Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a40066-05ea-403e-b8e7-07cf0b33a849/1/oC9Clq9P7k9UJciJrjcorNkTK5I.roa
File: oC9Clq9P7k9UJciJrjcorNkTK5I.roa (raw, json)
Hash identifier: X5cs66ioLqxy9bt/27qnoxTdDUJjsglaa9Mh08PBnbA=
Subject key identifier: A0:2F:42:96:AF:4F:EE:4F:54:25:C8:89:AE:37:28:AC:D9:13:2B:92
Certificate issuer: /CN=c06cb5642e87d4e4e0309084228e29e6999ed0b7
Certificate serial: 018CC50079BE7CAA682899D802DD53AA6FC7
Authority key identifier: C0:6C:B5:64:2E:87:D4:E4:E0:30:90:84:22:8E:29:E6:99:9E:D0:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wGy1ZC6H1OTgMJCEIo4p5pme0Lc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a40066-05ea-403e-b8e7-07cf0b33a849/1/oC9Clq9P7k9UJciJrjcorNkTK5I.roa
Signing time: Mon 01 Jan 2024 12:29:51 +0000
ROA not before: Mon 01 Jan 2024 12:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 45.85.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/a40066-05ea-403e-b8e7-07cf0b33a849/1/wGy1ZC6H1OTgMJCEIo4p5pme0Lc.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/a40066-05ea-403e-b8e7-07cf0b33a849/1/wGy1ZC6H1OTgMJCEIo4p5pme0Lc.mft
rsync://rpki.ripe.net/repository/DEFAULT/wGy1ZC6H1OTgMJCEIo4p5pme0Lc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:79:be:7c:aa:68:28:99:d8:02:dd:53:aa:6f:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c06cb5642e87d4e4e0309084228e29e6999ed0b7
Validity
Not Before: Jan 1 12:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a02f4296af4fee4f5425c889ae3728acd9132b92
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:3c:24:cd:d4:7e:fa:f8:0a:83:b2:71:0e:ab:
11:13:d7:91:4a:96:f5:68:c6:a3:4d:d7:c1:ed:b5:
0a:09:97:29:a4:fc:f9:15:e9:bf:1c:cf:d1:52:db:
bf:00:b1:ab:13:dd:86:9c:e1:58:d5:bb:78:8c:60:
2d:70:2b:80:53:6b:4e:5d:c7:f7:e6:10:42:06:a5:
a7:b8:35:32:14:fc:dc:ef:c2:cb:77:e1:82:f9:3c:
71:d1:6c:74:2c:73:a1:1c:40:b0:ae:1c:53:62:14:
bf:82:5d:f0:28:72:45:71:fe:ed:9c:09:66:4d:4b:
02:18:c8:c6:45:8f:39:4d:05:01:b8:b6:32:d1:a2:
76:19:0d:74:e5:67:cd:1b:c5:f3:22:32:36:d2:63:
4f:96:77:ba:fd:f5:1c:84:b2:1b:8a:3e:7a:b2:e0:
ec:2c:c6:61:24:08:c5:d2:c3:7e:b6:c0:c9:44:81:
83:3a:2e:05:b3:05:f3:99:b9:bd:70:d5:c5:00:04:
64:0c:c1:66:6f:e5:8a:82:bb:a2:c2:d2:f2:cc:e3:
be:67:1b:5c:fb:81:44:41:44:76:71:10:8c:bd:46:
84:19:15:bd:eb:a3:74:70:14:10:f8:e2:fa:10:8d:
6a:9f:5b:74:bf:c9:50:bf:5b:8e:4d:00:9b:b0:59:
af:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:2F:42:96:AF:4F:EE:4F:54:25:C8:89:AE:37:28:AC:D9:13:2B:92
X509v3 Authority Key Identifier:
keyid:C0:6C:B5:64:2E:87:D4:E4:E0:30:90:84:22:8E:29:E6:99:9E:D0:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wGy1ZC6H1OTgMJCEIo4p5pme0Lc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a40066-05ea-403e-b8e7-07cf0b33a849/1/oC9Clq9P7k9UJciJrjcorNkTK5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a40066-05ea-403e-b8e7-07cf0b33a849/1/wGy1ZC6H1OTgMJCEIo4p5pme0Lc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.99.0/24
