Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/OqyaFzUWphOTPe5gRaLWvyiqIjw.roa
File: OqyaFzUWphOTPe5gRaLWvyiqIjw.roa (raw, json)
Hash identifier: 4mnOKGpK2HhYzKOR5VCmhJtGTwHyx+WhP8utBSaDEiA=
Subject key identifier: 3A:AC:9A:17:35:16:A6:13:93:3D:EE:60:45:A2:D6:BF:28:AA:22:3C
Certificate issuer: /CN=3533d439035ccdc5f0c39d1b3fb16195b555fca3
Certificate serial: 018CC870064C618D985C34824AAA81700050
Authority key identifier: 35:33:D4:39:03:5C:CD:C5:F0:C3:9D:1B:3F:B1:61:95:B5:55:FC:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/OqyaFzUWphOTPe5gRaLWvyiqIjw.roa
Signing time: Tue 02 Jan 2024 04:30:33 +0000
ROA not before: Tue 02 Jan 2024 04:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201995
IP address blocks: 185.63.84.0/24 maxlen: 24
2a06:4300::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.mft
rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:70:06:4c:61:8d:98:5c:34:82:4a:aa:81:70:00:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3533d439035ccdc5f0c39d1b3fb16195b555fca3
Validity
Not Before: Jan 2 04:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3aac9a173516a613933dee6045a2d6bf28aa223c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:04:83:a3:81:13:3c:4c:f7:6c:79:26:c2:d3:
c4:99:12:cd:bf:53:2c:63:8d:13:87:ce:0a:eb:d1:
98:4a:5f:ee:f7:29:11:f2:cb:9d:6f:89:b0:f9:1e:
8e:bd:73:59:c9:a8:35:8c:19:e6:01:21:0b:c4:37:
83:63:1c:c4:19:0d:13:45:6d:45:e5:b6:9c:67:c1:
ce:b1:3a:2e:f1:33:c0:3f:75:62:9b:7c:b9:ba:c5:
50:24:05:6e:70:2f:e5:aa:7f:42:5e:38:c5:6d:58:
36:34:4c:f1:d5:fe:7b:f9:75:0b:8b:f6:7e:7c:0e:
68:38:ae:45:92:50:c0:5d:90:af:39:e9:d9:06:98:
8f:13:dd:9c:12:67:87:40:17:d5:3d:7a:50:5c:6e:
e2:97:5e:ec:3c:24:2c:e1:c0:0b:9d:36:b0:f1:a6:
96:52:82:0a:c3:7a:d2:14:40:fd:87:e3:66:39:33:
8a:7f:4b:2e:6a:22:d5:28:2e:79:1f:5d:52:f4:b5:
bf:b6:7a:c2:9e:32:dd:82:d0:ea:11:01:18:1f:6d:
16:ef:65:d6:ce:3b:47:0c:37:f6:16:39:0e:92:7b:
60:fc:e6:8a:eb:a4:27:5f:0c:92:ab:31:5f:60:24:
dc:8b:6a:a2:01:b4:1c:bf:f1:07:cb:cf:93:6c:a8:
ba:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:AC:9A:17:35:16:A6:13:93:3D:EE:60:45:A2:D6:BF:28:AA:22:3C
X509v3 Authority Key Identifier:
keyid:35:33:D4:39:03:5C:CD:C5:F0:C3:9D:1B:3F:B1:61:95:B5:55:FC:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NTPUOQNczcXww50bP7FhlbVV_KM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/OqyaFzUWphOTPe5gRaLWvyiqIjw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/8cf2a6-4529-43d9-b782-36e85abe52ff/1/NTPUOQNczcXww50bP7FhlbVV_KM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.84.0/24
