Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/os6omhF7wDkTWOupob3yUnpLEF4.roa
File: os6omhF7wDkTWOupob3yUnpLEF4.roa (raw, json)
Hash identifier: jtU8hwX9GIzQ0cHgAIDOlQTrldOIK7L6EP6mEe+XhXQ=
Subject key identifier: A2:CE:A8:9A:11:7B:C0:39:13:58:EB:A9:A1:BD:F2:52:7A:4B:10:5E
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018CC348DCDEFE0BFE3279EF3728B33C96FD
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/os6omhF7wDkTWOupob3yUnpLEF4.roa
Signing time: Mon 01 Jan 2024 04:29:41 +0000
ROA not before: Mon 01 Jan 2024 04:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60190
IP address blocks: 212.243.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 19:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:dc:de:fe:0b:fe:32:79:ef:37:28:b3:3c:96:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jan 1 04:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2cea89a117bc0391358eba9a1bdf2527a4b105e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:10:11:b9:a6:83:87:57:95:91:be:fa:82:92:
0b:66:48:5c:ce:59:61:1f:96:06:59:c2:e7:55:d1:
d7:a6:f5:e1:95:8e:0c:8e:d4:12:53:7d:15:07:2d:
f0:b2:4e:67:b5:bc:de:db:cc:8b:1d:64:bf:b7:db:
94:64:a1:93:2b:51:a2:50:00:45:f1:ab:6b:f9:8e:
b1:fa:55:a7:dc:a7:9d:6d:b9:68:5e:4d:7b:6b:b2:
98:27:8c:ea:6f:09:53:12:63:00:df:27:7c:b8:f2:
ab:21:9b:d7:57:b8:1b:3e:60:03:fa:07:96:a1:97:
ed:0a:77:fc:fe:46:fc:24:a0:72:9b:3a:b1:75:99:
27:13:24:17:ff:68:b5:81:94:52:65:62:4c:2d:38:
87:60:9e:a8:57:27:38:a6:71:75:f9:10:fa:ff:58:
ee:ce:99:a4:2b:ae:b2:67:87:c9:9d:f7:7e:00:89:
e6:39:2f:57:1d:4f:4b:16:04:d2:32:a4:b2:47:1c:
29:ee:ad:89:c2:9d:f0:44:8c:1c:5e:43:a7:f0:fa:
a2:99:6c:7b:33:c9:bd:aa:32:05:aa:61:08:63:a9:
df:00:08:71:81:f1:f0:d6:42:28:b5:cb:e4:3a:bd:
cd:df:99:a6:50:ac:c3:eb:ce:62:42:c5:c5:03:b9:
e4:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:CE:A8:9A:11:7B:C0:39:13:58:EB:A9:A1:BD:F2:52:7A:4B:10:5E
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/os6omhF7wDkTWOupob3yUnpLEF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.243.120.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:05:bb:83:4e:36:b0:22:fe:2e:09:a7:a5:8a:f4:73:ba:c1:
de:a1:71:85:b3:a7:8b:80:ae:b1:9e:86:3d:2c:47:c6:2a:c9:
6a:70:42:9a:9a:b7:4c:a5:c3:a6:64:f6:ec:63:80:cf:b3:55:
21:41:3d:06:8e:a5:d7:8d:07:be:51:04:f7:66:b1:ba:be:75:
73:b1:32:ba:da:e6:a1:03:52:7d:10:a8:f3:4a:8c:e3:e4:76:
53:e3:ea:28:ab:e6:e0:07:13:dc:41:1f:7b:6c:cb:8d:b2:06:
7b:17:21:99:6c:e6:f9:82:dc:1d:4b:2a:90:f7:49:85:e7:17:
1e:43:0f:8f:b0:9e:6c:dc:e1:b5:59:5e:f7:3b:74:16:ac:a6:
9a:f5:a4:fe:b0:27:d0:8c:63:79:18:9f:32:20:66:4a:17:45:
94:aa:c2:b0:d0:7e:c6:a7:43:a1:c1:2d:4b:ee:b1:d6:6a:ea:
a9:c0:df:eb:37:8d:95:43:ff:b3:f3:b1:60:70:ae:33:8f:9f:
36:e8:dc:37:49:cb:24:bd:d8:5a:bc:ff:e4:70:e4:87:45:5c:
3c:1a:84:28:8f:c8:e3:0a:3e:79:e6:56:77:cb:41:ba:33:82:
8b:81:f2:a3:92:50:4d:1a:c9:2a:ac:b4:c1:ef:40:7c:25:2d:
4c:a5:27:7e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSNze/gv+MnnvNyizPJb9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwMTAxMDQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmNlYTg5YTExN2JjMDM5MTM1OGViYTlhMWJkZjI1MjdhNGIxMDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhBARuaaDh1eVkb76gpILZkhczllh
H5YGWcLnVdHXpvXhlY4MjtQSU30VBy3wsk5ntbze28yLHWS/t9uUZKGTK1GiUABF
8atr+Y6x+lWn3KedbbloXk17a7KYJ4zqbwlTEmMA3yd8uPKrIZvXV7gbPmAD+geW
oZftCnf8/kb8JKBymzqxdZknEyQX/2i1gZRSZWJMLTiHYJ6oVyc4pnF1+RD6/1ju
zpmkK66yZ4fJnfd+AInmOS9XHU9LFgTSMqSyRxwp7q2Jwp3wRIwcXkOn8PqimWx7
M8m9qjIFqmEIY6nfAAhxgfHw1kIotcvkOr3N35mmUKzD685iQsXFA7nkJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKLOqJoRe8A5E1jrqaG98lJ6SxBeMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvb3M2b21oRjd3RGtUV091cG9iM3lVbnBMRUY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1PN4MA0G
CSqGSIb3DQEBCwUAA4IBAQCqBbuDTjawIv4uCaelivRzusHeoXGFs6eLgK6xnoY9
LEfGKslqcEKamrdMpcOmZPbsY4DPs1UhQT0GjqXXjQe+UQT3ZrG6vnVzsTK62uah
A1J9EKjzSozj5HZT4+ooq+bgBxPcQR97bMuNsgZ7FyGZbOb5gtwdSyqQ90mF5xce
Qw+PsJ5s3OG1WV73O3QWrKaa9aT+sCfQjGN5GJ8yIGZKF0WUqsKw0H7Gp0OhwS1L
7rHWauqpwN/rN42VQ/+z87FgcK4zj5826Nw3ScskvdhavP/kcOSHRVw8GoQoj8jj
Cj555lZ3y0G6M4KLgfKjklBNGskqrLTB70B8JS1MpSd+
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:01:16 2024 by rpki-client on console-ams.rpki-client.org