Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/f1d703-ff9a-44b1-8e65-66ca57f74e0d/1/OfuUNlS-AmESuUlKo4vUnk68svA.roa
File: OfuUNlS-AmESuUlKo4vUnk68svA.roa (raw, json)
Hash identifier: WHi7XKkNazIPOxFnwjSUnhJtsEkdbd/xU2gxk6Nzmwg=
Subject key identifier: 39:FB:94:36:54:BE:02:61:12:B9:49:4A:A3:8B:D4:9E:4E:BC:B2:F0
Certificate issuer: /CN=6f4232c19d0a7f7ed769c4715421e6cc18bdb640
Certificate serial: 018CC3B68C0B8BA2BB99A702349F8E8FC82E
Authority key identifier: 6F:42:32:C1:9D:0A:7F:7E:D7:69:C4:71:54:21:E6:CC:18:BD:B6:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b0IywZ0Kf37XacRxVCHmzBi9tkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/f1d703-ff9a-44b1-8e65-66ca57f74e0d/1/OfuUNlS-AmESuUlKo4vUnk68svA.roa
Signing time: Mon 01 Jan 2024 06:29:29 +0000
ROA not before: Mon 01 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 185.38.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/f1d703-ff9a-44b1-8e65-66ca57f74e0d/1/b0IywZ0Kf37XacRxVCHmzBi9tkA.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/f1d703-ff9a-44b1-8e65-66ca57f74e0d/1/b0IywZ0Kf37XacRxVCHmzBi9tkA.mft
rsync://rpki.ripe.net/repository/DEFAULT/b0IywZ0Kf37XacRxVCHmzBi9tkA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8c:0b:8b:a2:bb:99:a7:02:34:9f:8e:8f:c8:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f4232c19d0a7f7ed769c4715421e6cc18bdb640
Validity
Not Before: Jan 1 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39fb943654be026112b9494aa38bd49e4ebcb2f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:dc:9b:e4:7b:a2:72:b0:bb:4b:0a:c9:a9:a0:
e0:c8:5c:65:ab:4e:19:b9:8b:e5:fa:26:ca:90:0e:
08:13:50:33:a9:fc:8e:96:d6:cd:fc:e9:d9:46:29:
86:55:40:34:55:1d:25:a2:dd:87:f5:85:c0:9c:19:
2c:a7:42:91:a8:fa:41:1b:f2:80:b5:1b:3c:3d:0f:
2c:ba:8a:19:01:65:54:a1:42:41:e0:78:fc:8c:c4:
36:0b:67:6b:a7:80:e7:95:86:a1:55:90:6a:be:bc:
78:e0:0b:c1:b2:17:27:cd:57:b2:ff:f9:20:ac:36:
59:31:33:5c:e4:56:c9:be:7b:ab:7e:37:ec:4d:5b:
1b:87:b8:e3:d8:e4:ba:da:44:3a:7f:01:e0:7c:86:
e1:38:2a:24:21:1f:8e:e8:d2:f8:cf:e4:3a:2a:7e:
48:f2:a4:40:8e:d4:96:38:68:62:09:af:a3:ac:ce:
b2:6a:ab:a3:1b:ba:68:26:3f:16:90:8f:e2:9c:1b:
80:8d:15:fd:f3:a3:77:f6:5c:81:5f:91:15:aa:ac:
b5:6d:bd:97:c2:41:d6:63:2a:49:5d:a5:04:bc:d6:
2c:fd:4b:04:be:cf:af:2b:3b:e3:ce:40:f7:4b:78:
0e:00:b0:0d:0e:78:a4:47:93:af:ad:88:06:28:d7:
6a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:FB:94:36:54:BE:02:61:12:B9:49:4A:A3:8B:D4:9E:4E:BC:B2:F0
X509v3 Authority Key Identifier:
keyid:6F:42:32:C1:9D:0A:7F:7E:D7:69:C4:71:54:21:E6:CC:18:BD:B6:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0IywZ0Kf37XacRxVCHmzBi9tkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f1d703-ff9a-44b1-8e65-66ca57f74e0d/1/OfuUNlS-AmESuUlKo4vUnk68svA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/f1d703-ff9a-44b1-8e65-66ca57f74e0d/1/b0IywZ0Kf37XacRxVCHmzBi9tkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.134.0/24
