Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/49a32d-d0f2-481a-9791-c9a49f70e23b/1/Opzi26JjfjfXOCUBX5GPknC-tM8.roa
File: Opzi26JjfjfXOCUBX5GPknC-tM8.roa (raw, json)
Hash identifier: Wk5MtBqy4YOqMks1prMolYMdunylGV+fLUCMS8c/nvc=
Subject key identifier: 3A:9C:E2:DB:A2:63:7E:37:D7:38:25:01:5F:91:8F:92:70:BE:B4:CF
Certificate issuer: /CN=b7151f194a3e524c82c677b8e132058143c8ebee
Certificate serial: 018CC5DC01745C9794751F791C3DD734985F
Authority key identifier: B7:15:1F:19:4A:3E:52:4C:82:C6:77:B8:E1:32:05:81:43:C8:EB:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/txUfGUo-UkyCxne44TIFgUPI6-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/49a32d-d0f2-481a-9791-c9a49f70e23b/1/Opzi26JjfjfXOCUBX5GPknC-tM8.roa
Signing time: Mon 01 Jan 2024 16:29:38 +0000
ROA not before: Mon 01 Jan 2024 16:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21293
IP address blocks: 160.68.0.0/16 maxlen: 16
185.97.188.0/22 maxlen: 24
160.67.0.0/16 maxlen: 16
2a00:f980::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/49a32d-d0f2-481a-9791-c9a49f70e23b/1/txUfGUo-UkyCxne44TIFgUPI6-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/49a32d-d0f2-481a-9791-c9a49f70e23b/1/txUfGUo-UkyCxne44TIFgUPI6-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/txUfGUo-UkyCxne44TIFgUPI6-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 13:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:01:74:5c:97:94:75:1f:79:1c:3d:d7:34:98:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b7151f194a3e524c82c677b8e132058143c8ebee
Validity
Not Before: Jan 1 16:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a9ce2dba2637e37d73825015f918f9270beb4cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:2a:76:33:98:02:8c:fe:09:8f:3c:77:50:a5:
99:28:e9:a9:a6:95:8b:3a:81:d0:fb:0d:ee:76:60:
9a:f9:46:b6:ee:34:d2:84:8b:85:49:8f:f6:11:08:
0d:c5:a7:c3:32:7f:0c:1e:05:d1:d4:47:fc:a4:e9:
05:7b:7b:5f:fa:b1:85:46:9a:b1:ee:64:ae:85:a1:
e5:a5:2e:62:5e:e4:b6:e7:65:ba:ed:1d:40:a0:8f:
09:dd:dc:19:71:ab:c5:09:52:19:f2:98:94:29:43:
54:c4:5d:be:57:be:02:c9:43:be:e1:f5:43:18:ac:
f3:7c:fc:68:31:1a:0c:12:f8:81:15:dc:a7:e3:80:
b9:07:fe:28:c9:e2:bf:69:cc:a8:e6:ea:4d:c1:77:
cc:40:5f:33:52:bb:8b:da:db:a3:b5:52:13:1f:34:
ae:70:15:1d:d0:38:21:87:38:d6:78:74:b2:ce:34:
ff:49:b7:69:45:1a:4d:8a:28:86:75:e4:0d:81:9d:
97:27:2d:56:19:7d:96:a6:7b:0c:91:41:08:d8:47:
7c:00:ad:34:ca:79:23:ad:f8:14:2f:16:27:a7:77:
c0:28:d6:ba:3f:d2:57:65:80:18:ad:68:1e:c2:71:
8a:2b:0d:03:39:08:40:8c:c4:c4:39:8c:3e:da:75:
76:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9C:E2:DB:A2:63:7E:37:D7:38:25:01:5F:91:8F:92:70:BE:B4:CF
X509v3 Authority Key Identifier:
keyid:B7:15:1F:19:4A:3E:52:4C:82:C6:77:B8:E1:32:05:81:43:C8:EB:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/txUfGUo-UkyCxne44TIFgUPI6-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/49a32d-d0f2-481a-9791-c9a49f70e23b/1/Opzi26JjfjfXOCUBX5GPknC-tM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/49a32d-d0f2-481a-9791-c9a49f70e23b/1/txUfGUo-UkyCxne44TIFgUPI6-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.67.0.0-160.68.255.255
