Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/OMxuY3kG4tWEp9TnV_g6vV_Zz-g.roa
File: OMxuY3kG4tWEp9TnV_g6vV_Zz-g.roa (raw, json)
Hash identifier: WJeBDJrfG4/nU23jWsXAzIGPKsRINPWkJqU+afh3nYk=
Subject key identifier: 38:CC:6E:63:79:06:E2:D5:84:A7:D4:E7:57:F8:3A:BD:5F:D9:CF:E8
Certificate issuer: /CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Certificate serial: 018CC3B6830CF3D5A117FA4146611577140A
Authority key identifier: 18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/OMxuY3kG4tWEp9TnV_g6vV_Zz-g.roa
Signing time: Mon 01 Jan 2024 06:29:27 +0000
ROA not before: Mon 01 Jan 2024 06:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8430
IP address blocks: 195.49.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.mft
rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:83:0c:f3:d5:a1:17:fa:41:46:61:15:77:14:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1847b59d21ea36b3062fca80ce75c1616af5119a
Validity
Not Before: Jan 1 06:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38cc6e637906e2d584a7d4e757f83abd5fd9cfe8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:bf:2b:b2:e4:9b:d5:00:8f:71:87:0f:af:35:
00:a9:82:b2:08:fa:68:46:07:62:5d:f1:e4:99:5f:
b8:29:b5:e3:30:23:4f:79:f5:a8:11:ab:71:4d:d4:
40:54:c3:7b:75:5e:7d:97:13:49:f4:b7:81:45:1f:
e8:d5:9e:e7:4f:32:c6:50:5a:af:1c:07:10:6a:8b:
07:4c:f1:fd:6a:6c:04:91:f2:f6:8a:65:d4:6d:b9:
7e:af:45:1d:45:e8:84:68:bf:6f:f9:6d:84:74:7e:
d6:20:c3:e1:d3:8f:76:40:27:3c:c2:e3:f4:da:fe:
f8:30:2f:1d:91:6f:ca:e6:6d:f0:47:65:80:09:2d:
32:48:c2:b1:a1:fe:ba:e5:82:7b:0d:ea:16:c0:44:
18:43:6e:eb:9c:55:bb:f3:64:58:2b:7f:d4:bc:d0:
54:44:81:41:91:ef:c1:2a:31:6b:b3:22:57:f8:dd:
a1:b8:48:4b:b9:53:0a:98:3e:d6:82:bf:3e:a8:59:
29:96:4a:c0:5c:8b:74:c2:af:ef:66:d9:95:2c:dd:
7b:c5:c5:0c:3d:f2:d0:29:69:c3:eb:d8:46:b9:af:
b5:d6:38:5f:27:b8:4f:1f:a7:9f:63:d6:bc:21:6a:
6b:7b:0a:62:42:35:e9:a5:51:22:52:71:fb:54:a0:
57:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:CC:6E:63:79:06:E2:D5:84:A7:D4:E7:57:F8:3A:BD:5F:D9:CF:E8
X509v3 Authority Key Identifier:
keyid:18:47:B5:9D:21:EA:36:B3:06:2F:CA:80:CE:75:C1:61:6A:F5:11:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GEe1nSHqNrMGL8qAznXBYWr1EZo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/OMxuY3kG4tWEp9TnV_g6vV_Zz-g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/3824cd-e527-4adc-a412-f91bb5179217/1/GEe1nSHqNrMGL8qAznXBYWr1EZo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.49.208.0/24
