Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/vobfUXfGMZZ0n9d9Ad2Eli3pLc4.roa
File: vobfUXfGMZZ0n9d9Ad2Eli3pLc4.roa (raw, json)
Hash identifier: k6/9BDXygnyI4bcicArS5QIC8rWfGwWCmHpqFvmHezc=
Subject key identifier: BE:86:DF:51:77:C6:31:96:74:9F:D7:7D:01:DD:84:96:2D:E9:2D:CE
Certificate issuer: /CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Certificate serial: 018CCA2BD8C859E310D71749288D8405226B
Authority key identifier: 38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/vobfUXfGMZZ0n9d9Ad2Eli3pLc4.roa
Signing time: Tue 02 Jan 2024 12:35:20 +0000
ROA not before: Tue 02 Jan 2024 12:35:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199652
IP address blocks: 188.214.151.0/24 maxlen: 24
94.177.148.0/23 maxlen: 23
188.241.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:d8:c8:59:e3:10:d7:17:49:28:8d:84:05:22:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38a8550659bb68e770d8b0126b7261fb87d8240b
Validity
Not Before: Jan 2 12:35:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=be86df5177c63196749fd77d01dd84962de92dce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2a:c7:cb:58:5b:f3:ef:ac:54:d7:85:a3:9b:
65:24:67:fc:d1:ec:5c:41:b3:7a:68:26:94:07:4b:
4b:93:31:db:f8:ca:19:dc:e0:3b:c1:71:35:41:e9:
80:da:81:18:41:eb:40:ae:d2:b9:88:3d:8b:8a:c6:
5a:12:95:80:5c:2f:d6:8d:20:cb:36:f5:9e:70:d3:
4b:bf:8c:9b:30:62:63:d6:ea:49:d5:57:f5:f6:fd:
8b:52:f8:fe:22:5a:8d:81:b6:9f:48:57:57:35:f5:
9b:f0:6b:ed:1b:34:7b:6d:fd:0d:1f:d8:cf:72:7f:
51:07:a7:8a:ca:6f:8e:6f:49:c1:68:17:16:e1:01:
c2:6e:ee:68:96:f4:fc:b7:1a:1f:8a:8f:4e:3c:57:
0a:c3:87:ce:55:c3:d8:37:3b:c1:57:f5:7d:f6:17:
a7:90:aa:90:5d:c7:bd:c6:74:be:2b:f6:f8:08:bc:
0d:d7:9c:34:e7:c1:a6:99:98:2e:68:7f:e7:e6:8a:
90:bf:d8:f6:91:57:cc:bf:48:70:b7:fa:11:8d:50:
e0:be:e5:3e:3a:f3:ed:dc:2f:cc:ae:61:52:bb:4f:
0d:cc:c9:21:23:06:97:4b:75:e2:98:08:e6:11:a1:
77:fe:93:ab:dd:82:c5:c3:ce:5e:e8:61:6a:40:91:
6b:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:86:DF:51:77:C6:31:96:74:9F:D7:7D:01:DD:84:96:2D:E9:2D:CE
X509v3 Authority Key Identifier:
keyid:38:A8:55:06:59:BB:68:E7:70:D8:B0:12:6B:72:61:FB:87:D8:24:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OKhVBlm7aOdw2LASa3Jh-4fYJAs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/vobfUXfGMZZ0n9d9Ad2Eli3pLc4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/7dce73-c4df-4333-8e81-1d703b496634/1/OKhVBlm7aOdw2LASa3Jh-4fYJAs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.177.148.0/23
188.214.151.0/24
