Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/30eaee-1ad7-4e73-a4dc-8ae51f62d218/1/OcjeEF1cx3-T_0CBYW-ToyTdsrc.roa
File: OcjeEF1cx3-T_0CBYW-ToyTdsrc.roa (raw, json)
Hash identifier: rjc3VQIgfHpuemExSnHpB3AE3/GdW36cubSi6Y9wqY0=
Subject key identifier: 39:C8:DE:10:5D:5C:C7:7F:93:FF:40:81:61:6F:93:A3:24:DD:B2:B7
Certificate issuer: /CN=75b345562d5718b6c4b206b1ae304fc68436adb2
Certificate serial: 018CC26D59210C40247F8AE27FA8B2BD7876
Authority key identifier: 75:B3:45:56:2D:57:18:B6:C4:B2:06:B1:AE:30:4F:C6:84:36:AD:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dbNFVi1XGLbEsgaxrjBPxoQ2rbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/30eaee-1ad7-4e73-a4dc-8ae51f62d218/1/OcjeEF1cx3-T_0CBYW-ToyTdsrc.roa
Signing time: Mon 01 Jan 2024 00:29:55 +0000
ROA not before: Mon 01 Jan 2024 00:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28795
IP address blocks: 144.127.3.0/24 maxlen: 24
144.127.0.0/16 maxlen: 16
144.127.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/30eaee-1ad7-4e73-a4dc-8ae51f62d218/1/dbNFVi1XGLbEsgaxrjBPxoQ2rbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/30eaee-1ad7-4e73-a4dc-8ae51f62d218/1/dbNFVi1XGLbEsgaxrjBPxoQ2rbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dbNFVi1XGLbEsgaxrjBPxoQ2rbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:59:21:0c:40:24:7f:8a:e2:7f:a8:b2:bd:78:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75b345562d5718b6c4b206b1ae304fc68436adb2
Validity
Not Before: Jan 1 00:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39c8de105d5cc77f93ff4081616f93a324ddb2b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:ea:f1:73:4f:ba:bf:d8:a9:15:1d:d9:e2:69:
a9:1d:0b:3f:be:db:85:b7:66:50:e8:f7:e4:1a:94:
46:0d:8b:b7:56:20:a4:d7:d3:99:a7:d0:b4:53:6a:
cb:32:e5:78:24:4b:81:b6:f6:66:67:fe:77:78:db:
d7:46:ca:2a:89:ed:61:90:2d:f0:eb:33:10:07:94:
9a:61:27:74:4f:8c:51:d4:c6:bc:31:09:91:80:b3:
c7:4d:7a:0b:0f:9e:f9:40:a8:8b:12:ca:3e:9d:4b:
77:08:4a:f6:9f:9f:4a:19:9c:9a:24:2e:e9:d8:54:
6a:60:aa:01:be:24:a4:19:35:33:10:c7:07:d7:2b:
06:b4:82:d1:63:29:b6:d1:10:64:af:2e:09:d6:9d:
07:79:d7:e0:72:b8:7d:fc:b8:94:9c:eb:35:09:b6:
7c:91:b8:3b:f6:52:7f:b5:ae:91:b1:9b:c5:0b:f5:
21:d4:7d:4b:d3:68:d0:72:55:61:56:d0:f1:c5:2e:
20:4e:48:13:73:cd:1e:ff:e6:f1:d3:ad:52:06:36:
a8:41:33:cb:ff:f2:5f:59:2f:55:c3:9d:a8:77:e8:
b1:f7:35:02:a7:6c:9b:24:22:41:dc:70:a2:9e:de:
3a:3e:09:68:16:0c:36:52:e9:56:d8:d8:68:c0:77:
c6:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C8:DE:10:5D:5C:C7:7F:93:FF:40:81:61:6F:93:A3:24:DD:B2:B7
X509v3 Authority Key Identifier:
