Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/3b4d8e-06e8-4ea2-927b-a79630b06d93/1/OpGb0KNHgL7BMTzZEZqxZWI76P4.roa
File: OpGb0KNHgL7BMTzZEZqxZWI76P4.roa (raw, json)
Hash identifier: wMeNpJ8/oFp92ngLFWxv8rAa82e7cDOtDDC1sV4DR+k=
Subject key identifier: 3A:91:9B:D0:A3:47:80:BE:C1:31:3C:D9:11:9A:B1:65:62:3B:E8:FE
Certificate issuer: /CN=3a77508994ca4d2cc189d35f3382a2a8ab57b84b
Certificate serial: 018CC726AF3416722967CDC48BC620E014AF
Authority key identifier: 3A:77:50:89:94:CA:4D:2C:C1:89:D3:5F:33:82:A2:A8:AB:57:B8:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OndQiZTKTSzBidNfM4KiqKtXuEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/3b4d8e-06e8-4ea2-927b-a79630b06d93/1/OpGb0KNHgL7BMTzZEZqxZWI76P4.roa
Signing time: Mon 01 Jan 2024 22:30:50 +0000
ROA not before: Mon 01 Jan 2024 22:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48650
IP address blocks: 195.8.40.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/3b4d8e-06e8-4ea2-927b-a79630b06d93/1/OndQiZTKTSzBidNfM4KiqKtXuEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/3b4d8e-06e8-4ea2-927b-a79630b06d93/1/OndQiZTKTSzBidNfM4KiqKtXuEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/OndQiZTKTSzBidNfM4KiqKtXuEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:af:34:16:72:29:67:cd:c4:8b:c6:20:e0:14:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3a77508994ca4d2cc189d35f3382a2a8ab57b84b
Validity
Not Before: Jan 1 22:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a919bd0a34780bec1313cd9119ab165623be8fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:26:f9:2d:e6:93:e4:31:8b:aa:a3:ad:83:ad:
56:53:f1:49:5f:33:8e:3d:fc:e1:7c:a8:7f:3e:c0:
a6:4b:4a:b6:7b:25:c6:7f:1f:d7:1a:90:a2:c7:27:
dd:04:e9:bf:78:00:81:a4:c2:b0:bb:3d:f8:d9:ff:
5b:34:a0:eb:d3:36:bf:57:4f:4b:7e:01:15:01:5b:
e0:a8:0b:f8:1c:4d:a2:24:1b:a8:38:e5:3b:88:8e:
b7:6e:53:84:1d:9b:9f:96:30:65:d9:43:b4:81:38:
e1:8d:91:c4:3b:fb:23:88:3a:ff:2f:19:31:ea:b8:
86:e6:e3:03:53:fc:9c:e8:7b:52:84:98:78:f1:a7:
cb:73:6c:91:3b:0a:b7:2f:41:a0:87:2f:f9:69:a8:
9f:7e:fc:b5:d7:a1:4d:c7:b4:97:f8:4f:91:ab:48:
44:ca:ae:a8:3f:ce:fb:6e:92:24:82:d7:6d:c8:fb:
db:07:d1:df:59:53:c8:b0:b1:5e:bf:96:8f:ed:b2:
bd:1f:d9:99:27:fa:72:1b:86:72:ca:06:15:6d:ca:
17:db:5b:22:15:82:1e:76:7a:63:d3:0a:3e:b6:5b:
d4:7e:be:db:1b:5b:33:9d:73:6a:1d:56:a6:15:1f:
ed:f7:8c:80:0e:0b:12:1f:e6:c5:77:9e:cf:70:16:
5e:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:91:9B:D0:A3:47:80:BE:C1:31:3C:D9:11:9A:B1:65:62:3B:E8:FE
X509v3 Authority Key Identifier:
keyid:3A:77:50:89:94:CA:4D:2C:C1:89:D3:5F:33:82:A2:A8:AB:57:B8:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OndQiZTKTSzBidNfM4KiqKtXuEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/3b4d8e-06e8-4ea2-927b-a79630b06d93/1/OpGb0KNHgL7BMTzZEZqxZWI76P4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/3b4d8e-06e8-4ea2-927b-a79630b06d93/1/OndQiZTKTSzBidNfM4KiqKtXuEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.8.40.0/23
