Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/OFGBjtlLbjhVrYDyzlSZz5dJf28.roa
File: OFGBjtlLbjhVrYDyzlSZz5dJf28.roa (raw, json)
Hash identifier: 2Tx1286kHpG1TJ1sK6OOU6+e8mPlkZMf3zX/C5tRPN0=
Subject key identifier: 38:51:81:8E:D9:4B:6E:38:55:AD:80:F2:CE:54:99:CF:97:49:7F:6F
Certificate issuer: /CN=5d59f490d3b69b22e1e27c326baf72311056ddb8
Certificate serial: 018CC7273AA2219D84E548F3D84A0F0E48A2
Authority key identifier: 5D:59:F4:90:D3:B6:9B:22:E1:E2:7C:32:6B:AF:72:31:10:56:DD:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XVn0kNO2myLh4nwya69yMRBW3bg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/OFGBjtlLbjhVrYDyzlSZz5dJf28.roa
Signing time: Mon 01 Jan 2024 22:31:26 +0000
ROA not before: Mon 01 Jan 2024 22:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39242
IP address blocks: 109.70.160.0/21 maxlen: 21
81.19.112.0/20 maxlen: 20
2a02:ef0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.mft
rsync://rpki.ripe.net/repository/DEFAULT/XVn0kNO2myLh4nwya69yMRBW3bg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:3a:a2:21:9d:84:e5:48:f3:d8:4a:0f:0e:48:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5d59f490d3b69b22e1e27c326baf72311056ddb8
Validity
Not Before: Jan 1 22:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3851818ed94b6e3855ad80f2ce5499cf97497f6f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:d3:4f:8f:2c:36:e7:a6:7f:b7:5e:ef:e7:ae:
98:a4:8b:59:f3:07:03:27:c9:17:ef:2b:03:b8:ae:
17:a5:76:fd:8a:aa:21:22:9a:4c:4f:f5:2d:46:3c:
38:cc:c0:67:ab:9a:be:dd:dd:f0:e4:a8:5f:20:70:
db:18:60:43:5a:62:21:ba:ab:d7:00:6b:be:8d:00:
81:11:c1:4b:84:9e:69:db:fb:44:6c:8c:04:75:ae:
bb:9c:a0:88:de:a8:29:f7:9b:91:28:4f:63:50:e7:
72:ba:39:c0:4c:d8:4c:96:b0:af:7d:e3:8b:e1:26:
87:5d:b5:d8:ee:cd:90:ca:4c:eb:16:f6:f1:94:24:
3f:52:cf:27:bc:f1:0b:bc:bd:d4:36:7d:49:d1:94:
3d:26:c5:ad:8c:14:f4:4f:44:9f:4c:79:e9:05:24:
1e:22:93:ab:80:8d:6f:de:be:24:8c:55:7d:66:ea:
11:4e:0e:f7:66:1e:86:33:bf:de:5e:e4:b7:90:a4:
30:f5:02:7a:f3:5f:a3:b0:d1:49:e1:5c:89:a1:18:
03:af:56:85:6e:9f:d5:57:82:55:85:d2:76:be:4b:
27:cf:74:85:cf:4a:eb:a0:da:d4:93:25:c2:38:17:
e2:a9:f4:a9:96:13:a0:2e:48:25:f4:38:87:70:ff:
82:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:51:81:8E:D9:4B:6E:38:55:AD:80:F2:CE:54:99:CF:97:49:7F:6F
X509v3 Authority Key Identifier:
keyid:5D:59:F4:90:D3:B6:9B:22:E1:E2:7C:32:6B:AF:72:31:10:56:DD:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XVn0kNO2myLh4nwya69yMRBW3bg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/OFGBjtlLbjhVrYDyzlSZz5dJf28.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/2aeb79-3582-4ebf-b19a-79348e8366bc/1/XVn0kNO2myLh4nwya69yMRBW3bg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.19.112.0/20