IPv6:
2a06:4300::/32
Signature Algorithm: sha256WithRSAEncryption
25:90:97:3b:dc:16:0f:9b:2b:20:6d:52:64:6e:43:ad:0c:ba:
47:98:6f:29:20:55:21:8a:40:ff:a3:15:de:2a:d0:36:52:97:
91:e9:26:99:d9:63:4e:78:34:0a:73:23:ac:c4:3a:ef:d4:99:
d3:ad:21:d4:cb:6d:aa:8c:6d:6d:a2:73:de:6e:59:b8:b6:b3:
36:00:2c:df:f2:3f:92:71:1c:a6:dc:2a:d0:aa:20:a9:f6:73:
f6:2b:12:a5:14:a4:44:d8:f1:fa:30:cb:7a:d1:10:29:3d:88:
7b:24:79:7c:c8:9e:6d:2b:3c:2c:2b:c1:0e:fd:2f:e2:ef:17:
ac:f8:d1:73:b9:12:a1:1c:ef:6f:1e:92:85:ed:14:8b:be:80:
ed:a0:62:34:7a:c0:6e:13:71:e1:c7:39:de:d4:ab:bf:ad:e1:
bc:bb:ea:c3:01:6b:f4:b5:74:cb:1b:b2:8e:c8:f1:b4:4f:f6:
cc:ce:06:42:48:10:25:68:02:27:72:44:48:56:60:82:25:cf:
4f:ba:18:1c:5d:ee:74:5d:78:a9:69:81:ae:40:a8:61:01:7c:
eb:3c:d3:21:2f:42:a5:2b:d5:28:f9:0e:46:34:ba:6a:80:4b:
eb:03:c6:fe:72:14:be:13:0a:58:d7:0d:fc:d7:d5:b3:ac:af:
9c:cf:7e:b4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIcAZMYY2YXDSCSqqBcABQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MzNkNDM5MDM1Y2NkYzVmMGMzOWQxYjNmYjE2MTk1YjU1
NWZjYTMwHhcNMjQwMTAyMDQzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWFjOWExNzM1MTZhNjEzOTMzZGVlNjA0NWEyZDZiZjI4YWEyMjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoQSDo4ETPEz3bHkmwtPEmRLNv1Ms
Y40Th84K69GYSl/u9ykR8sudb4mw+R6OvXNZyag1jBnmASELxDeDYxzEGQ0TRW1F
5bacZ8HOsTou8TPAP3Vim3y5usVQJAVucC/lqn9CXjjFbVg2NEzx1f57+XULi/Z+
fA5oOK5FklDAXZCvOenZBpiPE92cEmeHQBfVPXpQXG7il17sPCQs4cALnTaw8aaW
UoIKw3rSFED9h+NmOTOKf0suaiLVKC55H11S9LW/tnrCnjLdgtDqEQEYH20W72XW
zjtHDDf2FjkOkntg/OaK66QnXwySqzFfYCTci2qiAbQcv/EHy8+TbKi62QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDqsmhc1FqYTkz3uYEWi1r8oqiI8MB8GA1UdIwQY
MBaAFDUz1DkDXM3F8MOdGz+xYZW1VfyjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy84Y2YyYTYtNDUyOS00M2Q5LWI3ODIt
MzZlODVhYmU1MmZmLzEvT3F5YUZ6VVdwaE9UUGU1Z1JhTFd2eWlxSWp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy84Y2YyYTYtNDUyOS00M2Q5LWI3ODItMzZlODVhYmU1MmZm
LzEvTlRQVU9RTmN6Y1h3dzUwYlA3RmhsYlZWX0tNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuT9UMA0E
AgACMAcDBQAqBkMAMA0GCSqGSIb3DQEBCwUAA4IBAQAlkJc73BYPmysgbVJkbkOt
DLpHmG8pIFUhikD/oxXeKtA2UpeR6SaZ2WNOeDQKcyOsxDrv1JnTrSHUy22qjG1t
onPeblm4trM2ACzf8j+ScRym3CrQqiCp9nP2KxKlFKRE2PH6MMt60RApPYh7JHl8
yJ5tKzwsK8EO/S/i7xes+NFzuRKhHO9vHpKF7RSLvoDtoGI0esBuE3Hhxzne1Ku/
reG8u+rDAWv0tXTLG7KOyPG0T/bMzgZCSBAlaAInckRIVmCCJc9PuhgcXe50XXip
aYGuQKhhAXzrPNMhL0KlK9Uo+Q5GNLpqgEvrA8b+chS+EwpY1w3819WzrK+cz360
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:26:12 2024 by rpki-client on console-ams.rpki-client.org