Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/ooP2O7l31QcvvXQ1EZx2rBY2Xq0.roa
File: ooP2O7l31QcvvXQ1EZx2rBY2Xq0.roa (raw, json)
Hash identifier: xzTk8sfshR/jSKHNjT1GDf2Y6ubQX/t+O20drLotzsQ=
Subject key identifier: A2:83:F6:3B:B9:77:D5:07:2F:BD:74:35:11:9C:76:AC:16:36:5E:AD
Certificate issuer: /CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Certificate serial: 018CCEC9DED0E1C6A07268DFBB7106D52B48
Authority key identifier: 7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/ooP2O7l31QcvvXQ1EZx2rBY2Xq0.roa
Signing time: Wed 03 Jan 2024 10:06:25 +0000
ROA not before: Wed 03 Jan 2024 10:06:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8896
IP address blocks: 185.126.184.0/22 maxlen: 22
212.33.128.0/19 maxlen: 19
185.15.216.0/24 maxlen: 24
185.15.216.0/22 maxlen: 22
89.221.96.0/20 maxlen: 20
45.138.239.0/24 maxlen: 24
45.138.238.0/24 maxlen: 24
45.138.236.0/22 maxlen: 22
185.92.52.0/22 maxlen: 22
77.241.96.0/20 maxlen: 20
2a00:1e18::/29 maxlen: 29
2a00:1e18::/32 maxlen: 32
2a00:1e19::/32 maxlen: 32
2a00:1e1c:3000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.mft
rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:c9:de:d0:e1:c6:a0:72:68:df:bb:71:06:d5:2b:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Validity
Not Before: Jan 3 10:06:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a283f63bb977d5072fbd7435119c76ac16365ead
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:0a:b9:90:72:89:44:74:33:7b:34:6f:73:7d:
5c:21:da:ea:31:b7:61:b7:17:8b:56:b9:fd:9d:2e:
2b:fc:52:28:3d:91:90:bb:87:37:55:07:6e:f8:98:
b0:22:84:19:5a:88:cb:20:fa:60:2e:85:8f:65:13:
8a:11:62:b1:7d:80:23:50:e9:3f:ba:53:03:24:c6:
2e:34:6b:31:d4:c4:74:2a:4f:7c:7c:9a:60:16:c4:
57:61:99:67:f2:c6:3f:76:fe:9f:e4:c1:db:9a:d8:
f5:b8:9c:ac:8a:f2:91:11:2d:e9:38:a5:33:fc:84:
01:ee:30:f0:03:0d:d6:72:f8:5a:0f:c1:0a:02:7d:
e0:4b:fa:56:6c:f6:8d:f6:5d:d5:77:e4:58:cb:c6:
c3:b1:cd:38:0a:ef:78:49:ee:c7:cf:f2:38:34:3a:
90:ae:9d:3f:5d:72:f0:c3:34:97:ff:c0:47:b8:82:
99:3a:c6:c2:74:5e:a5:21:d1:f1:4d:ee:6f:81:ee:
46:08:02:1d:75:df:c8:9c:ee:9d:77:f6:0b:9c:46:
44:26:bd:3c:2d:ff:52:27:aa:23:63:42:24:1e:40:
09:8f:99:85:32:b1:71:1f:76:d9:56:b3:bd:87:78:
be:aa:6e:b4:62:1f:1b:8f:52:26:17:5a:31:f0:f4:
82:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:83:F6:3B:B9:77:D5:07:2F:BD:74:35:11:9C:76:AC:16:36:5E:AD
X509v3 Authority Key Identifier:
keyid:7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/ooP2O7l31QcvvXQ1EZx2rBY2Xq0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.138.236.0/22
77.241.96.0/20
89.221.96.0/20
