Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/OCeyX3XsjCELnX6aC8IQlswGOFc.roa
File: OCeyX3XsjCELnX6aC8IQlswGOFc.roa (raw, json)
Hash identifier: y3WFZCt+VTlKMrcWaigsyAFC6cMTN0Z8J2PIqiTu/pk=
Subject key identifier: 38:27:B2:5F:75:EC:8C:21:0B:9D:7E:9A:0B:C2:10:96:CC:06:38:57
Certificate issuer: /CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Certificate serial: 018FE3C064A4707B4EF4486F5942494A2EC0
Authority key identifier: 8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/OCeyX3XsjCELnX6aC8IQlswGOFc.roa
Signing time: Tue 04 Jun 2024 14:56:27 +0000
ROA not before: Tue 04 Jun 2024 14:56:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 93.157.38.0/23 maxlen: 24
2a00:4bc0:2000::/44 maxlen: 56
2a00:4bc0:2100::/40 maxlen: 48
2a00:4bc0:2300::/40 maxlen: 48
2a00:4bc0:2400::/40 maxlen: 48
2a00:4bc0:2600::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:e3:c0:64:a4:70:7b:4e:f4:48:6f:59:42:49:4a:2e:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f2824c61357dc344bbdf35b83577459b9d3fc44
Validity
Not Before: Jun 4 14:56:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3827b25f75ec8c210b9d7e9a0bc21096cc063857
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:81:b5:10:19:4c:86:d1:9e:3c:2b:d4:eb:1e:
88:74:7e:b3:bd:03:60:85:a5:21:9d:41:b1:e8:82:
ce:3c:61:37:60:a7:bd:01:9f:f6:80:7b:a1:07:a1:
2c:3a:3f:32:66:0b:75:bb:03:1e:6e:ea:c8:f6:0b:
86:bb:90:77:90:8c:9c:57:bf:b4:ea:11:03:d0:b7:
a7:7e:e3:42:a8:2a:b3:70:f8:8c:8e:f4:33:a7:d4:
e3:08:c1:c0:98:36:03:99:b8:95:b4:35:ef:d2:76:
43:ce:74:42:30:1a:05:5c:dc:da:cf:28:ce:ba:82:
85:28:d0:8a:be:3e:7c:f9:82:f4:7b:1a:43:a6:cc:
27:50:29:4c:e7:ab:7c:ee:78:57:52:00:14:b3:95:
e0:a4:68:7d:36:4c:61:5d:56:eb:3a:6a:74:5f:fd:
fe:84:7f:97:2c:8e:19:e7:6b:3f:0e:3b:7e:34:2b:
8b:0f:70:09:39:98:df:06:3a:ee:ea:74:80:13:59:
71:6a:39:99:13:31:0d:70:3b:74:40:2d:74:2d:b5:
fa:73:d2:a1:e9:7e:b1:a4:d1:4d:8d:ec:dc:86:9b:
be:08:5b:d6:de:ff:b3:b4:64:b9:34:de:0f:e5:87:
ff:88:8e:bf:01:48:c5:f3:77:f2:43:d9:a1:60:50:
02:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:27:B2:5F:75:EC:8C:21:0B:9D:7E:9A:0B:C2:10:96:CC:06:38:57
X509v3 Authority Key Identifier:
keyid:8F:28:24:C6:13:57:DC:34:4B:BD:F3:5B:83:57:74:59:B9:D3:FC:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jygkxhNX3DRLvfNbg1d0WbnT_EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/OCeyX3XsjCELnX6aC8IQlswGOFc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/652eb4-321c-48c0-9272-3ae711af034b/1/jygkxhNX3DRLvfNbg1d0WbnT_EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.157.38.0/23
IPv6:
2a00:4bc0:2000::/44
2a00:4bc0:2100::/40