109.70.160.0/21
IPv6:
2a02:ef0::/32
Signature Algorithm: sha256WithRSAEncryption
56:9f:77:e5:9e:b6:87:73:8a:c0:66:f4:11:10:88:fd:0d:ba:
b3:86:2c:ce:42:68:14:7f:ca:e2:78:1f:46:90:1d:59:c9:9d:
a6:0a:99:4e:57:f5:47:22:c2:bb:c3:c7:a1:c4:84:16:53:98:
44:41:06:91:0e:1b:9f:68:c1:19:70:a7:93:03:78:a3:d2:c7:
9d:0b:0f:e4:b1:06:d6:6d:2f:5c:d3:57:bc:15:39:5f:af:e4:
09:ef:8d:c7:b6:27:af:ea:85:e9:d0:14:88:95:5f:ef:33:62:
0c:d7:5a:ea:2c:c4:26:62:8a:2a:e5:b6:4f:fb:72:95:2b:91:
4c:c7:49:51:d6:17:49:f9:da:0b:4b:3f:27:43:dd:91:b6:e4:
55:02:11:44:0a:b6:66:1d:9f:68:98:4e:3d:66:16:a8:4f:5e:
79:e8:52:f0:e8:b4:af:16:df:52:26:00:f2:c3:ea:9a:1f:7e:
0c:53:6c:1f:0e:e4:03:41:a8:a9:ff:fa:c8:e5:b8:c3:cf:48:
3c:2d:9a:05:12:6a:e0:37:9f:b8:8a:40:21:fe:aa:25:2e:63:
5b:5c:35:a2:3b:53:0a:db:c5:ac:26:d8:56:fb:9f:38:3d:57:
b0:d4:7f:48:d6:02:00:19:02:ee:f0:c1:da:88:28:4e:b3:ad:
e7:33:dd:96
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJzqiIZ2E5Ujz2EoPDkiiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkNTlmNDkwZDNiNjliMjJlMWUyN2MzMjZiYWY3MjMxMTA1
NmRkYjgwHhcNMjQwMTAxMjIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODUxODE4ZWQ5NGI2ZTM4NTVhZDgwZjJjZTU0OTljZjk3NDk3ZjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAudNPjyw256Z/t17v566YpItZ8wcD
J8kX7ysDuK4XpXb9iqohIppMT/UtRjw4zMBnq5q+3d3w5KhfIHDbGGBDWmIhuqvX
AGu+jQCBEcFLhJ5p2/tEbIwEda67nKCI3qgp95uRKE9jUOdyujnATNhMlrCvfeOL
4SaHXbXY7s2QykzrFvbxlCQ/Us8nvPELvL3UNn1J0ZQ9JsWtjBT0T0SfTHnpBSQe
IpOrgI1v3r4kjFV9ZuoRTg73Zh6GM7/eXuS3kKQw9QJ681+jsNFJ4VyJoRgDr1aF
bp/VV4JVhdJ2vksnz3SFz0rroNrUkyXCOBfiqfSplhOgLkgl9DiHcP+CLwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDhRgY7ZS244Va2A8s5Umc+XSX9vMB8GA1UdIwQY
MBaAFF1Z9JDTtpsi4eJ8MmuvcjEQVt24MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFZuMGtOTzJteUxoNG53eWE2OXlNUkJXM2JnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS8yYWViNzktMzU4Mi00ZWJmLWIxOWEt
NzkzNDhlODM2NmJjLzEvT0ZHQmp0bExiamhWcllEeXpsU1p6NWRKZjI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS8yYWViNzktMzU4Mi00ZWJmLWIxOWEtNzkzNDhlODM2NmJj
LzEvWFZuMGtOTzJteUxoNG53eWE2OXlNUkJXM2JnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEURNwAwQD
bUagMA0EAgACMAcDBQAqAg7wMA0GCSqGSIb3DQEBCwUAA4IBAQBWn3flnraHc4rA
ZvQREIj9DbqzhizOQmgUf8rieB9GkB1ZyZ2mCplOV/VHIsK7w8ehxIQWU5hEQQaR
DhufaMEZcKeTA3ij0sedCw/ksQbWbS9c01e8FTlfr+QJ743Htiev6oXp0BSIlV/v
M2IM11rqLMQmYooq5bZP+3KVK5FMx0lR1hdJ+doLSz8nQ92RtuRVAhFECrZmHZ9o
mE49ZhaoT1556FLw6LSvFt9SJgDyw+qaH34MU2wfDuQDQaip//rI5bjDz0g8LZoF
EmrgN5+4ikAh/qolLmNbXDWiO1MK28WsJthW+584PVew1H9I1gIAGQLu8MHaiChO
s63nM92W
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:34:11 2024 by rpki-client on console-ams.rpki-client.org