Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ojefcQv9CK27_O_Afhc1Xsonw_8.roa
File: ojefcQv9CK27_O_Afhc1Xsonw_8.roa (raw, json)
Hash identifier: TACJiu2eQEejw3+DzMCxaiiGFUW0f82cK9Kmn6G/LWk=
Subject key identifier: A2:37:9F:71:0B:FD:08:AD:BB:FC:EF:C0:7E:17:35:5E:CA:27:C3:FF
Certificate issuer: /CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Certificate serial: 0194236A2FB57E4A0F1F08D00CD6B7280296
Authority key identifier: 0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ojefcQv9CK27_O_Afhc1Xsonw_8.roa
Signing time: Wed 01 Jan 2025 19:49:09 +0000
ROA not before: Wed 01 Jan 2025 19:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 163.5.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:2f:b5:7e:4a:0f:1f:08:d0:0c:d6:b7:28:02:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce851b6dd5d364ee19e0b38201b3e8df2624bcb
Validity
Not Before: Jan 1 19:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2379f710bfd08adbbfcefc07e17355eca27c3ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:13:cb:27:65:f8:f3:e4:66:b7:82:4f:d1:91:
3c:18:ca:19:80:22:c4:60:3f:3f:6d:6a:d7:53:7e:
e1:6a:04:ae:7e:99:ec:e8:22:d8:1a:c2:f1:ea:9a:
30:80:b2:c2:23:fe:ce:41:86:7e:e9:5e:04:d6:32:
84:31:a4:74:f5:30:21:51:45:ad:98:52:79:b7:49:
b3:6f:48:45:e0:6d:d6:c2:e5:00:c7:37:c1:50:b8:
99:d5:30:d9:36:2b:84:9c:31:36:86:4b:9f:79:d3:
d1:5d:36:67:3a:58:04:cc:e5:17:5e:cc:e2:24:72:
ed:47:f6:ea:a7:d7:1f:b5:00:64:32:0c:4e:5d:20:
79:82:76:37:c0:b4:a5:25:f4:81:83:8a:95:56:7a:
32:4e:11:93:b0:d7:c4:9f:c3:11:32:ac:1e:b7:c4:
3d:84:31:4e:ce:d8:5e:f6:2f:40:12:b7:b7:a5:8c:
3b:79:8b:7a:c9:18:c7:82:56:c9:54:26:57:22:69:
05:62:12:fb:1f:9a:2f:53:0a:21:3f:bd:61:dc:33:
eb:c6:1f:0c:22:e1:5f:53:71:b2:52:00:17:56:e6:
e0:dd:bf:bf:6f:79:e6:bf:58:97:bf:a4:11:95:12:
63:6c:4c:54:4e:cf:69:ab:7e:22:d4:59:f4:6c:30:
a2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:37:9F:71:0B:FD:08:AD:BB:FC:EF:C0:7E:17:35:5E:CA:27:C3:FF
X509v3 Authority Key Identifier:
keyid:0C:E8:51:B6:DD:5D:36:4E:E1:9E:0B:38:20:1B:3E:8D:F2:62:4B:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOhRtt1dNk7hngs4IBs-jfJiS8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/ojefcQv9CK27_O_Afhc1Xsonw_8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/d02dfb-9673-49a8-971c-9fe94108ff01/1/DOhRtt1dNk7hngs4IBs-jfJiS8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
