Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/ohOvRFAK2dE8AHO-wMFRMIKO3Kg.roa
File: ohOvRFAK2dE8AHO-wMFRMIKO3Kg.roa (raw, json)
Hash identifier: dQ3cAB+blpHgM4OK6jH1EKxjyDwWUCmB5dHmZ5oJKMs=
Subject key identifier: A2:13:AF:44:50:0A:D9:D1:3C:00:73:BE:C0:C1:51:30:82:8E:DC:A8
Certificate issuer: /CN=53bbbbaa3ee24c7ad9b2c60432e14eda3849b5e2
Certificate serial: 0192AF16C168EB55661243F572B36D833EFE
Authority key identifier: 53:BB:BB:AA:3E:E2:4C:7A:D9:B2:C6:04:32:E1:4E:DA:38:49:B5:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7u7qj7iTHrZssYEMuFO2jhJteI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/ohOvRFAK2dE8AHO-wMFRMIKO3Kg.roa
Signing time: Mon 21 Oct 2024 12:39:17 +0000
ROA not before: Mon 21 Oct 2024 12:39:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8208
IP address blocks: 212.29.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/U7u7qj7iTHrZssYEMuFO2jhJteI.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/U7u7qj7iTHrZssYEMuFO2jhJteI.mft
rsync://rpki.ripe.net/repository/DEFAULT/U7u7qj7iTHrZssYEMuFO2jhJteI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:af:16:c1:68:eb:55:66:12:43:f5:72:b3:6d:83:3e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53bbbbaa3ee24c7ad9b2c60432e14eda3849b5e2
Validity
Not Before: Oct 21 12:39:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a213af44500ad9d13c0073bec0c15130828edca8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:0f:47:03:ca:d3:00:89:e8:93:4d:db:f0:dc:
44:ff:34:90:e1:ee:79:a6:e4:87:e4:ff:ef:e3:db:
3b:94:8f:bc:6b:be:fe:a0:e8:65:ca:ac:fe:da:8e:
c9:ec:44:1a:87:25:34:0f:44:2e:54:89:e0:d1:01:
74:86:64:d6:03:82:53:b9:06:79:e7:4b:67:a6:75:
a6:44:f1:87:cb:7c:f6:5e:b8:87:bb:f1:d7:6e:fc:
c9:77:41:be:7a:d1:91:df:92:ed:dd:aa:fd:98:a6:
2b:15:f1:ec:10:6c:bf:03:65:cf:35:31:52:06:23:
7d:17:7f:99:ab:79:dc:40:91:35:28:1b:69:0a:94:
76:df:d2:64:a0:8d:ec:a7:ab:f0:f9:4a:f9:a9:72:
8f:02:8d:49:eb:4c:dc:4a:6d:a3:3b:48:c4:b8:68:
96:68:69:65:c9:6f:ef:64:0d:f1:f1:e1:9f:e3:61:
8c:18:36:aa:e3:57:02:74:54:a7:80:6c:a3:c0:e2:
a4:95:b5:79:33:7a:40:04:84:36:f5:41:e9:cf:2d:
cb:ed:af:3b:07:3f:bb:4b:b5:1a:b9:a3:ae:c0:5c:
a3:a0:67:07:7d:65:44:db:5c:25:bf:e4:ae:35:d6:
78:c9:2b:88:d4:f8:26:eb:f4:ed:df:ab:da:7c:2a:
c1:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:13:AF:44:50:0A:D9:D1:3C:00:73:BE:C0:C1:51:30:82:8E:DC:A8
X509v3 Authority Key Identifier:
keyid:53:BB:BB:AA:3E:E2:4C:7A:D9:B2:C6:04:32:E1:4E:DA:38:49:B5:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7u7qj7iTHrZssYEMuFO2jhJteI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/ohOvRFAK2dE8AHO-wMFRMIKO3Kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/3394c0-4587-444e-9a25-00ecf0c4d0ef/1/U7u7qj7iTHrZssYEMuFO2jhJteI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.29.28.0/24
