Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/OWTGfclFE8AA9mO65rOHqAqbF28.roa
File: OWTGfclFE8AA9mO65rOHqAqbF28.roa (raw, json)
Hash identifier: qyOIobW1SnRPsC+DJoAr2qGwbiQLaifPe0Maa2p7GSM=
Subject key identifier: 39:64:C6:7D:C9:45:13:C0:00:F6:63:BA:E6:B3:87:A8:0A:9B:17:6F
Certificate issuer: /CN=7d4d1c8790a913e832c733dff778dee79129700a
Certificate serial: 018CC26D0A8A6677D4648DD3D69766F596A9
Authority key identifier: 7D:4D:1C:87:90:A9:13:E8:32:C7:33:DF:F7:78:DE:E7:91:29:70:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/OWTGfclFE8AA9mO65rOHqAqbF28.roa
Signing time: Mon 01 Jan 2024 00:29:35 +0000
ROA not before: Mon 01 Jan 2024 00:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8222
IP address blocks: 188.92.112.0/21 maxlen: 24
213.183.0.0/19 maxlen: 24
194.59.179.0/24 maxlen: 24
185.227.12.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/fU0ch5CpE-gyxzPf93je55EpcAo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/fU0ch5CpE-gyxzPf93je55EpcAo.mft
rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Jun 2024 22:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:0a:8a:66:77:d4:64:8d:d3:d6:97:66:f5:96:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d4d1c8790a913e832c733dff778dee79129700a
Validity
Not Before: Jan 1 00:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3964c67dc94513c000f663bae6b387a80a9b176f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:64:07:ed:b8:41:a6:88:42:90:5d:6b:f8:60:
15:6b:82:b9:02:5e:67:5f:04:65:f8:cd:f5:a4:66:
2d:bc:b3:7b:c4:dc:fc:25:20:59:5c:a9:1d:88:b4:
a9:98:07:bc:97:12:ab:28:27:16:a0:3c:13:6e:34:
82:12:ec:ff:e3:60:7a:33:10:01:c6:01:c5:31:a0:
a3:21:a1:a7:1f:88:bd:bf:7a:a5:84:60:07:01:a6:
b3:e8:16:24:5e:7b:98:cc:e8:f2:05:71:0a:ea:a0:
c4:1b:c3:f3:9e:f3:a5:08:de:b2:8a:4d:f9:7b:9f:
cc:57:1c:f0:5f:fe:d6:4f:20:9f:5b:19:8f:4b:35:
89:04:27:60:d8:3c:49:66:7c:35:66:21:14:fc:7d:
c9:b1:39:54:a1:9a:9e:19:89:8d:01:41:60:50:3a:
1f:3b:f1:36:58:74:dc:d9:d0:65:d3:69:2f:ec:0e:
f8:a1:1b:12:97:0d:42:05:69:e3:04:9f:05:c2:aa:
30:38:0a:cb:30:f2:21:6a:98:22:90:29:9a:3f:fc:
57:b5:e7:58:f1:c3:34:bb:a5:45:22:21:fa:34:a0:
0c:9d:c9:7d:9d:86:24:f4:fd:19:94:48:d8:3e:5c:
2d:cf:66:56:63:c5:66:4f:3e:24:cf:98:09:7a:78:
ad:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:64:C6:7D:C9:45:13:C0:00:F6:63:BA:E6:B3:87:A8:0A:9B:17:6F
X509v3 Authority Key Identifier:
keyid:7D:4D:1C:87:90:A9:13:E8:32:C7:33:DF:F7:78:DE:E7:91:29:70:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fU0ch5CpE-gyxzPf93je55EpcAo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/OWTGfclFE8AA9mO65rOHqAqbF28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/1c6180-9950-4ce8-811e-f8d662b96dab/1/fU0ch5CpE-gyxzPf93je55EpcAo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.227.12.0/22
