Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/O2Dg5vRK_bMgT7WmPURjIltpLJk.roa
File: O2Dg5vRK_bMgT7WmPURjIltpLJk.roa (raw, json)
Hash identifier: XNdkc7B0heg7AmdUC3QPVbvNJlAzO5MFqj2ywd0fz2o=
Subject key identifier: 3B:60:E0:E6:F4:4A:FD:B3:20:4F:B5:A6:3D:44:63:22:5B:69:2C:99
Certificate issuer: /CN=efea177bcc2b0ef64cab604e6e6427b1ade0bf69
Certificate serial: 019300DA37DE001C3B18A599931A5AC1C27B
Authority key identifier: EF:EA:17:7B:CC:2B:0E:F6:4C:AB:60:4E:6E:64:27:B1:AD:E0:BF:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7-oXe8wrDvZMq2BObmQnsa3gv2k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/O2Dg5vRK_bMgT7WmPURjIltpLJk.roa
Signing time: Wed 06 Nov 2024 09:42:01 +0000
ROA not before: Wed 06 Nov 2024 09:42:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209041
IP address blocks: 81.21.224.0/24 maxlen: 24
81.21.225.0/24 maxlen: 24
81.21.226.0/24 maxlen: 24
81.21.227.0/24 maxlen: 24
2a0d:26c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/7-oXe8wrDvZMq2BObmQnsa3gv2k.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/7-oXe8wrDvZMq2BObmQnsa3gv2k.mft
rsync://rpki.ripe.net/repository/DEFAULT/7-oXe8wrDvZMq2BObmQnsa3gv2k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:00:da:37:de:00:1c:3b:18:a5:99:93:1a:5a:c1:c2:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efea177bcc2b0ef64cab604e6e6427b1ade0bf69
Validity
Not Before: Nov 6 09:42:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b60e0e6f44afdb3204fb5a63d4463225b692c99
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4b:15:32:fd:e2:1c:65:6c:31:b5:08:80:56:
7d:6c:34:33:ca:8f:7f:bd:ae:b9:e9:cd:d6:3b:b6:
47:c6:e9:c0:17:44:6d:1e:6c:f4:a8:db:bd:04:08:
52:34:0b:b4:a5:7d:95:e4:32:29:61:e1:11:9b:a3:
d9:b1:b5:1b:50:2e:cd:98:a7:be:09:62:d3:3b:ae:
0c:c6:1a:18:6a:98:cb:a7:7d:4f:be:33:42:77:31:
ee:1d:21:17:dc:69:51:1c:9b:28:0b:a4:e4:1f:86:
c0:2e:cd:a0:f0:5d:57:0e:f9:77:a0:1e:08:8c:28:
79:98:83:e7:01:75:f1:6b:47:95:51:89:1b:a3:74:
52:b6:cb:68:33:78:cd:31:de:02:ea:75:9a:76:d4:
75:b9:ae:0e:36:f9:1c:9b:9d:1a:93:6e:bd:13:f2:
fc:2b:e1:92:17:13:52:fd:9b:bb:dd:ec:00:3c:db:
35:7c:fb:2f:2f:81:0b:ab:92:3b:18:ed:87:41:50:
bb:fe:5d:b9:b2:52:eb:a7:b8:9b:ab:1c:11:5f:25:
e5:fc:da:94:89:0c:8f:3c:87:35:a4:df:13:5a:e7:
63:6c:15:66:80:89:c6:b0:d9:50:4e:a0:2c:04:92:
05:2b:07:ff:ca:ae:d8:50:11:5d:de:f8:a4:e0:97:
17:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:60:E0:E6:F4:4A:FD:B3:20:4F:B5:A6:3D:44:63:22:5B:69:2C:99
X509v3 Authority Key Identifier:
keyid:EF:EA:17:7B:CC:2B:0E:F6:4C:AB:60:4E:6E:64:27:B1:AD:E0:BF:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7-oXe8wrDvZMq2BObmQnsa3gv2k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/O2Dg5vRK_bMgT7WmPURjIltpLJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/6ef09b-802a-45f7-9e7f-06d530cefd8a/1/7-oXe8wrDvZMq2BObmQnsa3gv2k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.21.224.0/22