Signature Algorithm: sha256WithRSAEncryption
44:8d:e6:5d:d4:00:8d:af:d0:d7:76:2a:75:0f:7a:5f:91:1c:
07:41:99:08:42:d6:0f:fa:8e:3a:b9:46:ed:ea:75:23:44:70:
00:ae:9a:1e:4f:d8:30:5c:85:0a:98:e5:e0:35:bd:23:c5:e1:
0a:d0:19:fa:ad:6c:24:06:e8:48:89:b4:11:c8:72:37:bc:7b:
33:d3:38:db:75:1c:b2:0e:af:d2:b8:ad:97:88:6e:71:17:33:
a1:fe:3a:39:b0:1d:da:7b:c4:78:75:a1:6e:82:8d:09:c7:cc:
21:e2:b0:05:b5:e7:9c:5d:59:a9:e5:b3:1b:37:5a:0e:3b:8a:
ca:e0:02:42:5f:ea:d0:77:e6:a4:58:81:3e:65:f5:22:1d:82:
76:de:da:14:14:14:45:3b:d9:08:c0:99:31:8b:29:0e:62:cd:
a9:5f:87:29:74:d5:ff:d3:10:51:97:3f:b0:08:15:52:f5:03:
aa:3d:4b:d5:dc:1f:03:c3:46:19:12:8a:a6:c5:b1:dd:cf:88:
5b:d2:35:eb:d5:5e:e1:2f:19:ef:d5:3e:94:05:c4:75:51:b9:
09:fb:a7:06:7a:2c:e5:bf:e4:51:6a:69:48:f3:1b:a9:dd:3d:
61:5e:8b:df:8d:08:b9:a4:c5:b5:49:8c:41:26:b4:bb:1b:16:
fc:ac:7e:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJq80FnIpZ83Ei8Yg4BSvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhNzc1MDg5OTRjYTRkMmNjMTg5ZDM1ZjMzODJhMmE4YWI1
N2I4NGIwHhcNMjQwMTAxMjIzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTkxOWJkMGEzNDc4MGJlYzEzMTNjZDkxMTlhYjE2NTYyM2JlOGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCb5LeaT5DGLqqOtg61WU/FJXzOO
PfzhfKh/PsCmS0q2eyXGfx/XGpCixyfdBOm/eACBpMKwuz342f9bNKDr0za/V09L
fgEVAVvgqAv4HE2iJBuoOOU7iI63blOEHZufljBl2UO0gTjhjZHEO/sjiDr/Lxkx
6riG5uMDU/yc6HtShJh48afLc2yROwq3L0Gghy/5aaiffvy116FNx7SX+E+Rq0hE
yq6oP877bpIkgtdtyPvbB9HfWVPIsLFev5aP7bK9H9mZJ/pyG4ZyygYVbcoX21si
FYIednpj0wo+tlvUfr7bG1sznXNqHVamFR/t94yADgsSH+bFd57PcBZeowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDqRm9CjR4C+wTE82RGasWViO+j+MB8GA1UdIwQY
MBaAFDp3UImUyk0swYnTXzOCoqirV7hLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT25kUWlaVEtUU3pCaWROZk00S2lxS3RYdUVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZi8zYjRkOGUtMDZlOC00ZWEyLTkyN2It
YTc5NjMwYjA2ZDkzLzEvT3BHYjBLTkhnTDdCTVR6WkVacXhaV0k3NlA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZi8zYjRkOGUtMDZlOC00ZWEyLTkyN2ItYTc5NjMwYjA2ZDkz
LzEvT25kUWlaVEtUU3pCaWROZk00S2lxS3RYdUVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwwgoMA0G
CSqGSIb3DQEBCwUAA4IBAQBEjeZd1ACNr9DXdip1D3pfkRwHQZkIQtYP+o46uUbt
6nUjRHAArpoeT9gwXIUKmOXgNb0jxeEK0Bn6rWwkBuhIibQRyHI3vHsz0zjbdRyy
Dq/SuK2XiG5xFzOh/jo5sB3ae8R4daFugo0Jx8wh4rAFteecXVmp5bMbN1oOO4rK
4AJCX+rQd+akWIE+ZfUiHYJ23toUFBRFO9kIwJkxiykOYs2pX4cpdNX/0xBRlz+w
CBVS9QOqPUvV3B8Dw0YZEoqmxbHdz4hb0jXr1V7hLxnv1T6UBcR1UbkJ+6cGeizl
v+RRamlI8xup3T1hXovfjQi5pMW1SYxBJrS7Gxb8rH7t
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:38:29 2024 by rpki-client on console-ams.rpki-client.org