Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/OPCJxZgDThn6q_4juBx0gQoGRfw.roa
File: OPCJxZgDThn6q_4juBx0gQoGRfw.roa (raw, json)
Hash identifier: ERUeHjhjN7kaudypV11oBDu5xmRfn/w3wIiPqm8rJVo=
Subject key identifier: 38:F0:89:C5:98:03:4E:19:FA:AB:FE:23:B8:1C:74:81:0A:06:45:FC
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 018CC9BCE4D6C77538C20D58CD30BD2E7E55
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/OPCJxZgDThn6q_4juBx0gQoGRfw.roa
Signing time: Tue 02 Jan 2024 10:34:08 +0000
ROA not before: Tue 02 Jan 2024 10:34:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209303
IP address blocks: 5.3.90.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e4:d6:c7:75:38:c2:0d:58:cd:30:bd:2e:7e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 2 10:34:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38f089c598034e19faabfe23b81c74810a0645fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:fb:99:2d:5e:6d:19:62:52:84:91:f3:e3:40:
21:a3:35:ef:06:4a:1a:99:30:34:4e:8e:52:b5:2e:
49:71:07:c7:2e:13:30:92:8d:c1:33:b2:27:90:07:
0d:c2:7b:b4:85:fc:06:16:2b:80:a3:7d:8b:1a:52:
f9:eb:0e:af:47:3f:6b:3e:91:4a:ad:86:6e:20:06:
3c:62:f1:d0:71:22:22:02:4d:7c:cf:f7:73:8d:92:
fa:b2:eb:ec:b2:88:bc:64:ee:41:0e:e7:56:a7:62:
05:7d:77:77:cd:4d:0e:dd:40:fc:f7:f2:c9:27:34:
70:75:8a:ee:d5:40:7d:20:e4:c6:8c:e5:54:65:87:
92:31:fb:08:d3:ac:ca:10:2b:58:86:95:0a:6b:f5:
74:a7:2b:31:63:03:d5:5c:b1:b2:b8:eb:27:27:35:
f3:e5:ae:4d:80:e7:e6:e7:63:fe:4d:41:50:35:f8:
2c:65:b9:14:39:ec:d4:4a:cf:26:1c:ae:17:af:fd:
37:42:0a:07:d2:0c:68:ab:fc:0d:55:a2:62:27:13:
12:de:b2:ae:39:fb:99:d3:22:42:a3:04:52:cc:bf:
c2:0e:09:7a:ea:5b:c3:16:30:dd:7b:15:ff:f6:7f:
a6:ea:8b:f1:71:e6:0c:6d:94:d8:db:dd:cf:71:f8:
8c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F0:89:C5:98:03:4E:19:FA:AB:FE:23:B8:1C:74:81:0A:06:45:FC
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/OPCJxZgDThn6q_4juBx0gQoGRfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.3.90.0/24
Signature Algorithm: sha256WithRSAEncryption
ae:e7:db:48:a6:81:b7:fa:48:09:40:e6:ed:e2:c2:dc:ef:55:
41:e6:fd:a9:ff:95:08:4d:4b:c5:ef:83:83:8a:cd:46:32:00:
89:05:41:26:f2:28:82:70:95:b4:d7:d0:ae:78:80:c8:4b:c9:
82:15:46:f1:5f:be:fd:9f:da:bd:9f:78:5d:05:99:e3:9e:0a:
e0:48:3a:a7:96:7d:76:9a:4f:58:55:74:38:6f:ae:a7:c9:2a:
1a:58:d9:10:82:a8:85:fc:ba:b9:41:49:8f:1d:da:37:8f:94:
dc:1c:9a:ff:5e:fd:68:46:47:62:56:6d:0c:33:fe:e3:a3:58:
3d:e0:f2:df:8a:e9:a2:7c:44:6e:90:0a:d8:41:bd:cb:bd:ef:
97:a3:79:22:5d:0b:14:0e:02:b0:e4:97:b6:af:b3:42:b2:e7:
0d:9c:80:fd:b9:5c:da:2e:8e:34:1e:45:e2:88:b1:1b:a4:13:
ce:4f:10:6e:9c:54:d9:d7:e2:cb:75:76:37:f9:6b:a2:ad:85:
52:cf:6c:32:c8:2c:bf:4e:57:54:1b:4d:e1:6f:18:65:bf:a6:
7f:70:8c:f1:68:e7:63:f4:00:5e:66:14:a0:0c:41:06:30:ca:
71:9b:a8:cb:6a:b1:be:de:b3:be:59:85:44:7a:7a:89:34:03:
df:3a:ae:ce
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvOTWx3U4wg1YzTC9Ln5VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjQwMTAyMTAzNDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGYwODljNTk4MDM0ZTE5ZmFhYmZlMjNiODFjNzQ4MTBhMDY0NWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8PuZLV5tGWJShJHz40AhozXvBkoa
mTA0To5StS5JcQfHLhMwko3BM7InkAcNwnu0hfwGFiuAo32LGlL56w6vRz9rPpFK
rYZuIAY8YvHQcSIiAk18z/dzjZL6suvssoi8ZO5BDudWp2IFfXd3zU0O3UD89/LJ
JzRwdYru1UB9IOTGjOVUZYeSMfsI06zKECtYhpUKa/V0pysxYwPVXLGyuOsnJzXz
5a5NgOfm52P+TUFQNfgsZbkUOezUSs8mHK4Xr/03QgoH0gxoq/wNVaJiJxMS3rKu
OfuZ0yJCowRSzL/CDgl66lvDFjDdexX/9n+m6ovxceYMbZTY293PcfiMAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjwicWYA04Z+qv+I7gcdIEKBkX8MB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvT1BDSnhaZ0RUaG42cV80anVCeDBnUW9HUmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABQNaMA0G
CSqGSIb3DQEBCwUAA4IBAQCu59tIpoG3+kgJQObt4sLc71VB5v2p/5UITUvF74OD
is1GMgCJBUEm8iiCcJW019CueIDIS8mCFUbxX779n9q9n3hdBZnjngrgSDqnln12
mk9YVXQ4b66nySoaWNkQgqiF/Lq5QUmPHdo3j5TcHJr/Xv1oRkdiVm0MM/7jo1g9
4PLfiumifERukArYQb3Lve+Xo3kiXQsUDgKw5Je2r7NCsucNnID9uVzaLo40HkXi
iLEbpBPOTxBunFTZ1+LLdXY3+WuirYVSz2wyyCy/TldUG03hbxhlv6Z/cIzxaOdj
9ABeZhSgDEEGMMpxm6jLarG+3rO+WYVEenqJNAPfOq7O
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:36:45 2024 by rpki-client on console-fra.rpki-client.org