Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/b67944-6389-4108-8628-d8f93536af63/1/ofnnnRS-0edAh-KbpUDjVq7Vt1I.roa
File: ofnnnRS-0edAh-KbpUDjVq7Vt1I.roa (raw, json)
Hash identifier: QC0Y8Nchs9EDSB0QW13TkmfU2hGkNwHlOHjY8H+GtUk=
Subject key identifier: A1:F9:E7:9D:14:BE:D1:E7:40:87:E2:9B:A5:40:E3:56:AE:D5:B7:52
Certificate issuer: /CN=9ab33743a654906143399f903704801682638e7c
Certificate serial: 018CCFA9C9C9E0896F69309E65C03A27FD5F
Authority key identifier: 9A:B3:37:43:A6:54:90:61:43:39:9F:90:37:04:80:16:82:63:8E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mrM3Q6ZUkGFDOZ-QNwSAFoJjjnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/b67944-6389-4108-8628-d8f93536af63/1/ofnnnRS-0edAh-KbpUDjVq7Vt1I.roa
Signing time: Wed 03 Jan 2024 14:11:00 +0000
ROA not before: Wed 03 Jan 2024 14:11:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56485
IP address blocks: 94.101.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/b67944-6389-4108-8628-d8f93536af63/1/mrM3Q6ZUkGFDOZ-QNwSAFoJjjnw.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/b67944-6389-4108-8628-d8f93536af63/1/mrM3Q6ZUkGFDOZ-QNwSAFoJjjnw.mft
rsync://rpki.ripe.net/repository/DEFAULT/mrM3Q6ZUkGFDOZ-QNwSAFoJjjnw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cf:a9:c9:c9:e0:89:6f:69:30:9e:65:c0:3a:27:fd:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ab33743a654906143399f903704801682638e7c
Validity
Not Before: Jan 3 14:11:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1f9e79d14bed1e74087e29ba540e356aed5b752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:70:ef:f6:69:6d:eb:4e:eb:e5:68:0a:6a:99:
3a:9c:96:e9:9c:bd:f3:9a:95:ee:e5:1c:11:eb:e2:
78:18:f1:24:39:4a:74:c0:32:11:11:fd:e5:1e:7a:
4b:5a:53:54:fc:f9:eb:ff:92:c0:f2:99:65:8e:4a:
91:69:58:f7:e2:e7:63:a1:03:b1:f4:0e:56:af:8e:
d0:95:99:b3:e8:2c:67:67:20:a4:7d:c5:5e:e4:60:
41:4c:6a:41:bf:dc:59:e8:77:44:2f:aa:31:e8:9a:
8c:be:69:b0:eb:b9:e4:24:a5:90:7b:86:e0:6d:db:
dd:98:a0:5a:60:4c:25:5e:48:57:c6:50:f2:71:93:
1e:90:6f:65:de:32:fa:bb:63:88:68:9a:f2:2c:07:
79:29:60:fe:d1:1f:a2:c6:d8:0d:8a:6e:51:63:50:
b6:75:95:19:f0:40:4b:31:23:d4:72:bb:a6:b7:5e:
be:42:75:73:42:ca:29:f7:ff:ae:df:39:f2:99:85:
45:09:98:f4:6d:b1:fb:d4:d9:ea:67:a9:c3:d5:80:
17:d3:49:87:0d:f7:7a:77:19:b7:c2:7f:a9:d3:91:
49:b8:24:9b:35:2a:5b:93:95:a5:ab:3f:c0:d4:e8:
97:98:18:88:a8:22:a7:ee:f3:eb:74:f2:08:01:be:
25:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:F9:E7:9D:14:BE:D1:E7:40:87:E2:9B:A5:40:E3:56:AE:D5:B7:52
X509v3 Authority Key Identifier:
keyid:9A:B3:37:43:A6:54:90:61:43:39:9F:90:37:04:80:16:82:63:8E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mrM3Q6ZUkGFDOZ-QNwSAFoJjjnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/b67944-6389-4108-8628-d8f93536af63/1/ofnnnRS-0edAh-KbpUDjVq7Vt1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/b67944-6389-4108-8628-d8f93536af63/1/mrM3Q6ZUkGFDOZ-QNwSAFoJjjnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.101.109.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:66:84:5c:fe:91:9e:cb:09:1f:ca:5a:10:b3:f8:0a:7d:ef:
0f:6f:fb:fe:e1:da:87:69:96:52:04:4e:a1:69:8c:88:a6:c0:
8d:86:c3:ed:93:b2:71:20:ba:88:96:ee:49:fc:94:e0:fd:52:
df:6c:94:f1:7b:bb:d0:5a:ee:ef:56:12:6b:ef:b5:51:f5:e7:
50:de:29:18:8d:e0:7c:ea:f3:cd:9e:4d:98:fc:95:9a:ec:22:
47:5f:c0:cc:82:ad:db:d1:8e:dc:77:0f:10:6c:5f:64:d5:5b:
f6:52:a5:ae:c4:9c:b0:6b:75:24:8c:60:7f:f8:9c:11:ef:0c:
98:3b:25:5e:27:7c:dc:97:4f:38:26:2b:f9:f9:23:70:86:3f:
7d:0f:f6:f9:d1:81:d4:b4:37:ef:e8:7d:9f:67:7c:e1:51:06:
56:a6:c8:19:8f:05:60:f8:0d:e4:64:8b:a0:6c:6a:7b:92:2b:
f3:92:83:31:d9:f9:f4:5d:bf:68:08:5f:87:43:1b:de:85:db:
db:93:1a:c1:fd:da:57:99:aa:8e:89:43:a0:fe:b9:6d:c3:5b:
10:e0:2f:a8:dc:b5:c2:02:44:58:15:b4:e4:17:83:1f:84:87:
60:8a:dc:9c:35:c0:09:67:f7:58:81:ba:88:a9:5a:ef:8c:13:
87:3f:03:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzPqcnJ4IlvaTCeZcA6J/1fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhYjMzNzQzYTY1NDkwNjE0MzM5OWY5MDM3MDQ4MDE2ODI2
MzhlN2MwHhcNMjQwMTAzMTQxMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWY5ZTc5ZDE0YmVkMWU3NDA4N2UyOWJhNTQwZTM1NmFlZDViNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAonDv9mlt607r5WgKapk6nJbpnL3z
mpXu5RwR6+J4GPEkOUp0wDIREf3lHnpLWlNU/Pnr/5LA8plljkqRaVj34udjoQOx
9A5Wr47QlZmz6CxnZyCkfcVe5GBBTGpBv9xZ6HdEL6ox6JqMvmmw67nkJKWQe4bg
bdvdmKBaYEwlXkhXxlDycZMekG9l3jL6u2OIaJryLAd5KWD+0R+ixtgNim5RY1C2
dZUZ8EBLMSPUcrumt16+QnVzQsop9/+u3znymYVFCZj0bbH71NnqZ6nD1YAX00mH
Dfd6dxm3wn+p05FJuCSbNSpbk5Wlqz/A1OiXmBiIqCKn7vPrdPIIAb4llQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKH5550UvtHnQIfim6VA41au1bdSMB8GA1UdIwQY
MBaAFJqzN0OmVJBhQzmfkDcEgBaCY458MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXJNM1E2WlVrR0ZET1otUU53U0FGb0pqam53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9iNjc5NDQtNjM4OS00MTA4LTg2Mjgt
ZDhmOTM1MzZhZjYzLzEvb2Zubm5SUy0wZWRBaC1LYnBVRGpWcTdWdDFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9iNjc5NDQtNjM4OS00MTA4LTg2MjgtZDhmOTM1MzZhZjYz
LzEvbXJNM1E2WlVrR0ZET1otUU53U0FGb0pqam53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXmVtMA0G
CSqGSIb3DQEBCwUAA4IBAQBcZoRc/pGeywkfyloQs/gKfe8Pb/v+4dqHaZZSBE6h
aYyIpsCNhsPtk7JxILqIlu5J/JTg/VLfbJTxe7vQWu7vVhJr77VR9edQ3ikYjeB8
6vPNnk2Y/JWa7CJHX8DMgq3b0Y7cdw8QbF9k1Vv2UqWuxJywa3UkjGB/+JwR7wyY
OyVeJ3zcl084Jiv5+SNwhj99D/b50YHUtDfv6H2fZ3zhUQZWpsgZjwVg+A3kZIug
bGp7kivzkoMx2fn0Xb9oCF+HQxvehdvbkxrB/dpXmaqOiUOg/rltw1sQ4C+o3LXC
AkRYFbTkF4MfhIdgitycNcAJZ/dYgbqIqVrvjBOHPwMy
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:56:52 2024 by rpki-client on console-ams.rpki-client.org