Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/O-7sU9_MZlIvdSG5HPeR_I0IJ4A.roa
File: O-7sU9_MZlIvdSG5HPeR_I0IJ4A.roa (raw, json)
Hash identifier: H7N9np4xGeenYMCvYq01MCB4NhXmKz+Ecv+xsHlcYKY=
Subject key identifier: 3B:EE:EC:53:DF:CC:66:52:2F:75:21:B9:1C:F7:91:FC:8D:08:27:80
Certificate issuer: /CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Certificate serial: 018CC6B91ECF34592082E6A2EA18CAD73E2F
Authority key identifier: B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/O-7sU9_MZlIvdSG5HPeR_I0IJ4A.roa
Signing time: Mon 01 Jan 2024 20:31:09 +0000
ROA not before: Mon 01 Jan 2024 20:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61272
IP address blocks: 91.216.163.0/24 maxlen: 32
213.252.228.0/22 maxlen: 32
213.252.232.0/23 maxlen: 32
213.252.238.0/23 maxlen: 32
85.206.160.0/20 maxlen: 32
185.64.104.0/22 maxlen: 32
88.119.160.0/20 maxlen: 32
185.25.48.0/22 maxlen: 32
85.206.240.0/22 maxlen: 32
2a04:2181:c010::/48 maxlen: 64
2a04:2181:c011::/48 maxlen: 64
2a04:2181:c012::/48 maxlen: 64
2a04:2180::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.mft
rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:1e:cf:34:59:20:82:e6:a2:ea:18:ca:d7:3e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b66ea7359221c1b77d6cc006f7b6706a9a908299
Validity
Not Before: Jan 1 20:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3beeec53dfcc66522f7521b91cf791fc8d082780
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:97:6f:56:ef:a0:f0:92:75:b9:3a:69:b0:01:
30:d7:39:67:e3:d7:d5:b5:73:34:41:11:43:ab:7b:
79:41:9c:24:83:ed:19:e1:4a:41:4c:26:a5:a7:03:
a3:f3:94:75:ee:b7:9c:45:8a:ec:da:2b:b6:b7:60:
67:84:50:2f:15:98:30:8c:c9:47:34:c4:1c:ca:8b:
e7:ae:de:6b:fb:5c:7e:54:5b:c1:c0:2c:40:c3:f4:
54:76:e5:ff:81:99:98:7a:42:52:ac:0a:fc:31:05:
74:0e:c8:8a:8d:61:22:b1:8d:56:fc:7a:5a:8c:fc:
2a:db:c6:ee:64:ee:13:b1:72:fa:85:17:82:79:7a:
4c:16:97:f8:8b:76:70:e7:cb:27:50:e4:1f:e7:33:
7e:a6:a4:c1:ad:65:9e:7e:31:8b:af:3d:5a:f2:16:
8c:5d:36:dc:7c:7a:e7:bf:ec:03:5d:ce:cf:c9:68:
19:a8:f4:38:54:f6:d1:17:c9:e7:90:56:4d:81:a7:
8f:fe:12:65:67:0a:c0:56:a6:e8:e9:d8:8d:29:a7:
8a:7a:2c:95:1b:bc:04:26:ff:9d:25:6b:b8:80:8a:
eb:0f:6f:8f:d8:05:f3:6d:2c:a6:6d:a4:93:79:f1:
93:fe:33:64:5e:d6:80:fa:7c:0b:e5:60:5a:95:90:
37:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:EE:EC:53:DF:CC:66:52:2F:75:21:B9:1C:F7:91:FC:8D:08:27:80
X509v3 Authority Key Identifier:
keyid:B6:6E:A7:35:92:21:C1:B7:7D:6C:C0:06:F7:B6:70:6A:9A:90:82:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tm6nNZIhwbd9bMAG97ZwapqQgpk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/O-7sU9_MZlIvdSG5HPeR_I0IJ4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/f87a2e-46b1-4a66-a90c-699835c92bfe/1/tm6nNZIhwbd9bMAG97ZwapqQgpk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.206.160.0/20
