Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/oDwSFcY0odLaDJKrXT16RvMwb2M.roa
File: oDwSFcY0odLaDJKrXT16RvMwb2M.roa (raw, json)
Hash identifier: 7sVdyhFq647I09oqD5tpRmlyARqgKc1mDDYvbygl3WM=
Subject key identifier: A0:3C:12:15:C6:34:A1:D2:DA:0C:92:AB:5D:3D:7A:46:F3:30:6F:63
Certificate issuer: /CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Certificate serial: 018CC87075B9D85BA5F7ACCD8188DFC667D3
Authority key identifier: 2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/oDwSFcY0odLaDJKrXT16RvMwb2M.roa
Signing time: Tue 02 Jan 2024 04:31:02 +0000
ROA not before: Tue 02 Jan 2024 04:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211415
IP address blocks: 185.242.108.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:75:b9:d8:5b:a5:f7:ac:cd:81:88:df:c6:67:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b145a8bdf2bca150f25ed54a277b8f653efdb3e
Validity
Not Before: Jan 2 04:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a03c1215c634a1d2da0c92ab5d3d7a46f3306f63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3d:28:ab:09:0d:57:1d:9c:4f:40:f5:28:fc:
a8:28:a0:43:62:66:c1:93:7b:21:be:c4:94:49:36:
06:68:e4:12:54:93:8d:ed:b0:37:15:61:99:ee:0a:
67:af:38:7f:36:28:f3:2a:c8:b0:89:04:61:b3:1b:
66:8a:de:38:f9:4d:1e:ac:04:41:08:af:b9:32:d8:
af:be:5c:9d:44:e5:3a:15:ce:ac:9e:ff:b8:85:cf:
a9:c5:4c:92:ba:3a:78:3b:fc:fd:e7:8a:b7:b0:c5:
d8:ef:37:6a:7d:36:97:f8:6c:58:d4:ca:9a:0e:87:
0e:18:1f:de:18:ac:fe:f5:0d:77:15:c1:d3:67:99:
ba:eb:76:4f:bb:23:57:f7:5b:cc:b2:55:8a:47:43:
f5:fd:23:45:72:02:05:c3:7c:63:a9:58:0d:76:a1:
cc:17:4c:d4:e8:77:e2:3e:8c:a7:28:be:0e:4d:4d:
56:05:c3:13:d0:8b:85:44:57:7b:f0:6f:4c:48:43:
ee:c0:bf:cc:dd:df:78:ca:55:45:9f:d9:90:4f:d7:
cc:7a:ff:23:d0:ca:8b:c1:3b:ff:49:ae:ea:19:67:
90:50:89:69:95:0e:b6:e1:de:ce:83:5d:40:99:65:
e2:17:72:a4:89:41:33:34:f3:52:f3:76:65:a8:89:
84:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:3C:12:15:C6:34:A1:D2:DA:0C:92:AB:5D:3D:7A:46:F3:30:6F:63
X509v3 Authority Key Identifier:
keyid:2B:14:5A:8B:DF:2B:CA:15:0F:25:ED:54:A2:77:B8:F6:53:EF:DB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KxRai98ryhUPJe1Uone49lPv2z4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/oDwSFcY0odLaDJKrXT16RvMwb2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/0d8c8f-ff2c-4da8-b443-3040bed3cccd/1/KxRai98ryhUPJe1Uone49lPv2z4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.242.108.0/22
Signature Algorithm: sha256WithRSAEncryption
