Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/6690c1-0a64-422d-bb0e-43d7eb72551d/1/oTj5l5Y1vWqIQ80kU_q_poFbouw.roa
File: oTj5l5Y1vWqIQ80kU_q_poFbouw.roa (raw, json)
Hash identifier: 7heNHBJoX+vLRAsZq6NuJb/lFlFSquBA+/QrqoFIcB8=
Subject key identifier: A1:38:F9:97:96:35:BD:6A:88:43:CD:24:53:FA:BF:A6:81:5B:A2:EC
Certificate issuer: /CN=dd9158e3e41f60ffbf7ecaff72307d3dc95277f5
Certificate serial: 019234BFF78E4DEE0076B52B70E1F21A764F
Authority key identifier: DD:91:58:E3:E4:1F:60:FF:BF:7E:CA:FF:72:30:7D:3D:C9:52:77:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZFY4-QfYP-_fsr_cjB9PclSd_U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/6690c1-0a64-422d-bb0e-43d7eb72551d/1/oTj5l5Y1vWqIQ80kU_q_poFbouw.roa
Signing time: Fri 27 Sep 2024 18:30:48 +0000
ROA not before: Fri 27 Sep 2024 18:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34080
IP address blocks: 45.129.24.0/22 maxlen: 22
93.95.32.0/21 maxlen: 21
217.196.208.0/20 maxlen: 20
217.197.32.0/20 maxlen: 20
2a02:1f0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/6690c1-0a64-422d-bb0e-43d7eb72551d/1/3ZFY4-QfYP-_fsr_cjB9PclSd_U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/6690c1-0a64-422d-bb0e-43d7eb72551d/1/3ZFY4-QfYP-_fsr_cjB9PclSd_U.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ZFY4-QfYP-_fsr_cjB9PclSd_U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 09:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:34:bf:f7:8e:4d:ee:00:76:b5:2b:70:e1:f2:1a:76:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd9158e3e41f60ffbf7ecaff72307d3dc95277f5
Validity
Not Before: Sep 27 18:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a138f9979635bd6a8843cd2453fabfa6815ba2ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4e:cc:0f:50:c0:f8:53:de:e0:55:59:ec:26:
fc:cc:33:fe:d1:b1:23:5d:2f:14:95:fd:a7:f0:57:
7b:e3:38:74:13:5b:0a:3a:2d:c7:33:0e:c8:9c:e2:
b2:27:53:ec:0f:81:38:44:f1:6a:17:d9:f5:93:cc:
2b:6d:be:d7:9b:1c:02:06:c3:eb:10:24:97:0a:01:
b8:85:4d:c4:f1:a6:79:63:a5:79:5d:65:9b:24:1d:
5d:c1:2d:7c:1a:13:33:1b:36:a5:ca:db:01:53:0b:
d3:e6:3b:52:2e:f3:b5:66:27:e3:66:15:53:69:84:
b9:3d:1d:91:c9:ab:92:a0:73:a4:13:c3:9e:a3:3a:
f5:20:09:e6:bc:12:73:48:2c:85:97:12:24:b3:9a:
1d:8c:b6:4a:d6:a2:4d:09:7d:bf:7f:f1:2c:6f:9f:
b0:3f:c3:86:17:e8:b6:35:11:65:40:25:8b:50:99:
d6:52:b8:3c:a2:6a:b5:78:9b:65:dc:49:b3:ae:cb:
3d:51:5e:68:61:c6:31:5a:99:af:e5:15:66:53:57:
a4:96:f8:4e:c2:d1:30:49:46:54:a4:dd:b3:5d:96:
c6:ef:5c:6c:42:f7:1e:6c:c0:7b:04:7a:29:4b:e1:
79:c7:dc:0f:a9:03:0d:0e:4e:32:2c:9e:7b:19:0e:
30:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:38:F9:97:96:35:BD:6A:88:43:CD:24:53:FA:BF:A6:81:5B:A2:EC
X509v3 Authority Key Identifier:
keyid:DD:91:58:E3:E4:1F:60:FF:BF:7E:CA:FF:72:30:7D:3D:C9:52:77:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZFY4-QfYP-_fsr_cjB9PclSd_U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6690c1-0a64-422d-bb0e-43d7eb72551d/1/oTj5l5Y1vWqIQ80kU_q_poFbouw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/6690c1-0a64-422d-bb0e-43d7eb72551d/1/3ZFY4-QfYP-_fsr_cjB9PclSd_U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.24.0/22
