Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ef9860-2658-44df-b172-8066fa21241a/1/Oyb2jvlBpEFJaRJcilVS7M0RinQ.roa
File: Oyb2jvlBpEFJaRJcilVS7M0RinQ.roa (raw, json)
Hash identifier: amwi0biJkfyXTYCvNWhejnSbHkumqzfgfl4EbVshDyc=
Subject key identifier: 3B:26:F6:8E:F9:41:A4:41:49:69:12:5C:8A:55:52:EC:CD:11:8A:74
Certificate issuer: /CN=ec97b72d5d4f750f1b138c2a901dd6510921be41
Certificate serial: 018CC8DEB0715946F0F0BDA23E5BF9B2D698
Authority key identifier: EC:97:B7:2D:5D:4F:75:0F:1B:13:8C:2A:90:1D:D6:51:09:21:BE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Je3LV1PdQ8bE4wqkB3WUQkhvkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ef9860-2658-44df-b172-8066fa21241a/1/Oyb2jvlBpEFJaRJcilVS7M0RinQ.roa
Signing time: Tue 02 Jan 2024 06:31:26 +0000
ROA not before: Tue 02 Jan 2024 06:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21080
IP address blocks: 185.76.160.0/22 maxlen: 22
195.85.237.0/24 maxlen: 24
2001:67c:253c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ef9860-2658-44df-b172-8066fa21241a/1/7Je3LV1PdQ8bE4wqkB3WUQkhvkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ef9860-2658-44df-b172-8066fa21241a/1/7Je3LV1PdQ8bE4wqkB3WUQkhvkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/7Je3LV1PdQ8bE4wqkB3WUQkhvkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:b0:71:59:46:f0:f0:bd:a2:3e:5b:f9:b2:d6:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec97b72d5d4f750f1b138c2a901dd6510921be41
Validity
Not Before: Jan 2 06:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b26f68ef941a4414969125c8a5552eccd118a74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:ae:13:7b:de:18:a4:68:64:d6:b2:60:d6:f9:
0b:ed:06:ea:b0:80:75:dc:71:61:01:58:cc:4c:45:
cc:3c:eb:9c:ab:58:34:6c:87:e0:4d:a0:f1:76:80:
13:89:08:fd:6d:29:9b:4b:7a:c9:7a:f6:62:0e:40:
b1:21:19:d0:71:db:88:95:fe:f7:b3:b8:8e:93:ab:
ec:bf:7f:eb:61:c5:1a:e8:b4:30:22:3b:cb:1f:a8:
cd:11:04:e6:30:da:f1:9f:db:41:51:83:e4:27:9e:
a4:4d:da:d0:78:7c:fe:1e:44:58:0d:29:b5:61:b2:
33:54:7c:6b:16:c6:37:18:f3:00:5c:52:23:f1:54:
c9:fc:ea:c6:ae:76:5c:fc:55:41:a5:21:5c:31:86:
b9:ff:9f:88:90:6b:e4:d9:fd:98:9f:d9:e9:d3:ea:
b3:2f:c6:d0:bb:bd:43:08:74:97:5e:ff:2e:9d:f6:
e7:3f:c6:a9:c6:05:5f:1b:75:89:c3:87:63:e9:ae:
ca:07:ef:78:41:ae:04:3f:af:a1:47:64:98:fb:78:
f1:0f:a0:1e:3b:60:94:6e:7e:83:70:c5:3b:8f:0e:
be:d1:7f:d9:c3:9c:e6:8a:f7:1b:54:8e:d3:e4:44:
4d:7a:fe:89:96:de:b1:34:c2:37:6f:6c:eb:93:ee:
f3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:26:F6:8E:F9:41:A4:41:49:69:12:5C:8A:55:52:EC:CD:11:8A:74
X509v3 Authority Key Identifier:
keyid:EC:97:B7:2D:5D:4F:75:0F:1B:13:8C:2A:90:1D:D6:51:09:21:BE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Je3LV1PdQ8bE4wqkB3WUQkhvkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ef9860-2658-44df-b172-8066fa21241a/1/Oyb2jvlBpEFJaRJcilVS7M0RinQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ef9860-2658-44df-b172-8066fa21241a/1/7Je3LV1PdQ8bE4wqkB3WUQkhvkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.160.0/22
