Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OH-zebMJgl0Wpcu6vWQj-6Rat1Q.roa
File: OH-zebMJgl0Wpcu6vWQj-6Rat1Q.roa (raw, json)
Hash identifier: xyD8GjFZvdslZ1XMpJZ4nsY64o4SKBJ3DKHDgc4P6oY=
Subject key identifier: 38:7F:B3:79:B3:09:82:5D:16:A5:CB:BA:BD:64:23:FB:A4:5A:B7:54
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCD0EF620F7A6D32991DA7468040A2
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OH-zebMJgl0Wpcu6vWQj-6Rat1Q.roa
Signing time: Tue 02 Jan 2024 06:29:23 +0000
ROA not before: Tue 02 Jan 2024 06:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18097
IP address blocks: 176.125.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:d0:ef:62:0f:7a:6d:32:99:1d:a7:46:80:40:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=387fb379b309825d16a5cbbabd6423fba45ab754
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:8e:66:b1:06:33:3a:ba:56:d5:78:13:14:90:
02:51:83:a9:30:2f:f2:b5:b8:e4:be:4e:90:a2:94:
96:ba:87:60:73:4a:a0:fa:a0:27:74:c6:72:2e:ac:
68:84:b2:5f:b5:d0:62:0c:eb:fb:c9:1a:12:3c:57:
0f:d5:5d:d6:20:33:b0:55:14:bb:bb:d8:40:21:85:
5d:ec:50:c4:4d:a7:3d:27:4f:ef:b9:05:e3:00:3f:
1a:9d:0c:bb:a5:e6:5c:3c:e8:e3:a7:e0:41:e7:3e:
33:f8:45:bb:1e:5c:27:54:2c:13:68:f4:b4:1f:3d:
9a:64:b6:5b:7a:90:f0:0b:71:46:5e:33:38:ac:67:
23:3a:6d:88:ee:0d:9b:6d:31:5b:a2:76:d2:cd:89:
5a:6b:b0:7c:5c:b4:dc:b8:da:3b:a7:4b:5c:7d:57:
5d:46:23:37:ba:da:16:0f:be:b8:09:72:1e:02:8d:
66:12:b8:19:49:e1:7c:0d:2c:a0:6a:ba:c6:41:60:
68:25:ab:21:77:22:18:28:70:9d:c9:95:78:97:a8:
5e:9d:30:d7:36:d0:40:1b:55:5e:ef:fd:ad:44:1e:
3c:9c:b4:95:18:10:bd:0e:90:e5:4d:5e:63:8c:43:
d7:0f:01:77:8f:ea:b1:7c:e7:75:4f:f9:6d:74:76:
ad:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7F:B3:79:B3:09:82:5D:16:A5:CB:BA:BD:64:23:FB:A4:5A:B7:54
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/OH-zebMJgl0Wpcu6vWQj-6Rat1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.125.254.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:b1:32:3e:55:79:ba:86:c5:bf:2f:e0:80:6f:88:ba:e5:70:
53:d5:09:88:ff:8e:8b:51:3f:dc:3b:3a:e2:ab:3e:b7:e1:1b:
a4:11:a3:50:9d:48:57:b7:21:2c:32:56:10:f8:be:59:88:80:
38:aa:ae:f9:2d:f9:2f:f5:ff:7f:f7:c8:35:d8:5b:2a:8e:bd:
c7:ef:33:ed:2d:86:63:9a:92:ef:af:84:e8:46:81:bd:d8:cd:
97:42:48:f7:e8:63:93:6e:61:57:4b:dd:0d:e0:67:a8:69:a2:
07:fa:d5:84:86:cc:db:e7:d7:cb:4c:9f:ae:a7:97:2f:0f:20:
03:65:4e:1b:55:db:a2:a9:42:fb:4b:57:f0:c1:da:c6:83:bb:
4d:d0:76:a0:fe:4a:a1:ec:b0:b0:ca:e0:0e:9d:b8:69:b2:ef:
3b:86:d0:d5:93:63:d6:57:7a:9e:2a:f8:be:5a:d5:4a:b7:b8:
07:98:06:3c:85:76:4d:20:6a:5e:f1:f6:d5:f6:81:57:8d:30:
f8:62:fd:1f:61:16:cd:fd:6f:d5:d9:9f:09:8e:f6:d9:ec:ea:
8d:b6:55:7c:7a:de:34:6e:63:7b:43:af:14:dd:7a:75:8b:d6:
a2:0d:5f:2e:e9:57:36:c3:85:1e:5c:8b:6d:54:13:eb:44:7d:
40:e9:c8:21
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3NDvYg96bTKZHadGgECiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODdmYjM3OWIzMDk4MjVkMTZhNWNiYmFiZDY0MjNmYmE0NWFiNzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlY5msQYzOrpW1XgTFJACUYOpMC/y
tbjkvk6QopSWuodgc0qg+qAndMZyLqxohLJftdBiDOv7yRoSPFcP1V3WIDOwVRS7
u9hAIYVd7FDETac9J0/vuQXjAD8anQy7peZcPOjjp+BB5z4z+EW7HlwnVCwTaPS0
Hz2aZLZbepDwC3FGXjM4rGcjOm2I7g2bbTFbonbSzYlaa7B8XLTcuNo7p0tcfVdd
RiM3utoWD764CXIeAo1mErgZSeF8DSygarrGQWBoJashdyIYKHCdyZV4l6henTDX
NtBAG1Ve7/2tRB48nLSVGBC9DpDlTV5jjEPXDwF3j+qxfOd1T/ltdHatlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDh/s3mzCYJdFqXLur1kI/ukWrdUMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT0gtemViTUpnbDBXcGN1NnZXUWotNlJhdDFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsH3+MA0G
CSqGSIb3DQEBCwUAA4IBAQCssTI+VXm6hsW/L+CAb4i65XBT1QmI/46LUT/cOzri
qz634RukEaNQnUhXtyEsMlYQ+L5ZiIA4qq75Lfkv9f9/98g12Fsqjr3H7zPtLYZj
mpLvr4ToRoG92M2XQkj36GOTbmFXS90N4GeoaaIH+tWEhszb59fLTJ+up5cvDyAD
ZU4bVduiqUL7S1fwwdrGg7tN0Hag/kqh7LCwyuAOnbhpsu87htDVk2PWV3qeKvi+
WtVKt7gHmAY8hXZNIGpe8fbV9oFXjTD4Yv0fYRbN/W/V2Z8JjvbZ7OqNtlV8et40
bmN7Q68U3Xp1i9aiDV8u6Vc2w4UeXIttVBPrRH1A6cgh
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:58:06 2024 by rpki-client on console-ams.rpki-client.org