163.5.187.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:59:ff:8a:50:04:f8:f3:38:94:83:bb:fd:ff:2d:6e:38:1c:
aa:5b:d7:18:90:38:15:04:c3:1f:77:80:37:0f:0f:b9:e3:d3:
1f:39:bc:03:a2:4c:82:5f:bc:74:01:a6:ef:c0:07:c8:5c:25:
f4:12:2c:0c:08:89:c3:98:cf:93:1f:5a:f2:73:16:9a:c8:6c:
05:c4:49:d0:e3:ea:d4:15:fb:49:9b:a9:7a:4b:85:d0:03:bf:
a3:b4:34:b4:0a:24:6b:15:50:a5:a1:01:bf:79:b3:1c:97:5d:
0a:56:09:d4:b0:4b:20:7c:05:20:d4:c3:a6:d1:e3:8b:21:03:
c7:79:06:f9:a4:fd:19:7d:c1:fd:a2:c2:13:1d:58:89:7a:5c:
60:53:84:d8:e6:2c:84:83:62:56:ef:3f:73:00:31:a1:bf:45:
af:f9:cc:a0:31:c9:9e:6f:ba:37:d8:c3:ad:bd:8c:35:4d:0a:
25:7a:fc:38:58:29:8f:2a:79:ee:94:e7:f7:b7:fe:7c:0e:91:
87:4f:5d:0a:f6:ef:eb:cf:10:86:41:31:81:b3:f0:2e:b0:65:
52:ea:ec:fa:42:1f:84:8e:d5:64:a3:a3:b3:27:1d:1f:3a:21:
89:04:0c:29:a0:85:02:35:13:ed:42:d3:a4:47:63:94:d2:14:
2f:5c:ba:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQjai+1fkoPHwjQDNa3KAKWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTg1MWI2ZGQ1ZDM2NGVlMTllMGIzODIwMWIzZThkZjI2
MjRiY2IwHhcNMjUwMTAxMTk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjM3OWY3MTBiZmQwOGFkYmJmY2VmYzA3ZTE3MzU1ZWNhMjdjM2ZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRPLJ2X48+Rmt4JP0ZE8GMoZgCLE
YD8/bWrXU37hagSufpns6CLYGsLx6powgLLCI/7OQYZ+6V4E1jKEMaR09TAhUUWt
mFJ5t0mzb0hF4G3WwuUAxzfBULiZ1TDZNiuEnDE2hkufedPRXTZnOlgEzOUXXszi
JHLtR/bqp9cftQBkMgxOXSB5gnY3wLSlJfSBg4qVVnoyThGTsNfEn8MRMqwet8Q9
hDFOzthe9i9AEre3pYw7eYt6yRjHglbJVCZXImkFYhL7H5ovUwohP71h3DPrxh8M
IuFfU3GyUgAXVubg3b+/b3nmv1iXv6QRlRJjbExUTs9pq34i1Fn0bDCi2QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKI3n3EL/Qitu/zvwH4XNV7KJ8P/MB8GA1UdIwQY
MBaAFAzoUbbdXTZO4Z4LOCAbPo3yYkvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMt
OWZlOTQxMDhmZjAxLzEvb2plZmNRdjlDSzI3X09fQWZoYzFYc29ud184LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9kMDJkZmItOTY3My00OWE4LTk3MWMtOWZlOTQxMDhmZjAx
LzEvRE9oUnR0MWROazdobmdzNElCcy1qZkppUzhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAowW7MA0G
CSqGSIb3DQEBCwUAA4IBAQBrWf+KUAT48ziUg7v9/y1uOByqW9cYkDgVBMMfd4A3
Dw+549MfObwDokyCX7x0AabvwAfIXCX0EiwMCInDmM+TH1rycxaayGwFxEnQ4+rU
FftJm6l6S4XQA7+jtDS0CiRrFVCloQG/ebMcl10KVgnUsEsgfAUg1MOm0eOLIQPH
eQb5pP0ZfcH9osITHViJelxgU4TY5iyEg2JW7z9zADGhv0Wv+cygMcmeb7o32MOt
vYw1TQolevw4WCmPKnnulOf3t/58DpGHT10K9u/rzxCGQTGBs/AusGVS6uz6Qh+E
jtVko6OzJx0fOiGJBAwpoIUCNRPtQtOkR2OU0hQvXLq1
-----END CERTIFICATE-----
Generated at Wed Feb 5 08:48:37 2025 by rpki-client