Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d08bbd-08b0-4a22-8b57-7e0171150cfb/1/QOvI-aPjyBYHDsXiNNA1Huh3oo4.roa
File: QOvI-aPjyBYHDsXiNNA1Huh3oo4.roa (raw, json)
Hash identifier: ckgU1+HuLWudEmEFVpgG2rQHbph4ywnNyAzoIk/yUY8=
Subject key identifier: 40:EB:C8:F9:A3:E3:C8:16:07:0E:C5:E2:34:D0:35:1E:E8:77:A2:8E
Certificate issuer: /CN=9280aa6150904e20f884a463c9b66ae6d4161b9b
Certificate serial: 018CC3B6838399D83494B9881D8C0CD6DCBF
Authority key identifier: 92:80:AA:61:50:90:4E:20:F8:84:A4:63:C9:B6:6A:E6:D4:16:1B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/koCqYVCQTiD4hKRjybZq5tQWG5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d08bbd-08b0-4a22-8b57-7e0171150cfb/1/QOvI-aPjyBYHDsXiNNA1Huh3oo4.roa
Signing time: Mon 01 Jan 2024 06:29:27 +0000
ROA not before: Mon 01 Jan 2024 06:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201520
IP address blocks: 185.95.0.0/24 maxlen: 24
185.95.3.0/24 maxlen: 24
185.95.2.0/24 maxlen: 24
185.15.198.0/24 maxlen: 24
185.15.197.0/24 maxlen: 24
185.15.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/d08bbd-08b0-4a22-8b57-7e0171150cfb/1/koCqYVCQTiD4hKRjybZq5tQWG5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/d08bbd-08b0-4a22-8b57-7e0171150cfb/1/koCqYVCQTiD4hKRjybZq5tQWG5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/koCqYVCQTiD4hKRjybZq5tQWG5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:83:83:99:d8:34:94:b9:88:1d:8c:0c:d6:dc:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9280aa6150904e20f884a463c9b66ae6d4161b9b
Validity
Not Before: Jan 1 06:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=40ebc8f9a3e3c816070ec5e234d0351ee877a28e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:89:43:23:bd:3a:33:bd:35:49:70:a7:6d:23:
cb:de:7f:8e:25:22:2a:de:15:c6:83:2d:1f:50:f7:
0a:b8:73:db:d9:91:32:14:4d:39:b3:a2:66:aa:09:
44:39:b1:15:6c:ec:55:38:1b:68:e6:88:b2:ce:d0:
29:ab:98:fa:36:75:bf:41:89:d9:06:74:4d:89:9d:
17:62:80:f9:a1:50:5a:1f:d4:ff:58:02:0a:67:cb:
15:9a:85:f4:58:3f:b6:6e:e1:c7:04:65:d5:0e:e4:
73:37:ae:6e:9d:22:e2:b1:d4:c0:fe:6c:42:95:ac:
72:bf:07:6f:cf:74:da:6a:26:06:89:3c:40:74:e5:
08:37:dc:c8:98:00:36:28:48:2e:34:1c:3e:c1:af:
38:0d:fe:b7:93:08:1a:b8:32:00:b3:9e:85:70:0f:
09:fc:29:b3:5d:8d:12:ad:b0:fd:0d:05:50:b1:44:
b5:3d:9d:33:d5:72:b2:7c:ae:60:b7:53:ae:a9:41:
bc:6f:d7:26:b8:00:b3:01:55:70:ee:a1:68:49:e0:
cb:15:a8:9a:5e:ad:bd:0a:23:69:5d:be:74:50:86:
ed:86:0c:0b:b1:d1:0b:70:6b:4a:ce:6b:b5:18:5f:
81:6e:fb:c2:fb:ba:12:3e:04:b4:d3:72:31:6d:b8:
3d:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:EB:C8:F9:A3:E3:C8:16:07:0E:C5:E2:34:D0:35:1E:E8:77:A2:8E
X509v3 Authority Key Identifier:
