Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/OgIdxk6GslVlDbMHpIULE7ALTsY.roa
File: OgIdxk6GslVlDbMHpIULE7ALTsY.roa (raw, json)
Hash identifier: XYfrqmQ+runluozRN5WGsTswfZXTk7AL0YYKC9kqxoo=
Subject key identifier: 3A:02:1D:C6:4E:86:B2:55:65:0D:B3:07:A4:85:0B:13:B0:0B:4E:C6
Certificate issuer: /CN=a3eceac8125534a57947962db28903fad7ac3af9
Certificate serial: 018CC5DD0787A659D6C8ACA958080FF3CDE9
Authority key identifier: A3:EC:EA:C8:12:55:34:A5:79:47:96:2D:B2:89:03:FA:D7:AC:3A:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/OgIdxk6GslVlDbMHpIULE7ALTsY.roa
Signing time: Mon 01 Jan 2024 16:30:46 +0000
ROA not before: Mon 01 Jan 2024 16:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199520
IP address blocks: 91.226.40.0/23 maxlen: 24
91.224.246.0/23 maxlen: 24
2a0c:9e80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:07:87:a6:59:d6:c8:ac:a9:58:08:0f:f3:cd:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3eceac8125534a57947962db28903fad7ac3af9
Validity
Not Before: Jan 1 16:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a021dc64e86b255650db307a4850b13b00b4ec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:fa:06:05:6b:f3:d6:af:af:08:ff:65:64:f8:
dd:19:ee:c7:36:60:87:d5:a2:b4:73:ab:e8:9f:dd:
44:40:53:68:c3:3f:ee:52:d1:a4:b0:26:ea:27:f1:
a8:17:49:ec:5f:9e:b0:e5:7d:00:36:92:9b:c4:f3:
33:ad:c1:cb:07:c9:29:d2:65:39:98:8d:aa:4b:62:
59:46:b9:15:41:83:8f:c9:fb:74:ac:c8:6d:56:4e:
61:5b:33:06:7f:16:d6:db:71:0e:f0:33:57:f3:a2:
5f:db:79:12:bf:1b:67:56:86:18:d0:09:86:34:6e:
1c:a1:92:62:f4:08:60:00:66:fe:4b:b4:f3:f7:19:
43:6f:ae:1a:2a:2e:fa:ee:c6:be:12:98:bf:28:e2:
dd:55:9c:34:14:e7:c6:a1:28:fa:90:d3:3b:3c:62:
08:47:35:72:cd:84:e5:ca:7f:6c:0f:1c:03:f1:e1:
09:ba:5b:47:e5:86:da:a7:69:6e:f6:3d:8d:16:98:
ec:e1:cb:27:da:d7:c6:de:52:74:74:91:ff:35:c9:
32:2d:7c:77:50:00:f1:69:29:da:76:b0:b8:15:6b:
c7:35:8b:3f:1d:a3:7c:84:44:4d:be:be:63:8e:0f:
76:a0:4e:6d:23:b4:01:11:fe:d3:63:55:3f:55:58:
37:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:02:1D:C6:4E:86:B2:55:65:0D:B3:07:A4:85:0B:13:B0:0B:4E:C6
X509v3 Authority Key Identifier:
keyid:A3:EC:EA:C8:12:55:34:A5:79:47:96:2D:B2:89:03:FA:D7:AC:3A:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-zqyBJVNKV5R5YtsokD-tesOvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/OgIdxk6GslVlDbMHpIULE7ALTsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/d91187-7545-41e7-9894-a9bd5e410aed/1/o-zqyBJVNKV5R5YtsokD-tesOvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.246.0/23
91.226.40.0/23
IPv6:
2a0c:9e80::/32
Signature Algorithm: sha256WithRSAEncryption