185.15.216.0/22
185.92.52.0/22
185.126.184.0/22
212.33.128.0/19
IPv6:
2a00:1e18::/29
Signature Algorithm: sha256WithRSAEncryption
55:a6:cd:3c:32:82:98:ad:5a:7d:54:4b:18:34:8e:7c:26:e5:
bf:d3:ed:ba:ac:2e:98:2f:72:de:8a:d1:43:97:fe:25:43:f6:
8f:96:7e:ce:b8:f9:e4:7a:44:2d:88:92:96:ba:00:b5:f4:4c:
24:fe:6a:54:f0:4d:4b:12:73:05:cd:8f:8f:c7:51:26:55:2f:
e8:8f:b8:d3:47:e4:d2:39:14:a3:7e:d8:4e:b3:c7:e2:e8:dd:
96:db:88:86:6e:19:3e:57:bd:f7:0e:df:01:4b:52:c2:bf:1f:
cc:2b:58:d7:b5:46:cc:8d:c3:f7:1c:25:ab:a8:a3:0d:c2:51:
f6:6a:bf:6a:c8:0a:e9:df:41:59:32:70:05:f2:62:28:e3:c9:
28:b8:21:02:e4:37:bf:90:da:53:10:3f:29:1b:36:c5:8f:a7:
02:05:d1:2b:fe:b6:14:f6:17:53:cf:aa:b3:7a:17:ed:0c:0a:
3a:b3:98:cd:25:cc:fa:ae:32:3f:53:1e:38:76:e1:32:f1:b0:
31:f9:e5:14:45:a2:2d:ef:d4:96:86:ec:9a:a1:23:1a:10:4d:
01:aa:67:6f:e7:80:62:3a:56:06:60:6a:bf:de:50:d4:2e:98:
92:7a:c0:b4:5d:fb:3d:a3:17:08:66:11:f7:77:61:15:9a:4d:
05:77:b6:fa
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzOyd7Q4cagcmjfu3EG1StIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzRhY2VkY2I4NmNkZGZlZDdmNmRlOGNhZGZjYTAwNDY5
YmJjOGUwHhcNMjQwMTAzMTAwNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjgzZjYzYmI5NzdkNTA3MmZiZDc0MzUxMTljNzZhYzE2MzY1ZWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswq5kHKJRHQzezRvc31cIdrqMbdh
txeLVrn9nS4r/FIoPZGQu4c3VQdu+JiwIoQZWojLIPpgLoWPZROKEWKxfYAjUOk/
ulMDJMYuNGsx1MR0Kk98fJpgFsRXYZln8sY/dv6f5MHbmtj1uJysivKRES3pOKUz
/IQB7jDwAw3WcvhaD8EKAn3gS/pWbPaN9l3Vd+RYy8bDsc04Cu94Se7Hz/I4NDqQ
rp0/XXLwwzSX/8BHuIKZOsbCdF6lIdHxTe5vge5GCAIddd/InO6dd/YLnEZEJr08
Lf9SJ6ojY0IkHkAJj5mFMrFxH3bZVrO9h3i+qm60Yh8bj1ImF1ox8PSCXQIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKKD9ju5d9UHL710NRGcdqwWNl6tMB8GA1UdIwQY
MBaAFH3ErO3Lhs3f7X9t6MrfygBGm7yOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1Nzkt
Mzk0ODAyODVhOTQ4LzEvb29QMk83bDMxUWN2dlhRMUVaeDJyQlkyWHEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1NzktMzk0ODAyODVhOTQ4
LzEvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQCLYrsAwQE
TfFgAwQEWd1gAwQCuQ/YAwQCuVw0AwQCuX64AwQF1CGAMA0EAgACMAcDBQMqAB4Y
MA0GCSqGSIb3DQEBCwUAA4IBAQBVps08MoKYrVp9VEsYNI58JuW/0+26rC6YL3Le
itFDl/4lQ/aPln7OuPnkekQtiJKWugC19Ewk/mpU8E1LEnMFzY+Px1EmVS/oj7jT
R+TSORSjfthOs8fi6N2W24iGbhk+V733Dt8BS1LCvx/MK1jXtUbMjcP3HCWrqKMN
wlH2ar9qyArp30FZMnAF8mIo48kouCEC5De/kNpTED8pGzbFj6cCBdEr/rYU9hdT
z6qzehftDAo6s5jNJcz6rjI/Ux44duEy8bAx+eUURaIt79SWhuyaoSMaEE0Bqmdv
54BiOlYGYGq/3lDULpiSesC0Xfs9oxcIZhH3d2EVmk0Fd7b6
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:39:37 2024 by rpki-client on console-ams.rpki-client.org