Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/ObQ-a-YoT9d0J20R2C8_0PoZ-R4.roa
File: ObQ-a-YoT9d0J20R2C8_0PoZ-R4.roa (raw, json)
Hash identifier: fUFOhLtcYVAdfkaJN9B9AkGUOQi+JBVh1S7d0tqQ1Wc=
Subject key identifier: 39:B4:3E:6B:E6:28:4F:D7:74:27:6D:11:D8:2F:3F:D0:FA:19:F9:1E
Certificate issuer: /CN=f56b2049b3a9aa6f2368e6eeb4bfcd167953a5e9
Certificate serial: 018CC8DFB349683A7AC4A8C525F7DD50E11C
Authority key identifier: F5:6B:20:49:B3:A9:AA:6F:23:68:E6:EE:B4:BF:CD:16:79:53:A5:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/ObQ-a-YoT9d0J20R2C8_0PoZ-R4.roa
Signing time: Tue 02 Jan 2024 06:32:32 +0000
ROA not before: Tue 02 Jan 2024 06:32:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43366
IP address blocks: 45.155.212.0/22 maxlen: 25
195.35.114.0/23 maxlen: 24
185.103.76.0/22 maxlen: 24
2a06:2a80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/9WsgSbOpqm8jaObutL_NFnlTpek.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/9WsgSbOpqm8jaObutL_NFnlTpek.mft
rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Jun 2024 08:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:b3:49:68:3a:7a:c4:a8:c5:25:f7:dd:50:e1:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f56b2049b3a9aa6f2368e6eeb4bfcd167953a5e9
Validity
Not Before: Jan 2 06:32:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39b43e6be6284fd774276d11d82f3fd0fa19f91e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:19:0d:ea:93:85:ce:42:c5:a6:cf:4c:cd:a2:
37:fa:1f:3b:c4:8f:25:9f:d4:76:ac:24:bf:a1:4b:
45:78:81:66:e4:7f:76:11:b8:2a:38:da:46:02:92:
6f:54:5c:b8:b5:f9:d1:60:f9:fd:6c:1d:3e:9a:86:
7e:45:d9:1f:4b:f8:7c:b3:4a:08:59:3a:7f:d6:1f:
74:91:3f:fd:62:89:db:59:92:47:ad:67:f7:54:30:
26:fa:8d:20:a1:10:bb:6d:d7:4b:d4:03:3e:26:15:
d1:46:55:3f:ee:0d:4f:6b:15:8e:b6:65:11:19:30:
e2:16:11:2d:02:5d:a2:5c:cb:d7:18:0e:58:64:e2:
af:79:bc:d5:4a:34:d6:b8:7f:b3:d1:16:02:82:a9:
1a:87:23:26:40:67:5b:ae:c1:87:e8:ab:c1:66:2b:
ae:55:4b:36:28:9c:cf:9a:c8:fe:97:89:97:e7:73:
4a:e6:8a:bb:54:7f:52:a5:83:ac:58:af:f0:af:0d:
f2:ff:be:ca:f8:6b:d8:62:47:ad:50:14:e6:63:9f:
35:08:89:4d:35:0a:d1:bd:13:f9:22:fb:6c:d5:cd:
9e:df:c6:0a:cc:fd:07:ea:1a:fd:36:53:ea:b5:3c:
e2:0c:df:d7:ca:61:e4:6c:fd:d0:29:f7:18:9e:5f:
1d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B4:3E:6B:E6:28:4F:D7:74:27:6D:11:D8:2F:3F:D0:FA:19:F9:1E
X509v3 Authority Key Identifier:
keyid:F5:6B:20:49:B3:A9:AA:6F:23:68:E6:EE:B4:BF:CD:16:79:53:A5:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9WsgSbOpqm8jaObutL_NFnlTpek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/ObQ-a-YoT9d0J20R2C8_0PoZ-R4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/d1a71c-b8f8-412d-9da1-2401b74206f3/1/9WsgSbOpqm8jaObutL_NFnlTpek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.212.0/22
