Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/ccc808-14bb-494d-99c8-2f11a651962b/1/OcZ9Lx3ilW0G0iBcnP8Kz2enop8.roa
File: OcZ9Lx3ilW0G0iBcnP8Kz2enop8.roa (raw, json)
Hash identifier: vIpcsd/YHQtGM7MjNNdWBRKVny8rC1bGWBYB43IzRZc=
Subject key identifier: 39:C6:7D:2F:1D:E2:95:6D:06:D2:20:5C:9C:FF:0A:CF:67:A7:A2:9F
Certificate issuer: /CN=2dc9cb5302d8d13fe91e80f5cbd1fbacbc014827
Certificate serial: 018CC56E0A55423BE8B84AB84DC1BC9310E3
Authority key identifier: 2D:C9:CB:53:02:D8:D1:3F:E9:1E:80:F5:CB:D1:FB:AC:BC:01:48:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LcnLUwLY0T_pHoD1y9H7rLwBSCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/ccc808-14bb-494d-99c8-2f11a651962b/1/OcZ9Lx3ilW0G0iBcnP8Kz2enop8.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41242
IP address blocks: 81.31.48.0/20 maxlen: 20
193.142.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/ccc808-14bb-494d-99c8-2f11a651962b/1/LcnLUwLY0T_pHoD1y9H7rLwBSCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/ccc808-14bb-494d-99c8-2f11a651962b/1/LcnLUwLY0T_pHoD1y9H7rLwBSCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/LcnLUwLY0T_pHoD1y9H7rLwBSCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0a:55:42:3b:e8:b8:4a:b8:4d:c1:bc:93:10:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dc9cb5302d8d13fe91e80f5cbd1fbacbc014827
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39c67d2f1de2956d06d2205c9cff0acf67a7a29f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:d8:47:f0:d4:58:a6:8c:1e:ca:89:b0:84:40:
7a:36:dc:13:f2:fd:cf:5b:4c:8e:bc:bd:92:db:63:
08:f9:fc:b2:b4:41:0c:ca:81:b7:4d:33:4e:24:97:
55:d6:43:98:cb:ed:18:5c:15:7c:9e:51:ec:82:4d:
33:68:43:a1:19:ce:48:b7:f5:09:26:9e:c2:7f:e8:
1d:e2:cf:30:94:e9:94:8e:8c:79:d0:05:63:e0:43:
53:f2:ca:2d:ac:b8:f7:09:4b:0f:88:98:27:d9:6b:
7b:14:22:68:18:98:5a:26:d0:04:ce:e8:23:bc:89:
50:aa:be:97:fd:cc:7c:39:a8:39:60:a9:d0:a9:c6:
29:39:aa:33:56:6b:cc:34:4a:5f:a9:4c:ae:d8:89:
ba:6c:e7:a6:4b:4e:5e:3f:18:f9:3d:ad:98:26:18:
bb:4a:a5:11:ca:49:e8:a1:33:4c:27:4b:98:68:38:
fa:cc:29:f2:21:a0:8a:9e:d5:15:f0:c3:50:ff:dd:
35:49:0a:6a:ce:72:ec:26:63:e8:0a:92:49:89:96:
2d:b8:9e:77:c3:19:41:f9:30:f3:47:98:3d:9f:32:
26:49:03:43:82:8e:07:e5:11:5e:cd:ac:7d:34:d7:
6a:4d:8d:3a:63:be:0a:45:a8:1e:d7:6f:bc:f3:64:
fd:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C6:7D:2F:1D:E2:95:6D:06:D2:20:5C:9C:FF:0A:CF:67:A7:A2:9F
X509v3 Authority Key Identifier:
keyid:2D:C9:CB:53:02:D8:D1:3F:E9:1E:80:F5:CB:D1:FB:AC:BC:01:48:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LcnLUwLY0T_pHoD1y9H7rLwBSCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ccc808-14bb-494d-99c8-2f11a651962b/1/OcZ9Lx3ilW0G0iBcnP8Kz2enop8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/ccc808-14bb-494d-99c8-2f11a651962b/1/LcnLUwLY0T_pHoD1y9H7rLwBSCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.31.48.0/20
