Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/c9d523-0bb9-4573-9595-76a3a10a26f2/1/OJb1pZlJ7AqfhbpMjgdMKlaM4fI.roa
File: OJb1pZlJ7AqfhbpMjgdMKlaM4fI.roa (raw, json)
Hash identifier: 7aUK8y5bbezD6FY0zfLOweC08kXfcvLBRKi+hbxC/G0=
Subject key identifier: 38:96:F5:A5:99:49:EC:0A:9F:85:BA:4C:8E:07:4C:2A:56:8C:E1:F2
Certificate issuer: /CN=4dd03a586b978a70aaa82e0958a90152e72679d9
Certificate serial: 018FCFF1497A72E6FDD2B33A39909499E7D2
Authority key identifier: 4D:D0:3A:58:6B:97:8A:70:AA:A8:2E:09:58:A9:01:52:E7:26:79:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TdA6WGuXinCqqC4JWKkBUucmedk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/c9d523-0bb9-4573-9595-76a3a10a26f2/1/OJb1pZlJ7AqfhbpMjgdMKlaM4fI.roa
Signing time: Fri 31 May 2024 18:37:27 +0000
ROA not before: Fri 31 May 2024 18:37:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198468
IP address blocks: 2001:67c:e98::/48 maxlen: 48
2001:67c:1330::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/c9d523-0bb9-4573-9595-76a3a10a26f2/1/TdA6WGuXinCqqC4JWKkBUucmedk.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/c9d523-0bb9-4573-9595-76a3a10a26f2/1/TdA6WGuXinCqqC4JWKkBUucmedk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TdA6WGuXinCqqC4JWKkBUucmedk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cf:f1:49:7a:72:e6:fd:d2:b3:3a:39:90:94:99:e7:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dd03a586b978a70aaa82e0958a90152e72679d9
Validity
Not Before: May 31 18:37:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3896f5a59949ec0a9f85ba4c8e074c2a568ce1f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:ef:53:cb:1d:12:67:2c:58:16:30:5b:02:15:
97:12:40:65:b0:49:9f:77:54:d2:d0:3e:05:ad:f5:
00:9f:30:bd:94:31:ad:40:5a:62:64:c9:b1:11:d3:
fc:0d:74:d5:4c:b3:13:53:b2:a2:b7:27:f6:fb:13:
05:00:30:a0:63:66:06:01:e6:75:3c:d6:1b:3a:15:
80:50:55:5e:28:04:17:88:db:5d:8b:0d:7c:96:4c:
4e:38:af:fc:a0:6b:d6:65:4e:47:ad:fe:64:25:c2:
ce:fc:2d:bf:74:33:f8:65:f9:34:90:d1:ef:5a:eb:
59:c9:80:dc:be:dc:77:05:06:f1:db:0b:1b:45:08:
6f:6a:7a:fa:62:4d:82:ad:5a:d9:4f:30:a9:e2:c3:
0b:b8:30:3c:aa:04:0f:12:5f:68:f3:dd:e6:2c:35:
d3:8e:02:d4:06:05:e5:4e:0a:44:a5:e6:59:ef:b8:
a6:f4:4d:9e:2c:2a:7e:20:28:c4:1b:db:d9:0e:d4:
d4:dd:f5:6b:d5:ad:f7:42:8e:5d:d6:03:27:36:45:
a0:d7:bf:92:77:08:11:55:b5:14:36:cb:fe:7a:3d:
1c:47:e9:91:9e:df:34:db:f2:b9:4b:f5:39:b9:09:
56:e1:69:16:c2:29:e5:8f:3b:04:30:f3:bf:7b:13:
35:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:96:F5:A5:99:49:EC:0A:9F:85:BA:4C:8E:07:4C:2A:56:8C:E1:F2
X509v3 Authority Key Identifier:
keyid:4D:D0:3A:58:6B:97:8A:70:AA:A8:2E:09:58:A9:01:52:E7:26:79:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TdA6WGuXinCqqC4JWKkBUucmedk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c9d523-0bb9-4573-9595-76a3a10a26f2/1/OJb1pZlJ7AqfhbpMjgdMKlaM4fI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c9d523-0bb9-4573-9595-76a3a10a26f2/1/TdA6WGuXinCqqC4JWKkBUucmedk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:e98::/48