IPv6:
2a0d:26c0::/32
Signature Algorithm: sha256WithRSAEncryption
9d:87:21:4e:ae:d6:15:4f:2c:02:02:78:a9:ac:65:55:53:99:
33:40:fb:98:65:80:01:93:00:b2:02:90:51:d0:cf:95:75:16:
7c:96:3f:42:f5:98:15:c2:c0:97:c2:b8:65:3f:7e:ed:82:37:
50:70:6e:77:f2:51:70:78:93:c9:d8:9d:67:e3:b1:db:7a:8f:
e6:90:26:99:9a:a0:a4:bd:36:bb:c0:9e:40:d2:6d:e8:0f:11:
0a:c1:20:7c:91:55:7c:3d:cc:92:7e:cf:b1:e5:7f:64:9b:ca:
34:66:a2:c0:e0:49:6e:67:92:ab:a1:d8:c6:b0:65:cb:6d:15:
40:c3:5f:5f:66:f4:87:86:48:0d:87:7c:e5:15:f6:8c:3f:25:
47:71:53:9d:94:6c:e5:52:e7:56:b2:68:51:a9:fc:84:b2:3e:
d8:1f:99:d6:ec:df:72:9b:fa:af:0b:6c:08:92:00:79:82:46:
74:3b:5f:a9:ee:d4:75:27:5c:cf:06:0c:65:42:48:5d:16:95:
c3:8b:33:e4:93:58:2a:52:9c:77:3d:94:e9:80:ce:dd:76:f5:
ef:19:b4:ac:31:f3:ab:c0:b0:4d:af:7a:37:a4:46:61:26:36:
d4:26:3e:81:2b:e0:83:7e:0b:8b:77:33:7b:67:71:d5:22:a6:
f3:61:08:44
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZMA2jfeABw7GKWZkxpawcJ7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmZWExNzdiY2MyYjBlZjY0Y2FiNjA0ZTZlNjQyN2IxYWRl
MGJmNjkwHhcNMjQxMTA2MDk0MjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjYwZTBlNmY0NGFmZGIzMjA0ZmI1YTYzZDQ0NjMyMjViNjkyYzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0UsVMv3iHGVsMbUIgFZ9bDQzyo9/
va656c3WO7ZHxunAF0RtHmz0qNu9BAhSNAu0pX2V5DIpYeERm6PZsbUbUC7NmKe+
CWLTO64MxhoYapjLp31PvjNCdzHuHSEX3GlRHJsoC6TkH4bALs2g8F1XDvl3oB4I
jCh5mIPnAXXxa0eVUYkbo3RStstoM3jNMd4C6nWadtR1ua4ONvkcm50ak269E/L8
K+GSFxNS/Zu73ewAPNs1fPsvL4ELq5I7GO2HQVC7/l25slLrp7ibqxwRXyXl/NqU
iQyPPIc1pN8TWudjbBVmgInGsNlQTqAsBJIFKwf/yq7YUBFd3vik4JcXQQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDtg4Ob0Sv2zIE+1pj1EYyJbaSyZMB8GA1UdIwQY
MBaAFO/qF3vMKw72TKtgTm5kJ7Gt4L9pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNy1vWGU4d3JEdlpNcTJCT2JtUW5zYTNndjJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy82ZWYwOWItODAyYS00NWY3LTllN2Yt
MDZkNTMwY2VmZDhhLzEvTzJEZzV2UktfYk1nVDdXbVBVUmpJbHRwTEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy82ZWYwOWItODAyYS00NWY3LTllN2YtMDZkNTMwY2VmZDhh
LzEvNy1vWGU4d3JEdlpNcTJCT2JtUW5zYTNndjJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCURXgMA0E
AgACMAcDBQAqDSbAMA0GCSqGSIb3DQEBCwUAA4IBAQCdhyFOrtYVTywCAniprGVV
U5kzQPuYZYABkwCyApBR0M+VdRZ8lj9C9ZgVwsCXwrhlP37tgjdQcG538lFweJPJ
2J1n47Hbeo/mkCaZmqCkvTa7wJ5A0m3oDxEKwSB8kVV8PcySfs+x5X9km8o0ZqLA
4EluZ5KrodjGsGXLbRVAw19fZvSHhkgNh3zlFfaMPyVHcVOdlGzlUudWsmhRqfyE
sj7YH5nW7N9ym/qvC2wIkgB5gkZ0O1+p7tR1J1zPBgxlQkhdFpXDizPkk1gqUpx3
PZTpgM7ddvXvGbSsMfOrwLBNr3o3pEZhJjbUJj6BK+CDfguLdzN7Z3HVIqbzYQhE
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:35:30 2024 by rpki-client on console-ams.rpki-client.org