keyid:92:80:AA:61:50:90:4E:20:F8:84:A4:63:C9:B6:6A:E6:D4:16:1B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/koCqYVCQTiD4hKRjybZq5tQWG5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d08bbd-08b0-4a22-8b57-7e0171150cfb/1/QOvI-aPjyBYHDsXiNNA1Huh3oo4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d08bbd-08b0-4a22-8b57-7e0171150cfb/1/koCqYVCQTiD4hKRjybZq5tQWG5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.15.196.0-185.15.198.255
185.95.0.0/24
185.95.2.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:89:85:85:34:15:e2:99:02:1e:f0:13:43:d0:5a:73:bf:fe:
e0:45:55:cc:c8:49:bd:1e:67:68:bb:92:a1:08:97:3f:e2:05:
62:51:f5:f7:72:0e:8d:18:5d:82:12:d7:a4:b5:ef:b2:96:d9:
7e:0e:12:3a:3b:d2:e4:ab:75:fe:a8:fd:15:cb:ee:18:67:70:
c9:c1:5c:03:a9:f0:89:4d:72:84:6a:ab:25:80:c0:38:e4:bf:
cc:d6:65:86:71:f0:7c:71:22:44:b3:11:a0:06:53:42:f5:2c:
4f:b8:55:ab:dc:45:2f:bb:f1:71:21:14:14:df:2e:44:61:73:
af:57:b9:d3:6a:a1:f1:e0:6f:79:58:3b:8c:9f:8f:aa:43:45:
12:06:76:1e:47:d7:69:2a:89:cb:40:fc:60:4f:6c:60:49:2d:
a6:a3:3a:0e:5d:a9:f0:39:e5:d7:39:d9:19:29:ef:9a:73:2d:
98:de:27:77:2b:b9:26:13:98:6d:2c:b1:22:b6:af:cc:00:17:
4f:18:fb:0b:0f:a0:7e:68:b6:e5:3a:a9:ea:27:27:dc:32:71:
44:e9:8e:79:a1:43:84:c6:c8:65:3f:0b:16:1d:3d:f0:dd:9b:
36:7c:76:da:e6:7d:99:de:40:1f:1b:26:69:a4:46:cc:99:68:
f8:32:e5:9c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzDtoODmdg0lLmIHYwM1ty/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyODBhYTYxNTA5MDRlMjBmODg0YTQ2M2M5YjY2YWU2ZDQx
NjFiOWIwHhcNMjQwMTAxMDYyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MGViYzhmOWEzZTNjODE2MDcwZWM1ZTIzNGQwMzUxZWU4NzdhMjhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxIlDI706M701SXCnbSPL3n+OJSIq
3hXGgy0fUPcKuHPb2ZEyFE05s6JmqglEObEVbOxVOBto5oiyztApq5j6NnW/QYnZ
BnRNiZ0XYoD5oVBaH9T/WAIKZ8sVmoX0WD+2buHHBGXVDuRzN65unSLisdTA/mxC
laxyvwdvz3TaaiYGiTxAdOUIN9zImAA2KEguNBw+wa84Df63kwgauDIAs56FcA8J
/CmzXY0SrbD9DQVQsUS1PZ0z1XKyfK5gt1OuqUG8b9cmuACzAVVw7qFoSeDLFaia
Xq29CiNpXb50UIbthgwLsdELcGtKzmu1GF+BbvvC+7oSPgS003Ixbbg9ZwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEDryPmj48gWBw7F4jTQNR7od6KOMB8GA1UdIwQY
MBaAFJKAqmFQkE4g+ISkY8m2aubUFhubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva29DcVlWQ1FUaUQ0aEtSanliWnE1dFFXRzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9kMDhiYmQtMDhiMC00YTIyLThiNTct
N2UwMTcxMTUwY2ZiLzEvUU92SS1hUGp5QllIRHNYaU5OQTFIdWgzb280LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9kMDhiYmQtMDhiMC00YTIyLThiNTctN2UwMTcxMTUwY2Zi
LzEva29DcVlWQ1FUaUQ0aEtSanliWnE1dFFXRzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAK5D8QD
BAC5D8YDBAC5XwADBAG5XwIwDQYJKoZIhvcNAQELBQADggEBAEyJhYU0FeKZAh7w
E0PQWnO//uBFVczISb0eZ2i7kqEIlz/iBWJR9fdyDo0YXYIS16S177KW2X4OEjo7
0uSrdf6o/RXL7hhncMnBXAOp8IlNcoRqqyWAwDjkv8zWZYZx8HxxIkSzEaAGU0L1
LE+4VavcRS+78XEhFBTfLkRhc69XudNqofHgb3lYO4yfj6pDRRIGdh5H12kqictA
/GBPbGBJLaajOg5dqfA55dc52Rkp75pzLZjeJ3cruSYTmG0ssSK2r8wAF08Y+wsP
oH5otuU6qeonJ9wycUTpjnmhQ4TGyGU/CxYdPfDdmzZ8dtrmfZneQB8bJmmkRsyZ
aPgy5Zw=
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:34:08 2024 by rpki-client on console-ams.rpki-client.org