Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/OVcwLzmEoq7QAL7yFFIHm__VAaQ.roa
File: OVcwLzmEoq7QAL7yFFIHm__VAaQ.roa (raw, json)
Hash identifier: 4KssxDPsEYHWQkjwfg8GRg5pUfld+uJPm/ZFcZ/8DJE=
Subject key identifier: 39:57:30:2F:39:84:A2:AE:D0:00:BE:F2:14:52:07:9B:FF:D5:01:A4
Certificate issuer: /CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Certificate serial: 0190641C5F5F9F549FF0668FD833E3464F83
Authority key identifier: 60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/OVcwLzmEoq7QAL7yFFIHm__VAaQ.roa
Signing time: Sat 29 Jun 2024 13:08:19 +0000
ROA not before: Sat 29 Jun 2024 13:08:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50269
IP address blocks: 109.95.64.0/21 maxlen: 21
109.95.64.0/24 maxlen: 24
109.95.66.0/24 maxlen: 24
109.95.67.0/24 maxlen: 24
109.95.69.0/24 maxlen: 24
109.95.70.0/24 maxlen: 24
109.95.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.mft
rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:64:1c:5f:5f:9f:54:9f:f0:66:8f:d8:33:e3:46:4f:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ebd4f7ac3d24920de1c1ff1185d9507e9ad078
Validity
Not Before: Jun 29 13:08:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3957302f3984a2aed000bef21452079bffd501a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:e5:63:a4:26:64:95:bf:e5:de:a3:28:57:4a:
c2:11:5d:34:c1:bf:fe:ad:de:c3:fb:c4:c7:69:55:
45:24:14:0e:7a:09:aa:5a:b8:3e:58:66:6c:02:de:
42:d8:b9:0e:b7:b7:ce:c7:6a:c9:f3:ff:f3:eb:13:
fd:6a:52:07:d8:8d:c5:86:80:a2:76:3d:85:4b:18:
6b:51:46:ba:fa:7d:c6:3e:b2:7d:69:c6:ed:a1:b2:
78:b3:65:23:2a:06:c9:bd:a7:7c:a0:3b:5c:21:79:
e4:58:aa:25:73:72:ef:6e:9a:57:18:fb:0e:0d:c6:
80:af:f7:5d:43:99:2a:af:78:49:12:a1:20:23:1f:
16:86:9e:29:7b:b5:85:01:21:f1:14:73:ce:26:4f:
45:e7:30:38:98:42:91:4a:bb:d3:74:c7:1c:8c:97:
63:d0:5a:6a:95:24:54:82:16:5f:be:3b:4d:a9:24:
ea:65:6a:8f:3d:b1:3d:c8:3a:4c:a9:8b:be:e5:73:
38:e9:22:8f:92:e1:16:90:20:cc:7e:38:ff:89:05:
84:cb:21:6e:53:2f:46:e6:58:04:1e:db:67:d7:62:
da:d9:63:9b:0c:7e:ab:20:c7:22:b2:f7:3e:eb:59:
50:fe:61:d7:d4:4b:50:cc:90:14:14:30:06:12:f1:
b7:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:57:30:2F:39:84:A2:AE:D0:00:BE:F2:14:52:07:9B:FF:D5:01:A4
X509v3 Authority Key Identifier:
keyid:60:EB:D4:F7:AC:3D:24:92:0D:E1:C1:FF:11:85:D9:50:7E:9A:D0:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOvU96w9JJIN4cH_EYXZUH6a0Hg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/OVcwLzmEoq7QAL7yFFIHm__VAaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/905378-228a-41b4-bce8-87d3b023d919/1/YOvU96w9JJIN4cH_EYXZUH6a0Hg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.95.64.0/21
