Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oapjgekOqiByr2q-v2wpbgLNhKA.roa
File: oapjgekOqiByr2q-v2wpbgLNhKA.roa (raw, json)
Hash identifier: kPZsOxeUKVHmnVkKNEmKuVSu5qQigMqC+CkbQugGuJw=
Subject key identifier: A1:AA:63:81:E9:0E:AA:20:72:AF:6A:BE:BF:6C:29:6E:02:CD:84:A0
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018F967B28B7EF7079DD6B629001FBF9CF37
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oapjgekOqiByr2q-v2wpbgLNhKA.roa
Signing time: Mon 20 May 2024 14:50:04 +0000
ROA not before: Mon 20 May 2024 14:50:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216068
IP address blocks: 147.45.176.0/24 maxlen: 24
147.45.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:96:7b:28:b7:ef:70:79:dd:6b:62:90:01:fb:f9:cf:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: May 20 14:50:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1aa6381e90eaa2072af6abebf6c296e02cd84a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:7a:3a:07:4d:6d:fd:36:74:40:f8:20:9c:41:
4d:13:d0:16:15:95:8d:8c:c0:63:66:b7:3d:d1:b1:
e8:ee:5d:77:5a:5d:f7:ee:68:4b:0b:de:e4:ee:d6:
45:ba:65:d6:17:2a:d9:70:f1:a8:7e:3a:cc:34:e4:
a7:03:b3:52:f5:31:d3:4d:dc:00:c7:f8:82:ab:8f:
4e:90:86:96:0f:01:f5:d3:66:6d:b7:60:26:3a:5b:
a0:7e:89:e4:c7:07:e5:1d:7a:63:a5:d7:e7:a9:cb:
3d:1d:95:6e:ae:4b:b3:db:84:7a:de:f8:23:dd:71:
12:2b:c5:8e:e0:5e:03:ca:7e:62:f1:23:71:7a:dc:
54:be:14:70:83:e8:15:e4:5d:fc:bd:de:75:f8:09:
d9:b2:68:d4:0d:7f:b9:34:7a:80:16:59:eb:33:84:
46:ab:66:51:29:9e:a7:44:06:6a:6a:d2:eb:cd:c3:
8f:33:c7:75:bc:69:b5:78:3a:20:63:1b:f8:2a:74:
32:77:74:e3:75:19:f0:c4:35:15:39:8c:e7:49:fe:
cc:a1:71:e9:44:a9:51:d4:99:50:c4:42:26:cc:04:
5c:66:3d:85:49:ce:c1:01:ad:86:e6:64:5b:6c:a7:
7d:5d:0d:67:c6:17:95:04:47:a2:ed:6b:c8:8a:be:
eb:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:AA:63:81:E9:0E:AA:20:72:AF:6A:BE:BF:6C:29:6E:02:CD:84:A0
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/oapjgekOqiByr2q-v2wpbgLNhKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.176.0/24
147.45.188.0/24
Signature Algorithm: sha256WithRSAEncryption
93:b3:77:34:78:e0:34:12:a8:05:4c:5e:70:ff:30:22:be:74:
39:60:ac:87:be:8c:80:9e:79:8e:d2:82:af:a9:ca:39:5c:ad:
91:ce:ef:f4:09:b9:f8:d3:9a:69:4f:fd:5a:36:38:bc:35:9a:
7b:8a:14:82:ca:76:ba:4b:27:50:86:e8:b9:97:e0:e0:49:fc:
f8:72:5b:f2:3d:95:ac:d1:0a:9d:18:40:e0:35:7d:e0:59:0f:
4f:0e:85:38:62:0a:30:95:8b:6e:3b:0a:05:4a:e4:22:7a:b9:
b9:25:f2:06:37:ce:0a:90:0a:03:17:6a:92:b0:28:1b:5a:48:
d9:49:a2:30:4f:5e:45:b5:92:cc:98:8b:58:4c:1b:b9:04:52:
18:1f:f3:08:ff:ae:5b:a4:40:1b:b9:22:ee:6a:93:2c:85:47:
38:ea:77:fe:87:29:82:2c:22:92:39:61:dd:60:dd:2e:16:fe:
0d:ea:36:5a:5a:39:e9:56:75:c6:50:21:44:a3:a2:aa:fb:59:
a5:2e:07:26:5b:fc:68:07:b5:bb:21:62:8d:cb:9e:7d:49:9a:
94:c6:8b:28:99:2e:3d:a0:43:44:04:1f:e8:92:49:da:f0:c7:
74:5b:60:45:f5:74:51:ec:f8:10:32:4a:a4:d2:4e:a4:78:eb:
ee:6f:ea:eb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY+Weyi373B53WtikAH7+c83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNTIwMTQ1MDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWFhNjM4MWU5MGVhYTIwNzJhZjZhYmViZjZjMjk2ZTAyY2Q4NGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA13o6B01t/TZ0QPggnEFNE9AWFZWN
jMBjZrc90bHo7l13Wl337mhLC97k7tZFumXWFyrZcPGofjrMNOSnA7NS9THTTdwA
x/iCq49OkIaWDwH102Ztt2AmOlugfonkxwflHXpjpdfnqcs9HZVurkuz24R63vgj
3XESK8WO4F4Dyn5i8SNxetxUvhRwg+gV5F38vd51+AnZsmjUDX+5NHqAFlnrM4RG
q2ZRKZ6nRAZqatLrzcOPM8d1vGm1eDogYxv4KnQyd3TjdRnwxDUVOYznSf7MoXHp
RKlR1JlQxEImzARcZj2FSc7BAa2G5mRbbKd9XQ1nxheVBEei7WvIir7r9wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKGqY4HpDqogcq9qvr9sKW4CzYSgMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvb2Fwamdla09xaUJ5cjJxLXYyd3BiZ0xOaEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAky2wAwQA
ky28MA0GCSqGSIb3DQEBCwUAA4IBAQCTs3c0eOA0EqgFTF5w/zAivnQ5YKyHvoyA
nnmO0oKvqco5XK2Rzu/0Cbn405ppT/1aNji8NZp7ihSCyna6SydQhui5l+DgSfz4
clvyPZWs0QqdGEDgNX3gWQ9PDoU4YgowlYtuOwoFSuQierm5JfIGN84KkAoDF2qS
sCgbWkjZSaIwT15FtZLMmItYTBu5BFIYH/MI/65bpEAbuSLuapMshUc46nf+hymC
LCKSOWHdYN0uFv4N6jZaWjnpVnXGUCFEo6Kq+1mlLgcmW/xoB7W7IWKNy559SZqU
xosomS49oENEBB/okkna8Md0W2BF9XRR7PgQMkqk0k6keOvub+rr
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:32:09 2024 by rpki-client on console-ams.rpki-client.org