Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/oSxZkX1UU_wxJC0jhxe_ZGv0-C8.roa
File: oSxZkX1UU_wxJC0jhxe_ZGv0-C8.roa (raw, json)
Hash identifier: oAs81hsdg6xkcwZ4gkbjlJDPL3TLU2gAgCEWV4n0Srg=
Subject key identifier: A1:2C:59:91:7D:54:53:FC:31:24:2D:23:87:17:BF:64:6B:F4:F8:2F
Certificate issuer: /CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Certificate serial: 018CC6B7C3FF45B470B631703183B34C0505
Authority key identifier: 88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/oSxZkX1UU_wxJC0jhxe_ZGv0-C8.roa
Signing time: Mon 01 Jan 2024 20:29:41 +0000
ROA not before: Mon 01 Jan 2024 20:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60855
IP address blocks: 143.196.146.0/24 maxlen: 24
143.196.146.0/23 maxlen: 23
143.196.147.0/24 maxlen: 24
143.196.148.0/24 maxlen: 24
143.196.215.0/24 maxlen: 24
143.196.224.0/24 maxlen: 24
143.196.231.0/24 maxlen: 24
143.196.14.0/24 maxlen: 24
143.196.22.0/23 maxlen: 23
143.196.22.0/24 maxlen: 24
143.196.23.0/24 maxlen: 24
143.196.251.0/24 maxlen: 24
143.196.255.0/24 maxlen: 24
143.196.172.0/24 maxlen: 24
143.196.175.0/24 maxlen: 24
143.196.176.0/24 maxlen: 24
143.196.187.0/24 maxlen: 24
143.196.192.0/24 maxlen: 24
143.196.199.0/24 maxlen: 24
143.196.200.0/24 maxlen: 24
143.196.208.0/24 maxlen: 24
143.196.207.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:c3:ff:45:b4:70:b6:31:70:31:83:b3:4c:05:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Validity
Not Before: Jan 1 20:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a12c59917d5453fc31242d238717bf646bf4f82f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:b8:97:c3:83:c6:92:e2:31:a9:73:b4:1d:6b:
ac:44:6e:0e:9e:cb:96:78:81:0c:90:a8:2d:05:9c:
6e:e2:a6:fb:f9:20:05:43:21:4f:97:94:17:c9:e3:
b6:db:69:09:dc:10:63:b1:fe:8f:86:43:aa:e5:9b:
6b:cd:ae:a2:89:e9:e1:c7:a5:74:c3:c1:24:75:ff:
a4:8e:58:40:9c:91:f8:40:b7:41:e3:9c:e8:41:e3:
e2:88:78:e8:3d:83:ba:9e:f5:7d:23:cf:4c:59:9b:
e1:74:f3:c4:e9:ae:5e:2a:fd:6e:e9:00:4e:d3:69:
b9:5b:2e:7b:65:9c:90:ad:8e:56:8f:90:f2:fc:15:
69:81:62:98:31:ee:08:41:ef:c0:40:ce:c3:02:28:
30:a4:e9:a3:9a:a6:e9:02:89:c0:d0:ef:af:13:fd:
3d:71:ad:1a:54:15:ae:82:13:d6:88:f7:43:8c:82:
65:65:9d:22:8e:17:be:af:46:fd:26:98:53:ed:c9:
7f:a7:c6:42:09:31:61:50:1f:07:71:e2:ab:90:a9:
16:ac:d2:24:9d:8b:59:a7:91:6d:fb:c5:ba:9e:49:
13:fe:bb:55:68:45:07:d6:56:70:c7:8c:00:3c:12:
32:16:2e:8f:3e:21:b6:ee:88:7e:c9:f8:71:18:e9:
31:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:2C:59:91:7D:54:53:FC:31:24:2D:23:87:17:BF:64:6B:F4:F8:2F
X509v3 Authority Key Identifier:
keyid:88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/oSxZkX1UU_wxJC0jhxe_ZGv0-C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.196.14.0/24
143.196.22.0/23
143.196.146.0-143.196.148.255
143.196.172.0/24