185.103.76.0/22
195.35.114.0/23
IPv6:
2a06:2a80::/29
Signature Algorithm: sha256WithRSAEncryption
54:0d:5d:0b:bd:9a:eb:fa:c7:73:18:8f:17:dc:02:40:42:d4:
1e:ec:3d:69:ea:ed:d4:f1:cd:8e:27:20:0d:93:2f:ed:25:a6:
06:63:c6:eb:bc:0c:00:6b:17:68:d5:a9:3d:c8:13:e4:0c:61:
e3:2d:d4:da:91:d1:5b:8d:01:b9:15:e4:bb:56:11:13:03:45:
db:2b:d7:97:33:43:48:6e:06:15:29:89:c1:8a:e0:ac:65:31:
f1:bf:ef:3d:24:4a:e9:d4:84:59:a6:f2:7e:02:a9:0e:ab:d0:
98:e8:1b:21:98:35:75:d3:dd:06:6e:35:75:87:e2:c9:44:6e:
b9:76:32:ea:a7:cb:00:46:96:58:39:e7:64:a4:7d:81:f0:2f:
65:05:59:57:30:36:ec:af:d5:1e:d5:7e:df:7a:b9:12:81:0b:
a2:3e:b3:c9:b5:34:a5:e9:5e:a1:8d:7f:9b:5f:ca:fb:e2:a8:
8e:e8:7d:e4:6a:e5:bb:8c:6e:ff:f4:fb:a4:69:57:94:04:61:
b7:e5:dc:e5:c2:6e:8c:1c:34:25:f1:c6:14:97:41:db:4d:52:
11:d8:be:93:d6:76:69:d7:0e:db:26:75:3c:9c:d2:94:e7:6f:
80:2a:0d:5a:99:23:c6:54:52:e8:08:9d:6e:6a:22:57:1c:b2:
00:a7:7c:31
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzI37NJaDp6xKjFJffdUOEcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NmIyMDQ5YjNhOWFhNmYyMzY4ZTZlZWI0YmZjZDE2Nzk1
M2E1ZTkwHhcNMjQwMTAyMDYzMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWI0M2U2YmU2Mjg0ZmQ3NzQyNzZkMTFkODJmM2ZkMGZhMTlmOTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgxkN6pOFzkLFps9MzaI3+h87xI8l
n9R2rCS/oUtFeIFm5H92EbgqONpGApJvVFy4tfnRYPn9bB0+moZ+RdkfS/h8s0oI
WTp/1h90kT/9YonbWZJHrWf3VDAm+o0goRC7bddL1AM+JhXRRlU/7g1PaxWOtmUR
GTDiFhEtAl2iXMvXGA5YZOKvebzVSjTWuH+z0RYCgqkahyMmQGdbrsGH6KvBZiuu
VUs2KJzPmsj+l4mX53NK5oq7VH9SpYOsWK/wrw3y/77K+GvYYketUBTmY581CIlN
NQrRvRP5Ivts1c2e38YKzP0H6hr9NlPqtTziDN/XymHkbP3QKfcYnl8d2wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDm0PmvmKE/XdCdtEdgvP9D6GfkeMB8GA1UdIwQY
MBaAFPVrIEmzqapvI2jm7rS/zRZ5U6XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVdzZ1NiT3BxbThqYU9idXRMX05GbmxUcGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9kMWE3MWMtYjhmOC00MTJkLTlkYTEt
MjQwMWI3NDIwNmYzLzEvT2JRLWEtWW9UOWQwSjIwUjJDOF8wUG9aLVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9kMWE3MWMtYjhmOC00MTJkLTlkYTEtMjQwMWI3NDIwNmYz
LzEvOVdzZ1NiT3BxbThqYU9idXRMX05GbmxUcGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLZvUAwQC
uWdMAwQBwyNyMA0EAgACMAcDBQMqBiqAMA0GCSqGSIb3DQEBCwUAA4IBAQBUDV0L
vZrr+sdzGI8X3AJAQtQe7D1p6u3U8c2OJyANky/tJaYGY8brvAwAaxdo1ak9yBPk
DGHjLdTakdFbjQG5FeS7VhETA0XbK9eXM0NIbgYVKYnBiuCsZTHxv+89JErp1IRZ
pvJ+AqkOq9CY6BshmDV1090GbjV1h+LJRG65djLqp8sARpZYOedkpH2B8C9lBVlX
MDbsr9Ue1X7ferkSgQuiPrPJtTSl6V6hjX+bX8r74qiO6H3kauW7jG7/9PukaVeU
BGG35dzlwm6MHDQl8cYUl0HbTVIR2L6T1nZp1w7bJnU8nNKU52+AKg1amSPGVFLo
CJ1uaiJXHLIAp3wx
-----END CERTIFICATE-----
Generated at Tue Jun 4 10:34:45 2024 by rpki-client on console-ams.rpki-client.org