Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/cb3e6b-a444-49dd-9f64-17c12273c54a/1/OYuxF5tBNHh9lqdn4I9vnb4G3_Y.roa
File: OYuxF5tBNHh9lqdn4I9vnb4G3_Y.roa (raw, json)
Hash identifier: 6RB0qNmLkeNXi5t4PjEXosaVLsEDV4OBD5m/gkL5Skk=
Subject key identifier: 39:8B:B1:17:9B:41:34:78:7D:96:A7:67:E0:8F:6F:9D:BE:06:DF:F6
Certificate issuer: /CN=4e0a19d48c3547c2adb9f8effdeac6ad9e4f9d19
Certificate serial: 018CCA99AF706B0DD5D640EEE691E47FCAEF
Authority key identifier: 4E:0A:19:D4:8C:35:47:C2:AD:B9:F8:EF:FD:EA:C6:AD:9E:4F:9D:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TgoZ1Iw1R8Ktufjv_erGrZ5PnRk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/cb3e6b-a444-49dd-9f64-17c12273c54a/1/OYuxF5tBNHh9lqdn4I9vnb4G3_Y.roa
Signing time: Tue 02 Jan 2024 14:35:18 +0000
ROA not before: Tue 02 Jan 2024 14:35:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42731
IP address blocks: 194.110.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/cb3e6b-a444-49dd-9f64-17c12273c54a/1/TgoZ1Iw1R8Ktufjv_erGrZ5PnRk.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/cb3e6b-a444-49dd-9f64-17c12273c54a/1/TgoZ1Iw1R8Ktufjv_erGrZ5PnRk.mft
rsync://rpki.ripe.net/repository/DEFAULT/TgoZ1Iw1R8Ktufjv_erGrZ5PnRk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:af:70:6b:0d:d5:d6:40:ee:e6:91:e4:7f:ca:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e0a19d48c3547c2adb9f8effdeac6ad9e4f9d19
Validity
Not Before: Jan 2 14:35:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=398bb1179b4134787d96a767e08f6f9dbe06dff6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:51:0d:1c:2f:3c:29:b8:e3:96:7a:b6:ee:0a:
e5:ea:ab:b5:a0:de:5e:fc:e1:a5:82:3e:d7:7b:ed:
97:e9:21:5c:54:e3:47:0e:08:91:0c:58:ee:3e:0d:
ed:d6:de:6a:58:bf:51:1a:a9:1d:b9:19:24:84:2c:
34:12:f2:96:e2:f1:88:b8:47:ce:eb:21:18:54:0f:
5e:2a:88:d1:ec:5b:1f:71:7e:41:e6:9a:71:02:87:
e7:19:d6:24:81:a5:96:03:0b:c9:fa:bf:e1:bb:89:
ba:20:27:91:e9:e3:1f:4e:7c:78:4e:9e:db:5e:c9:
e6:3a:fd:dd:50:61:2a:51:b5:56:b2:90:c5:fd:07:
51:89:12:6b:f4:a0:30:1e:22:a9:05:e9:ce:9f:39:
3e:49:20:4a:ec:c9:2a:97:6c:36:b9:13:a4:d5:04:
6b:0d:e0:97:b1:8a:56:a1:d6:31:54:2c:1d:54:07:
10:e5:a7:d9:4f:98:0c:0a:fc:92:04:98:d7:b2:4d:
6e:ed:59:23:b2:13:49:f2:d2:7b:b9:b4:7a:20:d7:
0f:f7:ea:22:3e:f7:6f:17:54:82:93:1f:4c:42:90:
68:38:b5:f9:a3:87:8f:df:0a:b7:56:6f:c5:5e:ce:
05:c6:3d:2a:d7:8d:9c:40:7d:b9:f7:05:25:65:5e:
c9:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8B:B1:17:9B:41:34:78:7D:96:A7:67:E0:8F:6F:9D:BE:06:DF:F6
X509v3 Authority Key Identifier:
keyid:4E:0A:19:D4:8C:35:47:C2:AD:B9:F8:EF:FD:EA:C6:AD:9E:4F:9D:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TgoZ1Iw1R8Ktufjv_erGrZ5PnRk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/cb3e6b-a444-49dd-9f64-17c12273c54a/1/OYuxF5tBNHh9lqdn4I9vnb4G3_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/cb3e6b-a444-49dd-9f64-17c12273c54a/1/TgoZ1Iw1R8Ktufjv_erGrZ5PnRk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.212.0/24