keyid:75:B3:45:56:2D:57:18:B6:C4:B2:06:B1:AE:30:4F:C6:84:36:AD:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dbNFVi1XGLbEsgaxrjBPxoQ2rbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/30eaee-1ad7-4e73-a4dc-8ae51f62d218/1/OcjeEF1cx3-T_0CBYW-ToyTdsrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/30eaee-1ad7-4e73-a4dc-8ae51f62d218/1/dbNFVi1XGLbEsgaxrjBPxoQ2rbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.127.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8a:fc:4c:20:2d:bf:b9:9e:bd:c0:69:a2:bf:70:0c:a1:e7:1f:
b2:c6:30:16:fe:0a:e8:ac:bf:5d:dd:bd:08:03:be:50:88:78:
d2:f1:5c:9e:96:ca:8a:26:0e:71:1b:4d:dc:16:16:f7:31:e0:
17:48:96:a3:1a:f2:e8:c8:6a:b0:86:a6:cf:bb:80:72:c1:ef:
37:89:e5:b0:e0:58:79:c9:5c:53:6b:32:a4:ad:51:dd:1e:4c:
8f:9a:ed:2d:81:97:51:d1:70:2f:66:55:6f:a8:7c:84:7d:64:
8a:ac:f1:a0:3e:d7:62:ff:37:87:40:01:ad:74:b0:ed:10:fa:
ca:ca:51:6d:c9:7d:81:23:76:1c:39:e1:cb:48:64:6d:af:63:
ff:1e:be:bb:89:f4:9e:e0:41:9e:36:60:33:ea:24:de:f3:68:
7c:dc:76:d7:29:c2:5b:de:a5:7a:1b:f8:8f:fc:64:1c:d3:c2:
14:63:91:80:3e:62:40:d9:50:23:6e:28:da:f3:9f:9d:5e:bc:
ee:2e:b3:e7:90:b6:53:69:9a:7c:05:15:66:e8:5f:5b:1b:8d:
e4:07:e5:ea:34:93:11:ef:9a:6d:b1:2d:a0:ab:af:bf:f1:01:
36:9c:ec:55:35:dc:2e:53:a2:14:68:0b:b9:08:8d:99:f1:df:
ea:5c:c4:02
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzCbVkhDEAkf4rif6iyvXh2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1YjM0NTU2MmQ1NzE4YjZjNGIyMDZiMWFlMzA0ZmM2ODQz
NmFkYjIwHhcNMjQwMTAxMDAyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWM4ZGUxMDVkNWNjNzdmOTNmZjQwODE2MTZmOTNhMzI0ZGRiMmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgerxc0+6v9ipFR3Z4mmpHQs/vtuF
t2ZQ6PfkGpRGDYu3ViCk19OZp9C0U2rLMuV4JEuBtvZmZ/53eNvXRsoqie1hkC3w
6zMQB5SaYSd0T4xR1Ma8MQmRgLPHTXoLD575QKiLEso+nUt3CEr2n59KGZyaJC7p
2FRqYKoBviSkGTUzEMcH1ysGtILRYym20RBkry4J1p0Hedfgcrh9/LiUnOs1CbZ8
kbg79lJ/ta6RsZvFC/Uh1H1L02jQclVhVtDxxS4gTkgTc80e/+bx061SBjaoQTPL
//JfWS9Vw52od+ix9zUCp2ybJCJB3HCint46PgloFgw2UulW2NhowHfGBQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFDnI3hBdXMd/k/9AgWFvk6Mk3bK3MB8GA1UdIwQY
MBaAFHWzRVYtVxi2xLIGsa4wT8aENq2yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGJORlZpMVhHTGJFc2dheHJqQlB4b1EycmJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8zMGVhZWUtMWFkNy00ZTczLWE0ZGMt
OGFlNTFmNjJkMjE4LzEvT2NqZUVGMWN4My1UXzBDQllXLVRveVRkc3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8zMGVhZWUtMWFkNy00ZTczLWE0ZGMtOGFlNTFmNjJkMjE4
LzEvZGJORlZpMVhHTGJFc2dheHJqQlB4b1EycmJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkH8wDQYJ
KoZIhvcNAQELBQADggEBAIr8TCAtv7mevcBpor9wDKHnH7LGMBb+Cuisv13dvQgD
vlCIeNLxXJ6WyoomDnEbTdwWFvcx4BdIlqMa8ujIarCGps+7gHLB7zeJ5bDgWHnJ
XFNrMqStUd0eTI+a7S2Bl1HRcC9mVW+ofIR9ZIqs8aA+12L/N4dAAa10sO0Q+srK
UW3JfYEjdhw54ctIZG2vY/8evruJ9J7gQZ42YDPqJN7zaHzcdtcpwlvepXob+I/8
ZBzTwhRjkYA+YkDZUCNuKNrzn51evO4us+eQtlNpmnwFFWboX1sbjeQH5eo0kxHv
mm2xLaCrr7/xATac7FU13C5TohRoC7kIjZnx3+pcxAI=
-----END CERTIFICATE-----
Generated at Fri Jun 7 18:13:07 2024 by rpki-client on console-fra.rpki-client.org