Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/ddc1aa-5a3a-4163-b5e8-15ea337a7840/1/o877rONs1eylmiODz8T5wgOWXBk.roa
File: o877rONs1eylmiODz8T5wgOWXBk.roa (raw, json)
Hash identifier: Dy1aKSXZT86gDcgT3Q99oB3/a+OF+/EFJz1yZhjiGqY=
Subject key identifier: A3:CE:FB:AC:E3:6C:D5:EC:A5:9A:23:83:CF:C4:F9:C2:03:96:5C:19
Certificate issuer: /CN=9d3d627c297fe542d8359a86d8e2f9ebd9565a81
Certificate serial: 018CE50E4B4D47EBCD5AAF66BF0F08AE7985
Authority key identifier: 9D:3D:62:7C:29:7F:E5:42:D8:35:9A:86:D8:E2:F9:EB:D9:56:5A:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nT1ifCl_5ULYNZqG2OL569lWWoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/ddc1aa-5a3a-4163-b5e8-15ea337a7840/1/o877rONs1eylmiODz8T5wgOWXBk.roa
Signing time: Sun 07 Jan 2024 17:52:48 +0000
ROA not before: Sun 07 Jan 2024 17:52:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 94.231.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/ddc1aa-5a3a-4163-b5e8-15ea337a7840/1/nT1ifCl_5ULYNZqG2OL569lWWoE.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/ddc1aa-5a3a-4163-b5e8-15ea337a7840/1/nT1ifCl_5ULYNZqG2OL569lWWoE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nT1ifCl_5ULYNZqG2OL569lWWoE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e5:0e:4b:4d:47:eb:cd:5a:af:66:bf:0f:08:ae:79:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d3d627c297fe542d8359a86d8e2f9ebd9565a81
Validity
Not Before: Jan 7 17:52:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3cefbace36cd5eca59a2383cfc4f9c203965c19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f1:22:fa:bc:be:18:67:5f:e7:2f:e9:2d:78:
92:e6:95:11:df:bc:46:89:79:9b:56:45:ad:fd:1f:
02:1f:72:c1:fe:c5:f0:f1:9c:f5:a1:86:df:db:35:
6d:e5:ac:2e:83:4b:30:c6:94:58:41:3b:c3:46:fd:
c2:d1:13:94:c8:05:87:f2:39:3c:b0:a0:66:ab:ec:
bf:59:91:2c:ef:eb:66:dc:b2:f0:9b:f4:32:d1:06:
3a:13:ea:f6:5d:94:33:39:f7:b9:ae:04:61:a1:88:
94:3d:87:05:95:e5:da:54:68:4a:e8:ff:95:18:f4:
94:72:81:26:a5:92:6b:1e:0c:5b:f0:dd:a2:33:94:
86:a9:16:97:8b:d5:e3:70:25:8e:ff:61:44:aa:af:
8d:aa:72:cb:7b:5d:ab:5d:0e:34:70:91:56:c4:4c:
42:a4:b7:ef:71:12:32:8b:7e:d8:02:f5:e7:cf:49:
89:89:42:c3:13:b0:7c:11:b0:4a:89:ac:00:c4:09:
29:c8:a4:2d:31:f6:e3:9f:c8:93:ef:54:06:c7:9c:
f1:a2:ea:00:bc:73:d0:c9:ef:17:5a:b2:68:d4:4c:
f7:e1:af:4f:52:9f:4a:82:08:d8:3d:5e:f8:e1:ce:
39:17:af:2f:bd:4c:66:2d:06:ca:e0:d0:d7:42:83:
f1:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:CE:FB:AC:E3:6C:D5:EC:A5:9A:23:83:CF:C4:F9:C2:03:96:5C:19
X509v3 Authority Key Identifier:
keyid:9D:3D:62:7C:29:7F:E5:42:D8:35:9A:86:D8:E2:F9:EB:D9:56:5A:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nT1ifCl_5ULYNZqG2OL569lWWoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ddc1aa-5a3a-4163-b5e8-15ea337a7840/1/o877rONs1eylmiODz8T5wgOWXBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/ddc1aa-5a3a-4163-b5e8-15ea337a7840/1/nT1ifCl_5ULYNZqG2OL569lWWoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.199.0/24
