Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/OHCUKLiUNCuj1vsCd4R4JG-8c1I.roa
File: OHCUKLiUNCuj1vsCd4R4JG-8c1I.roa (raw, json)
Hash identifier: W6Iw9zJElA0R8BN5Jd3dQzVwVDsj64azFUq5+lBnCeg=
Subject key identifier: 38:70:94:28:B8:94:34:2B:A3:D6:FB:02:77:84:78:24:6F:BC:73:52
Certificate issuer: /CN=b7a670e51c96419fc52028b12e45655ef914ddbb
Certificate serial: 018CC7271453228BECBE6AF144529E27107E
Authority key identifier: B7:A6:70:E5:1C:96:41:9F:C5:20:28:B1:2E:45:65:5E:F9:14:DD:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/t6Zw5RyWQZ_FICixLkVlXvkU3bs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/OHCUKLiUNCuj1vsCd4R4JG-8c1I.roa
Signing time: Mon 01 Jan 2024 22:31:16 +0000
ROA not before: Mon 01 Jan 2024 22:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59914
IP address blocks: 185.66.225.0/24 maxlen: 24
185.66.224.0/24 maxlen: 24
185.66.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/t6Zw5RyWQZ_FICixLkVlXvkU3bs.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/t6Zw5RyWQZ_FICixLkVlXvkU3bs.mft
rsync://rpki.ripe.net/repository/DEFAULT/t6Zw5RyWQZ_FICixLkVlXvkU3bs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 28 Jun 2024 20:47:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:14:53:22:8b:ec:be:6a:f1:44:52:9e:27:10:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7a670e51c96419fc52028b12e45655ef914ddbb
Validity
Not Before: Jan 1 22:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38709428b894342ba3d6fb02778478246fbc7352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:a5:23:12:14:c7:8e:e2:ee:e2:19:63:d6:8d:
8e:af:57:38:a7:6a:7e:10:a8:1a:ed:0b:1d:b9:64:
2c:39:61:5d:e5:09:47:2c:ec:44:91:86:ff:1c:dd:
95:7e:af:fa:f5:f1:db:ba:ac:1d:a1:18:91:d6:1e:
a2:aa:80:38:9a:77:b5:82:77:2c:be:95:90:87:b5:
44:65:26:f3:72:71:52:02:41:8f:84:00:76:92:44:
ab:91:b8:f9:9c:ce:14:89:5d:d9:ca:b6:1e:1c:8b:
1b:29:2e:0f:6d:08:72:27:97:ed:b6:64:11:88:e8:
1d:9c:fa:56:e4:52:f6:72:be:c5:67:ab:ec:dd:8d:
bf:d7:2b:1f:9e:f8:ca:8e:26:6e:18:49:18:f2:68:
d3:5b:0d:b3:77:ed:a1:5f:17:ed:2d:cf:ea:52:a3:
31:c1:14:02:61:0e:ea:d9:7d:b0:7e:17:94:cc:17:
5d:6d:9e:89:4d:14:39:3d:9c:ba:38:82:43:7f:3e:
6c:2d:f3:ec:cb:23:1b:1b:5b:f3:68:7e:0c:9c:14:
4c:2b:a5:31:8c:8f:a5:17:0d:45:94:ee:b1:c4:18:
7c:18:9c:8c:a0:6e:5a:b2:bf:78:56:84:0d:d3:72:
c8:ef:ac:5a:b5:08:7e:fa:18:a6:b7:21:a1:c3:c7:
80:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:70:94:28:B8:94:34:2B:A3:D6:FB:02:77:84:78:24:6F:BC:73:52
X509v3 Authority Key Identifier:
keyid:B7:A6:70:E5:1C:96:41:9F:C5:20:28:B1:2E:45:65:5E:F9:14:DD:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/t6Zw5RyWQZ_FICixLkVlXvkU3bs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/OHCUKLiUNCuj1vsCd4R4JG-8c1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c4ca9d-5d32-4efd-8e1b-132937d39cea/1/t6Zw5RyWQZ_FICixLkVlXvkU3bs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.66.224.0/23
