Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/R3vROmQAOgLbxQ7Imd7i1Ur2G9M.roa
File: R3vROmQAOgLbxQ7Imd7i1Ur2G9M.roa (raw, json)
Hash identifier: aRDyI1ny3mJEQVg0rObRaJvmoKIvZ0/lhRBL6bfvEZQ=
Subject key identifier: 47:7B:D1:3A:64:00:3A:02:DB:C5:0E:C8:99:DE:E2:D5:4A:F6:1B:D3
Certificate issuer: /CN=380099a81b346f9abcaf26056f5b77094d1cf113
Certificate serial: 018CCA96EA7B8FC6495107D672BE94E879DD
Authority key identifier: 38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/R3vROmQAOgLbxQ7Imd7i1Ur2G9M.roa
Signing time: Tue 02 Jan 2024 14:32:17 +0000
ROA not before: Tue 02 Jan 2024 14:32:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56791
IP address blocks: 94.243.224.0/21 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.mft
rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:96:ea:7b:8f:c6:49:51:07:d6:72:be:94:e8:79:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380099a81b346f9abcaf26056f5b77094d1cf113
Validity
Not Before: Jan 2 14:32:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=477bd13a64003a02dbc50ec899dee2d54af61bd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:a6:23:00:ab:39:16:bf:ed:ee:1f:e3:e4:05:
b5:64:c0:29:28:e8:04:df:28:06:71:4e:b8:e3:5c:
c5:47:4b:67:a9:26:8a:34:55:7f:74:a4:a8:26:90:
86:30:0a:7a:f9:32:87:b1:c9:12:ae:ce:c2:64:44:
8b:8e:94:a6:d1:b5:58:ae:89:4e:ae:5e:0e:23:2d:
17:ed:21:48:6a:9a:9d:75:5b:9e:0b:45:87:99:85:
48:f9:47:d3:15:e4:31:f1:43:f3:22:b0:5c:f3:ac:
b6:0b:93:13:54:d9:d2:83:4b:fc:53:5f:2f:10:2c:
20:f4:05:7b:54:87:49:b9:ca:b6:1a:13:e3:db:91:
6e:44:af:55:e6:9a:57:b0:04:86:d4:4a:06:02:a2:
04:e2:5d:ea:a1:40:bf:d6:99:68:9e:f6:1f:ae:c2:
df:62:56:f4:3f:9c:13:4b:e6:ac:41:1a:79:3b:97:
be:38:33:d6:b5:5b:9f:62:62:05:72:3c:17:82:58:
35:1a:51:27:c5:77:63:57:b1:da:55:5e:25:f6:d6:
cb:f1:75:97:18:13:00:81:1f:f1:9c:e4:18:cb:80:
08:e7:e3:65:bf:f6:31:af:12:0d:25:67:f0:07:6f:
9d:fd:75:ad:ca:d7:98:86:03:e5:c8:71:f6:b4:19:
0a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:7B:D1:3A:64:00:3A:02:DB:C5:0E:C8:99:DE:E2:D5:4A:F6:1B:D3
X509v3 Authority Key Identifier:
keyid:38:00:99:A8:1B:34:6F:9A:BC:AF:26:05:6F:5B:77:09:4D:1C:F1:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OACZqBs0b5q8ryYFb1t3CU0c8RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/R3vROmQAOgLbxQ7Imd7i1Ur2G9M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/8e501d-c088-4895-aee3-450fe33595d1/1/OACZqBs0b5q8ryYFb1t3CU0c8RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.243.224.0/21
