Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/OHWDENxiwHUHcGpgbk08K1UT8-o.roa
File: OHWDENxiwHUHcGpgbk08K1UT8-o.roa (raw, json)
Hash identifier: X1tpsVlJz+V4XoCcuFZ23Xvt78PJPBqwL75tsKfUzro=
Subject key identifier: 38:75:83:10:DC:62:C0:75:07:70:6A:60:6E:4D:3C:2B:55:13:F3:EA
Certificate issuer: /CN=02df81268829301f3d69eb96f8ac617fa25256a1
Certificate serial: 018CC6B9091744861C9000477F5FBECEB1D4
Authority key identifier: 02:DF:81:26:88:29:30:1F:3D:69:EB:96:F8:AC:61:7F:A2:52:56:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/At-BJogpMB89aeuW-Kxhf6JSVqE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/OHWDENxiwHUHcGpgbk08K1UT8-o.roa
Signing time: Mon 01 Jan 2024 20:31:04 +0000
ROA not before: Mon 01 Jan 2024 20:31:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47638
IP address blocks: 91.229.174.0/23 maxlen: 24
91.237.197.0/24 maxlen: 24
185.59.204.0/22 maxlen: 24
23.90.64.0/22 maxlen: 24
2a02:6da0::/32 maxlen: 32
2001:67c:248c::/48 maxlen: 48
2a02:6da0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/At-BJogpMB89aeuW-Kxhf6JSVqE.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/At-BJogpMB89aeuW-Kxhf6JSVqE.mft
rsync://rpki.ripe.net/repository/DEFAULT/At-BJogpMB89aeuW-Kxhf6JSVqE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 May 2024 16:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:09:17:44:86:1c:90:00:47:7f:5f:be:ce:b1:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02df81268829301f3d69eb96f8ac617fa25256a1
Validity
Not Before: Jan 1 20:31:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38758310dc62c07507706a606e4d3c2b5513f3ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:2e:92:c9:ea:7b:af:5e:a7:45:3b:df:c0:7d:
5b:96:66:d7:15:35:7d:a4:01:16:89:f1:39:87:c4:
0c:e2:b2:04:a0:bc:20:24:6e:e6:34:bd:e6:74:c0:
d8:f9:e2:dd:1d:9b:bb:02:f7:27:77:f1:e1:23:52:
e9:cc:da:6c:ee:b3:a8:a0:10:70:b4:16:4a:58:d6:
3b:46:89:3d:83:52:db:64:64:13:95:e2:d1:80:f0:
7a:a9:f5:f4:f5:8a:34:48:10:4d:64:d6:8e:73:21:
55:90:de:6d:17:29:77:36:d8:b6:5e:da:b0:0a:0f:
73:29:12:76:d7:b3:0e:5c:05:6e:09:d8:27:65:6f:
2d:b6:09:29:df:cf:d7:b4:f5:70:fb:78:c2:61:00:
f8:36:f4:99:72:25:79:4d:bd:1e:1e:f0:47:aa:f4:
15:84:55:77:d7:35:30:e1:2c:74:19:76:84:aa:ae:
3f:e2:6f:c9:e0:77:4a:6b:76:33:83:5b:71:db:c0:
f1:33:6f:5b:94:d8:86:b8:4f:b7:d9:34:8b:6b:b4:
53:38:28:28:36:47:06:a9:6d:7a:ff:ad:3e:49:b3:
b1:33:a8:12:dd:69:32:a1:f2:a3:c2:5a:df:74:87:
87:19:08:d8:5f:15:26:e0:05:9f:5b:9e:0a:af:bf:
b9:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:75:83:10:DC:62:C0:75:07:70:6A:60:6E:4D:3C:2B:55:13:F3:EA
X509v3 Authority Key Identifier:
keyid:02:DF:81:26:88:29:30:1F:3D:69:EB:96:F8:AC:61:7F:A2:52:56:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/At-BJogpMB89aeuW-Kxhf6JSVqE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/OHWDENxiwHUHcGpgbk08K1UT8-o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/061716-09c6-4838-b1cb-3e86d2c29969/1/At-BJogpMB89aeuW-Kxhf6JSVqE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.90.64.0/22
