Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/okw1zJn8DCC_WvdG5QDyY8DNFm8.roa
File: okw1zJn8DCC_WvdG5QDyY8DNFm8.roa (raw, json)
Hash identifier: ZplBVwDkPXrvH+dVbFf8CkFQLaOnf9BcfiLQ00FKY5M=
Subject key identifier: A2:4C:35:CC:99:FC:0C:20:BF:5A:F7:46:E5:00:F2:63:C0:CD:16:6F
Certificate issuer: /CN=c8d0fc8259075cd675f319d7af4fa713048a515c
Certificate serial: 018CC8DEF5E03EF1FA76FD838642CCA03F22
Authority key identifier: C8:D0:FC:82:59:07:5C:D6:75:F3:19:D7:AF:4F:A7:13:04:8A:51:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yND8glkHXNZ18xnXr0-nEwSKUVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/okw1zJn8DCC_WvdG5QDyY8DNFm8.roa
Signing time: Tue 02 Jan 2024 06:31:44 +0000
ROA not before: Tue 02 Jan 2024 06:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12409
IP address blocks: 212.94.192.0/19 maxlen: 19
2a0a:fc80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/yND8glkHXNZ18xnXr0-nEwSKUVw.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/yND8glkHXNZ18xnXr0-nEwSKUVw.mft
rsync://rpki.ripe.net/repository/DEFAULT/yND8glkHXNZ18xnXr0-nEwSKUVw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:f5:e0:3e:f1:fa:76:fd:83:86:42:cc:a0:3f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d0fc8259075cd675f319d7af4fa713048a515c
Validity
Not Before: Jan 2 06:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a24c35cc99fc0c20bf5af746e500f263c0cd166f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:dc:f8:72:b8:02:4c:ba:29:ca:03:39:4e:76:
a6:8e:5d:7c:95:44:97:26:20:a7:45:6d:52:80:08:
7b:d8:04:56:2d:80:98:23:80:78:16:ee:7f:47:7d:
0e:31:8b:55:aa:86:2d:79:3e:90:e6:9b:64:f8:69:
6f:b3:b4:29:ba:86:26:b3:e6:75:ed:e3:08:14:9c:
4b:f2:20:5b:4a:22:7b:b4:4d:a9:03:a2:41:5a:a7:
f7:59:02:8c:ad:5a:39:79:0f:88:25:49:07:76:72:
f3:19:71:74:86:84:b3:9b:f9:44:1b:da:c6:00:c9:
af:8a:9b:35:e4:30:d9:a0:37:f8:b1:2c:b6:ed:b9:
d6:c4:18:14:c8:d2:5c:8d:eb:c3:7d:8e:69:35:f9:
32:06:a0:39:25:52:4c:d7:87:a8:ca:11:c0:02:04:
07:f1:b5:1a:eb:7c:c6:47:3f:77:75:b8:33:5e:e6:
b1:2a:b2:9b:4c:b3:00:af:69:ba:ff:dd:15:79:d8:
a3:fc:c6:47:b4:cb:c4:1b:a9:f9:18:50:e8:b3:e3:
13:34:b1:0d:39:b9:02:db:48:5e:22:e9:89:dc:3f:
13:2e:96:5e:46:44:09:85:11:4e:4e:92:99:95:3c:
cd:fd:e1:8a:9b:bb:3f:83:e9:90:e1:68:8e:84:b8:
cb:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:4C:35:CC:99:FC:0C:20:BF:5A:F7:46:E5:00:F2:63:C0:CD:16:6F
X509v3 Authority Key Identifier:
keyid:C8:D0:FC:82:59:07:5C:D6:75:F3:19:D7:AF:4F:A7:13:04:8A:51:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yND8glkHXNZ18xnXr0-nEwSKUVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/okw1zJn8DCC_WvdG5QDyY8DNFm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/45c862-9e33-45c8-a728-7a2fd10269be/1/yND8glkHXNZ18xnXr0-nEwSKUVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.94.192.0/19
