Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/dOdD92UkPZnDHpWAnZhaqJzjl5Y.roa
File: dOdD92UkPZnDHpWAnZhaqJzjl5Y.roa (raw, json)
Hash identifier: hzKHXrrcIzyCHRhlg43O7zQucqZr4V4WRF35zRTG1is=
Subject key identifier: 74:E7:43:F7:65:24:3D:99:C3:1E:95:80:9D:98:5A:A8:9C:E3:97:96
Certificate issuer: /CN=3a685cf88a7fc43fe1c7fe34a6ff3ddbb414f0b5
Certificate serial: 018CC56E24F9FEA12D7990283C8C6734041B
Authority key identifier: 3A:68:5C:F8:8A:7F:C4:3F:E1:C7:FE:34:A6:FF:3D:DB:B4:14:F0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/dOdD92UkPZnDHpWAnZhaqJzjl5Y.roa
Signing time: Mon 01 Jan 2024 14:29:39 +0000
ROA not before: Mon 01 Jan 2024 14:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39839
IP address blocks: 185.153.252.0/22 maxlen: 24
95.130.208.0/21 maxlen: 24
193.163.102.0/24 maxlen: 24
2a01:630::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Omhc-Ip_xD_hx_40pv8927QU8LU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Omhc-Ip_xD_hx_40pv8927QU8LU.mft
rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:24:f9:fe:a1:2d:79:90:28:3c:8c:67:34:04:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a685cf88a7fc43fe1c7fe34a6ff3ddbb414f0b5
Validity
Not Before: Jan 1 14:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=74e743f765243d99c31e95809d985aa89ce39796
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:da:b5:ef:34:24:eb:19:a5:0d:ce:b4:1d:ac:
bc:58:21:0a:35:ce:4c:02:b7:e1:af:03:41:94:4c:
c6:7d:b4:6b:e3:af:4c:bc:11:2c:e4:cb:f2:77:92:
28:ec:b3:c2:e6:e9:41:80:cd:4e:a0:03:32:91:0b:
3d:31:1b:1b:56:f0:99:1a:7c:65:5b:3c:69:73:1a:
0f:c6:19:8e:2b:0e:a5:15:d4:fd:d5:fc:7b:85:f7:
db:d3:5e:c9:4d:c3:dd:f9:cb:cb:26:69:33:7b:fd:
c7:63:4e:2c:75:d8:a9:1b:64:87:cf:22:31:ef:22:
14:4a:d9:6d:d5:7f:9d:25:a4:ed:64:70:7e:94:e5:
f6:b5:f5:91:d2:a1:9f:43:0f:c4:23:61:30:31:00:
2c:a9:5f:3b:86:ed:29:65:9d:b8:de:e4:c9:74:45:
52:18:ba:dc:73:38:22:6b:bf:39:df:25:ae:65:ed:
b3:8b:3f:9e:31:fa:36:e4:07:33:18:7d:ef:5b:c7:
a7:1e:25:f0:52:68:a7:a6:a3:b4:16:80:20:41:44:
05:26:38:18:83:a9:7d:d3:de:47:67:9f:cf:41:f6:
1f:8d:25:3d:31:0c:4f:98:1e:cf:cd:24:d4:c9:bb:
ab:86:ff:5f:ac:d6:50:5a:a6:8b:b0:cd:fc:21:2e:
0a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:E7:43:F7:65:24:3D:99:C3:1E:95:80:9D:98:5A:A8:9C:E3:97:96
X509v3 Authority Key Identifier:
keyid:3A:68:5C:F8:8A:7F:C4:3F:E1:C7:FE:34:A6:FF:3D:DB:B4:14:F0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Omhc-Ip_xD_hx_40pv8927QU8LU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/dOdD92UkPZnDHpWAnZhaqJzjl5Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d7/e65c27-aef5-486d-b5d7-59d6ca65ccbc/1/Omhc-Ip_xD_hx_40pv8927QU8LU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.130.208.0/21