193.142.121.0/24
Signature Algorithm: sha256WithRSAEncryption
89:b3:06:5d:b6:ba:f3:0d:ce:33:48:9a:d6:0a:77:bc:b3:f1:
05:a3:23:3d:b9:60:b4:12:28:88:a6:17:ff:04:9c:e4:c6:b1:
72:94:6a:ad:70:75:81:87:36:f1:4a:32:dc:92:ce:18:fd:a1:
af:87:2c:b3:2f:4e:67:42:22:02:4c:45:bc:f8:d5:b9:11:84:
0f:4b:91:3b:3b:f7:f3:7f:34:30:94:be:1c:a1:55:48:a4:7a:
52:48:7d:3f:e7:2d:35:00:d6:7d:4a:d5:3c:cd:d5:19:24:3f:
cb:3a:73:ef:09:2a:c5:be:24:8c:a5:6e:de:8f:1a:8c:63:f0:
69:e4:8b:6c:3c:af:ab:88:c1:f9:e2:c1:5c:5c:ba:ff:43:b1:
9e:71:66:0d:a1:8f:08:fd:01:c2:68:1b:61:70:7b:be:37:f3:
09:e1:94:1a:68:45:e5:7a:19:8f:2b:12:20:07:07:54:a9:3e:
97:22:5f:37:09:bd:e0:95:8b:93:4b:d9:eb:e6:7c:9b:ad:93:
6c:da:85:ad:9c:ce:8c:14:9f:a8:1a:64:87:b7:cd:3c:33:cf:
38:f5:32:92:0e:f0:cb:b4:a6:91:60:9c:a6:a7:46:04:6d:da:
23:41:59:42:b4:08:cd:98:b1:43:77:ab:be:04:9c:97:99:c0:
3b:e2:3a:50
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbgpVQjvouEq4TcG8kxDjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYzljYjUzMDJkOGQxM2ZlOTFlODBmNWNiZDFmYmFjYmMw
MTQ4MjcwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWM2N2QyZjFkZTI5NTZkMDZkMjIwNWM5Y2ZmMGFjZjY3YTdhMjlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu9hH8NRYpoweyomwhEB6NtwT8v3P
W0yOvL2S22MI+fyytEEMyoG3TTNOJJdV1kOYy+0YXBV8nlHsgk0zaEOhGc5It/UJ
Jp7Cf+gd4s8wlOmUjox50AVj4ENT8sotrLj3CUsPiJgn2Wt7FCJoGJhaJtAEzugj
vIlQqr6X/cx8Oag5YKnQqcYpOaozVmvMNEpfqUyu2Im6bOemS05ePxj5Pa2YJhi7
SqURyknooTNMJ0uYaDj6zCnyIaCKntUV8MNQ/901SQpqznLsJmPoCpJJiZYtuJ53
wxlB+TDzR5g9nzImSQNDgo4H5RFezax9NNdqTY06Y74KRage12+882T9wQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDnGfS8d4pVtBtIgXJz/Cs9np6KfMB8GA1UdIwQY
MBaAFC3Jy1MC2NE/6R6A9cvR+6y8AUgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGNuTFV3TFkwVF9wSG9EMXk5SDdyTHdCU0NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC9jY2M4MDgtMTRiYi00OTRkLTk5Yzgt
MmYxMWE2NTE5NjJiLzEvT2NaOUx4M2lsVzBHMGlCY25QOEt6MmVub3A4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC9jY2M4MDgtMTRiYi00OTRkLTk5YzgtMmYxMWE2NTE5NjJi
LzEvTGNuTFV3TFkwVF9wSG9EMXk5SDdyTHdCU0NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEUR8wAwQA
wY55MA0GCSqGSIb3DQEBCwUAA4IBAQCJswZdtrrzDc4zSJrWCne8s/EFoyM9uWC0
EiiIphf/BJzkxrFylGqtcHWBhzbxSjLcks4Y/aGvhyyzL05nQiICTEW8+NW5EYQP
S5E7O/fzfzQwlL4coVVIpHpSSH0/5y01ANZ9StU8zdUZJD/LOnPvCSrFviSMpW7e
jxqMY/Bp5ItsPK+riMH54sFcXLr/Q7GecWYNoY8I/QHCaBthcHu+N/MJ4ZQaaEXl
ehmPKxIgBwdUqT6XIl83Cb3glYuTS9nr5nybrZNs2oWtnM6MFJ+oGmSHt808M884
9TKSDvDLtKaRYJymp0YEbdojQVlCtAjNmLFDd6u+BJyXmcA74jpQ
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:44:37 2024 by rpki-client on console-ams.rpki-client.org