Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/f89bf0-3d6f-4b4d-bf42-c78bd228a91d/1/O0E6RR3f6pz6EiWVa7MtUL2X8lA.roa
File: O0E6RR3f6pz6EiWVa7MtUL2X8lA.roa (raw, json)
Hash identifier: PFVDGSuZeO4ixIFmHC8Gz67dV331gA+s565MxUvC1y0=
Subject key identifier: 3B:41:3A:45:1D:DF:EA:9C:FA:12:25:95:6B:B3:2D:50:BD:97:F2:50
Certificate issuer: /CN=6fe3491042ef31dcc6e0ad8e55cbe149dd0c3182
Certificate serial: 018CC801C3BC1464267E3DB16994499B1338
Authority key identifier: 6F:E3:49:10:42:EF:31:DC:C6:E0:AD:8E:55:CB:E1:49:DD:0C:31:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b-NJEELvMdzG4K2OVcvhSd0MMYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/f89bf0-3d6f-4b4d-bf42-c78bd228a91d/1/O0E6RR3f6pz6EiWVa7MtUL2X8lA.roa
Signing time: Tue 02 Jan 2024 02:30:07 +0000
ROA not before: Tue 02 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47748
IP address blocks: 178.211.146.0/24 maxlen: 24
87.121.120.0/24 maxlen: 24
94.156.9.0/24 maxlen: 24
94.156.13.0/24 maxlen: 24
31.13.215.0/24 maxlen: 24
94.156.46.0/24 maxlen: 24
94.156.47.0/24 maxlen: 24
93.123.21.0/24 maxlen: 24
37.60.137.0/24 maxlen: 24
87.120.90.0/24 maxlen: 24
31.13.228.0/24 maxlen: 24
31.13.229.0/24 maxlen: 24
93.123.103.0/24 maxlen: 24
87.120.9.0/24 maxlen: 24
87.121.4.0/24 maxlen: 24
87.121.5.0/24 maxlen: 24
2a05:140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/f89bf0-3d6f-4b4d-bf42-c78bd228a91d/1/b-NJEELvMdzG4K2OVcvhSd0MMYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/f89bf0-3d6f-4b4d-bf42-c78bd228a91d/1/b-NJEELvMdzG4K2OVcvhSd0MMYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/b-NJEELvMdzG4K2OVcvhSd0MMYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 10:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:c3:bc:14:64:26:7e:3d:b1:69:94:49:9b:13:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fe3491042ef31dcc6e0ad8e55cbe149dd0c3182
Validity
Not Before: Jan 2 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b413a451ddfea9cfa1225956bb32d50bd97f250
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:47:c6:47:cb:21:c7:ce:d6:93:b3:3e:97:58:
e7:3b:ce:01:ab:62:92:ed:99:80:32:2e:cd:41:94:
9f:6d:e4:c6:bf:1d:5c:8a:23:bb:49:b1:02:ac:84:
3d:38:12:9d:d1:3b:ae:2e:cc:f4:72:37:e1:58:ee:
21:28:a1:49:be:a7:4e:eb:f1:78:77:9e:56:12:66:
87:b1:8e:3c:f3:0e:9b:24:0c:2f:0d:0a:eb:29:43:
55:80:b4:90:57:4e:fa:02:be:8e:51:02:dc:28:df:
3c:34:5e:f5:fa:58:8f:ad:02:bb:b5:14:b8:bb:f1:
50:f3:85:69:d5:69:2f:64:29:1e:98:55:c3:73:c4:
35:9d:5b:5c:74:78:85:d1:25:a0:75:a2:6b:0d:99:
78:63:08:a0:e7:5e:5f:ca:96:eb:45:79:80:19:60:
1a:5a:94:53:c8:2b:c9:b2:c3:1a:cf:50:e4:91:58:
33:0c:43:92:c1:e9:30:b4:3f:95:15:39:6e:32:98:
75:a4:9f:23:3f:e8:fe:f0:53:2d:7f:0a:af:80:91:
64:ec:cf:35:6f:45:7e:1f:6b:a0:fc:63:d0:53:a1:
35:8e:b0:d2:33:b0:a4:74:19:6d:cb:f1:ee:36:56:
40:a5:f0:64:d0:53:a1:7b:5b:65:62:0a:3e:65:1e:
5a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:41:3A:45:1D:DF:EA:9C:FA:12:25:95:6B:B3:2D:50:BD:97:F2:50
X509v3 Authority Key Identifier:
keyid:6F:E3:49:10:42:EF:31:DC:C6:E0:AD:8E:55:CB:E1:49:DD:0C:31:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b-NJEELvMdzG4K2OVcvhSd0MMYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/f89bf0-3d6f-4b4d-bf42-c78bd228a91d/1/O0E6RR3f6pz6EiWVa7MtUL2X8lA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/f89bf0-3d6f-4b4d-bf42-c78bd228a91d/1/b-NJEELvMdzG4K2OVcvhSd0MMYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.215.0/24
31.13.228.0/23
37.60.137.0/24
87.120.9.0/24
87.120.90.0/24
87.121.4.0/23
87.121.120.0/24
93.123.21.0/24
93.123.103.0/24
94.156.9.0/24
94.156.13.0/24
94.156.46.0/23
178.211.146.0/24
IPv6:
2a05:140::/29
Signature Algorithm: sha256WithRSAEncryption
16:5f:75:fa:51:bf:ba:4b:cf:ba:0b:f2:1a:53:55:8b:ae:fe:
d3:40:4d:0b:db:6c:dd:f0:5d:80:aa:2f:68:d7:10:db:ee:45:
f6:90:a8:d1:3f:fd:07:4d:9a:2f:46:ab:74:de:89:a3:c1:ba:
95:b1:32:82:45:75:b3:9e:5b:34:25:32:d6:94:ad:e3:1e:db:
06:b0:3b:c3:f4:50:5f:05:58:85:20:ff:95:20:76:70:f0:72:
6f:89:8d:f0:b9:c5:91:11:5e:25:32:38:51:d1:e3:48:f6:02:
8a:cc:f0:9b:10:60:dc:88:06:c2:44:17:d7:39:03:1a:51:9f:
ab:33:49:a9:27:23:d3:01:fe:bc:4e:7b:73:8d:cc:15:b7:81:
89:74:20:27:5b:94:42:d6:c4:b1:86:08:3a:8a:85:31:4f:ae:
52:ed:47:e8:5c:8f:c1:23:11:3b:a0:1e:78:26:58:30:8a:90:
57:86:bf:5d:f7:5c:b3:92:2a:25:4e:91:4d:b9:2c:27:d0:c8:
a5:31:3d:e5:a9:1b:dc:5c:46:4e:8b:f1:32:d8:2d:32:50:d1:
82:a7:77:81:e0:f8:11:4e:e0:34:18:96:eb:a4:26:14:bf:b2:
fa:63:82:ee:51:e1:28:9e:6c:4d:68:3b:c2:a4:82:c3:c4:db:
f1:3e:68:ad
-----BEGIN CERTIFICATE-----
MIIFVDCCBDygAwIBAgISAYzIAcO8FGQmfj2xaZRJmxM4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZTM0OTEwNDJlZjMxZGNjNmUwYWQ4ZTU1Y2JlMTQ5ZGQw
YzMxODIwHhcNMjQwMTAyMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQxM2E0NTFkZGZlYTljZmExMjI1OTU2YmIzMmQ1MGJkOTdmMjUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0fGR8shx87Wk7M+l1jnO84Bq2KS
7ZmAMi7NQZSfbeTGvx1ciiO7SbECrIQ9OBKd0TuuLsz0cjfhWO4hKKFJvqdO6/F4
d55WEmaHsY488w6bJAwvDQrrKUNVgLSQV076Ar6OUQLcKN88NF71+liPrQK7tRS4
u/FQ84Vp1WkvZCkemFXDc8Q1nVtcdHiF0SWgdaJrDZl4Ywig515fypbrRXmAGWAa
WpRTyCvJssMaz1DkkVgzDEOSwekwtD+VFTluMph1pJ8jP+j+8FMtfwqvgJFk7M81
b0V+H2ug/GPQU6E1jrDSM7CkdBlty/HuNlZApfBk0FOhe1tlYgo+ZR5ajQIDAQAB
o4ICYDCCAlwwHQYDVR0OBBYEFDtBOkUd3+qc+hIllWuzLVC9l/JQMB8GA1UdIwQY
MBaAFG/jSRBC7zHcxuCtjlXL4UndDDGCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYi1OSkVFTHZNZHpHNEsyT1ZjdmhTZDBNTVlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9mODliZjAtM2Q2Zi00YjRkLWJmNDIt
Yzc4YmQyMjhhOTFkLzEvTzBFNlJSM2Y2cHo2RWlXVmE3TXRVTDJYOGxBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9mODliZjAtM2Q2Zi00YjRkLWJmNDItYzc4YmQyMjhhOTFk
LzEvYi1OSkVFTHZNZHpHNEsyT1ZjdmhTZDBNTVlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHYGCCsGAQUFBwEHAQH/BGcwZTBUBAIAATBOAwQAHw3XAwQB
Hw3kAwQAJTyJAwQAV3gJAwQAV3haAwQBV3kEAwQAV3l4AwQAXXsVAwQAXXtnAwQA
XpwJAwQAXpwNAwQBXpwuAwQAstOSMA0EAgACMAcDBQMqBQFAMA0GCSqGSIb3DQEB
CwUAA4IBAQAWX3X6Ub+6S8+6C/IaU1WLrv7TQE0L22zd8F2Aqi9o1xDb7kX2kKjR
P/0HTZovRqt03omjwbqVsTKCRXWznls0JTLWlK3jHtsGsDvD9FBfBViFIP+VIHZw
8HJviY3wucWREV4lMjhR0eNI9gKKzPCbEGDciAbCRBfXOQMaUZ+rM0mpJyPTAf68
TntzjcwVt4GJdCAnW5RC1sSxhgg6ioUxT65S7UfoXI/BIxE7oB54JlgwipBXhr9d
91yzkiolTpFNuSwn0MilMT3lqRvcXEZOi/Ey2C0yUNGCp3eB4PgRTuA0GJbrpCYU
v7L6Y4LuUeEonmxNaDvCpILDxNvxPmit
-----END CERTIFICATE-----
Generated at Thu May 30 20:30:48 2024 by rpki-client on console-ams.rpki-client.org