185.153.252.0/22
193.163.102.0/24
IPv6:
2a01:630::/32
Signature Algorithm: sha256WithRSAEncryption
31:cb:fe:ff:0a:61:5b:22:72:5a:61:db:7d:28:6a:af:3f:bf:
86:a0:b9:9c:6b:03:a4:56:e3:83:0e:50:57:79:f9:75:8c:90:
c5:9a:94:6d:2a:b6:c6:d5:e6:de:ea:ba:e0:dc:d9:62:67:6f:
51:16:77:22:68:8c:53:65:f1:9a:41:be:ca:ae:9b:54:fd:e3:
83:42:45:e8:60:d4:24:ea:87:ae:6a:29:56:b8:7b:92:1c:0a:
b7:d4:25:78:de:eb:f7:f9:53:ed:c5:40:83:59:6b:93:02:11:
6f:f2:46:38:9b:2a:2c:59:1a:a4:55:03:56:e4:9f:9c:d7:7a:
fc:4f:d9:d5:ea:df:bf:73:fc:19:9b:d6:d7:78:9a:03:af:f5:
8a:0d:7f:db:58:12:c1:00:1e:ac:1d:c9:f4:72:d5:50:1f:4c:
bc:52:7a:df:55:23:e0:24:d9:15:7e:91:6a:ad:80:70:ee:13:
73:46:ec:d8:d6:4f:53:ce:65:77:a3:73:70:15:f8:a4:8f:99:
99:4d:0a:3f:d7:f1:82:f8:2b:f3:1e:f1:c3:39:44:28:88:41:
54:07:bb:ce:46:37:0f:ec:22:90:1b:11:eb:58:66:d3:4b:a5:
17:db:9c:16:f7:c6:e8:72:bc:6f:9d:a8:8e:cf:af:50:85:ea:
a7:ff:a5:83
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFbiT5/qEteZAoPIxnNAQbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNjg1Y2Y4OGE3ZmM0M2ZlMWM3ZmUzNGE2ZmYzZGRiYjQx
NGYwYjUwHhcNMjQwMTAxMTQyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NGU3NDNmNzY1MjQzZDk5YzMxZTk1ODA5ZDk4NWFhODljZTM5Nzk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9q17zQk6xmlDc60Hay8WCEKNc5M
ArfhrwNBlEzGfbRr469MvBEs5Mvyd5Io7LPC5ulBgM1OoAMykQs9MRsbVvCZGnxl
WzxpcxoPxhmOKw6lFdT91fx7hffb017JTcPd+cvLJmkze/3HY04sddipG2SHzyIx
7yIUStlt1X+dJaTtZHB+lOX2tfWR0qGfQw/EI2EwMQAsqV87hu0pZZ243uTJdEVS
GLrcczgia7853yWuZe2ziz+eMfo25AczGH3vW8enHiXwUminpqO0FoAgQUQFJjgY
g6l9095HZ5/PQfYfjSU9MQxPmB7PzSTUyburhv9frNZQWqaLsM38IS4KjQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHTnQ/dlJD2Zwx6VgJ2YWqic45eWMB8GA1UdIwQY
MBaAFDpoXPiKf8Q/4cf+NKb/Pdu0FPC1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT21oYy1JcF94RF9oeF80MHB2ODkyN1FVOExVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNy9lNjVjMjctYWVmNS00ODZkLWI1ZDct
NTlkNmNhNjVjY2JjLzEvZE9kRDkyVWtQWm5ESHBXQW5aaGFxSnpqbDVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNy9lNjVjMjctYWVmNS00ODZkLWI1ZDctNTlkNmNhNjVjY2Jj
LzEvT21oYy1JcF94RF9oeF80MHB2ODkyN1FVOExVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDX4LQAwQC
uZn8AwQAwaNmMA0EAgACMAcDBQAqAQYwMA0GCSqGSIb3DQEBCwUAA4IBAQAxy/7/
CmFbInJaYdt9KGqvP7+GoLmcawOkVuODDlBXefl1jJDFmpRtKrbG1ebe6rrg3Nli
Z29RFnciaIxTZfGaQb7KrptU/eODQkXoYNQk6oeuailWuHuSHAq31CV43uv3+VPt
xUCDWWuTAhFv8kY4myosWRqkVQNW5J+c13r8T9nV6t+/c/wZm9bXeJoDr/WKDX/b
WBLBAB6sHcn0ctVQH0y8UnrfVSPgJNkVfpFqrYBw7hNzRuzY1k9TzmV3o3NwFfik
j5mZTQo/1/GC+CvzHvHDOUQoiEFUB7vORjcP7CKQGxHrWGbTS6UX25wW98bocrxv
naiOz69Qheqn/6WD
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:57 2024 by rpki-client on console-fra.rpki-client.org