Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/892193-9ed9-4447-8402-f2c67eca3e5b/1/oJtlSUklYwlcuIQQPn9xtxCqyFA.roa
File: oJtlSUklYwlcuIQQPn9xtxCqyFA.roa (raw, json)
Hash identifier: HYXPibD15zwOoE4+CcQ9qe6AUc9C3OIS0iXJP0me7ts=
Subject key identifier: A0:9B:65:49:49:25:63:09:5C:B8:84:10:3E:7F:71:B7:10:AA:C8:50
Certificate issuer: /CN=a92b2440a7c7a2dfcf2e4216da8a3bde68b9b898
Certificate serial: 018CC348C20E70F4622CF957D267D1DF8150
Authority key identifier: A9:2B:24:40:A7:C7:A2:DF:CF:2E:42:16:DA:8A:3B:DE:68:B9:B8:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qSskQKfHot_PLkIW2oo73mi5uJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/892193-9ed9-4447-8402-f2c67eca3e5b/1/oJtlSUklYwlcuIQQPn9xtxCqyFA.roa
Signing time: Mon 01 Jan 2024 04:29:34 +0000
ROA not before: Mon 01 Jan 2024 04:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51088
IP address blocks: 193.108.238.0/24 maxlen: 24
91.213.13.0/24 maxlen: 24
2001:67c:1064::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/892193-9ed9-4447-8402-f2c67eca3e5b/1/qSskQKfHot_PLkIW2oo73mi5uJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/892193-9ed9-4447-8402-f2c67eca3e5b/1/qSskQKfHot_PLkIW2oo73mi5uJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/qSskQKfHot_PLkIW2oo73mi5uJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:c2:0e:70:f4:62:2c:f9:57:d2:67:d1:df:81:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a92b2440a7c7a2dfcf2e4216da8a3bde68b9b898
Validity
Not Before: Jan 1 04:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a09b6549492563095cb884103e7f71b710aac850
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:b0:c4:16:2e:41:34:85:52:97:c8:9d:20:54:
db:89:e5:91:13:73:07:0e:bf:ab:83:e8:54:83:05:
ea:df:70:bc:2c:15:c2:e0:89:72:8e:de:c0:c3:65:
ac:d0:ab:ad:79:e3:c3:d0:b0:b4:84:d0:43:4f:2d:
de:8e:c3:03:c9:aa:cf:3b:0d:3a:52:6d:61:d4:10:
9d:77:ba:f0:ff:e4:c5:24:7c:ac:b9:89:de:20:fd:
ed:48:f3:45:86:22:04:68:75:84:29:da:a9:65:4c:
de:41:fa:57:37:86:09:11:21:fe:0e:09:70:3e:6d:
9b:8e:2d:85:54:da:9d:72:ed:af:68:e0:84:28:c6:
23:76:2d:e6:45:0c:87:12:cf:de:41:02:49:a5:da:
9e:df:a3:ec:07:1e:78:1f:c1:eb:92:19:d6:92:a5:
37:ad:1b:63:76:8e:ad:65:4a:e3:5f:6a:06:8c:08:
71:d7:3f:d6:54:73:8e:5a:72:02:34:47:b3:dc:a5:
4b:aa:30:24:e9:c3:e4:25:f0:1b:91:be:d0:69:9e:
17:2e:de:c9:8c:88:de:81:d9:3c:e5:51:68:28:06:
4a:4f:7a:53:99:62:82:7e:99:89:f9:e1:48:a5:44:
c0:00:70:d6:29:e0:d3:b3:cc:1c:fb:b5:82:b2:63:
f5:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:9B:65:49:49:25:63:09:5C:B8:84:10:3E:7F:71:B7:10:AA:C8:50
X509v3 Authority Key Identifier:
keyid:A9:2B:24:40:A7:C7:A2:DF:CF:2E:42:16:DA:8A:3B:DE:68:B9:B8:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qSskQKfHot_PLkIW2oo73mi5uJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/892193-9ed9-4447-8402-f2c67eca3e5b/1/oJtlSUklYwlcuIQQPn9xtxCqyFA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/892193-9ed9-4447-8402-f2c67eca3e5b/1/qSskQKfHot_PLkIW2oo73mi5uJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.213.13.0/24
