Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/Opr5ON39nVYoZoiaP2gWq_3MbLg.roa
File: Opr5ON39nVYoZoiaP2gWq_3MbLg.roa (raw, json)
Hash identifier: 01JcQA+4aDeFY9bN8K+XWJV82OZ96eT66HOGE3XB9cY=
Subject key identifier: 3A:9A:F9:38:DD:FD:9D:56:28:66:88:9A:3F:68:16:AB:FD:CC:6C:B8
Certificate issuer: /CN=3bccbc70e18b6c69e53ef52a5e925e5f4f0cdcc1
Certificate serial: 01924FE2120DF57285C4873F4FF0D2466FFD
Authority key identifier: 3B:CC:BC:70:E1:8B:6C:69:E5:3E:F5:2A:5E:92:5E:5F:4F:0C:DC:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/Opr5ON39nVYoZoiaP2gWq_3MbLg.roa
Signing time: Thu 03 Oct 2024 00:57:48 +0000
ROA not before: Thu 03 Oct 2024 00:57:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25019
IP address blocks: 159.0.0.0/16 maxlen: 16
159.0.0.0/20 maxlen: 20
159.0.16.0/20 maxlen: 20
159.0.32.0/20 maxlen: 20
159.0.48.0/20 maxlen: 20
159.0.64.0/20 maxlen: 20
159.0.80.0/20 maxlen: 20
159.0.96.0/20 maxlen: 20
159.0.112.0/20 maxlen: 20
159.0.192.0/20 maxlen: 20
159.0.208.0/20 maxlen: 20
159.0.224.0/20 maxlen: 20
159.0.240.0/20 maxlen: 20
185.139.8.0/22 maxlen: 22
212.215.128.0/17 maxlen: 17
212.215.128.0/18 maxlen: 18
212.215.136.0/21 maxlen: 21
212.215.137.0/24 maxlen: 24
212.215.144.0/20 maxlen: 20
212.215.160.0/20 maxlen: 20
212.215.176.0/20 maxlen: 20
212.215.192.0/20 maxlen: 20
212.215.224.0/21 maxlen: 21
212.215.240.0/22 maxlen: 22
212.215.244.0/22 maxlen: 22
212.215.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.mft
rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4f:e2:12:0d:f5:72:85:c4:87:3f:4f:f0:d2:46:6f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bccbc70e18b6c69e53ef52a5e925e5f4f0cdcc1
Validity
Not Before: Oct 3 00:57:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a9af938ddfd9d562866889a3f6816abfdcc6cb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:01:fa:54:b6:69:62:d1:25:52:04:60:8a:62:
45:c9:a4:30:cf:6b:d9:4f:ba:98:6a:8b:6f:9d:e6:
6c:3d:4d:e8:41:36:fd:a8:72:53:1c:a1:eb:c4:37:
4a:18:be:65:0e:08:3a:e7:fe:02:a0:24:33:95:d0:
ba:63:a6:16:bc:ec:63:a0:76:47:a5:89:89:e9:91:
33:18:10:d3:82:13:2d:71:94:68:db:bc:09:14:af:
d2:9e:ba:cb:84:bf:33:86:c9:ff:6b:e0:72:2f:a4:
5d:ca:26:1f:68:a2:80:36:d8:2c:9c:86:b2:fa:22:
37:d3:bc:5d:85:c7:f1:c2:09:cd:af:fb:2d:6d:91:
f9:8e:bf:f1:c0:10:b7:02:7c:a2:99:1a:b5:90:9c:
0a:34:62:6c:8c:f2:d4:e9:5c:4a:b2:27:ee:dc:9b:
ba:11:fa:5e:cd:74:de:30:d3:89:3f:7e:48:a7:ac:
6f:22:92:31:f0:42:15:a1:f7:d9:39:7a:07:c7:05:
75:b5:fb:01:85:e3:92:7e:99:8a:51:67:2b:1b:cd:
26:22:38:31:67:6f:a0:fc:09:c9:3e:1d:a4:b3:f5:
d5:0e:64:76:e8:36:63:10:40:38:c6:9a:f1:9a:71:
dc:47:e4:af:2b:e1:21:22:b8:b7:45:ef:c8:c3:2d:
4d:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9A:F9:38:DD:FD:9D:56:28:66:88:9A:3F:68:16:AB:FD:CC:6C:B8
X509v3 Authority Key Identifier:
