Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/1a44b7-9c4b-40b9-b6ac-d6930c97e967/1/owwdxqBAqbJxnpeaEpqsNAzrfBk.roa
File: owwdxqBAqbJxnpeaEpqsNAzrfBk.roa (raw, json)
Hash identifier: O1YwLdWOVxNvwf7QXInMg67U3uMDFFu3a+vVMP4Sd1U=
Subject key identifier: A3:0C:1D:C6:A0:40:A9:B2:71:9E:97:9A:12:9A:AC:34:0C:EB:7C:19
Certificate issuer: /CN=0ded20e5cfea0d796ab3f73b98cd24bef1c5cc9a
Certificate serial: 018CCA2A82ECE254C72EE9F3BD04D18327A2
Authority key identifier: 0D:ED:20:E5:CF:EA:0D:79:6A:B3:F7:3B:98:CD:24:BE:F1:C5:CC:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/De0g5c_qDXlqs_c7mM0kvvHFzJo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/1a44b7-9c4b-40b9-b6ac-d6930c97e967/1/owwdxqBAqbJxnpeaEpqsNAzrfBk.roa
Signing time: Tue 02 Jan 2024 12:33:52 +0000
ROA not before: Tue 02 Jan 2024 12:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208113
IP address blocks: 2001:678:b24::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/1a44b7-9c4b-40b9-b6ac-d6930c97e967/1/De0g5c_qDXlqs_c7mM0kvvHFzJo.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/1a44b7-9c4b-40b9-b6ac-d6930c97e967/1/De0g5c_qDXlqs_c7mM0kvvHFzJo.mft
rsync://rpki.ripe.net/repository/DEFAULT/De0g5c_qDXlqs_c7mM0kvvHFzJo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 01:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:82:ec:e2:54:c7:2e:e9:f3:bd:04:d1:83:27:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ded20e5cfea0d796ab3f73b98cd24bef1c5cc9a
Validity
Not Before: Jan 2 12:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a30c1dc6a040a9b2719e979a129aac340ceb7c19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:2f:d0:72:5e:55:d9:69:85:8d:86:4b:83:d8:
f5:38:9b:73:35:9f:be:c5:d3:c5:c4:06:bb:8b:11:
7e:82:96:6a:6c:b9:95:9b:2c:0e:c3:65:92:20:b9:
b6:32:f0:0c:82:7c:b8:58:13:8f:66:d2:74:cd:4f:
d8:8b:1b:e1:76:44:2c:9e:fa:5b:dd:2d:f3:c5:68:
dd:ee:14:35:7f:06:ad:29:ed:54:e7:2c:27:7c:c2:
08:31:e0:c2:03:f4:2c:bf:dc:47:e3:5f:db:77:75:
17:5a:22:15:a4:fa:eb:15:3a:e6:85:1d:9b:d9:3c:
b6:ef:c7:39:aa:6f:cd:9f:77:a3:c8:af:bc:f8:f4:
4f:ad:ec:3b:5c:75:dc:9a:3a:4d:04:fa:46:cf:b4:
29:79:8e:09:ab:49:78:83:52:64:d7:de:ca:a0:eb:
9e:ee:e1:e3:3e:36:a9:9a:4f:98:0c:13:44:b7:94:
1b:c0:a6:a6:8f:b6:11:68:ec:8e:10:1e:23:b8:96:
e8:85:2d:af:92:66:b1:ae:35:d8:0b:cc:8a:6b:a0:
70:3c:8e:e2:46:b2:2b:61:a8:63:6c:cd:2e:62:82:
db:86:1a:34:ac:59:a8:19:0b:dc:d2:83:f8:f7:21:
37:3a:01:2b:f9:19:b6:97:73:1e:7c:ee:3a:15:36:
37:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:0C:1D:C6:A0:40:A9:B2:71:9E:97:9A:12:9A:AC:34:0C:EB:7C:19
X509v3 Authority Key Identifier:
keyid:0D:ED:20:E5:CF:EA:0D:79:6A:B3:F7:3B:98:CD:24:BE:F1:C5:CC:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/De0g5c_qDXlqs_c7mM0kvvHFzJo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/1a44b7-9c4b-40b9-b6ac-d6930c97e967/1/owwdxqBAqbJxnpeaEpqsNAzrfBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/1a44b7-9c4b-40b9-b6ac-d6930c97e967/1/De0g5c_qDXlqs_c7mM0kvvHFzJo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:678:b24::/48
