Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/O7_Cxwa5BiuSE0XxuIOvHES53mc.roa
File: O7_Cxwa5BiuSE0XxuIOvHES53mc.roa (raw, json)
Hash identifier: vR1pCFaGVM5n92PFg2faEb9dOATex+y1om8wWpvcgrM=
Subject key identifier: 3B:BF:C2:C7:06:B9:06:2B:92:13:45:F1:B8:83:AF:1C:44:B9:DE:67
Certificate issuer: /CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Certificate serial: 0191D85892085A58A85021DB967FE546A6AD
Authority key identifier: D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/O7_Cxwa5BiuSE0XxuIOvHES53mc.roa
Signing time: Mon 09 Sep 2024 19:52:48 +0000
ROA not before: Mon 09 Sep 2024 19:52:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215703
IP address blocks: 207.244.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:40:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d8:58:92:08:5a:58:a8:50:21:db:96:7f:e5:46:a6:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d08da9cf00d4d58b854ffc62010f235b06df354a
Validity
Not Before: Sep 9 19:52:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bbfc2c706b9062b921345f1b883af1c44b9de67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:87:58:a7:55:52:0d:31:ae:1c:09:16:37:d3:
fc:2e:28:64:06:f9:d7:3d:2b:53:28:d5:1c:f3:0c:
58:85:88:91:3c:41:8a:4a:bf:66:51:64:93:cd:0e:
72:7e:4d:47:c4:ba:a2:c8:e9:0c:5a:1c:a5:53:e3:
3d:74:d4:77:14:f3:ff:20:75:51:55:7b:e8:ff:18:
dd:60:27:d2:9b:05:b3:d2:a2:20:0d:71:a3:57:4d:
e7:a5:8a:fd:a3:a8:ef:e6:b8:e3:ea:05:e5:c5:e1:
d2:7c:be:1d:85:db:78:b6:d6:49:b6:ae:dc:02:ed:
f4:65:1d:f3:78:86:55:14:42:a7:9c:5f:f7:99:76:
c8:14:db:bb:1a:c2:cf:78:98:c0:36:c3:53:29:fb:
66:40:ae:5f:ae:fd:22:4d:de:2c:99:29:d6:6a:aa:
95:7a:d3:3a:fa:71:23:2b:d0:9e:32:53:2f:bb:98:
eb:42:cc:8e:c2:c4:71:bd:be:42:02:e7:f7:59:0c:
41:90:c2:11:84:10:e8:a3:52:ae:61:6a:16:f1:de:
d3:ec:bc:4a:f6:87:17:db:f3:a0:af:b8:8c:3d:0a:
dc:33:fe:00:fc:58:62:c9:36:24:cf:b3:37:51:cc:
2d:34:26:f4:58:18:67:4f:60:5a:c9:fd:6e:15:e8:
72:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:BF:C2:C7:06:B9:06:2B:92:13:45:F1:B8:83:AF:1C:44:B9:DE:67
X509v3 Authority Key Identifier:
keyid:D0:8D:A9:CF:00:D4:D5:8B:85:4F:FC:62:01:0F:23:5B:06:DF:35:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/O7_Cxwa5BiuSE0XxuIOvHES53mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/febef8-a0ea-4c7e-8806-20e19780cb2e/1/0I2pzwDU1YuFT_xiAQ8jWwbfNUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
207.244.199.0/24
Signature Algorithm: sha256WithRSAEncryption