188.241.69.0/24
Signature Algorithm: sha256WithRSAEncryption
31:5b:d5:0f:4d:c2:da:9e:4d:d1:43:87:87:c4:55:b1:f5:06:
a3:85:d0:e1:70:3c:22:ab:f4:c9:96:dd:ec:b3:03:cd:57:57:
c8:55:d0:c7:10:01:e3:a8:fc:07:80:79:78:70:ba:86:b4:99:
df:e2:66:4f:cd:d9:85:50:b0:d4:aa:6f:39:5b:06:46:f8:ac:
bf:fc:40:69:1c:6e:43:24:4c:d5:cb:fc:c6:1b:a1:14:43:be:
e1:02:e1:06:65:8f:8f:5c:b7:6b:d0:c3:1e:e8:ed:ac:6c:15:
e2:a2:c5:0b:ff:d8:44:8e:c5:98:dc:eb:18:ff:86:2b:1c:1b:
4d:86:de:d6:fe:7f:f7:15:41:fa:01:f8:2c:cb:02:b2:1e:d8:
e2:b9:86:45:ca:2e:03:f6:62:16:04:5a:02:f0:0f:0c:67:34:
31:51:db:a7:4c:c4:eb:00:d6:fa:71:ca:18:7e:1c:9e:c4:2f:
ad:23:34:e2:cb:21:90:4a:88:0f:20:91:9a:11:c0:06:df:25:
33:eb:bb:bf:65:1e:f9:b3:5d:7a:9c:a9:cd:8b:79:ed:56:1d:
7c:12:0e:2d:20:b4:9f:78:93:13:4d:04:ec:b2:f5:52:7d:09:
65:ed:c5:4f:45:bd:a7:cf:20:09:02:57:ba:bf:a7:72:eb:cd:
21:3b:81:86
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzKK9jIWeMQ1xdJKI2EBSJrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YTg1NTA2NTliYjY4ZTc3MGQ4YjAxMjZiNzI2MWZiODdk
ODI0MGIwHhcNMjQwMTAyMTIzNTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTg2ZGY1MTc3YzYzMTk2NzQ5ZmQ3N2QwMWRkODQ5NjJkZTkyZGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSrHy1hb8++sVNeFo5tlJGf80exc
QbN6aCaUB0tLkzHb+MoZ3OA7wXE1QemA2oEYQetArtK5iD2LisZaEpWAXC/WjSDL
NvWecNNLv4ybMGJj1upJ1Vf19v2LUvj+IlqNgbafSFdXNfWb8GvtGzR7bf0NH9jP
cn9RB6eKym+Ob0nBaBcW4QHCbu5olvT8txofio9OPFcKw4fOVcPYNzvBV/V99hen
kKqQXce9xnS+K/b4CLwN15w058GmmZguaH/n5oqQv9j2kVfMv0hwt/oRjVDgvuU+
OvPt3C/MrmFSu08NzMkhIwaXS3XimAjmEaF3/pOr3YLFw85e6GFqQJFr7QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFL6G31F3xjGWdJ/XfQHdhJYt6S3OMB8GA1UdIwQY
MBaAFDioVQZZu2jncNiwEmtyYfuH2CQLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEt
MWQ3MDNiNDk2NjM0LzEvdm9iZlVYZkdNWlowbjlkOUFkMkVsaTNwTGM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi83ZGNlNzMtYzRkZi00MzMzLThlODEtMWQ3MDNiNDk2NjM0
LzEvT0toVkJsbTdhT2R3MkxBU2EzSmgtNGZZSkFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBXrGUAwQA
vNaXAwQAvPFFMA0GCSqGSIb3DQEBCwUAA4IBAQAxW9UPTcLank3RQ4eHxFWx9Qaj
hdDhcDwiq/TJlt3sswPNV1fIVdDHEAHjqPwHgHl4cLqGtJnf4mZPzdmFULDUqm85
WwZG+Ky//EBpHG5DJEzVy/zGG6EUQ77hAuEGZY+PXLdr0MMe6O2sbBXiosUL/9hE
jsWY3OsY/4YrHBtNht7W/n/3FUH6AfgsywKyHtjiuYZFyi4D9mIWBFoC8A8MZzQx
UdunTMTrANb6ccoYfhyexC+tIzTiyyGQSogPIJGaEcAG3yUz67u/ZR75s116nKnN
i3ntVh18Eg4tILSfeJMTTQTssvVSfQll7cVPRb2nzyAJAle6v6dy680hO4GG
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:39:20 2024 by rpki-client on console-fra.rpki-client.org