Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/0df2ef-ffc9-4457-9f4a-7712fbf161c1/1/OY_Q1KRxEzna22K9KSwVlp1EBC4.roa
File: OY_Q1KRxEzna22K9KSwVlp1EBC4.roa (raw, json)
Hash identifier: YUD+E5OPRO4EydZ5vX2LWmRK6djez0UxwAzDh5RZ3Wg=
Subject key identifier: 39:8F:D0:D4:A4:71:13:39:DA:DB:62:BD:29:2C:15:96:9D:44:04:2E
Certificate issuer: /CN=f81a2052052675d4539b87f5fb9c694dbf43261e
Certificate serial: 018CC3B718E0C1644F96169C5C48E7621A28
Authority key identifier: F8:1A:20:52:05:26:75:D4:53:9B:87:F5:FB:9C:69:4D:BF:43:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-BogUgUmddRTm4f1-5xpTb9DJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/0df2ef-ffc9-4457-9f4a-7712fbf161c1/1/OY_Q1KRxEzna22K9KSwVlp1EBC4.roa
Signing time: Mon 01 Jan 2024 06:30:05 +0000
ROA not before: Mon 01 Jan 2024 06:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43656
IP address blocks: 194.28.4.0/23 maxlen: 23
194.28.6.0/23 maxlen: 23
91.198.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/0df2ef-ffc9-4457-9f4a-7712fbf161c1/1/1-BogUgUmddRTm4f1-5xpTb9DJh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/0df2ef-ffc9-4457-9f4a-7712fbf161c1/1/1-BogUgUmddRTm4f1-5xpTb9DJh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-BogUgUmddRTm4f1-5xpTb9DJh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 18:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:18:e0:c1:64:4f:96:16:9c:5c:48:e7:62:1a:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f81a2052052675d4539b87f5fb9c694dbf43261e
Validity
Not Before: Jan 1 06:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=398fd0d4a4711339dadb62bd292c15969d44042e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:19:c0:68:16:32:5e:65:08:78:74:c6:32:ae:
7f:a4:05:00:16:bb:34:cb:27:2f:2d:9c:65:e9:47:
61:11:02:5d:2e:8d:e9:e6:0e:80:26:29:fa:e9:d6:
43:39:45:1b:d8:b1:a3:df:74:13:d5:b9:6e:28:3f:
a9:91:ff:0a:28:f3:e9:72:85:ea:f6:7c:39:ee:f0:
f5:cd:11:70:5d:43:02:5d:85:37:cd:c9:8e:09:f5:
d3:f7:5b:87:22:2a:d9:e3:cf:73:8e:cc:0c:a3:90:
be:cf:52:5a:d5:06:b5:b6:da:47:ef:5d:19:d5:6b:
c5:a4:41:f9:fd:89:99:f1:a8:44:cb:cf:b0:89:1a:
7a:b4:8b:80:1a:0f:71:72:cb:4e:b6:b5:a3:63:1f:
d0:7c:9f:0b:79:2a:f5:7b:8e:bf:02:30:14:54:67:
8e:b8:05:13:f9:63:90:5f:8a:ac:92:a4:1b:96:93:
aa:69:3e:14:1f:d1:61:63:4d:5e:9a:ee:dc:63:ba:
54:0d:37:37:3b:e8:d0:8e:73:a3:c2:a4:95:b9:08:
c6:d1:16:2e:29:9d:4d:76:22:75:1a:8a:41:db:a5:
89:f6:82:e5:6d:1e:b2:4e:4a:dd:a9:0a:7b:21:ee:
b0:34:ed:91:bb:09:cd:ac:d7:b1:96:88:1c:fd:ff:
7b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8F:D0:D4:A4:71:13:39:DA:DB:62:BD:29:2C:15:96:9D:44:04:2E
X509v3 Authority Key Identifier:
