Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a5f150-3d83-42cb-9a47-e3cfe6cec0ac/1/AofIlANmjLMQRV9y3-1nKqO0WSo.roa
File: AofIlANmjLMQRV9y3-1nKqO0WSo.roa (raw, json)
Hash identifier: wmd4IVLr4rdimRKUHmmtHX+isuowTTGgWcPvk0y1APE=
Subject key identifier: 02:87:C8:94:03:66:8C:B3:10:45:5F:72:DF:ED:67:2A:A3:B4:59:2A
Certificate issuer: /CN=38b5bd39b74f23d7683d1238ea9aca3c66a631a3
Certificate serial: 018CC86EF3B124D4A3F010BD31B9D9DBE154
Authority key identifier: 38:B5:BD:39:B7:4F:23:D7:68:3D:12:38:EA:9A:CA:3C:66:A6:31:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLW9ObdPI9doPRI46prKPGamMaM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/a5f150-3d83-42cb-9a47-e3cfe6cec0ac/1/AofIlANmjLMQRV9y3-1nKqO0WSo.roa
Signing time: Tue 02 Jan 2024 04:29:23 +0000
ROA not before: Tue 02 Jan 2024 04:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3203
IP address blocks: 193.0.132.0/22 maxlen: 22
176.115.128.0/22 maxlen: 22
176.115.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/a5f150-3d83-42cb-9a47-e3cfe6cec0ac/1/OLW9ObdPI9doPRI46prKPGamMaM.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/a5f150-3d83-42cb-9a47-e3cfe6cec0ac/1/OLW9ObdPI9doPRI46prKPGamMaM.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLW9ObdPI9doPRI46prKPGamMaM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:f3:b1:24:d4:a3:f0:10:bd:31:b9:d9:db:e1:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b5bd39b74f23d7683d1238ea9aca3c66a631a3
Validity
Not Before: Jan 2 04:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0287c89403668cb310455f72dfed672aa3b4592a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5b:b4:c9:dc:92:5e:9f:4f:ce:20:ff:06:d2:
06:24:28:13:64:a8:82:c8:e7:a6:00:16:17:f8:e6:
ca:f3:a7:bc:01:42:6c:95:4d:0f:a5:8b:4a:e6:3e:
46:7e:83:88:a6:34:bb:d0:cb:16:f1:01:71:eb:8c:
d5:ea:3b:1c:37:8f:d5:a4:96:4c:44:7b:71:61:55:
36:3a:ec:02:d0:56:e5:b9:cc:57:74:71:5a:f6:63:
56:b4:3e:6b:c2:84:b1:1c:00:d9:3f:e2:aa:bd:0f:
45:ea:28:1d:8d:25:6c:b7:17:8b:93:fe:0c:5c:ab:
77:98:db:1e:48:f8:48:db:bb:ed:4a:55:f7:52:e9:
54:81:16:89:7a:6d:5d:34:d6:c1:70:1b:6e:a9:c3:
74:17:90:53:74:0f:b5:10:c7:3e:44:f2:03:c5:51:
8f:e4:6a:22:b3:79:4c:89:89:cb:c9:27:e8:28:41:
9f:97:3d:b9:f3:8b:05:de:ce:61:98:2d:0f:30:10:
e9:40:d9:49:f0:ce:9b:69:95:9d:b2:d3:7f:55:17:
e9:ac:ad:8d:3e:0f:7b:38:c2:25:87:67:6c:0b:a5:
ff:81:19:7b:ef:b9:cb:6d:34:9c:2a:cd:89:6b:1e:
83:0a:9f:87:ab:63:bb:38:77:44:a7:c7:99:f8:93:
c2:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:87:C8:94:03:66:8C:B3:10:45:5F:72:DF:ED:67:2A:A3:B4:59:2A
X509v3 Authority Key Identifier:
keyid:38:B5:BD:39:B7:4F:23:D7:68:3D:12:38:EA:9A:CA:3C:66:A6:31:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLW9ObdPI9doPRI46prKPGamMaM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a5f150-3d83-42cb-9a47-e3cfe6cec0ac/1/AofIlANmjLMQRV9y3-1nKqO0WSo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a5f150-3d83-42cb-9a47-e3cfe6cec0ac/1/OLW9ObdPI9doPRI46prKPGamMaM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.115.128.0/21
