Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Oo3BmC-8D5WnnMhCTPQMJduAQuY.roa
File: Oo3BmC-8D5WnnMhCTPQMJduAQuY.roa (raw, json)
Hash identifier: QdKKTHlVPsgRHmXVwl3RSebtkiZ6oE2by0t0p4cSo90=
Subject key identifier: 3A:8D:C1:98:2F:BC:0F:95:A7:9C:C8:42:4C:F4:0C:25:DB:80:42:E6
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A2898C5BCF76DB7AE010D42A874EB
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Oo3BmC-8D5WnnMhCTPQMJduAQuY.roa
Signing time: Tue 02 Jan 2024 12:33:29 +0000
ROA not before: Tue 02 Jan 2024 12:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61308
IP address blocks: 93.170.200.0/21 maxlen: 24
93.171.192.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:28:98:c5:bc:f7:6d:b7:ae:01:0d:42:a8:74:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a8dc1982fbc0f95a79cc8424cf40c25db8042e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:48:20:77:5e:05:e0:45:77:fe:2f:26:f7:f4:
b1:17:8a:2f:a3:35:a2:3c:1f:d4:fa:f8:86:f7:1e:
dc:81:c3:06:4a:05:77:40:d4:96:18:3e:33:db:37:
55:3d:61:34:b4:c1:3b:02:3a:e1:c2:ba:99:62:3c:
19:fe:e6:51:14:88:2c:41:d2:57:50:60:ab:1f:23:
e3:cc:b0:9f:e1:2c:1e:a2:77:dc:8c:ef:38:3d:95:
ef:4c:06:8e:21:c9:43:12:42:6d:31:f0:54:2a:12:
21:70:ab:18:4c:85:24:77:8f:ab:b4:1b:ae:b2:48:
28:01:c7:3e:f0:99:7c:7f:0b:36:74:e9:1e:38:6e:
0e:d2:a2:e4:2d:3c:7a:d3:75:ed:ee:1a:0b:f6:5c:
48:4b:62:f0:ea:28:7a:bb:60:f1:62:5f:32:03:58:
e3:b8:62:16:8d:e0:9a:c8:dc:a8:05:c6:8f:89:5c:
e2:54:14:fc:65:4c:48:b4:6c:04:db:30:af:3d:25:
89:52:fe:26:17:31:f0:b4:69:1f:3a:49:69:b5:be:
cd:35:d0:33:64:2a:85:36:3f:4a:e5:de:51:2c:44:
1b:b4:8a:86:0e:bb:e5:d3:dd:9e:36:61:03:e5:d0:
af:8f:34:f3:01:ae:6c:75:8f:c8:d3:ee:26:64:c0:
82:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:8D:C1:98:2F:BC:0F:95:A7:9C:C8:42:4C:F4:0C:25:DB:80:42:E6
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/Oo3BmC-8D5WnnMhCTPQMJduAQuY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.200.0/21
93.171.192.0/21
Signature Algorithm: sha256WithRSAEncryption
aa:ba:74:f3:17:98:43:cb:bb:47:d7:d1:a9:4b:f3:e5:0d:b2:
13:03:a8:d0:56:51:35:90:2e:c0:13:d2:c7:b0:53:85:fe:84:
06:68:a9:c9:78:be:2e:b3:99:bd:1a:59:4c:fb:aa:be:aa:f8:
b6:5f:84:4c:7a:a1:e7:4f:2c:7f:d3:00:59:af:85:b9:e9:2b:
92:92:0d:6d:17:ed:5e:8a:45:a8:9b:8c:59:d0:f1:af:54:1e:
56:e0:ef:7f:01:b6:20:ae:29:3d:69:a8:f6:be:db:94:34:6e:
08:fb:d1:8b:d0:ec:21:85:e9:d7:55:83:d6:2c:82:9f:02:f6:
2b:20:a9:8a:58:0a:19:3c:12:ca:ef:43:1c:8c:39:54:2c:b1:
44:60:0f:4d:30:0a:6f:7d:bb:8d:2d:9f:03:4b:c4:bf:ea:d8:
84:4b:7e:a9:50:3c:ba:8f:ed:65:09:a0:a0:3e:f8:a9:10:9a:
f9:60:a9:2b:f9:d1:58:8c:bb:84:95:16:39:55:b6:9e:4b:24:
54:23:80:91:ab:35:8d:04:58:22:1d:21:27:0a:fb:1a:a4:f5:
4e:f9:7d:0f:74:f1:c4:26:00:77:70:c5:1b:93:72:d8:1b:e6:
74:44:53:68:b6:1a:5f:64:f7:58:5f:8a:10:c7:f2:11:42:06:
87:41:7f:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKiiYxbz3bbeuAQ1CqHTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYThkYzE5ODJmYmMwZjk1YTc5Y2M4NDI0Y2Y0MGMyNWRiODA0MmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEggd14F4EV3/i8m9/SxF4ovozWi
PB/U+viG9x7cgcMGSgV3QNSWGD4z2zdVPWE0tME7AjrhwrqZYjwZ/uZRFIgsQdJX
UGCrHyPjzLCf4SweonfcjO84PZXvTAaOIclDEkJtMfBUKhIhcKsYTIUkd4+rtBuu
skgoAcc+8Jl8fws2dOkeOG4O0qLkLTx603Xt7hoL9lxIS2Lw6ih6u2DxYl8yA1jj
uGIWjeCayNyoBcaPiVziVBT8ZUxItGwE2zCvPSWJUv4mFzHwtGkfOklptb7NNdAz
ZCqFNj9K5d5RLEQbtIqGDrvl092eNmED5dCvjzTzAa5sdY/I0+4mZMCCRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDqNwZgvvA+Vp5zIQkz0DCXbgELmMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvT28zQm1DLThENVdubk1oQ1RQUU1KZHVBUXVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXarIAwQD
XavAMA0GCSqGSIb3DQEBCwUAA4IBAQCqunTzF5hDy7tH19GpS/PlDbITA6jQVlE1
kC7AE9LHsFOF/oQGaKnJeL4us5m9GllM+6q+qvi2X4RMeqHnTyx/0wBZr4W56SuS
kg1tF+1eikWom4xZ0PGvVB5W4O9/AbYgrik9aaj2vtuUNG4I+9GL0OwhhenXVYPW
LIKfAvYrIKmKWAoZPBLK70McjDlULLFEYA9NMApvfbuNLZ8DS8S/6tiES36pUDy6
j+1lCaCgPvipEJr5YKkr+dFYjLuElRY5VbaeSyRUI4CRqzWNBFgiHSEnCvsapPVO
+X0PdPHEJgB3cMUbk3LYG+Z0RFNothpfZPdYX4oQx/IRQgaHQX8G
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:25:41 2024 by rpki-client on console-ams.rpki-client.org