2f:71:84:d4:a9:b4:a2:7f:3d:04:45:64:d7:d0:d5:0b:fa:b3:
67:dd:ff:43:e5:d5:69:7f:06:c8:51:fa:08:e8:03:26:07:b5:
e2:1c:5d:22:61:be:43:8f:13:0e:e7:6b:f3:e3:9c:39:b0:ac:
eb:de:a8:68:34:86:05:c0:2a:d6:98:a0:9d:e7:2a:ca:b1:b1:
5a:2c:f0:47:23:df:b9:3e:24:cf:cc:51:10:97:19:6b:dc:44:
0b:07:09:5a:86:d6:10:1a:b3:09:2c:7e:60:a6:1a:4c:16:3b:
b4:60:4b:72:51:f2:11:c0:be:f0:94:4f:7a:4e:69:3f:72:31:
3b:27:08:db:29:e1:94:8a:91:c1:1d:70:db:d6:35:3c:ae:b2:
30:6f:6d:3c:77:e4:b5:b6:97:4e:a6:3f:86:1a:6a:9e:18:f5:
bf:7a:01:63:58:ec:73:30:97:5d:7f:6b:1e:1d:be:95:1f:11:
41:41:ab:d8:04:79:9d:b5:bd:f6:5f:2f:50:a0:c1:64:3f:a2:
49:9b:c6:0f:14:37:5a:34:61:1f:2e:b5:5e:ec:a0:5e:33:cb:
dd:4c:e8:40:b5:ef:9a:e5:2c:4f:b0:81:e8:6e:5e:c9:c2:ef:
c5:20:63:e4:5c:85:21:ac:40:b4:c9:e3:db:11:9d:87:47:b0:
a8:ec:90:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcHW52Ful96zNgYjfxmfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiMTQ1YThiZGYyYmNhMTUwZjI1ZWQ1NGEyNzdiOGY2NTNl
ZmRiM2UwHhcNMjQwMTAyMDQzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDNjMTIxNWM2MzRhMWQyZGEwYzkyYWI1ZDNkN2E0NmYzMzA2ZjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArT0oqwkNVx2cT0D1KPyoKKBDYmbB
k3shvsSUSTYGaOQSVJON7bA3FWGZ7gpnrzh/NijzKsiwiQRhsxtmit44+U0erARB
CK+5MtivvlydROU6Fc6snv+4hc+pxUySujp4O/z954q3sMXY7zdqfTaX+GxY1Mqa
DocOGB/eGKz+9Q13FcHTZ5m663ZPuyNX91vMslWKR0P1/SNFcgIFw3xjqVgNdqHM
F0zU6HfiPoynKL4OTU1WBcMT0IuFRFd78G9MSEPuwL/M3d94ylVFn9mQT9fMev8j
0MqLwTv/Sa7qGWeQUIlplQ624d7Og11AmWXiF3KkiUEzNPNS83ZlqImEFwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKA8EhXGNKHS2gySq109ekbzMG9jMB8GA1UdIwQY
MBaAFCsUWovfK8oVDyXtVKJ3uPZT79s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMt
MzA0MGJlZDNjY2NkLzEvb0R3U0ZjWTBvZExhREpLclhUMTZSdk13YjJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8wZDhjOGYtZmYyYy00ZGE4LWI0NDMtMzA0MGJlZDNjY2Nk
LzEvS3hSYWk5OHJ5aFVQSmUxVW9uZTQ5bFB2Mno0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCufJsMA0G
CSqGSIb3DQEBCwUAA4IBAQAvcYTUqbSifz0ERWTX0NUL+rNn3f9D5dVpfwbIUfoI
6AMmB7XiHF0iYb5DjxMO52vz45w5sKzr3qhoNIYFwCrWmKCd5yrKsbFaLPBHI9+5
PiTPzFEQlxlr3EQLBwlahtYQGrMJLH5gphpMFju0YEtyUfIRwL7wlE96Tmk/cjE7
JwjbKeGUipHBHXDb1jU8rrIwb208d+S1tpdOpj+GGmqeGPW/egFjWOxzMJddf2se
Hb6VHxFBQavYBHmdtb32Xy9QoMFkP6JJm8YPFDdaNGEfLrVe7KBeM8vdTOhAte+a
5SxPsIHobl7Jwu/FIGPkXIUhrEC0yePbEZ2HR7Co7JDJ
-----END CERTIFICATE-----
Generated at Sun Apr 21 04:28:04 2024 by rpki-client on console-ams.rpki-client.org