Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/oWhGZOHJLypUESfk-BSHunFO_S4.roa
File: oWhGZOHJLypUESfk-BSHunFO_S4.roa (raw, json)
Hash identifier: r43GQe4PMoH+7Bvv/TBkhskiMsSw+dH7jwi3y2/U67o=
Subject key identifier: A1:68:46:64:E1:C9:2F:2A:54:11:27:E4:F8:14:87:BA:71:4E:FD:2E
Certificate issuer: /CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Certificate serial: 018FF1D718A3AFEA011DF3F68972F9BF049B
Authority key identifier: 3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/oWhGZOHJLypUESfk-BSHunFO_S4.roa
Signing time: Fri 07 Jun 2024 08:35:56 +0000
ROA not before: Fri 07 Jun 2024 08:35:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208913
IP address blocks: 46.247.144.0/20 maxlen: 24
89.40.41.0/24 maxlen: 24
89.200.240.0/23 maxlen: 24
91.229.228.0/24 maxlen: 24
91.238.148.0/23 maxlen: 24
93.180.208.0/22 maxlen: 24
193.37.136.0/24 maxlen: 24
193.93.40.0/22 maxlen: 24
193.105.176.0/24 maxlen: 24
193.169.8.0/23 maxlen: 24
193.192.52.0/23 maxlen: 24
193.239.172.0/23 maxlen: 24
193.239.246.0/23 maxlen: 24
194.8.81.0/24 maxlen: 24
194.24.234.0/23 maxlen: 24
194.42.100.0/23 maxlen: 24
194.88.134.0/23 maxlen: 24
194.106.212.0/23 maxlen: 24
194.246.106.0/23 maxlen: 24
195.2.196.0/23 maxlen: 24
195.13.48.0/23 maxlen: 24
195.34.80.0/23 maxlen: 24
195.93.140.0/23 maxlen: 24
195.128.188.0/23 maxlen: 24
195.135.192.0/23 maxlen: 24
195.189.176.0/24 maxlen: 24
195.189.186.0/23 maxlen: 24
195.189.250.0/23 maxlen: 24
195.210.44.0/23 maxlen: 24
195.254.140.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f1:d7:18:a3:af:ea:01:1d:f3:f6:89:72:f9:bf:04:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e1f32d0cfa7a86d30e7e11a73ebbd0b24dbf41f
Validity
Not Before: Jun 7 08:35:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1684664e1c92f2a541127e4f81487ba714efd2e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:22:ca:b6:6a:bd:38:ab:7b:c4:e8:c2:64:41:
d5:3d:4e:61:21:98:63:2c:40:a4:cd:3b:50:bb:42:
d7:d7:54:e3:d3:bd:fe:c4:7d:d9:ed:74:e9:99:c2:
1b:67:63:0f:b6:93:ca:d1:87:02:e7:e4:6e:40:6d:
8b:cd:8e:7e:d0:e8:42:a4:92:2b:36:0e:e8:ef:f3:
ad:77:d9:3a:ff:ea:4d:1f:d8:49:3e:b5:e8:06:8c:
84:35:63:f3:72:85:68:10:9a:02:bb:2d:16:f7:ec:
73:3b:b3:81:76:f8:58:a2:5e:08:b7:38:41:7e:c9:
55:a8:6d:b4:85:51:7b:96:86:ca:33:7e:06:67:7c:
6a:b9:6d:bd:0c:07:07:b1:57:0a:e0:ad:ce:50:22:
5e:74:96:76:43:72:e5:95:d0:81:19:b6:79:38:b4:
d8:1f:79:09:73:da:e1:b2:e4:57:b0:7a:4b:21:0f:
cf:1a:90:23:03:b9:e4:96:7e:7f:ef:5f:fc:8b:fd:
15:85:61:ae:14:22:1d:20:54:35:fc:56:e8:b6:d0:
bf:c8:5c:b4:af:3e:77:3a:72:c5:8e:4e:a9:e8:cb:
27:0f:c7:0b:79:fc:51:bb:75:b8:f1:2f:c3:c8:31:
93:7d:0d:d9:15:73:48:bc:b7:69:37:44:4d:c7:bf:
04:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:68:46:64:E1:C9:2F:2A:54:11:27:E4:F8:14:87:BA:71:4E:FD:2E
X509v3 Authority Key Identifier:
keyid:3E:1F:32:D0:CF:A7:A8:6D:30:E7:E1:1A:73:EB:BD:0B:24:DB:F4:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/oWhGZOHJLypUESfk-BSHunFO_S4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/5f048b-2df3-4140-9f4e-6068c04d1be0/1/Ph8y0M-nqG0w5-Eac-u9CyTb9B8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.247.144.0/20
89.40.41.0/24
89.200.240.0/23