2a00:4bc0:2300::-2a00:4bc0:24ff:ffff:ffff:ffff:ffff:ffff
2a00:4bc0:2600::/40
Signature Algorithm: sha256WithRSAEncryption
7f:0b:b7:fb:bc:b1:09:aa:5f:0c:6d:b0:7d:07:7c:b6:2a:d6:
2e:a5:3f:2f:a7:d1:0c:8a:71:84:c2:6c:a4:2d:83:80:80:53:
a4:7c:08:12:3a:36:b1:cb:03:ee:2c:0b:9b:f3:c6:8e:26:ac:
83:1a:a4:74:1d:70:a0:2e:eb:95:e8:79:57:d5:34:dc:0f:27:
9a:04:61:37:94:20:69:1c:c4:c8:60:5b:6b:bc:94:57:a8:86:
c8:09:83:16:59:5f:e6:65:a3:24:ff:7b:b1:d4:e4:55:12:a4:
29:b1:c9:07:ef:c2:f6:ca:24:31:bf:2f:82:b4:7b:f8:14:b1:
f3:55:9d:72:a7:3d:a9:5b:b4:76:f8:4e:fd:07:be:d8:ea:a0:
f1:62:40:fa:24:1f:23:f5:af:90:65:f6:cd:20:49:49:3b:5e:
ca:cf:e5:7f:45:f7:0c:fc:4a:b8:20:0f:49:f8:a8:53:07:b4:
64:55:25:3c:ac:8f:e2:d0:3b:2a:e5:15:d9:e3:31:57:df:aa:
d1:22:c7:9d:57:58:52:a2:79:e8:e7:62:e8:73:89:b4:a7:a5:
2a:90:94:64:2b:49:29:66:1e:a9:a2:21:cc:9c:b2:79:54:42:
32:bf:65:0c:e4:5a:4a:9b:be:8e:d9:1a:65:9b:bf:36:80:59:
d2:37:03:42
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY/jwGSkcHtO9EhvWUJJSi7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMjgyNGM2MTM1N2RjMzQ0YmJkZjM1YjgzNTc3NDU5Yjlk
M2ZjNDQwHhcNMjQwNjA0MTQ1NjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODI3YjI1Zjc1ZWM4YzIxMGI5ZDdlOWEwYmMyMTA5NmNjMDYzODU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYG1EBlMhtGePCvU6x6IdH6zvQNg
haUhnUGx6ILOPGE3YKe9AZ/2gHuhB6EsOj8yZgt1uwMeburI9guGu5B3kIycV7+0
6hED0LenfuNCqCqzcPiMjvQzp9TjCMHAmDYDmbiVtDXv0nZDznRCMBoFXNzazyjO
uoKFKNCKvj58+YL0expDpswnUClM56t87nhXUgAUs5XgpGh9NkxhXVbrOmp0X/3+
hH+XLI4Z52s/Djt+NCuLD3AJOZjfBjru6nSAE1lxajmZEzENcDt0QC10LbX6c9Kh
6X6xpNFNjezchpu+CFvW3v+ztGS5NN4P5Yf/iI6/AUjF83fyQ9mhYFAC1wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFDgnsl917IwhC51+mgvCEJbMBjhXMB8GA1UdIwQY
MBaAFI8oJMYTV9w0S73zW4NXdFm50/xEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzIt
M2FlNzExYWYwMzRiLzEvT0NleVgzWHNqQ0VMblg2YUM4SVFsc3dHT0ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS82NTJlYjQtMzIxYy00OGMwLTkyNzItM2FlNzExYWYwMzRi
LzEvanlna3hoTlgzRFJMdmZOYmcxZDBXYm5UX0VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAMBAIAATAGAwQBXZ0mMDEE
AgACMCsDBwQqAEvAIAADBgAqAEvAITAQAwYAKgBLwCMDBgAqAEvAJAMGACoAS8Am
MA0GCSqGSIb3DQEBCwUAA4IBAQB/C7f7vLEJql8MbbB9B3y2KtYupT8vp9EMinGE
wmykLYOAgFOkfAgSOjaxywPuLAub88aOJqyDGqR0HXCgLuuV6HlX1TTcDyeaBGE3
lCBpHMTIYFtrvJRXqIbICYMWWV/mZaMk/3ux1ORVEqQpsckH78L2yiQxvy+CtHv4
FLHzVZ1ypz2pW7R2+E79B77Y6qDxYkD6JB8j9a+QZfbNIElJO17Kz+V/RfcM/Eq4
IA9J+KhTB7RkVSU8rI/i0Dsq5RXZ4zFX36rRIsedV1hSonno52Loc4m0p6UqkJRk
K0kpZh6poiHMnLJ5VEIyv2UM5FpKm76O2Rplm782gFnSNwNC
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:20:53 2024 by rpki-client on console-ams.rpki-client.org