85.206.240.0/22
88.119.160.0/20
91.216.163.0/24
185.25.48.0/22
185.64.104.0/22
213.252.228.0-213.252.233.255
213.252.238.0/23
IPv6:
2a04:2180::/32
2a04:2181:c010::-2a04:2181:c012:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3d:99:1f:5a:2e:7d:74:39:74:9b:59:49:c8:8c:f9:37:98:cc:
8b:f3:38:01:36:52:f3:59:5e:0c:51:86:df:b5:f2:d7:38:26:
15:a5:1b:d9:1b:6b:91:9a:6a:ac:49:aa:ff:14:14:1e:3c:e8:
f7:f9:fb:8d:78:d1:a1:40:d2:ce:05:5e:67:97:84:ef:5f:95:
21:ca:ec:19:e0:9a:e4:81:db:1a:c8:94:bd:14:7f:77:b5:66:
ff:9b:a8:fe:8f:94:db:15:6e:c5:df:fb:87:2c:ed:19:90:82:
8f:82:c4:36:c9:74:5f:f2:71:24:6b:1d:5c:5c:0b:52:98:76:
87:94:10:3b:4a:4c:c4:56:e2:83:d4:96:f6:d7:cb:83:c1:2c:
61:dd:af:f0:00:38:14:07:c0:c6:19:d3:02:a0:bc:b4:72:e2:
0e:df:4f:db:5d:c6:ed:74:7c:94:f8:d1:7e:18:61:f7:44:96:
fd:3b:9e:f4:f6:21:44:59:65:23:c7:ac:25:bb:31:82:7e:53:
e9:de:c5:d2:28:1e:84:a8:44:bb:5f:7d:d3:a8:40:7b:7f:ad:
34:4a:d9:a9:49:a0:75:c0:7f:2d:3a:f0:aa:ec:df:c2:f5:1d:
84:37:46:f4:9e:e9:db:ce:12:47:92:8e:41:1c:64:cf:e9:a7:
c3:91:7e:c4
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYzGuR7PNFkgguai6hjK1z4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2NmVhNzM1OTIyMWMxYjc3ZDZjYzAwNmY3YjY3MDZhOWE5
MDgyOTkwHhcNMjQwMTAxMjAzMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmVlZWM1M2RmY2M2NjUyMmY3NTIxYjkxY2Y3OTFmYzhkMDgyNzgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZdvVu+g8JJ1uTppsAEw1zln49fV
tXM0QRFDq3t5QZwkg+0Z4UpBTCalpwOj85R17recRYrs2iu2t2BnhFAvFZgwjMlH
NMQcyovnrt5r+1x+VFvBwCxAw/RUduX/gZmYekJSrAr8MQV0DsiKjWEisY1W/Hpa
jPwq28buZO4TsXL6hReCeXpMFpf4i3Zw58snUOQf5zN+pqTBrWWefjGLrz1a8haM
XTbcfHrnv+wDXc7PyWgZqPQ4VPbRF8nnkFZNgaeP/hJlZwrAVqbo6diNKaeKeiyV
G7wEJv+dJWu4gIrrD2+P2AXzbSymbaSTefGT/jNkXtaA+nwL5WBalZA3MQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFDvu7FPfzGZSL3UhuRz3kfyNCCeAMB8GA1UdIwQY
MBaAFLZupzWSIcG3fWzABve2cGqakIKZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMt
Njk5ODM1YzkyYmZlLzEvTy03c1U5X01abEl2ZFNHNUhQZVJfSTBJSjRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9mODdhMmUtNDZiMS00YTY2LWE5MGMtNjk5ODM1YzkyYmZl
LzEvdG02bk5aSWh3YmQ5Yk1BRzk3WndhcHFRZ3BrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzA+BAIAATA4AwQEVc6gAwQC
Vc7wAwQEWHegAwQAW9ijAwQCuRkwAwQCuUBoMAwDBALV/OQDBAHV/OgDBAHV/O4w
IQQCAAIwGwMFACoEIYAwEgMHBCoEIYHAEAMHACoEIYHAEjANBgkqhkiG9w0BAQsF
AAOCAQEAPZkfWi59dDl0m1lJyIz5N5jMi/M4ATZS81leDFGG37Xy1zgmFaUb2Rtr
kZpqrEmq/xQUHjzo9/n7jXjRoUDSzgVeZ5eE71+VIcrsGeCa5IHbGsiUvRR/d7Vm
/5uo/o+U2xVuxd/7hyztGZCCj4LENsl0X/JxJGsdXFwLUph2h5QQO0pMxFbig9SW
9tfLg8EsYd2v8AA4FAfAxhnTAqC8tHLiDt9P213G7XR8lPjRfhhh90SW/Tue9PYh
RFllI8esJbsxgn5T6d7F0igehKhEu19906hAe3+tNErZqUmgdcB/LTrwquzfwvUd
hDdG9J7p284SR5KOQRxkz+mnw5F+xA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:27:23 2024 by rpki-client on console-ams.rpki-client.org