Signature Algorithm: sha256WithRSAEncryption
d3:15:96:78:3a:7f:64:53:e5:af:e0:dc:f6:c3:37:bc:cd:e3:
85:5b:a3:ab:97:26:8b:63:a6:95:38:30:2b:7d:f2:97:ec:5d:
65:65:af:4f:4f:96:3a:bf:18:d0:18:e5:0f:da:e6:b4:4a:0c:
0b:56:a7:3f:db:f8:66:67:8a:fe:c4:6e:a1:1f:ca:1d:6a:f5:
49:e3:44:a7:50:ff:42:09:1c:ca:69:ec:13:a1:85:7c:66:8b:
26:31:9d:a4:bb:92:c3:82:06:a3:57:10:b3:8f:fd:bd:ec:17:
e3:23:0f:a2:d0:ef:64:5f:6d:5e:09:cd:64:57:a4:61:91:6e:
89:c7:8a:77:2e:19:9b:d6:ec:40:cc:7a:11:3b:91:12:7c:7c:
5d:f4:5d:52:0e:0d:51:fe:d8:c8:26:dc:20:ac:0c:c1:27:35:
9d:08:c8:b3:b6:21:69:cd:33:44:b6:03:33:b2:3e:1b:ea:0d:
09:ca:05:6d:09:8b:07:72:70:b1:d4:23:7d:92:f6:71:72:2b:
45:85:65:e7:8e:76:33:fd:06:9a:93:9f:31:24:28:9d:00:e6:
d4:f0:7c:c2:18:7f:84:85:86:4b:01:d7:49:49:5f:3b:e3:ad:
b3:ca:f5:5b:ed:26:8d:81:62:ce:34:6b:c7:35:ca:7d:88:89:
f0:42:e0:3e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZBkHF9fn1Sf8GaP2DPjRk+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWJkNGY3YWMzZDI0OTIwZGUxYzFmZjExODVkOTUwN2U5
YWQwNzgwHhcNMjQwNjI5MTMwODE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTU3MzAyZjM5ODRhMmFlZDAwMGJlZjIxNDUyMDc5YmZmZDUwMWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm+VjpCZklb/l3qMoV0rCEV00wb/+
rd7D+8THaVVFJBQOegmqWrg+WGZsAt5C2LkOt7fOx2rJ8//z6xP9alIH2I3FhoCi
dj2FSxhrUUa6+n3GPrJ9acbtobJ4s2UjKgbJvad8oDtcIXnkWKolc3LvbppXGPsO
DcaAr/ddQ5kqr3hJEqEgIx8Whp4pe7WFASHxFHPOJk9F5zA4mEKRSrvTdMccjJdj
0FpqlSRUghZfvjtNqSTqZWqPPbE9yDpMqYu+5XM46SKPkuEWkCDMfjj/iQWEyyFu
Uy9G5lgEHttn12La2WObDH6rIMcisvc+61lQ/mHX1EtQzJAUFDAGEvG3UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDlXMC85hKKu0AC+8hRSB5v/1QGkMB8GA1UdIwQY
MBaAFGDr1PesPSSSDeHB/xGF2VB+mtB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgt
ODdkM2IwMjNkOTE5LzEvT1Zjd0x6bUVvcTdRQUw3eUZGSUhtX19WQWFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi85MDUzNzgtMjI4YS00MWI0LWJjZTgtODdkM2IwMjNkOTE5
LzEvWU92VTk2dzlKSklONGNIX0VZWFpVSDZhMEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDbV9AMA0G
CSqGSIb3DQEBCwUAA4IBAQDTFZZ4On9kU+Wv4Nz2wze8zeOFW6OrlyaLY6aVODAr
ffKX7F1lZa9PT5Y6vxjQGOUP2ua0SgwLVqc/2/hmZ4r+xG6hH8odavVJ40SnUP9C
CRzKaewToYV8ZosmMZ2ku5LDggajVxCzj/297BfjIw+i0O9kX21eCc1kV6RhkW6J
x4p3Lhmb1uxAzHoRO5ESfHxd9F1SDg1R/tjIJtwgrAzBJzWdCMiztiFpzTNEtgMz
sj4b6g0JygVtCYsHcnCx1CN9kvZxcitFhWXnjnYz/Qaak58xJCidAObU8HzCGH+E
hYZLAddJSV87462zyvVb7SaNgWLONGvHNcp9iInwQuA+
-----END CERTIFICATE-----
Generated at Sat Sep 28 10:33:54 2024 by rpki-client on console-ams.rpki-client.org