185.97.188.0/22
IPv6:
2a00:f980::/32
Signature Algorithm: sha256WithRSAEncryption
73:1f:80:ae:a8:68:0f:62:f3:e7:98:17:a8:33:8f:b3:28:49:
52:42:f6:82:42:2e:d6:2b:49:5e:5a:b6:6c:30:7d:48:e4:99:
fb:c8:78:ad:3b:67:a2:e6:d7:49:1e:8e:df:f1:cf:5b:e5:85:
fd:c9:b0:c9:9e:2e:e9:ff:58:fa:35:ab:67:78:05:ff:a3:93:
fa:99:81:f1:eb:6d:21:18:9d:2a:0d:67:61:1c:dd:53:b8:4e:
6c:8a:47:f1:e9:c1:45:b1:e4:45:91:5b:cc:4d:e1:66:47:41:
9a:78:59:cf:6c:35:7f:e1:12:f8:c4:c9:2a:fb:a9:41:09:ce:
01:f2:5b:fe:43:9d:f3:e2:f2:4e:77:69:74:92:15:c6:a8:83:
b6:4f:9f:9d:c8:e7:c6:5d:f1:ef:f2:c7:d5:c8:24:ab:51:e4:
34:3a:1f:44:ff:7b:9b:e3:61:9e:c1:31:d5:ed:ea:b4:a4:ef:
79:50:53:5f:db:f7:52:a0:6e:28:02:e4:7d:f6:f0:93:c9:f4:
0f:40:3f:d1:62:b9:71:6c:6a:8e:7b:b9:1f:fc:b1:49:56:96:
86:96:ba:41:17:53:d8:a7:ac:44:70:30:36:8a:5e:a5:72:33:
9f:ba:f8:68:bd:81:fa:d8:ad:90:9f:70:19:a6:8f:14:c7:ce:
d2:31:44:54
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzF3AF0XJeUdR95HD3XNJhfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3MTUxZjE5NGEzZTUyNGM4MmM2NzdiOGUxMzIwNTgxNDNj
OGViZWUwHhcNMjQwMTAxMTYyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTljZTJkYmEyNjM3ZTM3ZDczODI1MDE1ZjkxOGY5MjcwYmViNGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmyp2M5gCjP4Jjzx3UKWZKOmpppWL
OoHQ+w3udmCa+Ua27jTShIuFSY/2EQgNxafDMn8MHgXR1Ef8pOkFe3tf+rGFRpqx
7mSuhaHlpS5iXuS252W67R1AoI8J3dwZcavFCVIZ8piUKUNUxF2+V74CyUO+4fVD
GKzzfPxoMRoMEviBFdyn44C5B/4oyeK/acyo5upNwXfMQF8zUruL2tujtVITHzSu
cBUd0DghhzjWeHSyzjT/SbdpRRpNiiiGdeQNgZ2XJy1WGX2WpnsMkUEI2Ed8AK00
ynkjrfgULxYnp3fAKNa6P9JXZYAYrWgewnGKKw0DOQhAjMTEOYw+2nV2UQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDqc4tuiY3431zglAV+Rj5JwvrTPMB8GA1UdIwQY
MBaAFLcVHxlKPlJMgsZ3uOEyBYFDyOvuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHhVZkdVby1Va3lDeG5lNDRUSUZnVVBJNi00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni80OWEzMmQtZDBmMi00ODFhLTk3OTEt
YzlhNDlmNzBlMjNiLzEvT3B6aTI2SmpmamZYT0NVQlg1R1BrbkMtdE04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni80OWEzMmQtZDBmMi00ODFhLTk3OTEtYzlhNDlmNzBlMjNi
LzEvdHhVZkdVby1Va3lDeG5lNDRUSUZnVVBJNi00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASMAoDAwCgQwMD
AKBEAwQCuWG8MA0EAgACMAcDBQAqAPmAMA0GCSqGSIb3DQEBCwUAA4IBAQBzH4Cu
qGgPYvPnmBeoM4+zKElSQvaCQi7WK0leWrZsMH1I5Jn7yHitO2ei5tdJHo7f8c9b
5YX9ybDJni7p/1j6NatneAX/o5P6mYHx620hGJ0qDWdhHN1TuE5sikfx6cFFseRF
kVvMTeFmR0GaeFnPbDV/4RL4xMkq+6lBCc4B8lv+Q53z4vJOd2l0khXGqIO2T5+d
yOfGXfHv8sfVyCSrUeQ0Oh9E/3ub42GewTHV7eq0pO95UFNf2/dSoG4oAuR99vCT
yfQPQD/RYrlxbGqOe7kf/LFJVpaGlrpBF1PYp6xEcDA2il6lcjOfuvhovYH62K2Q
n3AZpo8Ux87SMURU
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:31:08 2024 by rpki-client on console-fra.rpki-client.org