46:51:5a:9a:c1:c4:0b:d6:8a:f5:17:e9:b0:04:85:b6:2f:54:
f3:43:2b:4b:45:38:34:71:5b:2b:4e:da:cb:4e:c3:c3:f3:cf:
cb:6f:a2:a2:fd:28:02:44:10:83:cb:46:9c:72:68:40:6e:5b:
df:e0:2e:aa:bd:d9:75:f7:5b:28:de:b9:5a:e7:0e:d8:12:fe:
4e:41:3e:21:a3:0f:8c:56:ae:7c:a3:e9:70:61:8c:71:0c:8c:
59:40:55:f3:24:db:a8:3d:52:84:2d:e0:42:34:2c:e5:c3:3d:
08:e4:67:de:92:1a:45:98:91:2f:5d:56:6c:8c:1f:95:54:8e:
cb:3b:7e:83:bc:20:5e:c9:f2:a5:d4:de:26:4a:2d:06:b4:e2:
bd:a2:e5:d8:e8:bd:c3:4e:a6:5c:6e:3c:9f:53:d1:98:be:48:
1a:a2:fd:97:a5:3d:3d:dc:ad:4e:08:e0:57:a0:e2:ea:ce:c8:
f0:94:97:3f:b3:ae:32:c9:b5:f3:3c:ba:79:d8:c6:4c:50:2c:
56:ca:bd:c5:2b:bf:50:07:3f:45:5d:d2:3f:db:35:d4:ca:d8:
71:97:d1:12:a9:d0:af:ac:02:38:00:12:aa:82:14:00:c3:56:
69:bb:f2:93:66:a2:ff:1e:c7:90:a5:26:0b:9d:a4:23:09:58:
80:12:c0:99
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzF3QeHplnWyKypWAgP883pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZWNlYWM4MTI1NTM0YTU3OTQ3OTYyZGIyODkwM2ZhZDdh
YzNhZjkwHhcNMjQwMTAxMTYzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTAyMWRjNjRlODZiMjU1NjUwZGIzMDdhNDg1MGIxM2IwMGI0ZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifoGBWvz1q+vCP9lZPjdGe7HNmCH
1aK0c6von91EQFNowz/uUtGksCbqJ/GoF0nsX56w5X0ANpKbxPMzrcHLB8kp0mU5
mI2qS2JZRrkVQYOPyft0rMhtVk5hWzMGfxbW23EO8DNX86Jf23kSvxtnVoYY0AmG
NG4coZJi9AhgAGb+S7Tz9xlDb64aKi767sa+Epi/KOLdVZw0FOfGoSj6kNM7PGII
RzVyzYTlyn9sDxwD8eEJultH5Ybap2lu9j2NFpjs4csn2tfG3lJ0dJH/NckyLXx3
UADxaSnadrC4FWvHNYs/HaN8hERNvr5jjg92oE5tI7QBEf7TY1U/VVg35QIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDoCHcZOhrJVZQ2zB6SFCxOwC07GMB8GA1UdIwQY
MBaAFKPs6sgSVTSleUeWLbKJA/rXrDr5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby16cXlCSlZOS1Y1UjVZdHNva0QtdGVzT3ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC9kOTExODctNzU0NS00MWU3LTk4OTQt
YTliZDVlNDEwYWVkLzEvT2dJZHhrNkdzbFZsRGJNSHBJVUxFN0FMVHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC9kOTExODctNzU0NS00MWU3LTk4OTQtYTliZDVlNDEwYWVk
LzEvby16cXlCSlZOS1Y1UjVZdHNva0QtdGVzT3ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBW+D2AwQB
W+IoMA0EAgACMAcDBQAqDJ6AMA0GCSqGSIb3DQEBCwUAA4IBAQBGUVqawcQL1or1
F+mwBIW2L1TzQytLRTg0cVsrTtrLTsPD88/Lb6Ki/SgCRBCDy0accmhAblvf4C6q
vdl191so3rla5w7YEv5OQT4how+MVq58o+lwYYxxDIxZQFXzJNuoPVKELeBCNCzl
wz0I5GfekhpFmJEvXVZsjB+VVI7LO36DvCBeyfKl1N4mSi0GtOK9ouXY6L3DTqZc
bjyfU9GYvkgaov2XpT093K1OCOBXoOLqzsjwlJc/s64yybXzPLp52MZMUCxWyr3F
K79QBz9FXdI/2zXUythxl9ESqdCvrAI4ABKqghQAw1Zpu/KTZqL/HseQpSYLnaQj
CViAEsCZ
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:52:31 2024 by rpki-client on console-ams.rpki-client.org