188.92.112.0/21
194.59.179.0/24
213.183.0.0/19
Signature Algorithm: sha256WithRSAEncryption
30:4d:71:68:76:5d:7a:e9:b9:d2:2e:23:9f:a0:8b:b0:f7:3d:
30:7c:3d:cd:09:8c:75:a7:2b:51:59:90:6a:70:07:b0:9f:55:
f5:dc:64:03:f0:68:f6:f5:bf:3a:f0:b0:01:93:d7:4d:78:da:
fa:97:f7:73:aa:f8:ae:72:d2:bf:69:de:ef:18:9d:cd:fd:65:
78:d2:72:be:b8:b7:16:4a:42:42:71:5e:c5:3f:67:e9:d3:55:
ce:05:94:99:0d:26:e9:f5:b9:0e:0e:75:af:17:39:9b:95:dd:
f8:4d:a3:d5:f2:7b:4e:36:5b:cd:53:6b:ed:35:d7:29:b8:14:
af:46:06:59:f1:a3:5d:80:b2:20:bd:da:db:9f:57:64:47:30:
85:3f:3a:1b:2f:10:e1:13:18:ac:a6:19:26:7f:ff:fa:12:fb:
5a:b0:67:21:15:d9:c7:25:71:c0:30:80:5a:d5:3b:41:e7:03:
72:92:7f:a9:6d:23:08:86:a5:b7:2b:e7:8e:9a:4c:e4:3b:a4:
10:2f:fc:40:0a:0c:2c:87:2f:d0:70:21:24:08:a7:91:7a:bd:
0b:2f:08:9e:d4:d6:97:21:c7:74:26:ba:94:e0:d4:ec:f2:af:
af:5f:65:3d:01:e7:b2:bc:8e:b1:0a:65:47:d5:f9:8b:5d:c8:
9f:ab:e5:6f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzCbQqKZnfUZI3T1pdm9ZapMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNGQxYzg3OTBhOTEzZTgzMmM3MzNkZmY3NzhkZWU3OTEy
OTcwMGEwHhcNMjQwMTAxMDAyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTY0YzY3ZGM5NDUxM2MwMDBmNjYzYmFlNmIzODdhODBhOWIxNzZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmQH7bhBpohCkF1r+GAVa4K5Al5n
XwRl+M31pGYtvLN7xNz8JSBZXKkdiLSpmAe8lxKrKCcWoDwTbjSCEuz/42B6MxAB
xgHFMaCjIaGnH4i9v3qlhGAHAaaz6BYkXnuYzOjyBXEK6qDEG8PznvOlCN6yik35
e5/MVxzwX/7WTyCfWxmPSzWJBCdg2DxJZnw1ZiEU/H3JsTlUoZqeGYmNAUFgUDof
O/E2WHTc2dBl02kv7A74oRsSlw1CBWnjBJ8FwqowOArLMPIhapgikCmaP/xXtedY
8cM0u6VFIiH6NKAMncl9nYYk9P0ZlEjYPlwtz2ZWY8VmTz4kz5gJenitLwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDlkxn3JRRPAAPZjuuazh6gKmxdvMB8GA1UdIwQY
MBaAFH1NHIeQqRPoMscz3/d43ueRKXAKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlUwY2g1Q3BFLWd5eHpQZjkzamU1NUVwY0FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy8xYzYxODAtOTk1MC00Y2U4LTgxMWUt
ZjhkNjYyYjk2ZGFiLzEvT1dUR2ZjbEZFOEFBOW1PNjVyT0hxQXFiRjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy8xYzYxODAtOTk1MC00Y2U4LTgxMWUtZjhkNjYyYjk2ZGFi
LzEvZlUwY2g1Q3BFLWd5eHpQZjkzamU1NUVwY0FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCueMMAwQD
vFxwAwQAwjuzAwQF1bcAMA0GCSqGSIb3DQEBCwUAA4IBAQAwTXFodl166bnSLiOf
oIuw9z0wfD3NCYx1pytRWZBqcAewn1X13GQD8Gj29b868LABk9dNeNr6l/dzqviu
ctK/ad7vGJ3N/WV40nK+uLcWSkJCcV7FP2fp01XOBZSZDSbp9bkODnWvFzmbld34
TaPV8ntONlvNU2vtNdcpuBSvRgZZ8aNdgLIgvdrbn1dkRzCFPzobLxDhExisphkm
f//6EvtasGchFdnHJXHAMIBa1TtB5wNykn+pbSMIhqW3K+eOmkzkO6QQL/xACgws
hy/QcCEkCKeRer0LLwie1NaXIcd0JrqU4NTs8q+vX2U9AeeyvI6xCmVH1fmLXcif
q+Vv
-----END CERTIFICATE-----
Generated at Sat Jun 1 04:04:04 2024 by rpki-client on console-fra.rpki-client.org