Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oig5TRAMtBCk5ysqnf3a6b8llhQ.roa
File: oig5TRAMtBCk5ysqnf3a6b8llhQ.roa (raw, json)
Hash identifier: PMi/3gtmwJTlLydlLCiqYz5jy6HLURE/mL+r1zmxIUM=
Subject key identifier: A2:28:39:4D:10:0C:B4:10:A4:E7:2B:2A:9D:FD:DA:E9:BF:25:96:14
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 018CC501470A89AC5A2A47AE31851DA961AF
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oig5TRAMtBCk5ysqnf3a6b8llhQ.roa
Signing time: Mon 01 Jan 2024 12:30:44 +0000
ROA not before: Mon 01 Jan 2024 12:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62164
IP address blocks: 88.216.99.0/24 maxlen: 24
84.32.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:47:0a:89:ac:5a:2a:47:ae:31:85:1d:a9:61:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Jan 1 12:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a228394d100cb410a4e72b2a9dfddae9bf259614
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:cd:4c:10:77:90:87:8f:8b:14:57:56:ba:b4:
18:73:9b:44:c9:24:16:1f:89:50:9d:88:7b:cb:ad:
34:71:c0:e6:31:89:11:5b:a2:c7:94:3a:d6:0e:ca:
44:44:ed:c0:3a:41:9f:53:59:46:90:74:d8:9a:7d:
05:ca:d6:e3:69:b6:25:b1:95:1f:64:82:a0:63:7b:
6b:e8:de:ab:8c:3e:46:3f:44:92:c8:12:8e:dc:b5:
82:7c:c7:13:88:3f:0a:6c:f1:48:fe:5b:1b:8d:63:
07:5c:da:4e:0b:1b:d3:85:98:58:a9:55:96:e8:54:
1e:1e:2f:cf:bb:ae:49:40:f2:90:69:8b:93:f3:8d:
72:1b:b1:db:50:06:d8:a1:a7:d8:79:eb:e6:58:19:
6e:6f:57:7c:57:65:a7:ad:fd:34:7a:af:7a:5f:fe:
75:45:24:b2:69:01:0b:6e:fe:e6:c8:4c:31:09:7d:
24:89:50:d7:84:4d:34:18:e1:2c:75:b2:ca:ac:72:
5e:88:67:92:28:9f:c9:69:23:3f:94:1e:b9:95:a9:
73:35:2a:ea:ec:c7:31:49:65:e0:21:75:73:53:5e:
85:8b:31:b0:e5:22:66:84:3f:0c:36:9d:2b:e2:38:
e2:7c:92:16:d3:e4:c2:65:33:fe:0d:72:a7:75:9a:
04:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:28:39:4D:10:0C:B4:10:A4:E7:2B:2A:9D:FD:DA:E9:BF:25:96:14
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/oig5TRAMtBCk5ysqnf3a6b8llhQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.5.0/24
88.216.99.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:a4:80:15:ae:ec:f2:df:e0:f9:2d:d2:e3:8f:c0:6c:d9:3e:
6e:8a:c7:62:e8:29:d9:1b:e4:43:fd:5a:26:05:91:4f:c6:02:
8f:e6:ee:83:d4:54:d6:85:dc:bd:5c:f3:5a:6d:8b:95:f9:f0:
f8:fd:b8:e8:f0:d9:73:93:36:f2:37:72:ba:b6:82:8c:98:df:
79:0a:fc:1b:f3:d0:63:fe:59:98:72:e8:cb:67:b5:f4:a0:a4:
64:86:c5:c6:83:63:28:64:2c:cb:9f:c6:7c:91:94:58:e2:6a:
93:24:27:3e:64:e1:df:59:f2:2a:b6:1f:3f:38:0f:e7:de:d2:
a5:95:b2:80:0c:4e:3c:ea:91:f3:16:39:8a:64:74:96:32:65:
5e:26:eb:d7:45:a9:1e:54:fa:e6:d5:dc:dc:e5:7d:c3:e7:c9:
70:10:a4:88:21:58:a9:5d:7b:ac:35:ea:3d:58:48:9f:76:1a:
92:9a:be:5a:4b:88:c0:36:ed:f8:fc:2c:ad:68:eb:b1:f2:33:
f0:14:fc:d6:a3:d1:11:9e:3e:24:b1:a4:79:ce:f3:0d:e0:35:
fc:cb:ad:1c:93:b8:24:18:d0:17:5a:23:1e:60:d4:53:48:67:
d3:25:37:89:c8:33:21:90:91:e1:72:5b:ea:90:8f:95:f7:47:
b1:3f:c7:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAUcKiaxaKkeuMYUdqWGvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQwMTAxMTIzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjI4Mzk0ZDEwMGNiNDEwYTRlNzJiMmE5ZGZkZGFlOWJmMjU5NjE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhs1MEHeQh4+LFFdWurQYc5tEySQW
H4lQnYh7y600ccDmMYkRW6LHlDrWDspERO3AOkGfU1lGkHTYmn0FytbjabYlsZUf
ZIKgY3tr6N6rjD5GP0SSyBKO3LWCfMcTiD8KbPFI/lsbjWMHXNpOCxvThZhYqVWW
6FQeHi/Pu65JQPKQaYuT841yG7HbUAbYoafYeevmWBlub1d8V2Wnrf00eq96X/51
RSSyaQELbv7myEwxCX0kiVDXhE00GOEsdbLKrHJeiGeSKJ/JaSM/lB65lalzNSrq
7McxSWXgIXVzU16FizGw5SJmhD8MNp0r4jjifJIW0+TCZTP+DXKndZoEKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKIoOU0QDLQQpOcrKp392um/JZYUMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvb2lnNVRSQU10QkNrNXlzcW5mM2E2YjhsbGhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCAFAwQA
WNhjMA0GCSqGSIb3DQEBCwUAA4IBAQBOpIAVruzy3+D5LdLjj8Bs2T5uisdi6CnZ
G+RD/VomBZFPxgKP5u6D1FTWhdy9XPNabYuV+fD4/bjo8NlzkzbyN3K6toKMmN95
Cvwb89Bj/lmYcujLZ7X0oKRkhsXGg2MoZCzLn8Z8kZRY4mqTJCc+ZOHfWfIqth8/
OA/n3tKllbKADE486pHzFjmKZHSWMmVeJuvXRakeVPrm1dzc5X3D58lwEKSIIVip
XXusNeo9WEifdhqSmr5aS4jANu34/CytaOux8jPwFPzWo9ERnj4ksaR5zvMN4DX8
y60ck7gkGNAXWiMeYNRTSGfTJTeJyDMhkJHhclvqkI+V90exP8dC
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:24:26 2024 by rpki-client on console-ams.rpki-client.org