Signature Algorithm: sha256WithRSAEncryption
3c:2f:51:04:09:fb:bf:1c:f9:c2:3d:e9:aa:78:74:3e:27:2b:
80:00:f1:a5:36:68:8c:48:f4:f5:14:29:4a:e7:18:f9:05:75:
c1:ac:f5:53:58:00:9a:b8:19:ec:b1:ee:e1:58:02:f6:be:ce:
58:0e:09:b7:9c:4d:af:80:e3:48:8b:31:3f:6e:37:de:2c:b0:
1f:65:42:69:df:5c:bf:fc:88:3f:54:16:c1:19:61:88:6a:9a:
63:97:f9:55:0c:89:b2:b7:1d:00:b2:c6:bf:03:f3:47:d3:2c:
96:92:34:30:65:41:94:0d:39:25:ac:30:01:fc:e2:de:5a:eb:
bd:ed:86:f2:13:f7:35:28:39:05:ec:4b:83:59:25:85:57:94:
be:0a:8b:0c:20:e6:ac:89:42:97:bf:a1:46:45:84:ce:6a:2a:
6b:16:6f:38:96:55:5e:0f:f0:94:46:e1:5c:b8:7d:42:30:6b:
65:7f:b2:5f:c3:df:ee:a4:d0:94:c5:b0:ab:7a:fc:9a:9c:6f:
de:97:6b:96:b8:3d:cc:ba:80:3a:44:d9:da:55:55:52:2a:9b:
08:67:8d:3f:bf:54:80:6c:ab:ee:17:ba:82:2f:d8:28:11:7c:
92:79:d8:16:a8:c4:ef:63:4d:87:b1:d2:b9:1f:bf:e0:ac:f1:
5a:86:4c:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKlup7j8ZJUQfWcr6U6HndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MDA5OWE4MWIzNDZmOWFiY2FmMjYwNTZmNWI3NzA5NGQx
Y2YxMTMwHhcNMjQwMTAyMTQzMjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzdiZDEzYTY0MDAzYTAyZGJjNTBlYzg5OWRlZTJkNTRhZjYxYmQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjqYjAKs5Fr/t7h/j5AW1ZMApKOgE
3ygGcU6441zFR0tnqSaKNFV/dKSoJpCGMAp6+TKHsckSrs7CZESLjpSm0bVYrolO
rl4OIy0X7SFIapqddVueC0WHmYVI+UfTFeQx8UPzIrBc86y2C5MTVNnSg0v8U18v
ECwg9AV7VIdJucq2GhPj25FuRK9V5ppXsASG1EoGAqIE4l3qoUC/1plonvYfrsLf
Ylb0P5wTS+asQRp5O5e+ODPWtVufYmIFcjwXglg1GlEnxXdjV7HaVV4l9tbL8XWX
GBMAgR/xnOQYy4AI5+Nlv/YxrxINJWfwB2+d/XWtyteYhgPlyHH2tBkKwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEd70TpkADoC28UOyJne4tVK9hvTMB8GA1UdIwQY
MBaAFDgAmagbNG+avK8mBW9bdwlNHPETMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMt
NDUwZmUzMzU5NWQxLzEvUjN2Uk9tUUFPZ0xieFE3SW1kN2kxVXIyRzlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My84ZTUwMWQtYzA4OC00ODk1LWFlZTMtNDUwZmUzMzU5NWQx
LzEvT0FDWnFCczBiNXE4cnlZRmIxdDNDVTBjOFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXvPgMA0G
CSqGSIb3DQEBCwUAA4IBAQA8L1EECfu/HPnCPemqeHQ+JyuAAPGlNmiMSPT1FClK
5xj5BXXBrPVTWACauBnsse7hWAL2vs5YDgm3nE2vgONIizE/bjfeLLAfZUJp31y/
/Ig/VBbBGWGIappjl/lVDImytx0Assa/A/NH0yyWkjQwZUGUDTklrDAB/OLeWuu9
7YbyE/c1KDkF7EuDWSWFV5S+CosMIOasiUKXv6FGRYTOaiprFm84llVeD/CURuFc
uH1CMGtlf7Jfw9/upNCUxbCrevyanG/el2uWuD3MuoA6RNnaVVVSKpsIZ40/v1SA
bKvuF7qCL9goEXySedgWqMTvY02HsdK5H7/grPFahkw9
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:35:23 2024 by rpki-client on console-ams.rpki-client.org