93.95.32.0/21
217.196.208.0/20
217.197.32.0/20
IPv6:
2a02:1f0::/32
Signature Algorithm: sha256WithRSAEncryption
81:71:5c:91:91:de:31:69:62:2f:d9:a4:5b:41:54:01:38:d0:
f0:9c:46:94:dc:9f:82:56:56:21:e2:df:ef:f9:3f:de:3f:97:
b4:e9:10:b8:f8:f8:0b:44:87:fe:06:87:31:12:cc:d3:a6:75:
06:6c:08:77:1c:07:50:71:91:e3:97:8e:90:93:ef:ec:e5:4b:
98:ea:26:07:f3:3d:9f:41:57:4b:b4:ec:1f:2d:88:8d:f5:6f:
66:cf:26:67:31:b7:21:b7:16:42:01:f4:0a:53:72:d0:e5:0b:
b7:77:5c:6c:03:33:31:6f:3a:71:bf:72:79:38:6b:a4:db:b1:
8e:a9:96:85:b8:65:e5:71:73:f3:2a:78:b9:12:95:77:6c:f1:
a4:be:cf:30:63:30:5f:43:5c:b1:38:e4:7d:df:dc:b6:7e:a6:
97:b5:54:b5:0a:71:30:b3:f4:6f:87:d6:e9:f8:61:03:91:79:
ae:bd:45:1d:94:18:b4:a6:82:d1:15:2c:ad:fd:0a:02:dd:0f:
9e:90:10:96:18:c5:bd:06:5a:66:8a:a2:1c:1a:ba:6c:79:10:
69:12:f5:e2:cd:0b:ba:3e:54:17:47:4f:b9:ad:d7:87:07:22:
3b:dd:63:69:9c:fa:a1:74:9b:e9:74:19:44:d3:61:ff:52:fc:
9a:b9:01:9d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZI0v/eOTe4AdrUrcOHyGnZPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTE1OGUzZTQxZjYwZmZiZjdlY2FmZjcyMzA3ZDNkYzk1
Mjc3ZjUwHhcNMjQwOTI3MTgzMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTM4Zjk5Nzk2MzViZDZhODg0M2NkMjQ1M2ZhYmZhNjgxNWJhMmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk7MD1DA+FPe4FVZ7Cb8zDP+0bEj
XS8Ulf2n8Fd74zh0E1sKOi3HMw7InOKyJ1PsD4E4RPFqF9n1k8wrbb7XmxwCBsPr
ECSXCgG4hU3E8aZ5Y6V5XWWbJB1dwS18GhMzGzalytsBUwvT5jtSLvO1ZifjZhVT
aYS5PR2RyauSoHOkE8Oeozr1IAnmvBJzSCyFlxIks5odjLZK1qJNCX2/f/Esb5+w
P8OGF+i2NRFlQCWLUJnWUrg8omq1eJtl3Emzrss9UV5oYcYxWpmv5RVmU1eklvhO
wtEwSUZUpN2zXZbG71xsQvcebMB7BHopS+F5x9wPqQMNDk4yLJ57GQ4wpQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKE4+ZeWNb1qiEPNJFP6v6aBW6LsMB8GA1UdIwQY
MBaAFN2RWOPkH2D/v37K/3IwfT3JUnf1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pGWTQtUWZZUC1fZnNyX2NqQjlQY2xTZF9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC82NjkwYzEtMGE2NC00MjJkLWJiMGUt
NDNkN2ViNzI1NTFkLzEvb1RqNWw1WTF2V3FJUTgwa1VfcV9wb0Zib3V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC82NjkwYzEtMGE2NC00MjJkLWJiMGUtNDNkN2ViNzI1NTFk
LzEvM1pGWTQtUWZZUC1fZnNyX2NqQjlQY2xTZF9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCLYEYAwQD
XV8gAwQE2cTQAwQE2cUgMA0EAgACMAcDBQAqAgHwMA0GCSqGSIb3DQEBCwUAA4IB
AQCBcVyRkd4xaWIv2aRbQVQBONDwnEaU3J+CVlYh4t/v+T/eP5e06RC4+PgLRIf+
BocxEszTpnUGbAh3HAdQcZHjl46Qk+/s5UuY6iYH8z2fQVdLtOwfLYiN9W9mzyZn
MbchtxZCAfQKU3LQ5Qu3d1xsAzMxbzpxv3J5OGuk27GOqZaFuGXlcXPzKni5EpV3
bPGkvs8wYzBfQ1yxOOR939y2fqaXtVS1CnEws/Rvh9bp+GEDkXmuvUUdlBi0poLR
FSyt/QoC3Q+ekBCWGMW9BlpmiqIcGrpseRBpEvXizQu6PlQXR0+5rdeHByI73WNp
nPqhdJvpdBlE02H/UvyauQGd
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:51:22 2024 by rpki-client on console-fra.rpki-client.org