Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/OTa2_ClY6w9bRnknrGzz6ZpLbY0.roa
File: OTa2_ClY6w9bRnknrGzz6ZpLbY0.roa (raw, json)
Hash identifier: auzCJAX6dLQz9Niz6mEEUMnopgCP2rrZW6Motu990Ng=
Subject key identifier: 39:36:B6:FC:29:58:EB:0F:5B:46:79:27:AC:6C:F3:E9:9A:4B:6D:8D
Certificate issuer: /CN=6416bc721c740c10fc7b0d8b1b358a2d35f488b7
Certificate serial: 019428272B169BC571C3CAB49402F56452E7
Authority key identifier: 64:16:BC:72:1C:74:0C:10:FC:7B:0D:8B:1B:35:8A:2D:35:F4:88:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZBa8chx0DBD8ew2LGzWKLTX0iLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/OTa2_ClY6w9bRnknrGzz6ZpLbY0.roa
Signing time: Thu 02 Jan 2025 17:54:03 +0000
ROA not before: Thu 02 Jan 2025 17:54:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57570
IP address blocks: 91.232.230.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/ZBa8chx0DBD8ew2LGzWKLTX0iLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/ZBa8chx0DBD8ew2LGzWKLTX0iLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZBa8chx0DBD8ew2LGzWKLTX0iLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 05:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:2b:16:9b:c5:71:c3:ca:b4:94:02:f5:64:52:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6416bc721c740c10fc7b0d8b1b358a2d35f488b7
Validity
Not Before: Jan 2 17:54:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3936b6fc2958eb0f5b467927ac6cf3e99a4b6d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:cc:37:6e:fc:1f:c3:e9:cd:01:5c:19:da:56:
92:06:47:14:69:0d:48:d0:f0:f5:e8:10:55:dc:68:
a0:14:48:3e:7a:97:37:14:a7:4a:7a:86:4b:fb:0a:
21:51:b7:4c:dc:fa:0c:fb:ea:50:47:b4:5a:98:b8:
91:29:0a:8d:a3:10:59:51:2b:89:fe:21:f4:ba:3e:
fc:8f:f5:8d:38:90:b7:ee:9d:ca:fc:c5:91:f3:c1:
0a:ba:70:18:48:85:df:fa:03:0f:62:89:2a:fa:41:
85:9e:2b:39:2f:f2:f0:07:ee:bd:79:71:a3:29:8a:
7a:0d:e5:e3:73:a6:31:da:61:7b:ee:26:4a:dd:84:
64:ac:23:14:07:58:a0:c5:27:47:dc:f7:2c:1e:82:
36:ce:ad:e0:cf:14:9d:76:b9:2f:32:c1:99:70:5c:
20:69:b7:62:9d:cc:c4:87:f8:a2:2a:28:2d:b4:04:
ec:b4:27:3a:66:b4:80:c9:18:b4:aa:28:88:ed:01:
28:76:d4:9f:3a:27:e6:1f:2d:d0:17:0e:f5:40:26:
60:1b:4a:5a:bb:d5:1e:5a:85:89:84:4b:de:87:d5:
8e:df:08:2e:d4:3a:ee:3c:d7:88:a6:04:8f:48:46:
74:b3:c1:bb:80:b2:fc:ae:ee:20:29:3b:6a:f0:40:
91:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:36:B6:FC:29:58:EB:0F:5B:46:79:27:AC:6C:F3:E9:9A:4B:6D:8D
X509v3 Authority Key Identifier:
keyid:64:16:BC:72:1C:74:0C:10:FC:7B:0D:8B:1B:35:8A:2D:35:F4:88:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZBa8chx0DBD8ew2LGzWKLTX0iLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/OTa2_ClY6w9bRnknrGzz6ZpLbY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/6db264-73d4-43ac-a97e-590b1b2a4609/1/ZBa8chx0DBD8ew2LGzWKLTX0iLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.230.0/23
