Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/OTtsv9RR1QsS-5u0qYRGPEYTOOA.roa
File: OTtsv9RR1QsS-5u0qYRGPEYTOOA.roa (raw, json)
Hash identifier: PhnUiFOaOB+uXJSKF07I2cO6h54Q9N8ffoHvYQnw6Ws=
Subject key identifier: 39:3B:6C:BF:D4:51:D5:0B:12:FB:9B:B4:A9:84:46:3C:46:13:38:E0
Certificate issuer: /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Certificate serial: 018CCA9A141B1B4E5F5091AD1E04079F7214
Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/OTtsv9RR1QsS-5u0qYRGPEYTOOA.roa
Signing time: Tue 02 Jan 2024 14:35:44 +0000
ROA not before: Tue 02 Jan 2024 14:35:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29017
IP address blocks: 185.181.116.0/22 maxlen: 24
91.197.228.0/22 maxlen: 24
2a0a:cb80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.mft
rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:9a:14:1b:1b:4e:5f:50:91:ad:1e:04:07:9f:72:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Validity
Not Before: Jan 2 14:35:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=393b6cbfd451d50b12fb9bb4a984463c461338e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dc:84:19:3f:30:aa:27:7e:75:da:f5:3f:d4:
2b:93:7b:b8:b5:ad:74:c8:99:99:84:f0:21:06:3d:
b5:ef:2f:e8:61:f1:08:6a:fa:31:3e:29:38:a1:b8:
f1:97:7d:3e:07:0c:17:47:3d:8a:96:aa:18:56:2b:
35:c7:8a:57:40:9e:85:a8:2b:6f:1b:7a:e3:9d:2a:
62:06:f1:0d:a3:62:1a:d2:49:64:f1:a6:9b:b7:bc:
24:0e:f6:da:90:44:2e:2a:96:42:61:12:e2:a9:bb:
24:c0:07:69:33:d1:ae:0f:a2:f4:fa:56:b6:1b:28:
a3:9d:b2:8c:af:0b:95:50:38:6f:c6:6d:52:3f:1b:
be:f2:3f:f2:35:86:7a:56:e8:df:c8:d8:7c:6a:13:
3a:89:88:11:60:69:31:49:76:18:64:5f:79:27:be:
ec:02:54:2d:3c:63:48:0d:cc:f6:61:7f:84:6d:96:
0e:ba:5b:a9:b7:d8:0a:2c:ca:09:3a:61:4e:8b:e1:
4c:55:c2:85:8b:3c:db:8b:d8:7a:70:01:39:01:f9:
12:c2:82:a3:9b:5b:31:04:a8:97:df:0e:a9:4f:37:
05:2f:ba:49:4d:57:52:dd:4f:85:bd:30:42:7a:e8:
af:de:bb:bf:51:cc:3d:ba:0d:a1:2e:17:c6:5b:a2:
b9:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:3B:6C:BF:D4:51:D5:0B:12:FB:9B:B4:A9:84:46:3C:46:13:38:E0
X509v3 Authority Key Identifier:
keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/OTtsv9RR1QsS-5u0qYRGPEYTOOA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.228.0/22
185.181.116.0/22
IPv6:
2a0a:cb80::/32
Signature Algorithm: sha256WithRSAEncryption
60:53:62:25:89:2c:d4:1e:8b:ba:b2:64:db:30:da:49:e2:50:
3c:35:16:d0:b9:4a:f9:c3:79:53:dc:e9:65:8b:1c:86:f3:6b:
85:f8:fc:ee:01:8d:92:3f:08:a4:05:7f:29:0d:3c:9d:1c:32:
08:14:07:e7:95:d5:2a:3d:a9:53:f4:f0:6d:e0:50:4c:5d:a5:
2e:65:b1:1a:fc:b7:b9:42:33:94:4f:b9:ed:1a:4a:80:1a:5a:
d7:50:78:49:fd:5e:72:8c:b2:0d:e4:e2:ec:de:61:47:97:66:
25:2c:89:09:34:fa:b3:48:76:06:cd:88:84:35:31:6d:07:34:
4f:f8:54:07:cb:8e:c3:18:da:81:f2:26:cb:1a:db:7c:1f:0f:
e7:09:58:fe:39:7a:39:19:9f:74:81:89:ec:99:1b:d5:e3:4b:
e3:0d:7a:7f:1c:8f:67:19:43:b6:d9:1f:86:94:8f:d4:5c:e5:
27:8d:53:7a:fc:9c:95:92:f0:a4:0c:8d:3b:62:a3:42:2f:7a:
fa:c1:98:9d:e0:be:38:71:8b:1c:56:d0:77:5e:88:08:03:6e:
5d:ba:49:f6:27:47:41:db:c5:06:0f:23:12:a2:69:f4:ab:d2:
72:8c:56:fc:02:f1:3d:21:0b:51:4b:8a:0e:6a:20:17:23:46:
20:04:8f:33
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKmhQbG05fUJGtHgQHn3IUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm
MTFkZmMwHhcNMjQwMTAyMTQzNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTNiNmNiZmQ0NTFkNTBiMTJmYjliYjRhOTg0NDYzYzQ2MTMzOGUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9yEGT8wqid+ddr1P9Qrk3u4ta10
yJmZhPAhBj217y/oYfEIavoxPik4objxl30+BwwXRz2KlqoYVis1x4pXQJ6FqCtv
G3rjnSpiBvENo2Ia0klk8aabt7wkDvbakEQuKpZCYRLiqbskwAdpM9GuD6L0+la2
GyijnbKMrwuVUDhvxm1SPxu+8j/yNYZ6VujfyNh8ahM6iYgRYGkxSXYYZF95J77s
AlQtPGNIDcz2YX+EbZYOulupt9gKLMoJOmFOi+FMVcKFizzbi9h6cAE5AfkSwoKj
m1sxBKiX3w6pTzcFL7pJTVdS3U+FvTBCeuiv3ru/Ucw9ug2hLhfGW6K5DQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDk7bL/UUdULEvubtKmERjxGEzjgMB8GA1UdIwQY
MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt
ZDE2M2I1NDk5ZTY4LzEvT1R0c3Y5UlIxUXNTLTV1MHFZUkdQRVlUT09BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4
LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC
ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQBgU2IliSzUHou6
smTbMNpJ4lA8NRbQuUr5w3lT3OllixyG82uF+PzuAY2SPwikBX8pDTydHDIIFAfn
ldUqPalT9PBt4FBMXaUuZbEa/Le5QjOUT7ntGkqAGlrXUHhJ/V5yjLIN5OLs3mFH
l2YlLIkJNPqzSHYGzYiENTFtBzRP+FQHy47DGNqB8ibLGtt8Hw/nCVj+OXo5GZ90
gYnsmRvV40vjDXp/HI9nGUO22R+GlI/UXOUnjVN6/JyVkvCkDI07YqNCL3r6wZid
4L44cYscVtB3XogIA25dukn2J0dB28UGDyMSomn0q9JyjFb8AvE9IQtRS4oOaiAX
I0YgBI8z
-----END CERTIFICATE-----
Generated at Wed Jun 26 07:00:48 2024 by rpki-client on console-fra.rpki-client.org