Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/ocLojybqrMR9wTztcJr6AY-s07U.roa
File: ocLojybqrMR9wTztcJr6AY-s07U.roa (raw, json)
Hash identifier: igNyxKcniHRm94ccZj4kkKHDkiZRDD4dE+mqy7fPTjU=
Subject key identifier: A1:C2:E8:8F:26:EA:AC:C4:7D:C1:3C:ED:70:9A:FA:01:8F:AC:D3:B5
Certificate issuer: /CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Certificate serial: 018CC2DB39FFC951D1F7194D309ECCDD2575
Authority key identifier: DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/ocLojybqrMR9wTztcJr6AY-s07U.roa
Signing time: Mon 01 Jan 2024 02:29:56 +0000
ROA not before: Mon 01 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6855
IP address blocks: 91.245.16.0/23 maxlen: 24
2a01:5f7::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:39:ff:c9:51:d1:f7:19:4d:30:9e:cc:dd:25:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dccb2d5fb253852f1823c65434e8f276d04e4e0c
Validity
Not Before: Jan 1 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1c2e88f26eaacc47dc13ced709afa018facd3b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fa:b1:b7:29:c6:21:d4:a3:dd:9d:e8:96:69:
03:a9:85:c5:36:54:01:37:32:85:2a:9c:ec:fc:78:
d4:11:7f:1c:e5:28:4f:da:1d:43:55:8b:7f:49:c5:
9d:c0:54:0d:4d:bd:1f:04:09:2f:3b:82:ee:ab:b2:
7b:71:48:ad:88:7a:81:86:cb:3f:80:49:2a:d8:68:
0e:07:f9:c1:b7:d5:0e:14:9a:d5:fc:d8:e9:05:fc:
0a:6f:28:df:bc:10:0c:44:fd:63:eb:d3:5b:2d:d6:
c3:27:a4:9a:9d:33:df:89:cb:da:b5:0c:13:2f:f4:
81:d8:06:0e:eb:57:f5:6d:8f:0c:b3:01:9f:4c:78:
0a:93:c1:55:4d:a9:e5:a6:95:ea:4a:57:ee:fc:ff:
d0:42:07:5e:84:fc:a3:8b:9f:a8:a0:46:17:ba:09:
d1:40:28:5c:9b:55:fb:63:ea:13:c0:75:b3:30:98:
14:3c:ed:33:0e:a7:e7:f7:d9:d5:36:9f:aa:61:6c:
77:8d:5a:d5:5c:cd:0b:b1:8f:2b:b1:8b:1c:b9:6f:
a2:21:53:cc:b6:16:4a:62:90:05:81:d8:b7:6d:ca:
e9:ae:3a:8c:7b:6f:5b:c9:5b:92:0f:0e:72:89:02:
00:52:c4:30:75:38:fe:39:61:61:10:7c:b1:3d:41:
da:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C2:E8:8F:26:EA:AC:C4:7D:C1:3C:ED:70:9A:FA:01:8F:AC:D3:B5
X509v3 Authority Key Identifier:
keyid:DC:CB:2D:5F:B2:53:85:2F:18:23:C6:54:34:E8:F2:76:D0:4E:4E:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MstX7JThS8YI8ZUNOjydtBOTgw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/ocLojybqrMR9wTztcJr6AY-s07U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/7c1c29-ca02-490b-aa84-e1a8a6f1d59a/1/3MstX7JThS8YI8ZUNOjydtBOTgw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.16.0/23
IPv6:
2a01:5f7::/32
Signature Algorithm: sha256WithRSAEncryption