Signature Algorithm: sha256WithRSAEncryption
78:32:04:44:0d:37:e0:c0:15:05:bb:a7:d4:ef:0b:3b:53:eb:
56:f6:6e:00:35:35:76:ac:cb:55:c8:ab:ae:69:17:4d:8e:1b:
72:82:06:20:92:80:73:36:8a:f1:1b:18:79:92:97:10:d1:7e:
af:05:b3:5a:8a:a0:34:c7:a2:7c:44:50:1c:ef:5f:09:3a:89:
86:bb:a4:84:97:c1:51:a3:16:95:0d:41:5c:a0:07:6f:b6:88:
99:b2:c7:2b:76:e0:60:95:5d:7b:23:b5:00:4a:49:a3:4c:2b:
e1:ad:e8:5c:80:23:6c:7e:2f:45:48:d9:46:be:f3:43:d8:78:
d8:d4:e3:ae:38:f3:0c:f2:77:fe:c6:cd:4c:38:fa:54:0b:17:
3c:1b:24:3a:7f:3e:43:52:b9:93:74:8a:0c:bf:71:a0:93:fb:
d0:a7:be:e9:35:46:cf:07:00:87:5e:d7:3d:6b:19:00:37:28:
0c:70:a9:55:c1:c7:3e:11:5f:b7:5e:b1:8d:3e:38:7b:f8:98:
ff:89:08:8e:e5:e1:a9:15:f8:f3:81:7e:22:42:19:e7:18:9a:
b2:b3:e0:91:4c:00:9e:c7:93:4f:d9:68:db:5e:70:3e:a9:b4:
a0:2a:93:6c:73:a3:65:ae:2a:c5:1a:7b:61:9f:ad:f2:45:27:
c8:bc:89:a2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtoMM89WhF/pBRmEVdxQKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NDdiNTlkMjFlYTM2YjMwNjJmY2E4MGNlNzVjMTYxNmFm
NTExOWEwHhcNMjQwMTAxMDYyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGNjNmU2Mzc5MDZlMmQ1ODRhN2Q0ZTc1N2Y4M2FiZDVmZDljZmU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhr8rsuSb1QCPcYcPrzUAqYKyCPpo
RgdiXfHkmV+4KbXjMCNPefWoEatxTdRAVMN7dV59lxNJ9LeBRR/o1Z7nTzLGUFqv
HAcQaosHTPH9amwEkfL2imXUbbl+r0UdReiEaL9v+W2EdH7WIMPh0492QCc8wuP0
2v74MC8dkW/K5m3wR2WACS0ySMKxof665YJ7DeoWwEQYQ27rnFW782RYK3/UvNBU
RIFBke/BKjFrsyJX+N2huEhLuVMKmD7Wgr8+qFkplkrAXIt0wq/vZtmVLN17xcUM
PfLQKWnD69hGua+11jhfJ7hPH6efY9a8IWprewpiQjXppVEiUnH7VKBXOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDjMbmN5BuLVhKfU51f4Or1f2c/oMB8GA1UdIwQY
MBaAFBhHtZ0h6jazBi/KgM51wWFq9RGaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTIt
ZjkxYmI1MTc5MjE3LzEvT014dVkza0c0dFdFcDlUblZfZzZ2Vl9aei1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi8zODI0Y2QtZTUyNy00YWRjLWE0MTItZjkxYmI1MTc5MjE3
LzEvR0VlMW5TSHFOck1HTDhxQXpuWEJZV3IxRVpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwzHQMA0G
CSqGSIb3DQEBCwUAA4IBAQB4MgREDTfgwBUFu6fU7ws7U+tW9m4ANTV2rMtVyKuu
aRdNjhtyggYgkoBzNorxGxh5kpcQ0X6vBbNaiqA0x6J8RFAc718JOomGu6SEl8FR
oxaVDUFcoAdvtoiZsscrduBglV17I7UASkmjTCvhrehcgCNsfi9FSNlGvvND2HjY
1OOuOPMM8nf+xs1MOPpUCxc8GyQ6fz5DUrmTdIoMv3Ggk/vQp77pNUbPBwCHXtc9
axkANygMcKlVwcc+EV+3XrGNPjh7+Jj/iQiO5eGpFfjzgX4iQhnnGJqys+CRTACe
x5NP2WjbXnA+qbSgKpNsc6NlrirFGnthn63yRSfIvImi
-----END CERTIFICATE-----
Generated at Thu May 9 18:26:31 2024 by rpki-client on console-fra.rpki-client.org