193.108.238.0/24
IPv6:
2001:67c:1064::/48
Signature Algorithm: sha256WithRSAEncryption
87:c0:f7:c0:e8:38:12:41:b0:f2:ec:bc:8c:e2:3d:85:65:56:
47:08:4b:31:ad:d0:b4:6e:a8:3f:d1:51:54:d9:20:c2:96:7a:
58:97:6e:b8:22:32:be:2b:7c:b0:5d:01:10:ee:73:2a:06:5d:
62:d2:dd:b2:c0:29:a2:d8:d6:39:ee:1c:5b:c1:4d:29:b7:57:
63:14:5d:9e:8e:1a:50:45:01:ae:90:29:25:99:98:65:0d:0b:
20:3f:8b:46:bb:c9:c0:dc:8e:4d:54:af:91:6f:2a:94:8f:7f:
f0:71:6a:e8:8e:79:e4:84:bf:36:4b:d4:8e:98:ae:1a:de:79:
06:ba:d1:a3:8b:7a:5d:98:fe:6c:c5:95:41:42:9c:57:09:c1:
2d:27:3c:71:b9:c3:99:e2:3a:6e:75:ee:c4:9e:b9:7e:5d:cf:
aa:6e:77:0a:9d:43:6f:bc:b3:a5:2b:43:59:a4:68:8c:23:bc:
74:56:fe:03:9b:7a:07:27:46:ad:57:44:18:eb:e9:b1:39:01:
36:72:2a:68:e5:0d:cc:4b:55:85:a0:e7:be:9c:04:ef:66:35:
fd:c8:09:57:ad:a4:44:b6:3a:77:9f:69:58:6f:29:b3:73:b6:
9c:c6:9b:ce:76:f3:9a:a8:98:2a:ed:68:bd:26:01:71:69:58:
fa:75:4a:19
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDSMIOcPRiLPlX0mfR34FQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MmIyNDQwYTdjN2EyZGZjZjJlNDIxNmRhOGEzYmRlNjhi
OWI4OTgwHhcNMjQwMTAxMDQyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDliNjU0OTQ5MjU2MzA5NWNiODg0MTAzZTdmNzFiNzEwYWFjODUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg7DEFi5BNIVSl8idIFTbieWRE3MH
Dr+rg+hUgwXq33C8LBXC4Ilyjt7Aw2Ws0KuteePD0LC0hNBDTy3ejsMDyarPOw06
Um1h1BCdd7rw/+TFJHysuYneIP3tSPNFhiIEaHWEKdqpZUzeQfpXN4YJESH+Dglw
Pm2bji2FVNqdcu2vaOCEKMYjdi3mRQyHEs/eQQJJpdqe36PsBx54H8HrkhnWkqU3
rRtjdo6tZUrjX2oGjAhx1z/WVHOOWnICNEez3KVLqjAk6cPkJfAbkb7QaZ4XLt7J
jIjegdk85VFoKAZKT3pTmWKCfpmJ+eFIpUTAAHDWKeDTs8wc+7WCsmP1YQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKCbZUlJJWMJXLiEED5/cbcQqshQMB8GA1UdIwQY
MBaAFKkrJECnx6Lfzy5CFtqKO95oubiYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVNza1FLZkhvdF9QTGtJVzJvbzczbWk1dUpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS84OTIxOTMtOWVkOS00NDQ3LTg0MDIt
ZjJjNjdlY2EzZTViLzEvb0p0bFNVa2xZd2xjdUlRUVBuOXh0eENxeUZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS84OTIxOTMtOWVkOS00NDQ3LTg0MDItZjJjNjdlY2EzZTVi
LzEvcVNza1FLZkhvdF9QTGtJVzJvbzczbWk1dUpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAW9UNAwQA
wWzuMA8EAgACMAkDBwAgAQZ8EGQwDQYJKoZIhvcNAQELBQADggEBAIfA98DoOBJB
sPLsvIziPYVlVkcISzGt0LRuqD/RUVTZIMKWeliXbrgiMr4rfLBdARDucyoGXWLS
3bLAKaLY1jnuHFvBTSm3V2MUXZ6OGlBFAa6QKSWZmGUNCyA/i0a7ycDcjk1Ur5Fv
KpSPf/BxauiOeeSEvzZL1I6YrhreeQa60aOLel2Y/mzFlUFCnFcJwS0nPHG5w5ni
Om517sSeuX5dz6pudwqdQ2+8s6UrQ1mkaIwjvHRW/gObegcnRq1XRBjr6bE5ATZy
KmjlDcxLVYWg576cBO9mNf3ICVetpES2OnefaVhvKbNztpzGm85285qomCrtaL0m
AXFpWPp1Shk=
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:52:24 2024 by rpki-client on console-fra.rpki-client.org