IPv6:
2a0a:fc80::/32
Signature Algorithm: sha256WithRSAEncryption
98:7b:f2:0e:cc:84:1d:d8:3d:6e:db:a8:0a:97:9d:66:97:1d:
b9:fa:60:d5:42:b6:61:23:ab:2a:d1:c5:75:69:53:5d:22:42:
76:c1:b6:63:4f:74:05:6c:b8:85:c3:2b:05:4d:18:26:93:2a:
11:c5:89:ae:11:98:ec:3b:c2:99:ca:61:41:d5:85:62:c0:81:
68:a2:b4:22:b5:da:fd:ef:f9:bd:a1:b2:0f:a4:df:4e:7f:d3:
2a:b2:60:cc:e9:9a:ad:7e:62:b3:ab:e7:aa:c3:06:34:6a:d9:
cb:04:cc:87:87:f2:88:ad:c3:0c:3b:7f:93:4a:02:ee:9e:a2:
88:97:09:fd:a8:91:0b:60:28:9b:e1:e6:15:d9:5e:5c:b4:fd:
42:36:33:21:76:dc:d0:56:4d:96:3d:91:ba:83:43:5c:28:84:
32:2e:1f:8b:48:c5:d2:cb:ba:92:c0:32:36:fb:ca:17:e2:7f:
68:97:39:bb:5a:d8:69:d2:64:ab:b8:55:11:6a:18:1a:fa:bf:
26:00:d6:98:d1:be:db:9e:2d:d1:1e:00:da:4b:95:bf:41:2d:
1a:81:b5:0e:64:f6:65:44:ce:86:db:63:42:92:b9:8c:eb:c7:
ff:d6:02:6c:31:9c:7e:9a:85:84:a8:91:36:88:ef:2a:61:34:
db:07:5e:ff
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI3vXgPvH6dv2DhkLMoD8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDBmYzgyNTkwNzVjZDY3NWYzMTlkN2FmNGZhNzEzMDQ4
YTUxNWMwHhcNMjQwMTAyMDYzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjRjMzVjYzk5ZmMwYzIwYmY1YWY3NDZlNTAwZjI2M2MwY2QxNjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNz4crgCTLopygM5Tnamjl18lUSX
JiCnRW1SgAh72ARWLYCYI4B4Fu5/R30OMYtVqoYteT6Q5ptk+Glvs7QpuoYms+Z1
7eMIFJxL8iBbSiJ7tE2pA6JBWqf3WQKMrVo5eQ+IJUkHdnLzGXF0hoSzm/lEG9rG
AMmvips15DDZoDf4sSy27bnWxBgUyNJcjevDfY5pNfkyBqA5JVJM14eoyhHAAgQH
8bUa63zGRz93dbgzXuaxKrKbTLMAr2m6/90Vedij/MZHtMvEG6n5GFDos+MTNLEN
ObkC20heIumJ3D8TLpZeRkQJhRFOTpKZlTzN/eGKm7s/g+mQ4WiOhLjLSwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKJMNcyZ/Awgv1r3RuUA8mPAzRZvMB8GA1UdIwQY
MBaAFMjQ/IJZB1zWdfMZ169PpxMEilFcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5EOGdsa0hYTloxOHhuWHIwLW5Fd1NLVVZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC80NWM4NjItOWUzMy00NWM4LWE3Mjgt
N2EyZmQxMDI2OWJlLzEvb2t3MXpKbjhEQ0NfV3ZkRzVRRHlZOERORm04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC80NWM4NjItOWUzMy00NWM4LWE3MjgtN2EyZmQxMDI2OWJl
LzEveU5EOGdsa0hYTloxOHhuWHIwLW5Fd1NLVVZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQF1F7AMA0E
AgACMAcDBQAqCvyAMA0GCSqGSIb3DQEBCwUAA4IBAQCYe/IOzIQd2D1u26gKl51m
lx25+mDVQrZhI6sq0cV1aVNdIkJ2wbZjT3QFbLiFwysFTRgmkyoRxYmuEZjsO8KZ
ymFB1YViwIFoorQitdr97/m9obIPpN9Of9MqsmDM6ZqtfmKzq+eqwwY0atnLBMyH
h/KIrcMMO3+TSgLunqKIlwn9qJELYCib4eYV2V5ctP1CNjMhdtzQVk2WPZG6g0Nc
KIQyLh+LSMXSy7qSwDI2+8oX4n9olzm7Wthp0mSruFURahga+r8mANaY0b7bni3R
HgDaS5W/QS0agbUOZPZlRM6G22NCkrmM68f/1gJsMZx+moWEqJE2iO8qYTTbB17/
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:39:49 2024 by rpki-client on console-fra.rpki-client.org