Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/ozS71ihQ5MKMNnGnH_eH3f-yC5s.roa
File: ozS71ihQ5MKMNnGnH_eH3f-yC5s.roa (raw, json)
Hash identifier: xEp443gP9vxWvQzBZsoo4gAxSv2hiY8Oe6+l93HXhJo=
Subject key identifier: A3:34:BB:D6:28:50:E4:C2:8C:36:71:A7:1F:F7:87:DD:FF:B2:0B:9B
Certificate issuer: /CN=1534838bb317b8186699f0a4485db6d9da1908d2
Certificate serial: 018CC2DB5DA50CDA8F6BB982E7F896CB1200
Authority key identifier: 15:34:83:8B:B3:17:B8:18:66:99:F0:A4:48:5D:B6:D9:DA:19:08:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/ozS71ihQ5MKMNnGnH_eH3f-yC5s.roa
Signing time: Mon 01 Jan 2024 02:30:05 +0000
ROA not before: Mon 01 Jan 2024 02:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2602
IP address blocks: 193.168.64.0/18 maxlen: 24
158.64.0.0/16 maxlen: 24
185.149.136.0/22 maxlen: 22
2001:a18::/29 maxlen: 48
2001:a18:ff00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/FTSDi7MXuBhmmfCkSF222doZCNI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/FTSDi7MXuBhmmfCkSF222doZCNI.mft
rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:5d:a5:0c:da:8f:6b:b9:82:e7:f8:96:cb:12:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1534838bb317b8186699f0a4485db6d9da1908d2
Validity
Not Before: Jan 1 02:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a334bbd62850e4c28c3671a71ff787ddffb20b9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:7a:07:c1:96:bf:ca:c2:15:a8:84:c4:39:de:
9c:45:d3:7d:62:1c:fa:fc:55:8b:c0:db:37:22:c2:
a9:34:fc:bf:72:b0:37:64:81:b2:da:9f:7a:69:91:
33:74:09:60:2c:da:c4:e7:c9:27:08:60:2c:37:58:
fd:64:fa:78:00:76:5e:37:ee:35:e2:c9:a9:aa:94:
0f:0b:54:82:78:c8:7f:0e:bb:7a:2d:22:62:23:9d:
6a:ec:10:d2:19:84:fc:a0:5e:f2:0b:10:db:18:cf:
4d:c7:f5:b6:88:48:5c:ac:9e:be:a6:cd:0b:4e:ab:
53:bd:15:2e:89:66:50:e8:2a:55:c7:b4:40:a2:75:
94:89:53:73:2c:d0:2b:50:fc:92:1f:48:99:5b:63:
13:38:c6:d9:65:64:06:f7:7a:c4:99:b6:8c:4e:83:
45:ad:f8:1b:d5:3d:37:00:81:09:da:c6:da:ef:27:
57:d4:1c:84:b1:ca:92:a9:19:74:88:b5:a7:b6:0a:
8b:37:30:ce:40:be:24:fa:fe:1a:87:01:55:20:fa:
a6:b4:61:02:7f:66:3a:18:08:74:ac:e8:16:f7:86:
50:fe:ab:82:58:88:5c:29:02:75:d8:6a:fe:e2:45:
47:e0:ae:8a:11:81:2e:b7:01:33:32:53:aa:35:61:
fd:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:34:BB:D6:28:50:E4:C2:8C:36:71:A7:1F:F7:87:DD:FF:B2:0B:9B
X509v3 Authority Key Identifier:
keyid:15:34:83:8B:B3:17:B8:18:66:99:F0:A4:48:5D:B6:D9:DA:19:08:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FTSDi7MXuBhmmfCkSF222doZCNI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/ozS71ihQ5MKMNnGnH_eH3f-yC5s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/14c1ca-1874-47ac-a18e-3a144c70e0b0/1/FTSDi7MXuBhmmfCkSF222doZCNI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.64.0.0/16