keyid:3B:CC:BC:70:E1:8B:6C:69:E5:3E:F5:2A:5E:92:5E:5F:4F:0C:DC:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O8y8cOGLbGnlPvUqXpJeX08M3ME.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/Opr5ON39nVYoZoiaP2gWq_3MbLg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/8a4773-a2bd-40d2-bfc8-bbe60ea222c5/1/O8y8cOGLbGnlPvUqXpJeX08M3ME.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.0.0.0/16
185.139.8.0/22
212.215.128.0/17
Signature Algorithm: sha256WithRSAEncryption
2e:91:99:04:b3:55:8c:d5:9a:17:3d:d5:a6:73:20:03:fc:fa:
a8:a4:94:8f:98:ec:df:82:65:2b:42:ee:5f:b0:d0:85:5c:46:
1b:78:a5:4f:49:4f:b9:a6:9d:0d:c0:e4:c3:2a:b3:af:5c:c6:
a2:2d:a4:5a:55:d8:8b:b2:d8:d7:27:1e:a1:c7:d5:5c:b1:96:
75:47:49:89:1a:25:39:11:d2:f5:be:24:e7:46:8d:0d:1e:92:
d3:7f:32:73:68:19:bc:ee:ff:26:b6:c1:70:2c:90:1a:c1:7b:
15:4d:bd:6a:9e:a7:a7:4d:e0:36:08:2d:34:ff:68:3d:2e:c8:
08:22:96:4b:17:19:50:0a:fe:7c:9c:e9:89:9c:be:49:30:8f:
c9:58:13:38:96:6c:67:9f:25:7f:8d:8d:4a:2a:a4:11:35:8a:
0f:6f:f2:7f:fb:e3:ba:95:96:11:b3:3e:28:66:15:3f:a9:b9:
6f:fb:cd:6e:a9:c6:74:4c:1e:1c:c8:f5:28:64:b6:e3:ca:70:
a7:32:05:33:b4:09:1b:42:fb:b3:27:38:c3:51:91:03:47:32:
97:96:55:21:32:78:0f:59:d7:97:e8:f5:d6:f6:ed:ad:d7:f8:
ba:6e:bc:cf:72:8e:55:41:71:e3:f1:be:aa:17:00:fd:01:90:
53:b5:c9:6f
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZJP4hIN9XKFxIc/T/DSRm/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiY2NiYzcwZTE4YjZjNjllNTNlZjUyYTVlOTI1ZTVmNGYw
Y2RjYzEwHhcNMjQxMDAzMDA1NzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTlhZjkzOGRkZmQ5ZDU2Mjg2Njg4OWEzZjY4MTZhYmZkY2M2Y2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAygH6VLZpYtElUgRgimJFyaQwz2vZ
T7qYaotvneZsPU3oQTb9qHJTHKHrxDdKGL5lDgg65/4CoCQzldC6Y6YWvOxjoHZH
pYmJ6ZEzGBDTghMtcZRo27wJFK/SnrrLhL8zhsn/a+ByL6RdyiYfaKKANtgsnIay
+iI307xdhcfxwgnNr/stbZH5jr/xwBC3AnyimRq1kJwKNGJsjPLU6VxKsifu3Ju6
EfpezXTeMNOJP35Ip6xvIpIx8EIVoffZOXoHxwV1tfsBheOSfpmKUWcrG80mIjgx
Z2+g/AnJPh2ks/XVDmR26DZjEEA4xprxmnHcR+SvK+EhIri3Re/Iwy1N1QIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFDqa+Tjd/Z1WKGaImj9oFqv9zGy4MB8GA1UdIwQY
MBaAFDvMvHDhi2xp5T71Kl6SXl9PDNzBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzh5OGNPR0xiR25sUHZVcVhwSmVYMDhNM01FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS84YTQ3NzMtYTJiZC00MGQyLWJmYzgt
YmJlNjBlYTIyMmM1LzEvT3ByNU9OMzluVllvWm9pYVAyZ1dxXzNNYkxnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS84YTQ3NzMtYTJiZC00MGQyLWJmYzgtYmJlNjBlYTIyMmM1
LzEvTzh5OGNPR0xiR25sUHZVcVhwSmVYMDhNM01FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAATARAwMAnwADBAK5
iwgDBAfU14AwDQYJKoZIhvcNAQELBQADggEBAC6RmQSzVYzVmhc91aZzIAP8+qik
lI+Y7N+CZStC7l+w0IVcRht4pU9JT7mmnQ3A5MMqs69cxqItpFpV2Iuy2NcnHqHH
1VyxlnVHSYkaJTkR0vW+JOdGjQ0ektN/MnNoGbzu/ya2wXAskBrBexVNvWqep6dN
4DYILTT/aD0uyAgilksXGVAK/nyc6Ymcvkkwj8lYEziWbGefJX+NjUoqpBE1ig9v
8n/747qVlhGzPihmFT+puW/7zW6pxnRMHhzI9ShktuPKcKcyBTO0CRtC+7MnOMNR
kQNHMpeWVSEyeA9Z15fo9db27a3X+LpuvM9yjlVBcePxvqoXAP0BkFO1yW8=
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:55:21 2024 by rpki-client on console-ams.rpki-client.org