193.0.132.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:d1:4e:cd:57:00:b3:af:4c:b3:9c:e5:9f:ab:8a:04:d9:04:
a0:f4:b4:8a:c6:70:c3:85:54:96:c1:a3:78:72:a9:04:0a:cb:
76:b6:6f:69:99:44:93:12:d7:b2:ff:15:a9:71:0c:7f:7d:ce:
71:f5:85:c7:66:e3:ec:d4:34:dd:c4:90:ba:ea:a8:1f:38:fa:
7a:eb:e6:71:20:a5:82:9c:50:84:66:89:5e:72:05:aa:de:9e:
b6:8d:ee:0a:cf:ea:1e:28:e1:3c:a8:ea:a3:66:ef:d9:40:8c:
84:e5:9f:74:15:20:b0:3d:4d:67:b1:dc:8b:4d:e4:78:4c:cd:
e4:bc:f4:d3:4f:ee:f4:93:b2:26:f8:91:50:1e:0f:4a:d7:fc:
4b:78:c8:de:e5:fd:41:2a:7d:6e:23:85:fe:c5:cb:22:c8:1d:
bd:aa:0f:28:ce:66:8f:8a:3d:54:22:e6:17:3e:59:86:eb:4e:
13:4b:7f:80:94:c7:c4:d1:ce:e3:68:1e:36:3b:ae:c6:98:05:
2c:1e:92:7b:4d:c2:31:11:b8:9b:84:78:7d:d2:93:74:88:93:
fe:af:6b:c5:25:c2:f6:0d:5d:fd:a3:65:8a:62:f7:e4:e4:9f:
39:c8:12:73:b9:60:fe:8d:06:47:ed:42:0c:46:a3:a2:3d:4a:
69:ed:52:8a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIbvOxJNSj8BC9MbnZ2+FUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjViZDM5Yjc0ZjIzZDc2ODNkMTIzOGVhOWFjYTNjNjZh
NjMxYTMwHhcNMjQwMTAyMDQyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMjg3Yzg5NDAzNjY4Y2IzMTA0NTVmNzJkZmVkNjcyYWEzYjQ1OTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlu0ydySXp9PziD/BtIGJCgTZKiC
yOemABYX+ObK86e8AUJslU0PpYtK5j5GfoOIpjS70MsW8QFx64zV6jscN4/VpJZM
RHtxYVU2OuwC0FblucxXdHFa9mNWtD5rwoSxHADZP+KqvQ9F6igdjSVstxeLk/4M
XKt3mNseSPhI27vtSlX3UulUgRaJem1dNNbBcBtuqcN0F5BTdA+1EMc+RPIDxVGP
5Gois3lMiYnLySfoKEGflz2584sF3s5hmC0PMBDpQNlJ8M6baZWdstN/VRfprK2N
Pg97OMIlh2dsC6X/gRl777nLbTScKs2Jax6DCp+Hq2O7OHdEp8eZ+JPCEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAKHyJQDZoyzEEVfct/tZyqjtFkqMB8GA1UdIwQY
MBaAFDi1vTm3TyPXaD0SOOqayjxmpjGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xXOU9iZFBJOWRvUFJJNDZwcktQR2FtTWFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hNWYxNTAtM2Q4My00MmNiLTlhNDct
ZTNjZmU2Y2VjMGFjLzEvQW9mSWxBTm1qTE1RUlY5eTMtMW5LcU8wV1NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hNWYxNTAtM2Q4My00MmNiLTlhNDctZTNjZmU2Y2VjMGFj
LzEvT0xXOU9iZFBJOWRvUFJJNDZwcktQR2FtTWFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsHOAAwQC
wQCEMA0GCSqGSIb3DQEBCwUAA4IBAQAf0U7NVwCzr0yznOWfq4oE2QSg9LSKxnDD
hVSWwaN4cqkECst2tm9pmUSTEtey/xWpcQx/fc5x9YXHZuPs1DTdxJC66qgfOPp6
6+ZxIKWCnFCEZolecgWq3p62je4Kz+oeKOE8qOqjZu/ZQIyE5Z90FSCwPU1nsdyL
TeR4TM3kvPTTT+70k7Im+JFQHg9K1/xLeMje5f1BKn1uI4X+xcsiyB29qg8ozmaP
ij1UIuYXPlmG604TS3+AlMfE0c7jaB42O67GmAUsHpJ7TcIxEbibhHh90pN0iJP+
r2vFJcL2DV39o2WKYvfk5J85yBJzuWD+jQZH7UIMRqOiPUpp7VKK
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:59:18 2024 by rpki-client on console-fra.rpki-client.org