74:4b:79:21:ae:2f:23:8c:53:82:82:55:28:12:47:9b:f4:df:
76:67:45:5a:aa:4f:4a:65:f0:ad:ad:e5:ea:5e:cc:25:e6:fb:
f6:f3:d7:59:5d:0c:3c:ca:90:92:6a:00:ea:00:93:a0:d4:93:
c0:b2:82:a0:39:49:e8:1e:8b:4b:a6:8d:68:84:6d:5e:81:6a:
87:28:a1:c4:f0:84:ab:d4:6b:48:aa:0a:0e:cd:99:a2:4d:a2:
98:04:63:02:e3:01:91:22:0b:72:2a:31:1d:9c:a8:95:20:6d:
49:f0:a5:be:df:aa:7e:d2:6b:8e:97:c9:26:f0:9c:86:74:27:
8a:17:f6:ca:d9:3c:30:2b:f4:45:90:04:b2:7d:47:2d:86:3a:
60:07:9b:a1:45:da:d9:10:fc:a4:95:7b:c7:57:e8:01:5d:32:
59:c8:0e:90:40:19:40:02:20:18:6e:15:6d:eb:60:7b:1d:dc:
7c:75:c5:f1:4c:82:ec:d6:a9:9a:9f:da:28:ce:a9:de:16:56:
b2:e1:a5:26:96:c9:47:cb:89:7f:18:e0:78:eb:83:60:40:ad:
b3:1f:37:19:bc:8f:ee:ff:ec:1e:df:ca:50:84:9e:35:72:a2:
2e:e5:37:d5:a9:45:f0:8a:81:e8:3f:04:7a:0c:1a:11:21:55:
03:a8:a0:33
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2zn/yVHR9xlNMJ7M3SV1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjY2IyZDVmYjI1Mzg1MmYxODIzYzY1NDM0ZThmMjc2ZDA0
ZTRlMGMwHhcNMjQwMTAxMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWMyZTg4ZjI2ZWFhY2M0N2RjMTNjZWQ3MDlhZmEwMThmYWNkM2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPqxtynGIdSj3Z3olmkDqYXFNlQB
NzKFKpzs/HjUEX8c5ShP2h1DVYt/ScWdwFQNTb0fBAkvO4Luq7J7cUitiHqBhss/
gEkq2GgOB/nBt9UOFJrV/NjpBfwKbyjfvBAMRP1j69NbLdbDJ6SanTPficvatQwT
L/SB2AYO61f1bY8MswGfTHgKk8FVTanlppXqSlfu/P/QQgdehPyji5+ooEYXugnR
QChcm1X7Y+oTwHWzMJgUPO0zDqfn99nVNp+qYWx3jVrVXM0LsY8rsYscuW+iIVPM
thZKYpAFgdi3bcrprjqMe29byVuSDw5yiQIAUsQwdTj+OWFhEHyxPUHazQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKHC6I8m6qzEfcE87XCa+gGPrNO1MB8GA1UdIwQY
MBaAFNzLLV+yU4UvGCPGVDTo8nbQTk4MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQt
ZTFhOGE2ZjFkNTlhLzEvb2NMb2p5YnFyTVI5d1R6dGNKcjZBWS1zMDdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS83YzFjMjktY2EwMi00OTBiLWFhODQtZTFhOGE2ZjFkNTlh
LzEvM01zdFg3SlRoUzhZSThaVU5PanlkdEJPVGd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW/UQMA0E
AgACMAcDBQAqAQX3MA0GCSqGSIb3DQEBCwUAA4IBAQB0S3khri8jjFOCglUoEkeb
9N92Z0Vaqk9KZfCtreXqXswl5vv289dZXQw8ypCSagDqAJOg1JPAsoKgOUnoHotL
po1ohG1egWqHKKHE8ISr1GtIqgoOzZmiTaKYBGMC4wGRIgtyKjEdnKiVIG1J8KW+
36p+0muOl8km8JyGdCeKF/bK2TwwK/RFkASyfUcthjpgB5uhRdrZEPyklXvHV+gB
XTJZyA6QQBlAAiAYbhVt62B7Hdx8dcXxTILs1qman9oozqneFlay4aUmlslHy4l/
GOB464NgQK2zHzcZvI/u/+we38pQhJ41cqIu5TfVqUXwioHoPwR6DBoRIVUDqKAz
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:06:17 2024 by rpki-client on console-ams.rpki-client.org