Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/O5gGvkSFGMTbIGScfDdPWMEc98k.roa
File: O5gGvkSFGMTbIGScfDdPWMEc98k.roa (raw, json)
Hash identifier: QO9QxHXIJrNQJmGPYGPPyjg8BIKrdsrtj4OVg0Bmbh0=
Subject key identifier: 3B:98:06:BE:44:85:18:C4:DB:20:64:9C:7C:37:4F:58:C1:1C:F7:C9
Certificate issuer: /CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
Certificate serial: 018CC26D41333432A74F60924AFF74D1D142
Authority key identifier: 82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/O5gGvkSFGMTbIGScfDdPWMEc98k.roa
Signing time: Mon 01 Jan 2024 00:29:49 +0000
ROA not before: Mon 01 Jan 2024 00:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50290
IP address blocks: 31.15.124.0/22 maxlen: 22
109.69.32.0/22 maxlen: 22
185.74.174.0/24 maxlen: 24
46.30.132.0/22 maxlen: 22
46.30.130.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/gmf7Sgtne4N3kHuC-x-4gQov7wg.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/gmf7Sgtne4N3kHuC-x-4gQov7wg.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:41:33:34:32:a7:4f:60:92:4a:ff:74:d1:d1:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8267fb4a0b677b8377907b82fb1fb8810a2fef08
Validity
Not Before: Jan 1 00:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b9806be448518c4db20649c7c374f58c11cf7c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:89:b7:29:90:b3:2f:08:a8:e8:4f:6b:47:6e:
35:ce:4f:97:77:48:8d:ff:2e:bd:d5:df:7c:57:6d:
5e:cb:f9:f2:0b:a7:56:4d:0a:62:fb:3d:c8:2e:82:
fe:20:36:74:3f:94:42:7a:03:d9:96:fe:af:89:18:
bc:44:32:fd:60:a3:11:cc:f1:ad:ee:bf:7f:aa:4b:
b7:03:f5:72:e5:7d:15:75:16:d9:d4:28:35:fb:12:
e7:d6:70:cc:ca:6a:37:de:83:df:f3:73:9c:ef:53:
a7:c0:1d:ef:ac:54:4c:4e:4b:75:9e:0c:12:a9:ef:
0b:38:3c:57:46:8e:ca:e9:be:8a:02:0b:a1:d6:c9:
7b:48:e1:3a:73:b1:f8:f3:42:9f:2c:ba:11:86:dc:
2a:d4:d0:66:fd:2f:5f:99:05:bb:8d:39:76:37:ae:
80:6f:2c:c6:97:e1:ea:56:dd:c3:50:cb:1b:d7:8d:
bb:9c:a3:d6:85:3a:69:95:74:63:3f:1c:79:2d:1f:
79:85:27:cc:71:ac:c9:04:e7:34:cc:09:f1:a0:5d:
8f:4a:c5:c8:ac:5f:cd:e5:dc:bc:a1:4d:10:f3:88:
b9:f3:23:78:72:61:fd:10:8b:f4:79:dc:18:a1:4a:
83:86:01:2f:56:cc:b4:ed:b9:08:64:f5:d2:b7:4b:
f5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:98:06:BE:44:85:18:C4:DB:20:64:9C:7C:37:4F:58:C1:1C:F7:C9
X509v3 Authority Key Identifier:
keyid:82:67:FB:4A:0B:67:7B:83:77:90:7B:82:FB:1F:B8:81:0A:2F:EF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmf7Sgtne4N3kHuC-x-4gQov7wg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/O5gGvkSFGMTbIGScfDdPWMEc98k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0dda42-53a5-4aba-86ae-639e14d04de6/1/gmf7Sgtne4N3kHuC-x-4gQov7wg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.15.124.0/22
