Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/S_OH9SQfIncUAjQcDuxnHcB4c5Q.roa
File: S_OH9SQfIncUAjQcDuxnHcB4c5Q.roa (raw, json)
Hash identifier: WI1/fO4aiW8xk3MKdkcpNIiFS/vKCjHa5nLY92x7Lgw=
Subject key identifier: 4B:F3:87:F5:24:1F:22:77:14:02:34:1C:0E:EC:67:1D:C0:78:73:94
Certificate issuer: /CN=5f7da568ad027b9e249c13e223d322769881a29f
Certificate serial: 018E19037709B1C29B98916BF16E4A4CCBBF
Authority key identifier: 5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/S_OH9SQfIncUAjQcDuxnHcB4c5Q.roa
Signing time: Thu 07 Mar 2024 13:04:01 +0000
ROA not before: Thu 07 Mar 2024 13:04:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29205
IP address blocks: 91.230.36.0/23 maxlen: 23
185.49.12.0/22 maxlen: 24
185.100.228.0/22 maxlen: 22
188.214.16.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.mft
rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 10:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:19:03:77:09:b1:c2:9b:98:91:6b:f1:6e:4a:4c:cb:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f7da568ad027b9e249c13e223d322769881a29f
Validity
Not Before: Mar 7 13:04:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4bf387f5241f22771402341c0eec671dc0787394
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:90:98:ac:19:92:d5:89:65:ba:32:45:51:4f:
d0:f5:f1:0d:de:bd:e4:00:7d:23:00:fc:ab:db:68:
0c:72:95:ff:90:7e:a9:9e:59:d5:ee:ff:9b:8f:a0:
bb:aa:0e:9e:70:6b:50:0b:1c:df:fd:52:37:4f:e4:
b4:72:0d:1c:6b:c9:f0:9b:83:e8:d8:af:8f:9c:00:
e6:65:c9:c9:67:a6:31:60:72:4a:f1:68:77:1f:ec:
ea:a5:3b:83:7b:80:8b:63:a4:46:39:08:b2:9c:c3:
73:67:a3:66:8f:5e:5c:72:a2:d4:7f:7c:34:d0:ce:
5d:55:6f:5e:96:a9:ce:c4:14:4a:f7:d1:7f:75:41:
4b:a9:62:1b:a4:10:8b:0d:07:f1:76:06:fb:ef:b3:
86:7c:c6:c8:5c:ad:e5:b4:ec:b8:84:b3:e4:de:b7:
e3:8f:50:62:bc:2b:03:c8:fe:2d:ab:38:f2:97:0e:
df:6d:d7:74:ad:bc:9d:c7:d4:a4:b4:0b:a3:6c:9f:
22:4b:95:2c:ed:ee:c0:c4:7b:cc:31:84:36:73:cd:
a3:12:da:66:20:33:05:0c:04:05:71:b8:44:cf:a1:
46:42:47:ee:1f:3e:e1:bf:c6:e3:ac:6a:eb:47:77:
97:1f:7e:a3:47:fa:ce:a7:8b:b1:ec:1f:f5:d6:b6:
bd:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F3:87:F5:24:1F:22:77:14:02:34:1C:0E:EC:67:1D:C0:78:73:94
X509v3 Authority Key Identifier:
keyid:5F:7D:A5:68:AD:02:7B:9E:24:9C:13:E2:23:D3:22:76:98:81:A2:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X32laK0Ce54knBPiI9MidpiBop8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/S_OH9SQfIncUAjQcDuxnHcB4c5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/05488f-f4e0-4e6c-94f5-3757539c2ac9/1/X32laK0Ce54knBPiI9MidpiBop8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.36.0/23
