Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/OHaFXa5AK7dgNy3J4zITN71DY9Y.roa
File: OHaFXa5AK7dgNy3J4zITN71DY9Y.roa (raw, json)
Hash identifier: FOuP0BYc9UWmZubCiZzLXWVWFQb1Pho4H7+edUgUZf0=
Subject key identifier: 38:76:85:5D:AE:40:2B:B7:60:37:2D:C9:E3:32:13:37:BD:43:63:D6
Certificate issuer: /CN=9df185e99ffe611527a0e94331151ffe2ee72ae9
Certificate serial: 0191C779A0A5464FC6C7AFCF4B164DA5336F
Authority key identifier: 9D:F1:85:E9:9F:FE:61:15:27:A0:E9:43:31:15:1F:FE:2E:E7:2A:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/OHaFXa5AK7dgNy3J4zITN71DY9Y.roa
Signing time: Fri 06 Sep 2024 13:15:22 +0000
ROA not before: Fri 06 Sep 2024 13:15:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201990
IP address blocks: 45.90.43.0/24 maxlen: 24
185.205.84.0/22 maxlen: 22
193.218.203.0/24 maxlen: 24
217.197.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.mft
rsync://rpki.ripe.net/repository/DEFAULT/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:c7:79:a0:a5:46:4f:c6:c7:af:cf:4b:16:4d:a5:33:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9df185e99ffe611527a0e94331151ffe2ee72ae9
Validity
Not Before: Sep 6 13:15:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3876855dae402bb760372dc9e3321337bd4363d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:14:07:38:79:a8:b8:9c:93:80:76:70:68:0c:
cc:4b:1f:36:6e:68:40:ce:36:5a:4f:00:eb:e6:a8:
57:6e:b4:82:49:45:52:f6:d9:14:42:31:89:bd:bf:
a2:57:96:9e:fb:91:ef:7b:82:5c:75:07:bd:17:3f:
b8:d8:5d:68:0d:9a:2a:60:03:9e:af:c8:b1:4b:89:
a8:03:4c:68:2c:b9:c1:7b:42:1c:ad:9a:7a:79:43:
88:d6:1d:4b:97:3d:62:f5:9f:11:c9:9f:78:2c:9f:
c5:59:b9:3d:8b:7b:d7:63:58:5b:77:89:95:f0:85:
35:51:da:9e:aa:07:2b:5a:bf:32:d1:86:09:c8:eb:
a2:26:23:c7:44:23:e8:83:91:92:3b:39:2b:db:9e:
98:0a:69:99:57:36:ad:2e:d5:09:a4:20:be:4f:ee:
02:fe:23:ce:32:a7:53:df:f2:cc:2b:ae:2f:2c:e6:
b9:3c:48:fc:3a:ba:69:6e:80:28:50:28:af:a7:87:
d4:b5:9c:3c:1c:6f:ff:1a:91:c0:97:29:2d:a1:d2:
50:fb:5c:19:15:d2:fe:64:ab:72:68:fd:1d:be:90:
8d:a9:8c:fa:1a:25:8f:0f:c2:9f:16:1f:ea:bd:76:
bb:fa:e6:60:05:4d:21:57:1f:18:be:a9:bb:36:29:
4b:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:76:85:5D:AE:40:2B:B7:60:37:2D:C9:E3:32:13:37:BD:43:63:D6
X509v3 Authority Key Identifier:
keyid:9D:F1:85:E9:9F:FE:61:15:27:A0:E9:43:31:15:1F:FE:2E:E7:2A:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/OHaFXa5AK7dgNy3J4zITN71DY9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/60e51f-b803-474d-b27a-f2990ceb94ec/1/nfGF6Z_-YRUnoOlDMRUf_i7nKuk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.43.0/24
185.205.84.0/22
193.218.203.0/24
217.197.102.0/24