Signature Algorithm: sha256WithRSAEncryption
03:1d:b6:5a:0b:b1:77:7d:ab:eb:b0:43:cc:1c:2b:79:41:18:
82:fe:c0:07:cd:41:04:e8:5f:43:89:0b:9a:a6:04:a9:ee:bc:
48:15:21:40:3f:b9:30:a2:db:c9:52:3a:59:55:ec:24:da:bc:
93:1c:b1:74:62:fa:c7:2e:1c:c0:8b:3e:6b:cf:49:b1:7a:63:
5c:04:2d:43:cb:34:32:90:7e:a3:9d:8e:e2:b0:b4:8a:88:da:
ab:f6:c7:9c:e9:28:cd:2a:3e:50:4d:32:5e:21:1d:d4:06:68:
1d:aa:4f:54:38:f4:f6:41:07:55:4c:17:08:83:3e:54:45:86:
08:6c:9c:3c:9f:97:a4:c7:a2:56:2a:1a:d1:86:30:6f:df:76:
cf:14:45:24:3e:a7:d9:5e:14:4f:d0:b9:6f:cf:9e:aa:93:b2:
34:ee:f1:c5:39:e2:0c:b1:eb:98:86:92:49:6c:7d:d8:e6:7c:
2b:46:15:71:ae:90:55:44:d6:c2:65:cf:fb:57:0b:81:b2:cb:
94:9b:a1:26:60:95:72:c8:1b:64:8b:6a:47:8b:bc:fd:e5:4a:
1a:06:35:fb:9b:a6:6c:db:c0:a2:e7:f5:09:b1:2c:fe:e9:94:
70:fe:cb:78:db:95:97:c6:95:7f:63:79:5f:8d:ef:0e:4a:c8:
c1:99:56:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKma9waw3V1kDu5pHkf8rvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMGExOWQ0OGMzNTQ3YzJhZGI5ZjhlZmZkZWFjNmFkOWU0
ZjlkMTkwHhcNMjQwMTAyMTQzNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOThiYjExNzliNDEzNDc4N2Q5NmE3NjdlMDhmNmY5ZGJlMDZkZmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFENHC88Kbjjlnq27grl6qu1oN5e
/OGlgj7Xe+2X6SFcVONHDgiRDFjuPg3t1t5qWL9RGqkduRkkhCw0EvKW4vGIuEfO
6yEYVA9eKojR7FsfcX5B5ppxAofnGdYkgaWWAwvJ+r/hu4m6ICeR6eMfTnx4Tp7b
XsnmOv3dUGEqUbVWspDF/QdRiRJr9KAwHiKpBenOnzk+SSBK7Mkql2w2uROk1QRr
DeCXsYpWodYxVCwdVAcQ5afZT5gMCvySBJjXsk1u7VkjshNJ8tJ7ubR6INcP9+oi
PvdvF1SCkx9MQpBoOLX5o4eP3wq3Vm/FXs4Fxj0q142cQH259wUlZV7JkwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDmLsRebQTR4fZanZ+CPb52+Bt/2MB8GA1UdIwQY
MBaAFE4KGdSMNUfCrbn47/3qxq2eT50ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGdvWjFJdzFSOEt0dWZqdl9lckdyWjVQblJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS9jYjNlNmItYTQ0NC00OWRkLTlmNjQt
MTdjMTIyNzNjNTRhLzEvT1l1eEY1dEJOSGg5bHFkbjRJOXZuYjRHM19ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS9jYjNlNmItYTQ0NC00OWRkLTlmNjQtMTdjMTIyNzNjNTRh
LzEvVGdvWjFJdzFSOEt0dWZqdl9lckdyWjVQblJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwm7UMA0G
CSqGSIb3DQEBCwUAA4IBAQADHbZaC7F3favrsEPMHCt5QRiC/sAHzUEE6F9DiQua
pgSp7rxIFSFAP7kwotvJUjpZVewk2ryTHLF0YvrHLhzAiz5rz0mxemNcBC1DyzQy
kH6jnY7isLSKiNqr9sec6SjNKj5QTTJeIR3UBmgdqk9UOPT2QQdVTBcIgz5URYYI
bJw8n5ekx6JWKhrRhjBv33bPFEUkPqfZXhRP0Llvz56qk7I07vHFOeIMseuYhpJJ
bH3Y5nwrRhVxrpBVRNbCZc/7VwuBssuUm6EmYJVyyBtki2pHi7z95UoaBjX7m6Zs
28Ci5/UJsSz+6ZRw/st425WXxpV/Y3lfje8OSsjBmVZJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:07:07 2024 by rpki-client on console-fra.rpki-client.org