keyid:F8:1A:20:52:05:26:75:D4:53:9B:87:F5:FB:9C:69:4D:BF:43:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-BogUgUmddRTm4f1-5xpTb9DJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/0df2ef-ffc9-4457-9f4a-7712fbf161c1/1/OY_Q1KRxEzna22K9KSwVlp1EBC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/0df2ef-ffc9-4457-9f4a-7712fbf161c1/1/1-BogUgUmddRTm4f1-5xpTb9DJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.83.0/24
194.28.4.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:33:a5:06:e7:30:32:30:f2:27:4e:97:d9:a7:82:9d:30:13:
b8:18:ce:f9:68:3f:d9:1d:7f:17:22:8f:4a:04:6c:b2:3d:e3:
0e:65:29:dd:2c:56:b3:73:6e:0a:6e:d3:08:a6:34:27:c9:49:
b7:d1:94:39:c6:9c:d6:ed:8c:4c:06:87:ab:8a:93:b2:eb:79:
b7:ed:af:53:9f:89:fc:78:6d:24:6d:27:42:70:c6:4f:be:16:
77:46:49:dc:a0:92:b6:b8:a9:c2:6e:4a:88:74:f7:12:3c:1f:
3b:ac:4a:bc:f3:5c:cb:10:9e:69:aa:57:41:05:87:80:28:49:
16:10:25:c6:c8:b4:bf:45:7e:bb:36:2a:83:65:62:86:9d:c9:
04:5e:64:54:45:18:36:4c:6e:ec:c4:38:80:7f:f6:58:c4:5c:
bc:26:8c:b2:6c:16:9b:e9:84:06:51:ef:70:a6:12:be:57:ec:
c9:a2:b3:76:ec:55:2a:61:a9:31:ff:00:6f:ef:8e:b7:49:3d:
f7:c2:53:97:4b:df:04:e4:9d:96:a1:60:74:71:fe:e6:a1:c9:
09:4d:8d:9a:ec:7c:30:a0:b5:d6:4e:aa:97:15:bb:91:40:44:
b0:37:62:8f:0b:fd:cd:03:e9:d1:27:ea:56:40:78:a8:2a:31:
57:6f:6b:5f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzDtxjgwWRPlhacXEjnYhooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MWEyMDUyMDUyNjc1ZDQ1MzliODdmNWZiOWM2OTRkYmY0
MzI2MWUwHhcNMjQwMTAxMDYzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOThmZDBkNGE0NzExMzM5ZGFkYjYyYmQyOTJjMTU5NjlkNDQwNDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzRnAaBYyXmUIeHTGMq5/pAUAFrs0
yycvLZxl6UdhEQJdLo3p5g6AJin66dZDOUUb2LGj33QT1bluKD+pkf8KKPPpcoXq
9nw57vD1zRFwXUMCXYU3zcmOCfXT91uHIirZ489zjswMo5C+z1Ja1Qa1ttpH710Z
1WvFpEH5/YmZ8ahEy8+wiRp6tIuAGg9xcstOtrWjYx/QfJ8LeSr1e46/AjAUVGeO
uAUT+WOQX4qskqQblpOqaT4UH9FhY01emu7cY7pUDTc3O+jQjnOjwqSVuQjG0RYu
KZ1NdiJ1GopB26WJ9oLlbR6yTkrdqQp7Ie6wNO2RuwnNrNexlogc/f97RQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDmP0NSkcRM52ttivSksFZadRAQuMB8GA1UdIwQY
MBaAFPgaIFIFJnXUU5uH9fucaU2/QyYeMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Cb2dVZ1VtZGRSVG00ZjEtNXhwVGI5REpoNC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDkvMGRmMmVmLWZmYzktNDQ1Ny05ZjRh
LTc3MTJmYmYxNjFjMS8xL09ZX1ExS1J4RXpuYTIySzlLU3dWbHAxRUJDNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDkvMGRmMmVmLWZmYzktNDQ1Ny05ZjRhLTc3MTJmYmYxNjFj
MS8xLzEtQm9nVWdVbWRkUlRtNGYxLTV4cFRiOURKaDQuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABbxlMD
BALCHAQwDQYJKoZIhvcNAQELBQADggEBAGozpQbnMDIw8idOl9mngp0wE7gYzvlo
P9kdfxcij0oEbLI94w5lKd0sVrNzbgpu0wimNCfJSbfRlDnGnNbtjEwGh6uKk7Lr
ebftr1Ofifx4bSRtJ0Jwxk++FndGSdygkra4qcJuSoh09xI8HzusSrzzXMsQnmmq
V0EFh4AoSRYQJcbItL9Ffrs2KoNlYoadyQReZFRFGDZMbuzEOIB/9ljEXLwmjLJs
FpvphAZR73CmEr5X7Mmis3bsVSphqTH/AG/vjrdJPffCU5dL3wTknZahYHRx/uah
yQlNjZrsfDCgtdZOqpcVu5FARLA3Yo8L/c0D6dEn6lZAeKgqMVdva18=
-----END CERTIFICATE-----
Generated at Wed May 29 03:38:33 2024 by rpki-client on console-ams.rpki-client.org