185.49.12.0/22
185.100.228.0/22
188.214.16.0/21
Signature Algorithm: sha256WithRSAEncryption
1b:2a:66:ee:0b:fe:d5:81:4b:b5:49:00:95:89:db:ae:89:98:
08:8b:de:31:67:dc:9f:97:80:a2:99:0a:fe:53:d4:f2:41:a2:
08:cd:fa:f9:f7:a5:d9:c7:4b:d3:34:8a:00:63:f5:f5:12:18:
63:19:f9:54:1f:b3:33:2f:fc:12:78:96:ef:ba:c6:34:f1:cd:
f4:e6:b1:fe:79:ad:33:fd:e9:35:ad:85:61:e9:a2:15:68:5e:
2b:0a:f7:89:09:0a:a3:fb:6e:e8:d8:21:59:bb:eb:b5:00:b5:
d2:b3:dc:c1:56:a1:ce:84:4b:cd:59:23:25:a9:6f:3c:4a:5f:
e7:4e:82:55:b2:13:15:0f:29:ba:c3:23:8a:14:dc:33:de:92:
4d:48:c4:4f:4d:ce:06:73:bc:ea:92:37:69:02:c0:e2:92:d5:
91:5b:e0:af:07:f3:8a:51:f3:10:77:12:32:e2:4d:d9:37:85:
5b:cd:92:28:c2:da:62:20:ea:16:79:4a:a2:1c:35:86:85:c7:
9a:32:76:7d:1b:6b:49:23:b5:b8:ef:df:96:ed:5b:b3:63:4e:
2d:d7:cf:fe:04:78:35:ec:12:64:06:38:ad:74:71:92:6c:7e:
7e:c7:6a:79:6c:70:58:32:69:d0:cb:e0:60:ed:8f:5e:79:83:
68:59:df:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY4ZA3cJscKbmJFr8W5KTMu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmN2RhNTY4YWQwMjdiOWUyNDljMTNlMjIzZDMyMjc2OTg4
MWEyOWYwHhcNMjQwMzA3MTMwNDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmYzODdmNTI0MWYyMjc3MTQwMjM0MWMwZWVjNjcxZGMwNzg3Mzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJCYrBmS1YllujJFUU/Q9fEN3r3k
AH0jAPyr22gMcpX/kH6pnlnV7v+bj6C7qg6ecGtQCxzf/VI3T+S0cg0ca8nwm4Po
2K+PnADmZcnJZ6YxYHJK8Wh3H+zqpTuDe4CLY6RGOQiynMNzZ6Nmj15ccqLUf3w0
0M5dVW9elqnOxBRK99F/dUFLqWIbpBCLDQfxdgb777OGfMbIXK3ltOy4hLPk3rfj
j1BivCsDyP4tqzjylw7fbdd0rbydx9SktAujbJ8iS5Us7e7AxHvMMYQ2c82jEtpm
IDMFDAQFcbhEz6FGQkfuHz7hv8bjrGrrR3eXH36jR/rOp4ux7B/11ra97wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFEvzh/UkHyJ3FAI0HA7sZx3AeHOUMB8GA1UdIwQY
MBaAFF99pWitAnueJJwT4iPTInaYgaKfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUt
Mzc1NzUzOWMyYWM5LzEvU19PSDlTUWZJbmNVQWpRY0R1eG5IY0I0YzVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8wNTQ4OGYtZjRlMC00ZTZjLTk0ZjUtMzc1NzUzOWMyYWM5
LzEvWDMybGFLMENlNTRrbkJQaUk5TWlkcGlCb3A4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW+YkAwQC
uTEMAwQCuWTkAwQDvNYQMA0GCSqGSIb3DQEBCwUAA4IBAQAbKmbuC/7VgUu1SQCV
iduuiZgIi94xZ9yfl4CimQr+U9TyQaIIzfr596XZx0vTNIoAY/X1EhhjGflUH7Mz
L/wSeJbvusY08c305rH+ea0z/ek1rYVh6aIVaF4rCveJCQqj+27o2CFZu+u1ALXS
s9zBVqHOhEvNWSMlqW88Sl/nToJVshMVDym6wyOKFNwz3pJNSMRPTc4Gc7zqkjdp
AsDiktWRW+CvB/OKUfMQdxIy4k3ZN4VbzZIowtpiIOoWeUqiHDWGhceaMnZ9G2tJ
I7W479+W7VuzY04t18/+BHg17BJkBjitdHGSbH5+x2p5bHBYMmnQy+Bg7Y9eeYNo
Wd8I
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:33:56 2024 by rpki-client on console-ams.rpki-client.org