185.149.136.0/22
193.168.64.0/18
IPv6:
2001:a18::/29
Signature Algorithm: sha256WithRSAEncryption
1c:47:04:bb:11:0b:6b:c3:09:ff:e7:da:08:43:a9:ac:4a:96:
1e:6d:77:00:98:08:b9:b1:14:ac:12:16:31:db:5f:86:d8:36:
16:f2:58:db:51:31:3c:46:31:b1:f4:30:ea:f5:fd:83:92:3e:
0f:5a:f6:8e:c4:94:fb:52:7a:20:c0:f1:b9:0c:73:b4:04:cf:
77:77:50:bb:7a:6c:a1:52:0b:3d:33:b5:24:82:dd:94:8b:7c:
89:25:58:23:81:c0:a2:f2:51:47:c3:0c:5f:be:db:f7:94:57:
80:47:1c:37:b2:fa:4e:79:7f:c9:c4:34:54:14:97:d4:06:2f:
ea:cc:c9:4d:82:78:5b:81:fe:9c:76:8b:cc:4e:81:26:30:8a:
40:ee:63:28:59:82:c8:d2:9c:30:10:26:ae:f7:be:44:76:de:
57:e7:c2:3c:43:5f:1d:8d:ae:3a:f9:0b:91:0a:f3:7c:1c:a8:
95:b8:52:cf:75:82:c9:e7:db:38:99:30:36:e8:42:b6:b4:6f:
4b:f0:e7:8c:0a:27:5d:f5:05:c2:d3:8b:ad:0d:19:4b:97:74:
d4:2b:22:c4:de:19:31:2c:97:ad:2f:02:fb:ff:df:d3:9c:cb:
f9:60:94:d6:c4:0b:5a:15:93:97:76:fd:f5:af:c4:ad:64:ee:
4d:cb:c1:a6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzC212lDNqPa7mC5/iWyxIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1MzQ4MzhiYjMxN2I4MTg2Njk5ZjBhNDQ4NWRiNmQ5ZGEx
OTA4ZDIwHhcNMjQwMTAxMDIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzM0YmJkNjI4NTBlNGMyOGMzNjcxYTcxZmY3ODdkZGZmYjIwYjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiXoHwZa/ysIVqITEOd6cRdN9Yhz6
/FWLwNs3IsKpNPy/crA3ZIGy2p96aZEzdAlgLNrE58knCGAsN1j9ZPp4AHZeN+41
4smpqpQPC1SCeMh/Drt6LSJiI51q7BDSGYT8oF7yCxDbGM9Nx/W2iEhcrJ6+ps0L
TqtTvRUuiWZQ6CpVx7RAonWUiVNzLNArUPySH0iZW2MTOMbZZWQG93rEmbaMToNF
rfgb1T03AIEJ2sba7ydX1ByEscqSqRl0iLWntgqLNzDOQL4k+v4ahwFVIPqmtGEC
f2Y6GAh0rOgW94ZQ/quCWIhcKQJ12Gr+4kVH4K6KEYEutwEzMlOqNWH9eQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKM0u9YoUOTCjDZxpx/3h93/sgubMB8GA1UdIwQY
MBaAFBU0g4uzF7gYZpnwpEhdttnaGQjSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRlRTRGk3TVh1QmhtbWZDa1NGMjIyZG9aQ05JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS8xNGMxY2EtMTg3NC00N2FjLWExOGUt
M2ExNDRjNzBlMGIwLzEvb3pTNzFpaFE1TUtNTm5HbkhfZUgzZi15QzVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS8xNGMxY2EtMTg3NC00N2FjLWExOGUtM2ExNDRjNzBlMGIw
LzEvRlRTRGk3TVh1QmhtbWZDa1NGMjIyZG9aQ05JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwMAnkADBAK5
lYgDBAbBqEAwDQQCAAIwBwMFAyABChgwDQYJKoZIhvcNAQELBQADggEBABxHBLsR
C2vDCf/n2ghDqaxKlh5tdwCYCLmxFKwSFjHbX4bYNhbyWNtRMTxGMbH0MOr1/YOS
Pg9a9o7ElPtSeiDA8bkMc7QEz3d3ULt6bKFSCz0ztSSC3ZSLfIklWCOBwKLyUUfD
DF++2/eUV4BHHDey+k55f8nENFQUl9QGL+rMyU2CeFuB/px2i8xOgSYwikDuYyhZ
gsjSnDAQJq73vkR23lfnwjxDXx2Nrjr5C5EK83wcqJW4Us91gsnn2ziZMDboQra0
b0vw54wKJ131BcLTi60NGUuXdNQrIsTeGTEsl60vAvv/39Ocy/lglNbEC1oVk5d2
/fWvxK1k7k3LwaY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:02:04 2024 by rpki-client on console-ams.rpki-client.org