Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/b83863-5f4b-42e3-b822-a0f00be3bce1/1/OvUKxOax2sAQ8w_8JGJzI2hOQeA.roa
File: OvUKxOax2sAQ8w_8JGJzI2hOQeA.roa (raw, json)
Hash identifier: BdbCSen5vGa1p3z39Jx/h4n0Te3tOkFSN4XHAjoFrSg=
Subject key identifier: 3A:F5:0A:C4:E6:B1:DA:C0:10:F3:0F:FC:24:62:73:23:68:4E:41:E0
Certificate issuer: /CN=999281e87d5e9b8758f240e78eef7102c4012189
Certificate serial: 018CC2DAF05E00CAA1A8A29C5C39D2B2DF7C
Authority key identifier: 99:92:81:E8:7D:5E:9B:87:58:F2:40:E7:8E:EF:71:02:C4:01:21:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZKB6H1em4dY8kDnju9xAsQBIYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/b83863-5f4b-42e3-b822-a0f00be3bce1/1/OvUKxOax2sAQ8w_8JGJzI2hOQeA.roa
Signing time: Mon 01 Jan 2024 02:29:37 +0000
ROA not before: Mon 01 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 680
IP address blocks: 141.54.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/b83863-5f4b-42e3-b822-a0f00be3bce1/1/mZKB6H1em4dY8kDnju9xAsQBIYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/b83863-5f4b-42e3-b822-a0f00be3bce1/1/mZKB6H1em4dY8kDnju9xAsQBIYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/mZKB6H1em4dY8kDnju9xAsQBIYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f0:5e:00:ca:a1:a8:a2:9c:5c:39:d2:b2:df:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999281e87d5e9b8758f240e78eef7102c4012189
Validity
Not Before: Jan 1 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3af50ac4e6b1dac010f30ffc24627323684e41e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:82:d7:f0:71:14:9e:f0:7a:c3:e0:15:cb:cb:
9a:f1:14:b2:2e:20:37:57:cc:58:9e:ac:66:41:01:
2b:b1:b6:08:cf:d1:05:25:33:de:18:8c:c1:43:a3:
70:59:68:02:c3:e1:ef:ba:21:4b:9b:ed:cf:e0:1c:
b8:68:fd:5d:6a:ec:70:bf:f1:99:e0:62:9b:9d:26:
0d:c5:37:f0:13:c5:23:ab:a5:13:83:93:f2:ab:70:
49:1b:bb:1a:26:37:94:b5:9a:fd:e1:c8:3e:17:2b:
3e:d6:fe:0c:2b:19:5f:a7:2b:c5:bd:19:fd:01:ed:
40:6c:b0:76:1e:a1:88:41:3e:8a:91:6c:20:e8:fd:
f8:a8:7f:91:9b:d1:7d:bb:55:27:80:35:96:ec:e4:
bf:60:05:08:68:03:64:12:f3:21:50:97:f6:99:6e:
68:6e:a5:8d:60:24:35:db:a2:c2:88:59:59:6b:c3:
56:66:d7:f3:49:e6:c7:cf:a1:1d:3c:16:f4:b1:00:
1e:ea:9c:27:fb:cd:d2:5a:19:0d:b7:12:35:5b:a1:
47:c5:54:a8:9f:e6:58:de:02:30:fa:fe:5d:81:2e:
81:3c:4a:7d:9e:4d:82:10:ff:3f:f9:1c:f6:17:67:
ec:29:a2:32:37:3f:f8:41:01:bd:cc:e9:09:70:cd:
7b:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F5:0A:C4:E6:B1:DA:C0:10:F3:0F:FC:24:62:73:23:68:4E:41:E0
X509v3 Authority Key Identifier:
keyid:99:92:81:E8:7D:5E:9B:87:58:F2:40:E7:8E:EF:71:02:C4:01:21:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZKB6H1em4dY8kDnju9xAsQBIYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b83863-5f4b-42e3-b822-a0f00be3bce1/1/OvUKxOax2sAQ8w_8JGJzI2hOQeA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b83863-5f4b-42e3-b822-a0f00be3bce1/1/mZKB6H1em4dY8kDnju9xAsQBIYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.54.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:00:39:40:d2:e1:10:95:be:d2:0b:21:92:7a:73:4b:b0:79:
22:e0:22:c8:75:3f:0e:bb:df:83:2b:ac:d6:9a:9c:60:02:73:
57:17:78:6a:c3:93:3a:28:0f:9c:ae:12:1e:b8:62:af:ef:ab:
1c:3e:a3:5e:77:fa:f7:f5:5a:87:30:21:28:78:62:e4:64:c6:
ab:60:f0:97:ec:0b:6e:c3:c9:b0:d1:f3:71:7c:c6:70:c3:18:
60:36:df:4b:18:5e:c8:32:75:4d:3c:6b:3f:a2:84:0e:d4:c2:
ef:1d:f7:70:c8:12:1d:50:6e:7f:33:38:57:6e:9a:66:90:3c:
02:62:91:a6:9d:6a:cd:27:1d:c9:41:44:c1:d4:bd:aa:67:d2:
d1:4e:b9:27:8c:8d:9c:cb:e6:16:5d:9b:fe:1c:73:01:9a:17:
2b:9d:12:5f:6e:d7:dd:7f:9e:37:16:f8:e5:68:8f:aa:30:34:
f0:1e:e4:61:7e:7c:dc:f9:98:df:92:69:ac:64:de:ff:4f:85:
de:cf:98:6a:2c:23:c8:a4:bc:e8:f6:03:7e:3d:2f:50:f7:36:
38:a8:4c:24:9f:e6:91:a2:45:25:75:67:f3:08:2c:02:b6:52:
fe:1e:5c:b7:a7:99:23:48:77:7a:11:5e:71:21:d2:dc:c5:1f:
f6:d6:7c:83
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzC2vBeAMqhqKKcXDnSst98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OTI4MWU4N2Q1ZTliODc1OGYyNDBlNzhlZWY3MTAyYzQw
MTIxODkwHhcNMjQwMTAxMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWY1MGFjNGU2YjFkYWMwMTBmMzBmZmMyNDYyNzMyMzY4NGU0MWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34LX8HEUnvB6w+AVy8ua8RSyLiA3
V8xYnqxmQQErsbYIz9EFJTPeGIzBQ6NwWWgCw+HvuiFLm+3P4By4aP1dauxwv/GZ
4GKbnSYNxTfwE8Ujq6UTg5Pyq3BJG7saJjeUtZr94cg+Fys+1v4MKxlfpyvFvRn9
Ae1AbLB2HqGIQT6KkWwg6P34qH+Rm9F9u1UngDWW7OS/YAUIaANkEvMhUJf2mW5o
bqWNYCQ126LCiFlZa8NWZtfzSebHz6EdPBb0sQAe6pwn+83SWhkNtxI1W6FHxVSo
n+ZY3gIw+v5dgS6BPEp9nk2CEP8/+Rz2F2fsKaIyNz/4QQG9zOkJcM17+QIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDr1CsTmsdrAEPMP/CRicyNoTkHgMB8GA1UdIwQY
MBaAFJmSgeh9XpuHWPJA547vcQLEASGJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVpLQjZIMWVtNGRZOGtEbmp1OXhBc1FCSVlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iODM4NjMtNWY0Yi00MmUzLWI4MjIt
YTBmMDBiZTNiY2UxLzEvT3ZVS3hPYXgyc0FROHdfOEpHSnpJMmhPUWVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iODM4NjMtNWY0Yi00MmUzLWI4MjItYTBmMDBiZTNiY2Ux
LzEvbVpLQjZIMWVtNGRZOGtEbmp1OXhBc1FCSVlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAjTYwDQYJ
KoZIhvcNAQELBQADggEBAFQAOUDS4RCVvtILIZJ6c0uweSLgIsh1Pw6734MrrNaa
nGACc1cXeGrDkzooD5yuEh64Yq/vqxw+o153+vf1WocwISh4YuRkxqtg8JfsC27D
ybDR83F8xnDDGGA230sYXsgydU08az+ihA7Uwu8d93DIEh1Qbn8zOFdummaQPAJi
kaadas0nHclBRMHUvapn0tFOuSeMjZzL5hZdm/4ccwGaFyudEl9u191/njcW+OVo
j6owNPAe5GF+fNz5mN+Saaxk3v9Phd7PmGosI8ikvOj2A349L1D3NjioTCSf5pGi
RSV1Z/MILAK2Uv4eXLenmSNId3oRXnEh0tzFH/bWfIM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:12:13 2024 by rpki-client on console-fra.rpki-client.org