2001:67c:1330::/48
Signature Algorithm: sha256WithRSAEncryption
a7:cf:f9:cd:38:31:cf:7a:e2:ec:be:6a:f6:88:71:46:6b:67:
83:46:df:ed:b8:1c:3b:60:2b:4d:f2:82:bb:43:1b:90:ac:59:
0d:b0:eb:00:8d:64:d0:f6:e4:fd:90:bd:39:e4:df:7d:a9:c8:
7c:b7:aa:01:1d:4b:49:e5:2c:68:33:0d:11:b0:51:5c:cc:b9:
b7:2d:ff:c1:10:02:31:71:0e:17:e8:9b:a2:0a:16:9f:55:6f:
94:94:71:1d:a5:d5:b2:05:9f:49:ee:b4:fd:d3:44:9e:4e:88:
f9:5f:ee:3c:7f:0f:27:cd:6e:29:a9:7d:f1:6f:f1:43:1f:24:
4f:6d:51:0a:cd:56:e9:f5:49:bc:27:76:c9:2d:f9:0d:9e:24:
9a:28:f5:6f:19:c0:fe:89:8b:93:28:f4:bd:f9:08:06:3b:29:
83:27:74:20:d2:28:98:98:17:0a:2a:38:c8:4d:1d:81:fc:9c:
76:7a:af:00:bc:5b:ac:ec:7d:20:74:17:b8:8f:45:ef:e3:88:
77:db:b1:23:c2:20:7c:5f:2c:6c:e9:5a:f0:89:3a:da:4c:cb:
a4:08:2e:b7:f4:0a:fc:cf:24:47:3a:fc:5d:d4:cf:0a:ea:cc:
7a:4c:05:6c:5c:9c:0f:18:77:57:82:ff:9b:99:3b:1f:83:bb:
3f:86:80:7c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY/P8Ul6cub90rM6OZCUmefSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZDAzYTU4NmI5NzhhNzBhYWE4MmUwOTU4YTkwMTUyZTcy
Njc5ZDkwHhcNMjQwNTMxMTgzNzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODk2ZjVhNTk5NDllYzBhOWY4NWJhNGM4ZTA3NGMyYTU2OGNlMWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvO9Tyx0SZyxYFjBbAhWXEkBlsEmf
d1TS0D4FrfUAnzC9lDGtQFpiZMmxEdP8DXTVTLMTU7Kityf2+xMFADCgY2YGAeZ1
PNYbOhWAUFVeKAQXiNtdiw18lkxOOK/8oGvWZU5Hrf5kJcLO/C2/dDP4Zfk0kNHv
WutZyYDcvtx3BQbx2wsbRQhvanr6Yk2CrVrZTzCp4sMLuDA8qgQPEl9o893mLDXT
jgLUBgXlTgpEpeZZ77im9E2eLCp+ICjEG9vZDtTU3fVr1a33Qo5d1gMnNkWg17+S
dwgRVbUUNsv+ej0cR+mRnt802/K5S/U5uQlW4WkWwinljzsEMPO/exM1KwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDiW9aWZSewKn4W6TI4HTCpWjOHyMB8GA1UdIwQY
MBaAFE3QOlhrl4pwqqguCVipAVLnJnnZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGRBNldHdVhpbkNxcUM0SldLa0JVdWNtZWRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9jOWQ1MjMtMGJiOS00NTczLTk1OTUt
NzZhM2ExMGEyNmYyLzEvT0piMXBabEo3QXFmaGJwTWpnZE1LbGFNNGZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9jOWQ1MjMtMGJiOS00NTczLTk1OTUtNzZhM2ExMGEyNmYy
LzEvVGRBNldHdVhpbkNxcUM0SldLa0JVdWNtZWRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAAjASAwcAIAEGfA6Y
AwcAIAEGfBMwMA0GCSqGSIb3DQEBCwUAA4IBAQCnz/nNODHPeuLsvmr2iHFGa2eD
Rt/tuBw7YCtN8oK7QxuQrFkNsOsAjWTQ9uT9kL055N99qch8t6oBHUtJ5SxoMw0R
sFFczLm3Lf/BEAIxcQ4X6JuiChafVW+UlHEdpdWyBZ9J7rT900SeToj5X+48fw8n
zW4pqX3xb/FDHyRPbVEKzVbp9Um8J3bJLfkNniSaKPVvGcD+iYuTKPS9+QgGOymD
J3Qg0iiYmBcKKjjITR2B/Jx2eq8AvFus7H0gdBe4j0Xv44h327EjwiB8Xyxs6Vrw
iTraTMukCC639Ar8zyRHOvxd1M8K6sx6TAVsXJwPGHdXgv+bmTsfg7s/hoB8
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:05:41 2024 by rpki-client on console-ams.rpki-client.org