOh
tKhdsQhpyAqRZBM4+lTRmqmG88dILRXTbOcw/tt2kJdPohHGErDpEFCxa3b9apGK
rVrcivHCQQf+eXLObOeqk2yYKpyo3oJcWMwO9BhcEW0TyIUaa2HmXVdHySyDARPE
pv6X3/yC8wnqNzrd1ZsRrMjyXhn9Gp2NZM348LyHX+5bj7B6IExP6qMRCk77sExh
uZ1IVJT02iSYNmTRPDxma7gO9KjXa63Ad7rrDgZe
-----END CERTIFICATE-----
Generated at Fri Jun 21 20:15:41 2024 by rpki-client on console-ams.rpki-client.org