Signature Algorithm: sha256WithRSAEncryption
76:9c:c2:05:dc:63:19:30:7a:09:d6:1b:cb:8f:cc:43:19:56:
e4:3a:e2:49:ea:16:e4:b4:87:b9:53:00:3d:6c:dc:50:ac:d8:
93:8a:b4:f9:3b:fe:ef:d9:20:5f:5b:92:49:1f:e9:f8:97:94:
67:d1:28:38:17:67:2e:01:88:16:a9:f4:57:38:ae:f1:3c:07:
93:97:06:4b:a7:1f:16:7a:37:e7:70:6b:10:19:b7:68:8e:22:
76:fc:43:e6:0f:3f:df:e2:0c:4d:ee:05:00:be:c7:2a:f4:0d:
a3:44:a7:57:ab:23:ec:2c:6c:d6:e0:4a:a2:8c:a2:b4:06:ff:
e0:31:59:47:56:8f:3c:aa:43:0d:3d:72:51:15:cb:c6:1a:5f:
08:35:2b:54:d4:4b:27:71:07:42:4c:69:5f:cf:1a:63:9c:95:
04:d5:16:63:d1:55:16:48:49:0a:5e:4d:7d:b1:04:ae:d5:4f:
9b:bf:c7:86:4c:d6:63:4e:28:35:88:dd:ed:8a:fb:0e:42:f2:
fe:ae:00:e9:a9:a4:5f:0e:86:83:ad:3c:40:91:6d:f5:20:e6:
49:a1:39:03:c4:f9:ed:41:aa:9b:63:6e:b1:e9:e4:2b:e7:22:
ab:dd:34:4d:06:02:22:66:9d:e2:93:a4:4c:93:13:9f:4c:9a:
46:4b:91:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAHm+fKpoKJnYAt1Tqm/HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNmNiNTY0MmU4N2Q0ZTRlMDMwOTA4NDIyOGUyOWU2OTk5
ZWQwYjcwHhcNMjQwMTAxMTIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDJmNDI5NmFmNGZlZTRmNTQyNWM4ODlhZTM3MjhhY2Q5MTMyYjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDwkzdR++vgKg7JxDqsRE9eRSpb1
aMajTdfB7bUKCZcppPz5Fem/HM/RUtu/ALGrE92GnOFY1bt4jGAtcCuAU2tOXcf3
5hBCBqWnuDUyFPzc78LLd+GC+Txx0Wx0LHOhHECwrhxTYhS/gl3wKHJFcf7tnAlm
TUsCGMjGRY85TQUBuLYy0aJ2GQ105WfNG8XzIjI20mNPlne6/fUchLIbij56suDs
LMZhJAjF0sN+tsDJRIGDOi4FswXzmbm9cNXFAARkDMFmb+WKgruiwtLyzOO+Zxtc
+4FEQUR2cRCMvUaEGRW966N0cBQQ+OL6EI1qn1t0v8lQv1uOTQCbsFmvuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKAvQpavT+5PVCXIia43KKzZEyuSMB8GA1UdIwQY
MBaAFMBstWQuh9Tk4DCQhCKOKeaZntC3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0d5MVpDNkgxT1RnTUpDRUlvNHA1cG1lMExjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hNDAwNjYtMDVlYS00MDNlLWI4ZTct
MDdjZjBiMzNhODQ5LzEvb0M5Q2xxOVA3azlVSmNpSnJqY29yTmtUSzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hNDAwNjYtMDVlYS00MDNlLWI4ZTctMDdjZjBiMzNhODQ5
LzEvd0d5MVpDNkgxT1RnTUpDRUlvNHA1cG1lMExjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALVVjMA0G
CSqGSIb3DQEBCwUAA4IBAQB2nMIF3GMZMHoJ1hvLj8xDGVbkOuJJ6hbktIe5UwA9
bNxQrNiTirT5O/7v2SBfW5JJH+n4l5Rn0Sg4F2cuAYgWqfRXOK7xPAeTlwZLpx8W
ejfncGsQGbdojiJ2/EPmDz/f4gxN7gUAvscq9A2jRKdXqyPsLGzW4EqijKK0Bv/g
MVlHVo88qkMNPXJRFcvGGl8INStU1EsncQdCTGlfzxpjnJUE1RZj0VUWSEkKXk19
sQSu1U+bv8eGTNZjTig1iN3tivsOQvL+rgDpqaRfDoaDrTxAkW31IOZJoTkDxPnt
QaqbY26x6eQr5yKr3TRNBgIiZp3ik6RMkxOfTJpGS5EV
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:01:27 2024 by rpki-client on console-ams.rpki-client.org