91.229.228.0/24
91.238.148.0/23
93.180.208.0/22
193.37.136.0/24
193.93.40.0/22
193.105.176.0/24
193.169.8.0/23
193.192.52.0/23
193.239.172.0/23
193.239.246.0/23
194.8.81.0/24
194.24.234.0/23
194.42.100.0/23
194.88.134.0/23
194.106.212.0/23
194.246.106.0/23
195.2.196.0/23
195.13.48.0/23
195.34.80.0/23
195.93.140.0/23
195.128.188.0/23
195.135.192.0/23
195.189.176.0/24
195.189.186.0/23
195.189.250.0/23
195.210.44.0/23
195.254.140.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:af:7e:a2:7a:09:91:1f:e5:5e:13:9e:e6:46:8a:b9:88:c5:
04:d7:46:4a:b2:88:22:7d:ed:c6:59:96:c5:8e:f7:a5:ae:7a:
d3:13:96:c3:de:19:73:99:e3:37:d8:ce:16:75:ba:08:fb:2b:
23:a9:8a:35:36:c7:60:6f:2f:23:57:d8:1a:6e:17:86:9b:cb:
81:c6:f4:d4:f1:5f:7e:56:57:c6:65:4d:e7:cb:64:6f:f6:ba:
d3:71:58:33:20:bc:dc:a3:21:d8:0c:18:28:91:74:58:a8:bc:
5a:93:83:4c:72:8a:30:56:4a:eb:4c:6e:c4:23:31:90:d9:e7:
9c:74:f2:17:cc:91:4f:70:0b:af:58:c4:cd:ae:f4:ee:80:94:
c6:46:be:67:14:17:8e:c3:aa:bd:a3:15:e6:01:9f:98:a4:74:
c8:1f:d6:2c:01:0a:cc:d6:f2:38:f8:78:c4:14:a6:74:10:79:
61:2c:06:83:91:06:19:a2:10:20:9b:aa:af:0b:95:fa:97:3c:
ed:ca:e7:f4:3c:b4:87:80:ca:17:cc:8d:c6:bc:6b:35:99:0e:
f8:93:6c:80:81:41:b7:ea:12:00:f9:d0:09:68:ce:23:a1:48:
e4:23:1f:7c:f0:43:c1:2c:3d:a5:ba:67:a8:43:49:c2:c1:b8:
67:fd:00:cc
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAY/x1xijr+oBHfP2iXL5vwSbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlMWYzMmQwY2ZhN2E4NmQzMGU3ZTExYTczZWJiZDBiMjRk
YmY0MWYwHhcNMjQwNjA3MDgzNTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTY4NDY2NGUxYzkyZjJhNTQxMTI3ZTRmODE0ODdiYTcxNGVmZDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuSLKtmq9OKt7xOjCZEHVPU5hIZhj
LECkzTtQu0LX11Tj073+xH3Z7XTpmcIbZ2MPtpPK0YcC5+RuQG2LzY5+0OhCpJIr
Ng7o7/Otd9k6/+pNH9hJPrXoBoyENWPzcoVoEJoCuy0W9+xzO7OBdvhYol4ItzhB
fslVqG20hVF7lobKM34GZ3xquW29DAcHsVcK4K3OUCJedJZ2Q3LlldCBGbZ5OLTY
H3kJc9rhsuRXsHpLIQ/PGpAjA7nkln5/71/8i/0VhWGuFCIdIFQ1/FbottC/yFy0
rz53OnLFjk6p6MsnD8cLefxRu3W48S/DyDGTfQ3ZFXNIvLdpN0RNx78EqQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFKFoRmThyS8qVBEn5PgUh7pxTv0uMB8GA1UdIwQY
MBaAFD4fMtDPp6htMOfhGnPrvQsk2/QfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUt
NjA2OGMwNGQxYmUwLzEvb1doR1pPSEpMeXBVRVNmay1CU0h1bkZPX1M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS81ZjA0OGItMmRmMy00MTQwLTlmNGUtNjA2OGMwNGQxYmUw
LzEvUGg4eTBNLW5xRzB3NS1FYWMtdTlDeVRiOUI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBuwQCAAEwgbQDBAQu
95ADBABZKCkDBAFZyPADBABb5eQDBAFb7pQDBAJdtNADBADBJYgDBALBXSgDBADB
abADBAHBqQgDBAHBwDQDBAHB76wDBAHB7/YDBADCCFEDBAHCGOoDBAHCKmQDBAHC
WIYDBAHCatQDBAHC9moDBAHDAsQDBAHDDTADBAHDIlADBAHDXYwDBAHDgLwDBAHD
h8ADBADDvbADBAHDvboDBAHDvfoDBAHD0iwDBAHD/owwDQYJKoZIhvcNAQELBQAD
ggEBAByvfqJ6CZEf5V4TnuZGirmIxQTXRkqyiCJ97cZZlsWO96WuetMTlsPeGXOZ
4zfYzhZ1ugj7KyOpijU2x2BvLyNX2BpuF4aby4HG9NTxX35WV8ZlTefLZG/2utNx
WDMgvNyjIdgMGCiRdFiovFqTg0xyijBWSutMbsQjMZDZ55x08hfMkU9wC69YxM2u
9O6AlMZGvmcUF47Dqr2jFeYBn5ikdMgf1iwBCszW8jj4eMQUpnQQeWEsBoORBhmi
ECCbqq8LlfqXPO3K5/Q8tIeAyhfMjca8azWZDviTbICBQbfqEgD50AloziOhSOQj
H3zwQ8EsPaW6Z6hDScLBuGf9AMw=
-----END CERTIFICATE-----
Generated at Thu Jun 13 05:58:04 2024 by rpki-client on console-fra.rpki-client.org