Signature Algorithm: sha256WithRSAEncryption
24:f7:d4:89:1f:32:71:0c:b5:c5:ef:ef:32:84:ab:cb:4a:11:
75:86:56:c5:15:7a:4b:f7:ed:70:ee:af:d5:82:87:a7:ca:86:
34:18:3c:dc:31:29:68:b1:48:dd:82:80:8f:99:69:b3:a9:fa:
c6:d2:29:71:10:b7:3e:8f:4c:89:98:06:88:3d:2d:71:0e:03:
86:4b:bf:b9:b8:f2:94:45:3b:b1:c9:0d:08:37:85:9e:c1:2d:
2b:88:5d:86:6d:b4:90:ea:89:15:cc:d0:a9:95:0b:7c:e1:76:
0b:80:96:24:4f:82:5d:7a:cc:d4:3f:36:79:de:ed:87:9f:df:
ca:33:10:71:2d:11:c4:b9:5b:87:d0:cd:6b:19:f3:ad:8f:22:
4d:be:82:37:a7:c3:52:55:58:aa:81:83:61:77:ff:1e:cf:88:
30:b4:e8:12:27:1c:bf:33:f2:68:69:95:55:d0:65:12:f4:6d:
e4:15:ed:45:f8:77:a1:ae:1e:9e:ab:46:75:1d:07:ef:77:94:
ea:71:eb:eb:aa:4a:9a:98:f0:db:5d:68:bd:19:fb:92:22:69:
2a:aa:40:69:46:62:0c:38:0f:f6:0e:9f:3a:7f:96:b1:1c:ce:
92:a8:91:c7:6f:cf:41:a2:66:72:20:4f:45:67:01:55:d1:34:
3a:eb:08:d6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHHeaClRk/Gx6/PSxZNpTNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZjE4NWU5OWZmZTYxMTUyN2EwZTk0MzMxMTUxZmZlMmVl
NzJhZTkwHhcNMjQwOTA2MTMxNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODc2ODU1ZGFlNDAyYmI3NjAzNzJkYzllMzMyMTMzN2JkNDM2M2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnhQHOHmouJyTgHZwaAzMSx82bmhA
zjZaTwDr5qhXbrSCSUVS9tkUQjGJvb+iV5ae+5Hve4JcdQe9Fz+42F1oDZoqYAOe
r8ixS4moA0xoLLnBe0IcrZp6eUOI1h1Llz1i9Z8RyZ94LJ/FWbk9i3vXY1hbd4mV
8IU1UdqeqgcrWr8y0YYJyOuiJiPHRCPog5GSOzkr256YCmmZVzatLtUJpCC+T+4C
/iPOMqdT3/LMK64vLOa5PEj8OrppboAoUCivp4fUtZw8HG//GpHAlyktodJQ+1wZ
FdL+ZKtyaP0dvpCNqYz6GiWPD8KfFh/qvXa7+uZgBU0hVx8Yvqm7NilLMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDh2hV2uQCu3YDctyeMyEze9Q2PWMB8GA1UdIwQY
MBaAFJ3xhemf/mEVJ6DpQzEVH/4u5yrpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmZHRjZaXy1ZUlVub09sRE1SVWZfaTduS3VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy82MGU1MWYtYjgwMy00NzRkLWIyN2Et
ZjI5OTBjZWI5NGVjLzEvT0hhRlhhNUFLN2RnTnkzSjR6SVRONzFEWTlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy82MGU1MWYtYjgwMy00NzRkLWIyN2EtZjI5OTBjZWI5NGVj
LzEvbmZHRjZaXy1ZUlVub09sRE1SVWZfaTduS3VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVorAwQC
uc1UAwQAwdrLAwQA2cVmMA0GCSqGSIb3DQEBCwUAA4IBAQAk99SJHzJxDLXF7+8y
hKvLShF1hlbFFXpL9+1w7q/VgoenyoY0GDzcMSlosUjdgoCPmWmzqfrG0ilxELc+
j0yJmAaIPS1xDgOGS7+5uPKURTuxyQ0IN4WewS0riF2GbbSQ6okVzNCplQt84XYL
gJYkT4JdeszUPzZ53u2Hn9/KMxBxLRHEuVuH0M1rGfOtjyJNvoI3p8NSVViqgYNh
d/8ez4gwtOgSJxy/M/JoaZVV0GUS9G3kFe1F+Hehrh6eq0Z1HQfvd5Tqcevrqkqa
mPDbXWi9GfuSImkqqkBpRmIMOA/2Dp86f5axHM6SqJHHb89BomZyIE9FZwFV0TQ6
6wjW
-----END CERTIFICATE-----
Generated at Sat Nov 23 14:51:09 2024 by rpki-client on console-ams.rpki-client.org