195.85.237.0/24
IPv6:
2001:67c:253c::/48
Signature Algorithm: sha256WithRSAEncryption
90:d4:d9:f8:cf:6d:2f:12:90:30:8e:29:f0:61:56:02:3e:6b:
d6:ce:eb:a5:f8:84:05:6a:99:7a:ed:70:f6:c7:67:9f:c3:60:
74:f2:ac:a9:5a:8f:02:15:6d:6a:cc:ed:57:e8:ac:62:1a:6e:
82:25:a6:b9:4b:4f:43:32:3d:44:b3:7a:c2:72:a1:f3:7d:a7:
58:21:51:40:09:11:cc:54:8f:be:32:12:79:34:be:59:7e:7f:
17:65:fb:e4:9d:a8:c8:bd:66:71:3d:0b:be:4a:d5:e9:6e:fa:
39:10:f8:ea:6f:e9:28:56:c5:3f:88:f6:21:fc:3b:ec:60:23:
7f:1e:a4:b0:b9:96:10:4f:eb:cd:94:f7:25:89:9f:4b:58:99:
d1:37:93:47:7f:0a:d9:b5:89:24:96:51:ed:4e:ba:cd:37:4b:
11:a5:40:9b:3c:48:99:40:8f:75:ff:63:5f:b3:23:e9:89:04:
8e:ec:4f:fc:d0:20:11:1d:4b:fc:e6:6a:d7:c3:6a:5c:c3:82:
ad:a2:c8:9d:de:a1:90:7a:52:d5:43:0f:ed:12:ef:c7:a3:f6:
ad:ce:36:61:4c:6c:16:51:0e:d8:96:69:7d:eb:9c:0a:8b:10:
28:47:df:63:13:98:cb:87:f0:83:1f:85:54:2f:09:e5:9d:0a:
de:ed:b9:32
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzI3rBxWUbw8L2iPlv5staYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjOTdiNzJkNWQ0Zjc1MGYxYjEzOGMyYTkwMWRkNjUxMDky
MWJlNDEwHhcNMjQwMTAyMDYzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjI2ZjY4ZWY5NDFhNDQxNDk2OTEyNWM4YTU1NTJlY2NkMTE4YTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiq4Te94YpGhk1rJg1vkL7QbqsIB1
3HFhAVjMTEXMPOucq1g0bIfgTaDxdoATiQj9bSmbS3rJevZiDkCxIRnQcduIlf73
s7iOk6vsv3/rYcUa6LQwIjvLH6jNEQTmMNrxn9tBUYPkJ56kTdrQeHz+HkRYDSm1
YbIzVHxrFsY3GPMAXFIj8VTJ/OrGrnZc/FVBpSFcMYa5/5+IkGvk2f2Yn9np0+qz
L8bQu71DCHSXXv8unfbnP8apxgVfG3WJw4dj6a7KB+94Qa4EP6+hR2SY+3jxD6Ae
O2CUbn6DcMU7jw6+0X/Zw5zmivcbVI7T5ERNev6Jlt6xNMI3b2zrk+7zKwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDsm9o75QaRBSWkSXIpVUuzNEYp0MB8GA1UdIwQY
MBaAFOyXty1dT3UPGxOMKpAd1lEJIb5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0plM0xWMVBkUThiRTR3cWtCM1dVUWtodmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lZjk4NjAtMjY1OC00NGRmLWIxNzIt
ODA2NmZhMjEyNDFhLzEvT3liMmp2bEJwRUZKYVJKY2lsVlM3TTBSaW5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lZjk4NjAtMjY1OC00NGRmLWIxNzItODA2NmZhMjEyNDFh
LzEvN0plM0xWMVBkUThiRTR3cWtCM1dVUWtodmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQCuUygAwQA
w1XtMA8EAgACMAkDBwAgAQZ8JTwwDQYJKoZIhvcNAQELBQADggEBAJDU2fjPbS8S
kDCOKfBhVgI+a9bO66X4hAVqmXrtcPbHZ5/DYHTyrKlajwIVbWrM7VforGIaboIl
prlLT0MyPUSzesJyofN9p1ghUUAJEcxUj74yEnk0vll+fxdl++SdqMi9ZnE9C75K
1elu+jkQ+Opv6ShWxT+I9iH8O+xgI38epLC5lhBP682U9yWJn0tYmdE3k0d/Ctm1
iSSWUe1Ous03SxGlQJs8SJlAj3X/Y1+zI+mJBI7sT/zQIBEdS/zmatfDalzDgq2i
yJ3eoZB6UtVDD+0S78ej9q3ONmFMbBZRDtiWaX3rnAqLEChH32MTmMuH8IMfhVQv
CeWdCt7tuTI=
-----END CERTIFICATE-----
Generated at Sun May 19 07:45:26 2024 by rpki-client on console-fra.rpki-client.org