Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/O9g9jMJB8uuYhaYC28a040CTgVA.roa
File: O9g9jMJB8uuYhaYC28a040CTgVA.roa (raw, json)
Hash identifier: MTiuoR8cXd3bzFeA1iUSWab3NAxvgZTqCPM9MSXypkI=
Subject key identifier: 3B:D8:3D:8C:C2:41:F2:EB:98:85:A6:02:DB:C6:B4:E3:40:93:81:50
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 019350716A2982092C1DADA5E408DEB3CC80
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/O9g9jMJB8uuYhaYC28a040CTgVA.roa
Signing time: Thu 21 Nov 2024 20:37:10 +0000
ROA not before: Thu 21 Nov 2024 20:37:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 163.5.22.0/24 maxlen: 24
163.5.31.0/24 maxlen: 24
163.5.46.0/24 maxlen: 24
163.5.62.0/24 maxlen: 24
163.5.144.0/24 maxlen: 24
163.5.149.0/24 maxlen: 24
163.5.173.0/24 maxlen: 24
163.5.179.0/24 maxlen: 24
163.5.187.0/24 maxlen: 24
163.5.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:50:71:6a:29:82:09:2c:1d:ad:a5:e4:08:de:b3:cc:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Nov 21 20:37:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bd83d8cc241f2eb9885a602dbc6b4e340938150
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:f3:f9:56:22:81:9a:79:d3:51:a4:2f:62:0c:
9e:46:63:28:3e:35:45:9c:7f:71:a9:3b:fb:1b:bd:
de:9d:cf:bb:ba:0c:64:9d:b8:e0:ff:f4:09:03:d6:
93:1a:86:c5:49:da:c4:f4:d3:89:0e:13:10:12:01:
c6:3b:57:6d:6c:ff:a1:73:cb:40:75:c7:1f:d5:4a:
9b:0e:c7:da:5e:66:4f:e6:83:03:8c:c3:74:4a:90:
37:72:b6:44:74:3e:e0:1a:28:88:4e:a6:6b:e7:75:
db:3a:fe:e4:e8:8c:f6:99:59:1e:3d:8d:42:73:29:
d3:55:9d:9e:7c:76:a6:00:ef:d3:cf:ad:e8:6e:28:
f5:d5:73:36:f7:be:aa:51:57:d0:8d:0c:89:38:d4:
31:44:29:4f:18:47:b6:75:65:9b:16:8f:25:7b:ea:
38:c5:c4:cb:64:5f:6f:04:4a:aa:f8:33:45:26:3a:
cc:82:d4:35:c4:86:76:27:c9:b6:eb:4e:4b:56:ca:
7e:d9:e7:23:9f:bd:7c:ff:24:a8:70:24:b6:7c:88:
3f:79:68:48:40:27:9f:41:bc:a3:60:69:82:77:fc:
a4:09:34:ab:2e:02:31:12:86:67:3e:b9:5e:35:7c:
66:50:d3:ee:fe:6b:f6:8d:43:fc:44:c2:57:dc:7a:
fc:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D8:3D:8C:C2:41:F2:EB:98:85:A6:02:DB:C6:B4:E3:40:93:81:50
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/O9g9jMJB8uuYhaYC28a040CTgVA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.22.0/24
163.5.31.0/24
163.5.46.0/24
163.5.62.0/24
163.5.144.0/24
163.5.149.0/24
163.5.173.0/24
163.5.179.0/24
163.5.187.0/24
163.5.247.0/24
Signature Algorithm: sha256WithRSAEncryption
96:19:30:33:61:ac:47:9f:53:ce:db:c2:af:cf:1e:f9:8a:07:
f9:7a:11:65:97:f0:02:a9:c1:fe:99:dd:61:6a:51:f5:47:65:
0a:69:5e:d6:f9:45:2c:81:0c:54:06:6e:1f:3f:9e:d8:e3:08:
60:e9:0a:65:81:f3:78:20:33:54:c5:2f:11:3e:f4:8b:fd:c6:
c6:86:e4:25:88:f9:c5:86:d5:30:21:c2:cc:74:f6:15:57:7d:
dd:7b:32:1b:d6:a2:b4:98:60:8b:c3:91:2c:ae:39:18:93:28:
11:ef:b2:43:a4:a6:dd:ae:17:a4:64:4d:97:42:4c:af:20:10:
c6:f6:8c:a4:dc:6f:ac:a9:ae:23:a8:99:60:81:6c:0e:79:9d:
05:55:c8:6e:4f:e8:fd:cd:56:ba:84:3d:eb:8c:77:b2:bf:a2:
6e:39:52:b5:53:9c:ed:75:af:43:33:f6:a4:53:b6:95:ea:ad:
02:e8:98:e2:07:fa:6b:a1:67:ae:26:3c:a7:a2:5b:ec:93:6a:
1f:1d:43:b8:f3:2b:8a:a5:90:3e:26:be:e7:ef:52:bd:94:1b:
01:e5:fb:91:b5:2f:31:2a:04:f3:65:37:c7:2c:78:5b:0a:fd:
f9:95:a9:41:32:63:e7:2c:d8:1f:21:6a:69:dd:36:7e:7f:df:
cd:3b:de:bd
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZNQcWopggksHa2l5Ajes8yAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjQxMTIxMjAzNzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmQ4M2Q4Y2MyNDFmMmViOTg4NWE2MDJkYmM2YjRlMzQwOTM4MTUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo/P5ViKBmnnTUaQvYgyeRmMoPjVF
nH9xqTv7G73enc+7ugxknbjg//QJA9aTGobFSdrE9NOJDhMQEgHGO1dtbP+hc8tA
dccf1UqbDsfaXmZP5oMDjMN0SpA3crZEdD7gGiiITqZr53XbOv7k6Iz2mVkePY1C
cynTVZ2efHamAO/Tz63obij11XM2976qUVfQjQyJONQxRClPGEe2dWWbFo8le+o4
xcTLZF9vBEqq+DNFJjrMgtQ1xIZ2J8m2605LVsp+2ecjn718/ySocCS2fIg/eWhI
QCefQbyjYGmCd/ykCTSrLgIxEoZnPrleNXxmUNPu/mv2jUP8RMJX3Hr8EQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFDvYPYzCQfLrmIWmAtvGtONAk4FQMB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvTzlnOWpNSkI4dXVZaGFZQzI4YTA0MENUZ1ZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQAowUWAwQA
owUfAwQAowUuAwQAowU+AwQAowWQAwQAowWVAwQAowWtAwQAowWzAwQAowW7AwQA
owX3MA0GCSqGSIb3DQEBCwUAA4IBAQCWGTAzYaxHn1PO28Kvzx75igf5ehFll/AC
qcH+md1halH1R2UKaV7W+UUsgQxUBm4fP57Y4whg6QplgfN4IDNUxS8RPvSL/cbG
huQliPnFhtUwIcLMdPYVV33dezIb1qK0mGCLw5EsrjkYkygR77JDpKbdrhekZE2X
QkyvIBDG9oyk3G+sqa4jqJlggWwOeZ0FVchuT+j9zVa6hD3rjHeyv6JuOVK1U5zt
da9DM/akU7aV6q0C6JjiB/proWeuJjynolvsk2ofHUO48yuKpZA+Jr7n71K9lBsB
5fuRtS8xKgTzZTfHLHhbCv35lalBMmPnLNgfIWpp3TZ+f9/NO969
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:34:50 2024 by rpki-client on console-fra.rpki-client.org