185.66.227.0/24
Signature Algorithm: sha256WithRSAEncryption
08:f6:43:1b:17:f9:2e:29:a7:78:a8:b8:0e:e6:4b:e0:79:35:
72:3b:d2:63:25:2b:72:2a:44:03:dc:39:de:7c:85:7b:31:37:
6b:48:4e:c8:41:10:02:09:10:6d:c1:dc:43:3a:94:88:fc:60:
77:66:32:0f:35:b3:44:a7:61:c9:8b:a0:f8:9e:34:9d:cc:30:
b3:95:58:78:5f:62:c2:6f:d6:41:3b:38:2a:2f:6c:96:06:63:
59:62:52:cf:e8:aa:55:19:2a:cb:75:03:ff:33:8f:e3:d4:8f:
23:48:a5:7c:f9:6e:bb:53:89:03:f8:d4:ed:64:df:c4:37:ab:
bf:ed:47:41:70:dc:24:9a:c3:9c:32:f0:aa:7e:19:4a:94:c6:
6d:df:d7:3a:61:56:4b:55:a0:cf:d4:cc:64:42:c0:1e:bf:0d:
3a:92:ee:6e:b3:be:2f:fe:2e:64:9e:8b:d5:2a:0b:17:51:b2:
27:52:5a:a3:d5:c6:d7:7a:dd:02:ac:95:01:80:3c:d1:17:a2:
c3:92:b4:cd:23:89:d7:ef:38:ea:fa:9c:30:b1:7c:1e:f2:86:
61:e4:bf:51:da:c7:f3:13:4e:44:48:26:92:c2:41:fc:c2:45:
d7:93:92:a2:65:a8:82:91:75:5f:35:3b:23:e9:57:b4:53:31:
05:6b:ca:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJxRTIovsvmrxRFKeJxB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3YTY3MGU1MWM5NjQxOWZjNTIwMjhiMTJlNDU2NTVlZjkx
NGRkYmIwHhcNMjQwMTAxMjIzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODcwOTQyOGI4OTQzNDJiYTNkNmZiMDI3Nzg0NzgyNDZmYmM3MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkKUjEhTHjuLu4hlj1o2Or1c4p2p+
EKga7QsduWQsOWFd5QlHLOxEkYb/HN2Vfq/69fHbuqwdoRiR1h6iqoA4mne1gncs
vpWQh7VEZSbzcnFSAkGPhAB2kkSrkbj5nM4UiV3ZyrYeHIsbKS4PbQhyJ5fttmQR
iOgdnPpW5FL2cr7FZ6vs3Y2/1ysfnvjKjiZuGEkY8mjTWw2zd+2hXxftLc/qUqMx
wRQCYQ7q2X2wfheUzBddbZ6JTRQ5PZy6OIJDfz5sLfPsyyMbG1vzaH4MnBRMK6Ux
jI+lFw1FlO6xxBh8GJyMoG5asr94VoQN03LI76xatQh++himtyGhw8eAAQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDhwlCi4lDQro9b7AneEeCRvvHNSMB8GA1UdIwQY
MBaAFLemcOUclkGfxSAosS5FZV75FN27MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdDZadzVSeVdRWl9GSUNpeExrVmxYdmtVM2JzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jNGNhOWQtNWQzMi00ZWZkLThlMWIt
MTMyOTM3ZDM5Y2VhLzEvT0hDVUtMaVVOQ3VqMXZzQ2Q0UjRKRy04YzFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jNGNhOWQtNWQzMi00ZWZkLThlMWItMTMyOTM3ZDM5Y2Vh
LzEvdDZadzVSeVdRWl9GSUNpeExrVmxYdmtVM2JzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBuULgAwQA
uULjMA0GCSqGSIb3DQEBCwUAA4IBAQAI9kMbF/kuKad4qLgO5kvgeTVyO9JjJSty
KkQD3DnefIV7MTdrSE7IQRACCRBtwdxDOpSI/GB3ZjIPNbNEp2HJi6D4njSdzDCz
lVh4X2LCb9ZBOzgqL2yWBmNZYlLP6KpVGSrLdQP/M4/j1I8jSKV8+W67U4kD+NTt
ZN/EN6u/7UdBcNwkmsOcMvCqfhlKlMZt39c6YVZLVaDP1MxkQsAevw06ku5us74v
/i5knovVKgsXUbInUlqj1cbXet0CrJUBgDzRF6LDkrTNI4nX7zjq+pwwsXwe8oZh
5L9R2sfzE05ESCaSwkH8wkXXk5KiZaiCkXVfNTsj6Ve0UzEFa8rc
-----END CERTIFICATE-----
Generated at Fri Jun 28 03:49:56 2024 by rpki-client on console-fra.rpki-client.org