46.30.130.0-46.30.135.255
109.69.32.0/22
185.74.174.0/24
Signature Algorithm: sha256WithRSAEncryption
91:1a:f4:ba:47:a2:fe:6a:28:5e:44:68:55:d9:2d:ba:ca:d3:
20:36:ed:c1:16:ba:f9:fd:99:f7:75:4d:76:3f:65:a2:b0:61:
fb:84:b9:f1:f7:bb:b4:6f:88:4a:a9:ff:55:72:9a:1d:dd:3e:
d1:27:89:53:f2:54:82:9b:c3:42:d2:82:33:34:b9:63:65:8f:
d6:32:5b:73:8c:aa:98:e9:2d:3c:20:e2:b0:ed:d0:0d:d8:e6:
85:48:e5:66:2f:16:ec:68:bf:56:10:6f:a9:f2:c8:0f:2e:3d:
5c:2a:13:47:35:10:b8:63:19:6d:c3:6e:dc:4e:37:37:6f:f6:
0e:de:8b:ae:68:cc:ef:ac:ff:4e:15:1e:4f:c5:f6:e1:92:76:
32:e1:9c:cd:c1:9d:63:c0:e2:a9:66:61:9b:a7:21:f2:41:d6:
a5:3e:6e:14:fc:b2:a1:37:5b:04:e1:2c:48:e2:dc:54:2f:2c:
98:42:bb:e8:a3:a0:67:54:52:7e:e1:77:ab:34:de:4b:82:83:
1a:da:a1:02:1e:9a:55:ed:bb:d1:76:6f:39:1e:aa:d0:5b:0e:
f8:58:ec:b8:e1:37:0e:1c:09:a2:2f:25:ff:07:55:f8:de:a6:
ad:16:ff:17:90:c2:4a:88:94:53:8b:96:2a:1c:c2:c2:0a:90:
6f:f0:48:44
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzCbUEzNDKnT2CSSv900dFCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjdmYjRhMGI2NzdiODM3NzkwN2I4MmZiMWZiODgxMGEy
ZmVmMDgwHhcNMjQwMTAxMDAyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjk4MDZiZTQ0ODUxOGM0ZGIyMDY0OWM3YzM3NGY1OGMxMWNmN2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhom3KZCzLwio6E9rR241zk+Xd0iN
/y691d98V21ey/nyC6dWTQpi+z3ILoL+IDZ0P5RCegPZlv6viRi8RDL9YKMRzPGt
7r9/qku3A/Vy5X0VdRbZ1Cg1+xLn1nDMymo33oPf83Oc71OnwB3vrFRMTkt1ngwS
qe8LODxXRo7K6b6KAguh1sl7SOE6c7H480KfLLoRhtwq1NBm/S9fmQW7jTl2N66A
byzGl+HqVt3DUMsb1427nKPWhTpplXRjPxx5LR95hSfMcazJBOc0zAnxoF2PSsXI
rF/N5dy8oU0Q84i58yN4cmH9EIv0edwYoUqDhgEvVsy07bkIZPXSt0v1MQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDuYBr5EhRjE2yBknHw3T1jBHPfJMB8GA1UdIwQY
MBaAFIJn+0oLZ3uDd5B7gvsfuIEKL+8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21mN1NndG5lNE4za0h1Qy14LTRnUW92N3dnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wZGRhNDItNTNhNS00YWJhLTg2YWUt
NjM5ZTE0ZDA0ZGU2LzEvTzVnR3ZrU0ZHTVRiSUdTY2ZEZFBXTUVjOThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wZGRhNDItNTNhNS00YWJhLTg2YWUtNjM5ZTE0ZDA0ZGU2
LzEvZ21mN1NndG5lNE4za0h1Qy14LTRnUW92N3dnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCHw98MAwD
BAEuHoIDBAMuHoADBAJtRSADBAC5Sq4wDQYJKoZIhvcNAQELBQADggEBAJEa9LpH
ov5qKF5EaFXZLbrK0yA27cEWuvn9mfd1TXY/ZaKwYfuEufH3u7RviEqp/1Vymh3d
PtEniVPyVIKbw0LSgjM0uWNlj9YyW3OMqpjpLTwg4rDt0A3Y5oVI5WYvFuxov1YQ
b6nyyA8uPVwqE0c1ELhjGW3DbtxONzdv9g7ei65ozO+s/04VHk/F9uGSdjLhnM3B
nWPA4qlmYZunIfJB1qU+bhT8sqE3WwThLEji3FQvLJhCu+ijoGdUUn7hd6s03kuC
gxraoQIemlXtu9F2bzkeqtBbDvhY7LjhNw4cCaIvJf8HVfjepq0W/xeQwkqIlFOL
liocwsIKkG/wSEQ=
-----END CERTIFICATE-----
Generated at Sun May 19 21:15:12 2024 by rpki-client on console-fra.rpki-client.org