Signature Algorithm: sha256WithRSAEncryption
c3:ca:1d:1e:c6:18:32:33:ce:47:75:cb:23:b5:8f:bd:b1:73:
75:9f:be:41:18:30:7c:53:8a:2a:3b:e2:2c:95:ec:d8:a1:7d:
be:6b:18:2b:29:e5:81:c2:20:42:75:ed:1e:8f:38:e1:8d:3d:
2b:3e:e2:f6:d3:11:83:79:db:90:2e:ef:7f:80:07:9a:58:04:
bc:97:45:3f:25:9f:27:c6:55:74:47:b0:43:f3:08:9e:74:4a:
4a:43:dc:59:49:51:9f:eb:24:50:37:5c:cf:73:08:c7:93:74:
78:71:db:a1:ef:8f:41:c5:5c:21:7f:d1:75:aa:ae:78:7b:3c:
28:a1:2a:33:e8:3e:0d:95:36:4d:94:9d:33:42:3a:1d:a3:b2:
43:61:1a:70:51:4e:da:d9:d2:5e:37:de:54:39:fa:98:a6:ac:
5f:de:89:5c:19:b1:a5:65:aa:67:45:05:6c:bb:56:a8:c0:7b:
30:49:20:aa:4a:2b:4a:e9:72:77:5c:e9:b6:5c:6d:aa:99:d8:
80:07:0e:a6:f8:64:16:33:f9:34:ee:c5:61:5f:27:e6:d8:d7:
fa:ea:e4:49:9e:49:f9:f1:02:93:1a:ae:78:bb:ca:f9:4d:1e:
16:32:a1:0c:eb:07:4a:46:4d:d2:49:86:3b:0d:ad:e3:e0:c7:
73:be:b5:fe
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQoJysWm8Vxw8q0lAL1ZFLnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0MTZiYzcyMWM3NDBjMTBmYzdiMGQ4YjFiMzU4YTJkMzVm
NDg4YjcwHhcNMjUwMTAyMTc1NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTM2YjZmYzI5NThlYjBmNWI0Njc5MjdhYzZjZjNlOTlhNGI2ZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsw3bvwfw+nNAVwZ2laSBkcUaQ1I
0PD16BBV3GigFEg+epc3FKdKeoZL+wohUbdM3PoM++pQR7RamLiRKQqNoxBZUSuJ
/iH0uj78j/WNOJC37p3K/MWR88EKunAYSIXf+gMPYokq+kGFnis5L/LwB+69eXGj
KYp6DeXjc6Yx2mF77iZK3YRkrCMUB1igxSdH3PcsHoI2zq3gzxSddrkvMsGZcFwg
abdinczEh/iiKigttATstCc6ZrSAyRi0qiiI7QEodtSfOifmHy3QFw71QCZgG0pa
u9UeWoWJhEveh9WO3wgu1DruPNeIpgSPSEZ0s8G7gLL8ru4gKTtq8ECRMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDk2tvwpWOsPW0Z5J6xs8+maS22NMB8GA1UdIwQY
MBaAFGQWvHIcdAwQ/HsNixs1ii019Ii3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkJhOGNoeDBEQkQ4ZXcyTEd6V0tMVFgwaUxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy82ZGIyNjQtNzNkNC00M2FjLWE5N2Ut
NTkwYjFiMmE0NjA5LzEvT1RhMl9DbFk2dzliUm5rbnJHeno2WnBMYlkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy82ZGIyNjQtNzNkNC00M2FjLWE5N2UtNTkwYjFiMmE0NjA5
LzEvWkJhOGNoeDBEQkQ4ZXcyTEd6V0tMVFgwaUxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBW+jmMA0G
CSqGSIb3DQEBCwUAA4IBAQDDyh0exhgyM85HdcsjtY+9sXN1n75BGDB8U4oqO+Is
lezYoX2+axgrKeWBwiBCde0ejzjhjT0rPuL20xGDeduQLu9/gAeaWAS8l0U/JZ8n
xlV0R7BD8wiedEpKQ9xZSVGf6yRQN1zPcwjHk3R4cduh749BxVwhf9F1qq54ezwo
oSoz6D4NlTZNlJ0zQjodo7JDYRpwUU7a2dJeN95UOfqYpqxf3olcGbGlZapnRQVs
u1aowHswSSCqSitK6XJ3XOm2XG2qmdiABw6m+GQWM/k07sVhXyfm2Nf66uRJnkn5
8QKTGq54u8r5TR4WMqEM6wdKRk3SSYY7Da3j4MdzvrX+
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:54:19 2025 by rpki-client