31:50:05:44:63:cb:c6:c0:13:5c:cb:a3:d0:ee:48:78:c7:38:
94:19:97:e5:97:48:6e:ab:cf:ef:c5:96:e2:86:a7:ee:14:9c:
89:86:92:db:a4:81:d0:83:90:a7:11:2b:c6:98:28:2e:2a:19:
de:3d:c7:30:3e:be:ee:51:5c:a4:77:86:06:db:80:e5:f7:b8:
08:c2:d0:60:21:52:58:06:f7:3e:e1:93:84:5f:2e:f4:58:cd:
95:24:fb:b1:74:53:db:b6:c3:98:f5:58:02:78:2c:ec:9b:5d:
f8:62:9f:48:7c:a2:7f:07:e1:8a:07:96:a1:e6:a8:90:da:61:
96:09:3f:79:f5:ab:8c:e1:92:cc:30:48:ea:9d:a2:e8:66:94:
46:dc:51:6f:77:b7:60:f9:bf:26:42:c9:8a:76:c5:11:8f:cb:
d3:72:24:db:5f:72:48:f9:b8:78:0c:fc:4e:1b:49:0d:81:f6:
94:a8:0d:0b:a9:17:93:41:1a:62:67:5b:d2:b5:77:52:bc:5f:
ab:83:c4:c7:89:e8:af:82:4f:06:ce:6b:a0:15:6f:ed:4f:f8:
b5:7c:c5:66:58:0b:99:7d:31:c6:4e:87:35:fd:9e:4d:0b:20:
dc:bf:d3:83:a6:ee:66:cb:99:b0:94:4d:0d:48:ad:7a:60:37:
44:5a:61:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHYWJIIWlioUCHbln/lRqatMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOGRhOWNmMDBkNGQ1OGI4NTRmZmM2MjAxMGYyMzViMDZk
ZjM1NGEwHhcNMjQwOTA5MTk1MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmJmYzJjNzA2YjkwNjJiOTIxMzQ1ZjFiODgzYWYxYzQ0YjlkZTY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtYdYp1VSDTGuHAkWN9P8LihkBvnX
PStTKNUc8wxYhYiRPEGKSr9mUWSTzQ5yfk1HxLqiyOkMWhylU+M9dNR3FPP/IHVR
VXvo/xjdYCfSmwWz0qIgDXGjV03npYr9o6jv5rjj6gXlxeHSfL4dhdt4ttZJtq7c
Au30ZR3zeIZVFEKnnF/3mXbIFNu7GsLPeJjANsNTKftmQK5frv0iTd4smSnWaqqV
etM6+nEjK9CeMlMvu5jrQsyOwsRxvb5CAuf3WQxBkMIRhBDoo1KuYWoW8d7T7LxK
9ocX2/Ogr7iMPQrcM/4A/FhiyTYkz7M3UcwtNCb0WBhnT2Bayf1uFehyTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDu/wscGuQYrkhNF8biDrxxEud5nMB8GA1UdIwQY
MBaAFNCNqc8A1NWLhU/8YgEPI1sG3zVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYt
MjBlMTk3ODBjYjJlLzEvTzdfQ3h3YTVCaXVTRTBYeHVJT3ZIRVM1M21jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9mZWJlZjgtYTBlYS00YzdlLTg4MDYtMjBlMTk3ODBjYjJl
LzEvMEkycHp3RFUxWXVGVF94aUFROGpXd2JmTlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAz/THMA0G
CSqGSIb3DQEBCwUAA4IBAQAxUAVEY8vGwBNcy6PQ7kh4xziUGZfll0huq8/vxZbi
hqfuFJyJhpLbpIHQg5CnESvGmCguKhnePccwPr7uUVykd4YG24Dl97gIwtBgIVJY
Bvc+4ZOEXy70WM2VJPuxdFPbtsOY9VgCeCzsm134Yp9IfKJ/B+GKB5ah5qiQ2mGW
CT959auM4ZLMMEjqnaLoZpRG3FFvd7dg+b8mQsmKdsURj8vTciTbX3JI+bh4DPxO
G0kNgfaUqA0LqReTQRpiZ1vStXdSvF+rg8THieivgk8GzmugFW/tT/i1fMVmWAuZ
fTHGToc1/Z5NCyDcv9ODpu5my5mwlE0NSK16YDdEWmEs
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:01:22 2024 by rpki-client on console-ams.rpki-client.org