91.229.174.0/23
91.237.197.0/24
185.59.204.0/22
IPv6:
2001:67c:248c::/48
2a02:6da0::/29
Signature Algorithm: sha256WithRSAEncryption
7d:2c:ee:54:10:5c:79:36:91:c8:bb:4b:41:d2:84:ee:2e:65:
a2:57:b2:16:bc:84:2f:5f:07:3b:05:93:82:90:f5:ef:0f:20:
fa:e0:90:fd:3e:78:54:cf:56:df:2d:6f:73:90:89:5b:47:f0:
85:f9:ee:de:ff:70:4a:6f:52:8b:41:7e:4c:79:bb:03:a4:4d:
9e:c9:9d:f6:a2:d3:b9:1f:ee:5a:58:36:5d:b7:7c:27:4e:84:
76:e4:93:2d:fe:63:3a:6d:61:db:1f:76:12:bd:f0:ba:10:ea:
98:84:cb:19:64:17:f6:e1:c5:06:1f:2d:08:1a:49:20:a4:28:
f9:2e:12:8e:1f:f3:cc:b7:44:8a:26:79:e8:64:48:94:5b:71:
45:af:f1:88:7e:cc:b1:b5:bb:a6:68:fd:b3:02:01:a9:ae:44:
e4:b0:2e:2e:fc:10:04:05:56:cc:a2:4a:b0:0a:cf:cf:55:43:
75:b3:58:82:9a:06:55:60:8d:92:56:41:b7:79:5a:5d:0b:c6:
9f:ee:75:ac:80:f4:c8:5a:b2:c3:0c:2a:95:f2:2d:d9:31:52:
c9:f3:94:a5:48:ee:22:d7:7c:7e:c9:6e:32:2e:03:c7:ea:61:
7c:59:20:50:69:06:85:e0:ac:78:0c:d9:3c:3c:cb:07:33:84:
e7:7f:f2:68
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzGuQkXRIYckABHf1++zrHUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyZGY4MTI2ODgyOTMwMWYzZDY5ZWI5NmY4YWM2MTdmYTI1
MjU2YTEwHhcNMjQwMTAxMjAzMTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODc1ODMxMGRjNjJjMDc1MDc3MDZhNjA2ZTRkM2MyYjU1MTNmM2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9i6Syep7r16nRTvfwH1blmbXFTV9
pAEWifE5h8QM4rIEoLwgJG7mNL3mdMDY+eLdHZu7Avcnd/HhI1LpzNps7rOooBBw
tBZKWNY7Rok9g1LbZGQTleLRgPB6qfX09Yo0SBBNZNaOcyFVkN5tFyl3Nti2Xtqw
Cg9zKRJ217MOXAVuCdgnZW8ttgkp38/XtPVw+3jCYQD4NvSZciV5Tb0eHvBHqvQV
hFV31zUw4Sx0GXaEqq4/4m/J4HdKa3Yzg1tx28DxM29blNiGuE+32TSLa7RTOCgo
NkcGqW16/60+SbOxM6gS3WkyofKjwlrfdIeHGQjYXxUm4AWfW54Kr7+5cwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFDh1gxDcYsB1B3BqYG5NPCtVE/PqMB8GA1UdIwQY
MBaAFALfgSaIKTAfPWnrlvisYX+iUlahMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXQtQkpvZ3BNQjg5YWV1Vy1LeGhmNkpTVnFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8wNjE3MTYtMDljNi00ODM4LWIxY2It
M2U4NmQyYzI5OTY5LzEvT0hXREVOeGl3SFVIY0dwZ2JrMDhLMVVUOC1vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8wNjE3MTYtMDljNi00ODM4LWIxY2ItM2U4NmQyYzI5OTY5
LzEvQXQtQkpvZ3BNQjg5YWV1Vy1LeGhmNkpTVnFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAeBAIAATAYAwQCF1pAAwQB
W+WuAwQAW+3FAwQCuTvMMBYEAgACMBADBwAgAQZ8JIwDBQMqAm2gMA0GCSqGSIb3
DQEBCwUAA4IBAQB9LO5UEFx5NpHIu0tB0oTuLmWiV7IWvIQvXwc7BZOCkPXvDyD6
4JD9PnhUz1bfLW9zkIlbR/CF+e7e/3BKb1KLQX5MebsDpE2eyZ32otO5H+5aWDZd
t3wnToR25JMt/mM6bWHbH3YSvfC6EOqYhMsZZBf24cUGHy0IGkkgpCj5LhKOH/PM
t0SKJnnoZEiUW3FFr/GIfsyxtbumaP2zAgGprkTksC4u/BAEBVbMokqwCs/PVUN1
s1iCmgZVYI2SVkG3eVpdC8af7nWsgPTIWrLDDCqV8i3ZMVLJ85SlSO4i13x+yW4y
LgPH6mF8WSBQaQaF4Kx4DNk8PMsHM4Tnf/Jo
-----END CERTIFICATE-----
Generated at Sun May 26 20:41:26 2024 by rpki-client on console-ams.rpki-client.org