143.196.175.0-143.196.176.255
143.196.187.0/24
143.196.192.0/24
143.196.199.0-143.196.200.255
143.196.207.0-143.196.208.255
143.196.215.0/24
143.196.224.0/24
143.196.231.0/24
143.196.251.0/24
143.196.255.0/24
Signature Algorithm: sha256WithRSAEncryption
48:62:a0:68:ce:a2:76:1f:1b:d8:fe:3e:d2:ca:5f:4a:46:b7:
3b:e7:59:7f:d3:a8:96:73:49:6d:57:a7:40:b9:10:72:2f:45:
1c:8f:44:88:1b:cf:20:6a:a7:d6:ed:28:e9:59:a0:c3:63:4e:
71:bc:1e:6b:c8:7e:1c:06:05:c8:48:8d:b4:b4:ba:13:9e:29:
f7:c5:0d:8e:de:d2:bf:1e:12:fd:67:d2:38:34:be:11:b8:28:
f0:dc:25:26:4d:63:40:a2:37:60:18:ba:94:6a:3e:01:f1:d4:
e9:6e:ee:e2:1b:63:64:42:33:29:d1:81:3c:8f:2c:d4:48:08:
ba:aa:96:1b:d3:1a:a0:9f:b1:05:eb:ea:d2:70:60:66:3a:ef:
97:68:fb:bb:5f:3c:68:90:20:0c:51:64:33:1f:2f:76:9a:6d:
6c:c9:08:4f:ec:8b:36:85:7a:03:ef:9f:ab:22:7a:25:9e:e3:
1f:31:eb:88:74:5e:7a:09:c4:38:0b:71:fd:c5:2b:81:65:0f:
6c:e6:68:04:ad:6d:d1:7f:a2:93:c0:27:e8:ff:45:c2:3e:11:
c2:53:4b:6d:ee:27:ea:0e:17:a4:42:a6:29:a8:a3:aa:45:7e:
37:f1:46:16:f5:c0:0a:aa:6a:7e:44:24:a2:5f:ea:ad:c8:6e:
50:0f:9c:05
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAYzGt8P/RbRwtjFwMYOzTAUFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MWJkMTQwMjkyNGVjMmE2NDRlOGY1NGU2OTk0Y2I0YWM4
ZTI0YTYwHhcNMjQwMTAxMjAyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTJjNTk5MTdkNTQ1M2ZjMzEyNDJkMjM4NzE3YmY2NDZiZjRmODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbiXw4PGkuIxqXO0HWusRG4OnsuW
eIEMkKgtBZxu4qb7+SAFQyFPl5QXyeO222kJ3BBjsf6PhkOq5Ztrza6iienhx6V0
w8Ekdf+kjlhAnJH4QLdB45zoQePiiHjoPYO6nvV9I89MWZvhdPPE6a5eKv1u6QBO
02m5Wy57ZZyQrY5Wj5Dy/BVpgWKYMe4IQe/AQM7DAigwpOmjmqbpAonA0O+vE/09
ca0aVBWughPWiPdDjIJlZZ0ijhe+r0b9JphT7cl/p8ZCCTFhUB8HceKrkKkWrNIk
nYtZp5Ft+8W6nkkT/rtVaEUH1lZwx4wAPBIyFi6PPiG27oh+yfhxGOkx8wIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFKEsWZF9VFP8MSQtI4cXv2Rr9PgvMB8GA1UdIwQY
MBaAFIgb0UApJOwqZE6PVOaZTLSsjiSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMt
N2EwYjE0NWNmNjJiLzEvb1N4WmtYMVVVX3d4SkMwamh4ZV9aR3YwLUM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMtN2EwYjE0NWNmNjJi
LzEvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAI/EDgME
AY/EFjAMAwQBj8SSAwQAj8SUAwQAj8SsMAwDBACPxK8DBACPxLADBACPxLsDBACP
xMAwDAMEAI/ExwMEAI/EyDAMAwQAj8TPAwQAj8TQAwQAj8TXAwQAj8TgAwQAj8Tn
AwQAj8T7AwQAj8T/MA0GCSqGSIb3DQEBCwUAA4IBAQBIYqBozqJ2HxvY/j7Syl9K
Rrc751l/06iWc0ltV6dAuRByL0Ucj0SIG88gaqfW7SjpWaDDY05xvB5ryH4cBgXI
SI20tLoTnin3xQ2O3tK/HhL9Z9I4NL4RuCjw3CUmTWNAojdgGLqUaj4B8dTpbu7i
G2NkQjMp0YE8jyzUSAi6qpYb0xqgn7EF6+rScGBmOu+XaPu7XzxokCAMUWQzHy92
mm1syQhP7Is2hXoD75+rInolnuMfMeuIdF56CcQ4C3H9xSuBZQ9s5mgErW3Rf6KT
wCfo/0XCPhHCU0tt7ifqDhekQqYpqKOqRX438UYW9cAKqmp+RCSiX+qtyG5QD5wF
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:54:10 2024 by rpki-client on console-fra.rpki-client.org