Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/OzWt-Y7nVeG8SDatgFXNfG3kiFw.roa
File: OzWt-Y7nVeG8SDatgFXNfG3kiFw.roa (raw, json)
Hash identifier: Cvm4yITlF6f7NfrclLuwdeYgdZMXhsaDRg4TyF4dApw=
Subject key identifier: 3B:35:AD:F9:8E:E7:55:E1:BC:48:36:AD:80:55:CD:7C:6D:E4:88:5C
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 018CC2DB1F86B4DC73752F568560C7A9CEE7
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/OzWt-Y7nVeG8SDatgFXNfG3kiFw.roa
Signing time: Mon 01 Jan 2024 02:29:49 +0000
ROA not before: Mon 01 Jan 2024 02:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48716
IP address blocks: 90.156.230.0/24 maxlen: 24
188.225.31.0/24 maxlen: 24
217.151.230.0/24 maxlen: 24
185.247.17.0/24 maxlen: 24
2a03:6f06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 13 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:1f:86:b4:dc:73:75:2f:56:85:60:c7:a9:ce:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: Jan 1 02:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b35adf98ee755e1bc4836ad8055cd7c6de4885c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7b:2c:1d:a7:48:46:2f:c7:c6:f5:e0:60:4e:
22:9c:14:45:85:00:dd:24:61:c6:4f:e5:b1:f1:a7:
f9:09:ca:45:9c:ba:90:78:6e:65:c5:37:c9:2a:87:
20:91:5f:2d:a3:ce:d1:b6:65:1f:ca:9a:8d:a0:5f:
5c:6c:c7:7f:39:68:8f:20:16:e7:2a:f0:61:c9:9b:
47:a5:c1:d4:1d:87:53:55:55:5a:3a:c3:af:94:dc:
61:d9:e7:38:6a:54:5d:cb:63:bf:a0:06:b9:56:fb:
a4:c4:c9:05:e9:71:eb:7a:ee:bd:de:aa:a8:65:4c:
2e:ad:fa:59:a7:4b:3e:35:cf:3e:5a:b0:c3:ad:47:
ec:04:ad:65:e5:0a:27:38:da:91:a9:6c:16:32:53:
c9:be:9c:5c:6f:6b:79:76:ba:6e:fb:99:f3:64:b8:
53:38:d9:50:f4:00:4a:08:26:09:0f:88:a8:09:69:
ff:5e:2f:38:4a:93:e1:da:a9:cb:35:80:15:f7:65:
5f:08:a8:86:81:09:a8:bf:e8:43:ba:5b:0a:ab:45:
4c:87:e6:66:fd:e4:c8:ac:55:fe:91:a8:15:76:d6:
3f:97:92:a1:02:a2:06:73:34:f4:62:99:10:f6:f0:
c4:e9:36:11:c2:ae:85:cb:94:80:5c:f4:d4:35:91:
89:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:35:AD:F9:8E:E7:55:E1:BC:48:36:AD:80:55:CD:7C:6D:E4:88:5C
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/OzWt-Y7nVeG8SDatgFXNfG3kiFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
90.156.230.0/24
185.247.17.0/24
188.225.31.0/24
217.151.230.0/24
IPv6:
2a03:6f06::/32
Signature Algorithm: sha256WithRSAEncryption
ae:82:c7:01:4e:dd:d5:07:57:f0:97:12:43:e3:b3:ab:25:6b:
78:3b:49:ab:ea:02:5c:7e:3e:f7:d3:92:e2:42:74:c6:91:d8:
0f:99:82:2f:39:ac:8f:be:d3:0e:44:bd:f1:d5:86:85:cf:c9:
1d:13:5e:00:10:78:36:35:1d:b1:8d:60:4e:92:80:9a:f9:c8:
a2:6e:23:26:7f:c5:11:05:9c:a8:a5:21:f1:eb:85:a9:58:dd:
78:08:60:e6:00:bd:3e:a2:b9:08:8c:c6:00:11:ff:1d:09:74:
3c:26:a5:e5:5f:0c:1c:47:c3:64:6b:e6:7c:cc:9e:48:a7:a3:
ce:e9:41:1f:99:95:dd:2c:a3:f9:94:b7:26:36:09:1f:c2:90:
8e:dc:ab:1e:67:9a:7e:27:df:50:a6:d3:f2:92:5a:3a:6b:cd:
78:d4:5f:63:89:af:54:fd:53:85:9a:1d:08:d3:d7:bd:5d:44:
6c:f4:99:c3:e8:6f:e6:e4:7e:9e:09:c7:05:e5:36:ca:bf:0d:
66:4d:2f:5e:9d:5f:4e:70:df:07:03:d9:c4:64:af:45:7c:f5:
57:2a:0e:59:c0:87:5a:92:5a:4b:1e:b7:2e:18:b9:5e:ac:3a:
d5:e3:e3:8c:87:c9:07:17:ed:4b:0f:5b:82:a1:85:fe:89:0a:
4d:22:95:8f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzC2x+GtNxzdS9WhWDHqc7nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjQwMTAxMDIyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjM1YWRmOThlZTc1NWUxYmM0ODM2YWQ4MDU1Y2Q3YzZkZTQ4ODVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArHssHadIRi/HxvXgYE4inBRFhQDd
JGHGT+Wx8af5CcpFnLqQeG5lxTfJKocgkV8to87RtmUfypqNoF9cbMd/OWiPIBbn
KvBhyZtHpcHUHYdTVVVaOsOvlNxh2ec4alRdy2O/oAa5VvukxMkF6XHreu693qqo
ZUwurfpZp0s+Nc8+WrDDrUfsBK1l5QonONqRqWwWMlPJvpxcb2t5drpu+5nzZLhT
ONlQ9ABKCCYJD4ioCWn/Xi84SpPh2qnLNYAV92VfCKiGgQmov+hDulsKq0VMh+Zm
/eTIrFX+kagVdtY/l5KhAqIGczT0YpkQ9vDE6TYRwq6Fy5SAXPTUNZGJnwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDs1rfmO51XhvEg2rYBVzXxt5IhcMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvT3pXdC1ZN25WZUc4U0RhdGdGWE5mRzNraUZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAWpzmAwQA
ufcRAwQAvOEfAwQA2ZfmMA0EAgACMAcDBQAqA28GMA0GCSqGSIb3DQEBCwUAA4IB
AQCugscBTt3VB1fwlxJD47OrJWt4O0mr6gJcfj7305LiQnTGkdgPmYIvOayPvtMO
RL3x1YaFz8kdE14AEHg2NR2xjWBOkoCa+ciibiMmf8URBZyopSHx64WpWN14CGDm
AL0+orkIjMYAEf8dCXQ8JqXlXwwcR8Nka+Z8zJ5Ip6PO6UEfmZXdLKP5lLcmNgkf
wpCO3KseZ5p+J99QptPyklo6a8141F9jia9U/VOFmh0I09e9XURs9JnD6G/m5H6e
CccF5TbKvw1mTS9enV9OcN8HA9nEZK9FfPVXKg5ZwIdaklpLHrcuGLlerDrV4+OM
h8kHF+1LD1uCoYX+iQpNIpWP
-----END CERTIFICATE-----
Generated at Sun May 12 21:36:43 2024 by rpki-client on console-ams.rpki-client.org