Signature Algorithm: sha256WithRSAEncryption
b7:a2:b0:61:e6:7f:15:92:34:a3:52:38:f0:e6:ad:0d:ed:62:
aa:26:6c:f2:63:78:45:d4:56:50:c9:99:0e:b1:23:af:4b:9f:
31:c3:6c:a3:e3:dc:f2:b0:71:fc:3c:75:70:ea:69:c0:81:ab:
e2:1b:32:ec:c6:bc:93:83:40:a7:19:a8:cb:f0:6a:24:ef:28:
8f:1b:d6:87:4b:73:6e:0c:ce:d6:60:84:9b:6b:c6:16:44:65:
da:5b:ee:05:40:76:cb:05:ab:1d:64:42:06:bc:68:24:3c:6c:
d4:32:66:f7:2a:80:3d:0c:c6:9b:9f:51:d9:c3:ff:11:00:51:
a4:87:79:09:d7:7f:22:ea:65:44:fc:17:ab:c5:6e:9a:7f:27:
ef:2d:ce:bd:d7:f0:58:4d:6d:82:a2:8d:b3:c8:e6:9a:db:a6:
b2:2f:5a:5c:c2:c9:c8:61:d7:14:22:cd:91:2f:a8:77:5a:5e:
25:b9:ef:6d:7c:90:6f:fc:41:9e:6d:d2:b5:ea:ca:ad:9d:16:
ac:b7:c5:27:4e:06:92:0d:e3:dc:14:4e:9a:bd:44:c1:56:32:
32:fd:46:33:e7:83:0e:d2:41:c9:ce:bb:b6:39:cc:59:48:4c:
d7:bc:ff:3f:12:1b:2d:92:2e:55:e7:5e:08:c5:0b:b9:08:c6:
f9:b0:04:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKvFsFo61VmEkP1crNtgz7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYmJiYmFhM2VlMjRjN2FkOWIyYzYwNDMyZTE0ZWRhMzg0
OWI1ZTIwHhcNMjQxMDIxMTIzOTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjEzYWY0NDUwMGFkOWQxM2MwMDczYmVjMGMxNTEzMDgyOGVkY2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuQ9HA8rTAInok03b8NxE/zSQ4e55
puSH5P/v49s7lI+8a77+oOhlyqz+2o7J7EQahyU0D0QuVIng0QF0hmTWA4JTuQZ5
50tnpnWmRPGHy3z2XriHu/HXbvzJd0G+etGR35Lt3ar9mKYrFfHsEGy/A2XPNTFS
BiN9F3+Zq3ncQJE1KBtpCpR239JkoI3sp6vw+Ur5qXKPAo1J60zcSm2jO0jEuGiW
aGllyW/vZA3x8eGf42GMGDaq41cCdFSngGyjwOKklbV5M3pABIQ29UHpzy3L7a87
Bz+7S7UauaOuwFyjoGcHfWVE21wlv+SuNdZ4ySuI1Pgm6/Tt36vafCrB6wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKITr0RQCtnRPABzvsDBUTCCjtyoMB8GA1UdIwQY
MBaAFFO7u6o+4kx62bLGBDLhTto4SbXiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTd1N3FqN2lUSHJac3NZRU11Rk8yamhKdGVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My8zMzk0YzAtNDU4Ny00NDRlLTlhMjUt
MDBlY2YwYzRkMGVmLzEvb2hPdlJGQUsyZEU4QUhPLXdNRlJNSUtPM0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My8zMzk0YzAtNDU4Ny00NDRlLTlhMjUtMDBlY2YwYzRkMGVm
LzEvVTd1N3FqN2lUSHJac3NZRU11Rk8yamhKdGVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1B0cMA0G
CSqGSIb3DQEBCwUAA4IBAQC3orBh5n8VkjSjUjjw5q0N7WKqJmzyY3hF1FZQyZkO
sSOvS58xw2yj49zysHH8PHVw6mnAgaviGzLsxryTg0CnGajL8Gok7yiPG9aHS3Nu
DM7WYISba8YWRGXaW+4FQHbLBasdZEIGvGgkPGzUMmb3KoA9DMabn1HZw/8RAFGk
h3kJ138i6mVE/BerxW6afyfvLc691/BYTW2Coo2zyOaa26ayL1pcwsnIYdcUIs2R
L6h3Wl4lue9tfJBv/EGebdK16sqtnRast8UnTgaSDePcFE6avUTBVjIy/UYz54MO
0kHJzru2OcxZSEzXvP8/Ehstki5V514IxQu5CMb5sAQC
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:11:44 2024 by rpki-client on console-fra.rpki-client.org