Signature Algorithm: sha256WithRSAEncryption
28:0b:f6:6e:f4:96:90:ed:d1:88:cb:27:0e:2d:fa:a9:db:4d:
d1:4e:b2:1e:af:bb:d7:23:9d:27:10:1f:98:ac:59:bf:72:7f:
b0:2a:1c:29:cf:39:41:93:7f:a6:1a:7b:b4:32:7c:85:ef:95:
e8:83:7f:46:f1:3b:57:4c:d5:59:bf:10:a6:46:79:8b:f7:11:
61:f4:b5:33:df:50:7b:b8:bb:37:8b:b8:2d:15:4f:a2:17:5e:
16:8c:ca:68:45:cf:36:4c:58:22:a8:2c:a9:9d:1f:a2:8f:7b:
ad:3c:d8:52:e8:9e:27:35:77:3f:8c:d9:5b:36:1b:bc:07:d2:
e5:45:5f:05:ab:d7:2a:f8:46:12:10:5b:3a:72:e6:81:f3:c0:
85:5c:fd:e0:ec:21:d3:41:14:b7:5f:ec:26:cc:24:9e:5b:1a:
c5:e7:86:58:b1:df:b2:cb:a0:df:8f:54:4a:ce:e5:1d:10:ff:
84:44:8c:1a:b4:c2:a8:89:04:22:1d:ee:d0:c2:73:46:ad:c2:
f0:5b:4a:a4:4a:7f:e1:4c:10:01:6c:1f:63:b6:d9:ca:7c:2b:
1a:23:d8:40:1e:1f:db:41:27:13:1a:71:86:21:7d:48:f4:2c:
41:2f:bb:a8:21:09:4b:32:6f:b5:63:ca:5b:30:28:5b:b4:ae:
a7:ad:ca:9a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKoLs4lTHLunzvQTRgyeiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZWQyMGU1Y2ZlYTBkNzk2YWIzZjczYjk4Y2QyNGJlZjFj
NWNjOWEwHhcNMjQwMTAyMTIzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzBjMWRjNmEwNDBhOWIyNzE5ZTk3OWExMjlhYWMzNDBjZWI3YzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2y/Qcl5V2WmFjYZLg9j1OJtzNZ++
xdPFxAa7ixF+gpZqbLmVmywOw2WSILm2MvAMgny4WBOPZtJ0zU/YixvhdkQsnvpb
3S3zxWjd7hQ1fwatKe1U5ywnfMIIMeDCA/Qsv9xH41/bd3UXWiIVpPrrFTrmhR2b
2Ty278c5qm/Nn3ejyK+8+PRPrew7XHXcmjpNBPpGz7QpeY4Jq0l4g1Jk197KoOue
7uHjPjapmk+YDBNEt5QbwKamj7YRaOyOEB4juJbohS2vkmaxrjXYC8yKa6BwPI7i
RrIrYahjbM0uYoLbhho0rFmoGQvc0oP49yE3OgEr+Rm2l3MefO46FTY3TQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFKMMHcagQKmycZ6XmhKarDQM63wZMB8GA1UdIwQY
MBaAFA3tIOXP6g15arP3O5jNJL7xxcyaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGUwZzVjX3FEWGxxc19jN21NMGt2dkhGekpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS8xYTQ0YjctOWM0Yi00MGI5LWI2YWMt
ZDY5MzBjOTdlOTY3LzEvb3d3ZHhxQkFxYkp4bnBlYUVwcXNOQXpyZkJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS8xYTQ0YjctOWM0Yi00MGI5LWI2YWMtZDY5MzBjOTdlOTY3
LzEvRGUwZzVjX3FEWGxxc19jN21NMGt2dkhGekpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAIAEGeAsk
MA0GCSqGSIb3DQEBCwUAA4IBAQAoC/Zu9JaQ7dGIyycOLfqp203RTrIer7vXI50n
EB+YrFm/cn+wKhwpzzlBk3+mGnu0MnyF75Xog39G8TtXTNVZvxCmRnmL9xFh9LUz
31B7uLs3i7gtFU+iF14WjMpoRc82TFgiqCypnR+ij3utPNhS6J4nNXc/jNlbNhu8
B9LlRV8Fq9cq+EYSEFs6cuaB88CFXP3g7CHTQRS3X+wmzCSeWxrF54ZYsd+yy6Df
j1RKzuUdEP+ERIwatMKoiQQiHe7QwnNGrcLwW0qkSn/hTBABbB9jttnKfCsaI9hA
Hh/bQScTGnGGIX1I9CxBL7uoIQlLMm+1Y8pbMChbtK6nrcqa
-----END CERTIFICATE-----
Generated at Tue May 21 07:42:44 2024 by rpki-client on console-ams.rpki-client.org