Signature Algorithm: sha256WithRSAEncryption
08:b8:4a:c6:0e:65:fb:66:3f:a4:84:ea:a4:8c:3c:ef:5c:82:
8f:6e:64:77:c5:63:98:f6:dd:0c:09:b9:95:1d:73:18:07:0e:
ca:eb:d9:b1:04:ca:c0:56:25:ee:c0:4f:64:e6:30:9d:86:a0:
ce:90:63:b1:c3:38:5e:d5:cf:91:3b:68:9d:e7:cd:9a:05:f9:
fc:84:90:6f:b4:db:2d:a6:cc:a6:9a:89:cd:d4:ee:82:c4:0e:
6f:17:6d:7c:df:e0:fc:82:8c:23:2b:2e:7e:3d:5e:d0:1c:f7:
17:c6:c9:34:61:55:55:bf:53:b3:25:21:79:91:0a:c9:2f:06:
3f:41:1c:df:ef:54:9e:45:02:64:30:dc:27:67:a2:2d:6d:71:
7e:79:14:75:4b:6e:ac:74:83:42:4c:d0:3c:2b:29:25:5c:05:
e9:fd:12:a6:d0:a3:ce:cb:41:5d:55:e5:8f:5a:ae:5f:44:e2:
9f:f8:ca:5e:10:a1:49:13:66:b0:46:36:b3:d7:9c:a0:f9:e3:
74:0c:e7:7f:5f:cc:38:6e:7c:5b:bb:c2:74:70:34:5f:a0:41:
2a:2a:7d:ff:da:b8:31:81:a1:ba:e8:99:22:a5:8f:1c:1d:d9:
af:cd:45:0c:7c:fa:b0:78:47:c5:fb:63:14:eb:cc:08:d8:24:
2d:4e:90:33
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtowLi6K7macCNJ+Oj8guMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNDIzMmMxOWQwYTdmN2VkNzY5YzQ3MTU0MjFlNmNjMThi
ZGI2NDAwHhcNMjQwMTAxMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWZiOTQzNjU0YmUwMjYxMTJiOTQ5NGFhMzhiZDQ5ZTRlYmNiMmYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNyb5HuicrC7SwrJqaDgyFxlq04Z
uYvl+ibKkA4IE1AzqfyOltbN/OnZRimGVUA0VR0lot2H9YXAnBksp0KRqPpBG/KA
tRs8PQ8suooZAWVUoUJB4Hj8jMQ2C2drp4DnlYahVZBqvrx44AvBshcnzVey//kg
rDZZMTNc5FbJvnurfjfsTVsbh7jj2OS62kQ6fwHgfIbhOCokIR+O6NL4z+Q6Kn5I
8qRAjtSWOGhiCa+jrM6yaqujG7poJj8WkI/inBuAjRX986N39lyBX5EVqqy1bb2X
wkHWYypJXaUEvNYs/UsEvs+vKzvjzkD3S3gOALANDnikR5OvrYgGKNdqmQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDn7lDZUvgJhErlJSqOL1J5OvLLwMB8GA1UdIwQY
MBaAFG9CMsGdCn9+12nEcVQh5swYvbZAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjBJeXdaMEtmMzdYYWNSeFZDSG16Qmk5dGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS9mMWQ3MDMtZmY5YS00NGIxLThlNjUt
NjZjYTU3Zjc0ZTBkLzEvT2Z1VU5sUy1BbUVTdVVsS280dlVuazY4c3ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS9mMWQ3MDMtZmY5YS00NGIxLThlNjUtNjZjYTU3Zjc0ZTBk
LzEvYjBJeXdaMEtmMzdYYWNSeFZDSG16Qmk5dGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuSaGMA0G
CSqGSIb3DQEBCwUAA4IBAQAIuErGDmX7Zj+khOqkjDzvXIKPbmR3xWOY9t0MCbmV
HXMYBw7K69mxBMrAViXuwE9k5jCdhqDOkGOxwzhe1c+RO2id582aBfn8hJBvtNst
psymmonN1O6CxA5vF2183+D8gowjKy5+PV7QHPcXxsk0YVVVv1OzJSF5kQrJLwY/
QRzf71SeRQJkMNwnZ6ItbXF+eRR1S26sdINCTNA8KyklXAXp/RKm0KPOy0FdVeWP
Wq5fROKf+MpeEKFJE2awRjaz15yg+eN0DOd/X8w4bnxbu8J0cDRfoEEqKn3/2rgx
gaG66JkipY8cHdmvzUUMfPqweEfF+2MU68wI2CQtTpAz
-----END CERTIFICATE-----
Generated at Thu May 2 08:08:33 2024 by rpki-client on console-ams.rpki-client.org