Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/4afda7-829c-4880-a0c9-112e113bb7b7/1/0vR66II5NnXeOcGT8OSjnpBOIDs.roa
File: 0vR66II5NnXeOcGT8OSjnpBOIDs.roa (raw, json)
Hash identifier: dPATQiQ+YDGuo+futK2uBr67hUvyn/bVwzwPpZOjcjU=
Subject key identifier: D2:F4:7A:E8:82:39:36:75:DE:39:C1:93:F0:E4:A3:9E:90:4E:20:3B
Certificate issuer: /CN=a2ddaeb164e398214a171a0410e6b0232d642f50
Certificate serial: 018F9BADD772F771040163D7CED8DF1AB961
Authority key identifier: A2:DD:AE:B1:64:E3:98:21:4A:17:1A:04:10:E6:B0:23:2D:64:2F:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ot2usWTjmCFKFxoEEOawIy1kL1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/4afda7-829c-4880-a0c9-112e113bb7b7/1/0vR66II5NnXeOcGT8OSjnpBOIDs.roa
Signing time: Tue 21 May 2024 15:03:32 +0000
ROA not before: Tue 21 May 2024 15:03:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3164
IP address blocks: 37.156.67.0/24 maxlen: 24
37.156.225.0/24 maxlen: 24
84.247.54.0/24 maxlen: 24
86.105.195.0/24 maxlen: 24
89.44.109.0/24 maxlen: 24
94.176.2.0/24 maxlen: 24
185.88.28.0/24 maxlen: 24
185.88.29.0/24 maxlen: 24
185.88.30.0/24 maxlen: 24
185.88.31.0/24 maxlen: 24
188.241.194.0/24 maxlen: 24
2a05:c5c0::/48 maxlen: 48
2a05:c5c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/4afda7-829c-4880-a0c9-112e113bb7b7/1/ot2usWTjmCFKFxoEEOawIy1kL1A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/4afda7-829c-4880-a0c9-112e113bb7b7/1/ot2usWTjmCFKFxoEEOawIy1kL1A.mft
rsync://rpki.ripe.net/repository/DEFAULT/ot2usWTjmCFKFxoEEOawIy1kL1A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9b:ad:d7:72:f7:71:04:01:63:d7:ce:d8:df:1a:b9:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2ddaeb164e398214a171a0410e6b0232d642f50
Validity
Not Before: May 21 15:03:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2f47ae882393675de39c193f0e4a39e904e203b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ca:3d:d4:fa:b1:83:34:ba:b3:af:69:d2:c6:
a6:e9:fa:74:34:21:60:1a:07:96:a5:49:0d:88:b7:
23:b6:93:e4:cb:93:6e:7a:9d:16:49:b0:cb:c6:50:
dd:dc:61:3c:9f:84:9a:43:a6:95:6f:a0:58:ec:20:
97:c1:43:40:d0:72:94:f0:ba:dc:a3:da:55:32:12:
28:9f:b8:10:75:f2:a5:ab:d3:ea:7b:23:37:e5:b1:
8b:a1:2f:e2:c7:b4:7f:34:cd:11:28:3a:27:e6:73:
77:be:ce:6c:fa:be:8c:76:e9:3b:95:a5:bf:15:a2:
21:1b:9a:5f:1f:5d:e7:fc:65:c5:9e:e1:be:59:fc:
56:db:45:91:77:c3:13:76:da:60:a4:b1:b2:e6:68:
3e:f1:fc:4d:46:65:a8:3e:5d:70:f1:13:82:7c:ff:
64:5f:c0:ec:e0:14:38:c6:4e:b6:1b:67:08:43:90:
55:cb:fa:00:da:d1:fe:80:af:b7:96:2a:52:b5:36:
b9:dc:cf:0b:f1:a9:53:2e:15:24:22:05:c2:ac:2f:
82:98:52:bd:74:03:5f:08:74:22:74:9c:30:09:db:
75:7f:14:c5:3d:5c:86:62:c7:5d:6b:5b:fc:99:ac:
e8:1a:de:26:0d:a1:cc:0c:5b:a3:ea:13:4a:e4:47:
16:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:F4:7A:E8:82:39:36:75:DE:39:C1:93:F0:E4:A3:9E:90:4E:20:3B
X509v3 Authority Key Identifier:
keyid:A2:DD:AE:B1:64:E3:98:21:4A:17:1A:04:10:E6:B0:23:2D:64:2F:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ot2usWTjmCFKFxoEEOawIy1kL1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4afda7-829c-4880-a0c9-112e113bb7b7/1/0vR66II5NnXeOcGT8OSjnpBOIDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/4afda7-829c-4880-a0c9-112e113bb7b7/1/ot2usWTjmCFKFxoEEOawIy1kL1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.67.0/24
37.156.225.0/24
84.247.54.0/24
86.105.195.0/24
89.44.109.0/24
94.176.2.0/24
185.88.28.0/22
188.241.194.0/24
IPv6:
2a05:c5c0::/47
Signature Algorithm: sha256WithRSAEncryption
97:af:79:b9:5c:1e:61:26:c7:12:41:74:79:14:61:40:66:82:
6f:79:a6:bf:98:d4:45:2c:c8:11:fc:89:8c:85:ce:91:86:12:
88:82:fc:42:01:d8:63:76:6c:b9:d9:8e:3f:cb:f4:4d:98:1f:
ea:c8:03:eb:6e:95:b5:ac:7b:fe:f1:f2:3c:2e:a4:9a:58:8d:
61:9c:5d:0c:01:f6:0f:00:74:61:85:a0:0a:5a:1c:38:05:5d:
24:54:5a:7b:e2:e6:61:b3:b1:1d:ac:e7:c9:45:76:95:d0:a2:
a4:67:28:de:49:45:41:f2:93:71:ea:52:25:9e:78:0a:2f:35:
ad:50:3d:7b:1b:dc:c6:22:bd:f2:4d:5c:37:02:4a:6f:04:78:
cc:6e:2e:02:6f:46:3f:1e:40:3d:3e:7c:e7:89:9e:37:b5:05:
f3:85:0c:f6:c1:bf:c0:fc:4a:31:57:64:69:ff:42:5c:2e:55:
bd:bf:1e:d7:a0:77:14:86:85:95:49:d3:2c:26:d2:c8:d7:60:
e9:cc:49:3a:fc:82:1c:b0:c6:45:02:6d:00:38:c3:59:a4:c1:
51:7a:f8:5e:be:6f:4e:b6:4c:a2:2e:2d:96:ea:08:8e:59:83:
5f:12:cf:f5:10:50:c0:b8:83:0f:93:ba:46:1f:3f:ca:ee:e8:
41:72:a0:5e
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAY+brddy93EEAWPXztjfGrlhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyZGRhZWIxNjRlMzk4MjE0YTE3MWEwNDEwZTZiMDIzMmQ2
NDJmNTAwHhcNMjQwNTIxMTUwMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmY0N2FlODgyMzkzNjc1ZGUzOWMxOTNmMGU0YTM5ZTkwNGUyMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8o91PqxgzS6s69p0sam6fp0NCFg
GgeWpUkNiLcjtpPky5Nuep0WSbDLxlDd3GE8n4SaQ6aVb6BY7CCXwUNA0HKU8Lrc
o9pVMhIon7gQdfKlq9PqeyM35bGLoS/ix7R/NM0RKDon5nN3vs5s+r6Mduk7laW/
FaIhG5pfH13n/GXFnuG+WfxW20WRd8MTdtpgpLGy5mg+8fxNRmWoPl1w8ROCfP9k
X8Ds4BQ4xk62G2cIQ5BVy/oA2tH+gK+3lipStTa53M8L8alTLhUkIgXCrC+CmFK9
dANfCHQidJwwCdt1fxTFPVyGYsdda1v8mazoGt4mDaHMDFuj6hNK5EcWxQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFNL0euiCOTZ13jnBk/Dko56QTiA7MB8GA1UdIwQY
MBaAFKLdrrFk45ghShcaBBDmsCMtZC9QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3QydXNXVGptQ0ZLRnhvRUVPYXdJeTFrTDFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS80YWZkYTctODI5Yy00ODgwLWEwYzkt
MTEyZTExM2JiN2I3LzEvMHZSNjZJSTVOblhlT2NHVDhPU2pucEJPSURzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS80YWZkYTctODI5Yy00ODgwLWEwYzktMTEyZTExM2JiN2I3
LzEvb3QydXNXVGptQ0ZLRnhvRUVPYXdJeTFrTDFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQAJZxDAwQA
JZzhAwQAVPc2AwQAVmnDAwQAWSxtAwQAXrACAwQCuVgcAwQAvPHCMA8EAgACMAkD
BwEqBcXAAAAwDQYJKoZIhvcNAQELBQADggEBAJeveblcHmEmxxJBdHkUYUBmgm95
pr+Y1EUsyBH8iYyFzpGGEoiC/EIB2GN2bLnZjj/L9E2YH+rIA+tulbWse/7x8jwu
pJpYjWGcXQwB9g8AdGGFoApaHDgFXSRUWnvi5mGzsR2s58lFdpXQoqRnKN5JRUHy
k3HqUiWeeAovNa1QPXsb3MYivfJNXDcCSm8EeMxuLgJvRj8eQD0+fOeJnje1BfOF
DPbBv8D8SjFXZGn/QlwuVb2/HtegdxSGhZVJ0ywm0sjXYOnMSTr8ghywxkUCbQA4
w1mkwVF6+F6+b062TKIuLZbqCI5Zg18Sz/UQUMC4gw+TukYfP8ru6EFyoF4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:50:35 2024 by rpki-client on console-ams.rpki-client.org