Signature Algorithm: sha256WithRSAEncryption
73:94:d4:c8:74:b1:d3:26:e9:b7:9c:0c:d6:41:d8:d0:21:eb:
38:17:38:43:4c:6c:88:d9:51:f2:8f:f1:88:80:30:fa:c0:5a:
37:76:39:87:bf:0f:4e:e9:e6:37:5a:9d:5d:8c:59:bd:1b:17:
71:ad:fa:44:38:eb:b9:f5:87:32:c3:eb:b1:ec:b0:50:68:bc:
f3:e4:6e:0f:18:fe:51:48:28:77:00:8e:9b:a0:b9:6b:b5:3d:
c7:43:61:be:17:78:28:96:88:e6:c5:1c:1f:ff:5f:be:db:7e:
26:d7:ad:27:6e:0f:89:8e:97:ed:8f:a7:7a:20:a5:bd:0b:7f:
be:a6:d8:d5:42:50:3d:89:22:7f:d5:d8:85:00:74:04:b6:95:
1f:d5:11:59:20:0d:2c:1d:87:0c:33:6a:49:cc:69:8e:01:90:
57:bc:a9:a3:f7:fe:23:c2:de:10:ec:df:82:b7:ba:15:60:e2:
4b:8e:17:45:db:68:d9:b2:bd:b8:3f:f4:de:42:6a:f8:62:66:
85:91:2d:b5:10:b0:24:ef:89:04:f4:80:ff:5c:84:b6:48:61:
ab:ce:c6:de:e6:75:f6:c6:bb:17:37:b1:29:4d:07:d1:6d:4e:
a4:12:96:79:51:c2:80:43:7a:c8:60:51:d6:53:5a:26:29:8c:
41:d3:a8:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzlDktNR+vNWq9mvw8IrnmFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkM2Q2MjdjMjk3ZmU1NDJkODM1OWE4NmQ4ZTJmOWViZDk1
NjVhODEwHhcNMjQwMTA3MTc1MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2NlZmJhY2UzNmNkNWVjYTU5YTIzODNjZmM0ZjljMjAzOTY1YzE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPEi+ry+GGdf5y/pLXiS5pUR37xG
iXmbVkWt/R8CH3LB/sXw8Zz1oYbf2zVt5awug0swxpRYQTvDRv3C0ROUyAWH8jk8
sKBmq+y/WZEs7+tm3LLwm/Qy0QY6E+r2XZQzOfe5rgRhoYiUPYcFleXaVGhK6P+V
GPSUcoEmpZJrHgxb8N2iM5SGqRaXi9XjcCWO/2FEqq+NqnLLe12rXQ40cJFWxExC
pLfvcRIyi37YAvXnz0mJiULDE7B8EbBKiawAxAkpyKQtMfbjn8iT71QGx5zxouoA
vHPQye8XWrJo1Ez34a9PUp9KggjYPV744c45F68vvUxmLQbK4NDXQoPxOQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKPO+6zjbNXspZojg8/E+cIDllwZMB8GA1UdIwQY
MBaAFJ09Ynwpf+VC2DWahtji+evZVlqBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblQxaWZDbF81VUxZTlpxRzJPTDU2OWxXV29FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny9kZGMxYWEtNWEzYS00MTYzLWI1ZTgt
MTVlYTMzN2E3ODQwLzEvbzg3N3JPTnMxZXlsbWlPRHo4VDV3Z09XWEJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny9kZGMxYWEtNWEzYS00MTYzLWI1ZTgtMTVlYTMzN2E3ODQw
LzEvblQxaWZDbF81VUxZTlpxRzJPTDU2OWxXV29FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXufHMA0G
CSqGSIb3DQEBCwUAA4IBAQBzlNTIdLHTJum3nAzWQdjQIes4FzhDTGyI2VHyj/GI
gDD6wFo3djmHvw9O6eY3Wp1djFm9GxdxrfpEOOu59Ycyw+ux7LBQaLzz5G4PGP5R
SCh3AI6boLlrtT3HQ2G+F3golojmxRwf/1++234m160nbg+Jjpftj6d6IKW9C3++
ptjVQlA9iSJ/1diFAHQEtpUf1RFZIA0sHYcMM2pJzGmOAZBXvKmj9/4jwt4Q7N+C
t7oVYOJLjhdF22jZsr24P/TeQmr4YmaFkS21ELAk74kE9ID/XIS2SGGrzsbe5nX2
xrsXN7EpTQfRbU6kEpZ5UcKAQ3rIYFHWU1omKYxB06hy
-----END CERTIFICATE-----
Generated at Thu May 2 18:37:12 2024 by rpki-client on console-fra.rpki-client.org