Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/O06wmTlJ5iRdQMOMsxiShky2g8o.roa
File: O06wmTlJ5iRdQMOMsxiShky2g8o.roa (raw, json)
Hash identifier: fIsSbA0eT8KYkHdYiy0IgYJWAqjeP2ChF1XHvZpWUp0=
Subject key identifier: 3B:4E:B0:99:39:49:E6:24:5D:40:C3:8C:B3:18:92:86:4C:B6:83:CA
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 018CC7942249F6673CEA322349E1C34C2E50
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/O06wmTlJ5iRdQMOMsxiShky2g8o.roa
Signing time: Tue 02 Jan 2024 00:30:23 +0000
ROA not before: Tue 02 Jan 2024 00:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39007
IP address blocks: 82.135.160.0/21 maxlen: 21
212.59.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:22:49:f6:67:3c:ea:32:23:49:e1:c3:4c:2e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 2 00:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b4eb0993949e6245d40c38cb31892864cb683ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e7:03:ac:1c:bc:e9:2c:1e:e3:16:43:87:88:
8d:a7:75:b6:26:fa:ea:7b:c9:fd:ec:be:48:3b:d2:
c0:71:fb:20:0f:5e:1a:20:db:00:d5:27:3c:10:c8:
ec:05:63:10:e5:04:81:e0:34:82:cc:b1:38:27:ad:
05:78:f9:39:51:98:97:9f:30:89:47:e2:7c:08:46:
83:6f:b3:ec:a0:da:f3:f3:71:26:d0:52:62:80:4c:
6a:da:12:45:fe:7f:5a:dc:77:39:1f:20:3c:91:14:
85:db:a9:bd:30:f8:54:1f:9c:26:8a:b3:a0:73:d0:
57:40:9c:1e:3c:27:5b:6c:b0:e8:bd:0c:04:bc:b6:
98:ce:33:79:58:e2:3c:70:ad:96:eb:9c:ce:a0:4a:
a6:10:f2:80:13:5d:20:11:93:ac:b5:dc:57:6d:f3:
55:61:90:ec:b5:96:b3:20:dd:74:5c:38:c5:a7:e1:
0b:2c:b2:f9:0a:b8:56:33:2a:31:87:7e:98:ea:31:
7b:32:04:35:3d:67:d2:da:3a:7e:27:9d:af:be:34:
5f:95:38:47:86:27:6b:e0:39:ce:cb:18:52:35:3a:
4c:d6:5b:bb:c0:ab:cb:f0:d8:bd:9c:2d:70:73:f2:
fd:25:a9:51:97:15:7b:22:38:c8:40:1e:0c:d1:45:
89:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:4E:B0:99:39:49:E6:24:5D:40:C3:8C:B3:18:92:86:4C:B6:83:CA
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/O06wmTlJ5iRdQMOMsxiShky2g8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.135.160.0/21
212.59.18.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:6c:58:ed:2d:84:53:05:e2:34:7f:8f:a0:09:1c:83:42:80:
69:cc:90:db:8c:14:e8:4c:68:90:7e:ba:9d:b4:e8:b2:82:9f:
02:7e:9e:aa:fb:62:8a:bd:f6:2b:27:66:8c:6e:0b:fd:be:15:
51:79:93:a8:59:35:77:26:60:75:08:bc:99:0f:9f:3d:37:27:
d1:8d:bd:ac:7f:5a:3a:21:d6:ef:94:a8:90:a2:9d:f9:5a:4f:
e3:54:b2:df:0b:d6:b6:69:67:8a:a7:0a:ab:da:f3:ad:b3:55:
89:dd:e3:a5:e2:b6:b0:0a:52:b7:e5:52:e7:cb:ec:6b:70:e1:
5f:12:a6:68:89:66:af:24:12:e5:2e:7d:9f:0f:eb:e1:f8:c5:
8f:e4:33:43:b3:39:f2:4a:a1:a3:e2:f8:ef:de:02:79:1f:a5:
38:9b:66:fb:a9:82:6f:c7:22:a3:60:82:1c:64:99:7e:0b:41:
34:24:2f:c7:fc:a8:82:b2:c2:cb:48:9c:86:97:01:d7:4a:a8:
c7:a6:4e:a1:8f:03:e9:4a:5e:28:13:e1:e0:cd:9f:39:99:34:
0d:05:9f:02:4f:4b:b7:3d:b1:18:15:ba:87:70:f1:50:2d:6e:
5b:ef:69:31:32:3a:8c:31:a2:5a:aa:06:01:21:85:8d:44:35:
71:94:96:ee
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzHlCJJ9mc86jIjSeHDTC5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjQwMTAyMDAzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjRlYjA5OTM5NDllNjI0NWQ0MGMzOGNiMzE4OTI4NjRjYjY4M2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+cDrBy86Swe4xZDh4iNp3W2Jvrq
e8n97L5IO9LAcfsgD14aINsA1Sc8EMjsBWMQ5QSB4DSCzLE4J60FePk5UZiXnzCJ
R+J8CEaDb7PsoNrz83Em0FJigExq2hJF/n9a3Hc5HyA8kRSF26m9MPhUH5wmirOg
c9BXQJwePCdbbLDovQwEvLaYzjN5WOI8cK2W65zOoEqmEPKAE10gEZOstdxXbfNV
YZDstZazIN10XDjFp+ELLLL5CrhWMyoxh36Y6jF7MgQ1PWfS2jp+J52vvjRflThH
hidr4DnOyxhSNTpM1lu7wKvL8Ni9nC1wc/L9JalRlxV7IjjIQB4M0UWJ3wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDtOsJk5SeYkXUDDjLMYkoZMtoPKMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL08wNndtVGxKNWlSZFFNT01zeGlTaGt5Mmc4by5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBANSh6AD
BADUOxIwDQYJKoZIhvcNAQELBQADggEBADpsWO0thFMF4jR/j6AJHINCgGnMkNuM
FOhMaJB+up206LKCnwJ+nqr7Yoq99isnZoxuC/2+FVF5k6hZNXcmYHUIvJkPnz03
J9GNvax/Wjoh1u+UqJCinflaT+NUst8L1rZpZ4qnCqva862zVYnd46XitrAKUrfl
UufL7Gtw4V8SpmiJZq8kEuUufZ8P6+H4xY/kM0OzOfJKoaPi+O/eAnkfpTibZvup
gm/HIqNgghxkmX4LQTQkL8f8qIKywstInIaXAddKqMemTqGPA+lKXigT4eDNnzmZ
NA0FnwJPS7c9sRgVuodw8VAtblvvaTEyOowxolqqBgEhhY1ENXGUlu4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:03:47 2024 by rpki-client on console-ams.rpki-client.org