Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/OkniblpBVHWHXykg-1LDb_sRDBI.roa
File: OkniblpBVHWHXykg-1LDb_sRDBI.roa (raw, json)
Hash identifier: gl06iNtQAOcwrBg3IFWvx4s15H4oDf0yEnRZHzFgLnE=
Subject key identifier: 3A:49:E2:6E:5A:41:54:75:87:5F:29:20:FB:52:C3:6F:FB:11:0C:12
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018CC26D2BF4EF78EFF35312148836D0C622
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/OkniblpBVHWHXykg-1LDb_sRDBI.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199684
IP address blocks: 2a0e:aa07:e070::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.mft
rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 20:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2b:f4:ef:78:ef:f3:53:12:14:88:36:d0:c6:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a49e26e5a415475875f2920fb52c36ffb110c12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:19:cc:cf:41:21:23:38:2a:3c:aa:ef:1e:fa:
57:ef:9c:6b:92:de:6e:15:dd:38:77:ed:66:13:5e:
b9:53:8f:e7:c1:76:5c:29:25:2c:38:37:e9:19:35:
d3:f8:02:de:2b:83:10:d8:94:21:7b:10:d2:0c:fc:
62:fd:12:e1:71:69:b2:a0:a5:31:c2:09:f7:d3:7a:
3f:81:8c:12:ee:74:fa:c1:1c:8a:99:60:f4:69:9d:
a5:a9:f7:c4:27:90:ab:b9:64:b7:be:30:3e:08:c8:
61:cd:e9:ab:27:cd:28:b0:60:c5:62:a9:37:0e:dd:
40:ae:be:4a:e9:9f:1e:98:b1:76:94:5d:5c:a0:d9:
f6:41:ac:34:35:7f:cf:fd:c4:45:11:54:2d:72:5d:
54:06:5a:10:9d:41:f3:25:b3:bf:78:5f:0d:b5:91:
39:42:89:a0:0f:19:3e:b3:46:1d:d7:a8:9e:d0:52:
31:bf:88:a9:50:2d:60:75:01:6e:87:63:1a:b8:5e:
a5:3a:0e:6a:1d:62:d8:55:94:02:45:be:55:ab:75:
e9:53:1e:dd:6d:4c:14:dd:72:d3:a1:53:32:36:4a:
39:1e:f8:8a:b8:ba:51:90:1e:d9:92:b7:0e:e2:78:
b7:10:49:ed:14:86:f4:f7:c7:c1:64:e9:9a:b4:18:
8f:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:49:E2:6E:5A:41:54:75:87:5F:29:20:FB:52:C3:6F:FB:11:0C:12
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/OkniblpBVHWHXykg-1LDb_sRDBI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa07:e070::/44
Signature Algorithm: sha256WithRSAEncryption
7a:48:92:c1:63:58:27:bb:87:f1:74:f8:4c:26:b3:6b:8d:6d:
7c:9e:e2:f6:59:fa:53:c3:9e:4c:b7:bf:b0:fa:aa:22:33:8e:
50:ca:07:2d:32:42:19:53:bd:23:2e:76:63:56:ef:82:65:6a:
44:94:24:71:75:9b:6a:28:7a:9e:af:00:42:9c:24:08:9c:b5:
02:f4:43:35:83:22:02:63:bf:be:5a:59:11:55:3b:44:03:c8:
c1:d3:0b:34:0c:7c:cf:70:37:d9:3f:d0:c5:f9:d7:86:1f:09:
2d:32:3a:88:52:c6:58:53:4f:83:cf:14:3d:9d:a9:52:23:b1:
38:42:5d:ee:7c:e1:b5:d6:5b:80:f2:ed:41:39:d3:d0:ee:9f:
87:19:d5:f4:2e:34:67:9a:77:a6:8a:da:60:a2:b5:55:22:b5:
8a:14:ff:13:a3:91:fb:15:95:d3:94:6c:97:1a:73:90:9c:d3:
7a:9e:9d:2a:9b:5d:73:24:83:9f:c4:ad:b6:95:b1:ca:90:35:
3f:a2:a0:03:ae:b7:ca:44:2e:b9:be:b6:ba:6b:d0:96:6c:54:
0b:56:95:ad:8f:ec:a5:d3:1a:fa:8b:02:60:e4:fb:d3:16:a9:
3c:4b:80:63:9f:72:a9:ea:33:77:6e:7e:bc:6b:0b:0b:0f:fe:
14:a9:a5:5a
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzCbSv073jv81MSFIg20MYiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTQ5ZTI2ZTVhNDE1NDc1ODc1ZjI5MjBmYjUyYzM2ZmZiMTEwYzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhnMz0EhIzgqPKrvHvpX75xrkt5u
Fd04d+1mE165U4/nwXZcKSUsODfpGTXT+ALeK4MQ2JQhexDSDPxi/RLhcWmyoKUx
wgn303o/gYwS7nT6wRyKmWD0aZ2lqffEJ5CruWS3vjA+CMhhzemrJ80osGDFYqk3
Dt1Arr5K6Z8emLF2lF1coNn2Qaw0NX/P/cRFEVQtcl1UBloQnUHzJbO/eF8NtZE5
QomgDxk+s0Yd16ie0FIxv4ipUC1gdQFuh2MauF6lOg5qHWLYVZQCRb5Vq3XpUx7d
bUwU3XLToVMyNko5HviKuLpRkB7ZkrcO4ni3EEntFIb098fBZOmatBiP2wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDpJ4m5aQVR1h18pIPtSw2/7EQwSMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvT2tuaWJscEJWSFdIWHlrZy0xTERiX3NSREJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKg6qB+Bw
MA0GCSqGSIb3DQEBCwUAA4IBAQB6SJLBY1gnu4fxdPhMJrNrjW18nuL2WfpTw55M
t7+w+qoiM45QygctMkIZU70jLnZjVu+CZWpElCRxdZtqKHqerwBCnCQInLUC9EM1
gyICY7++WlkRVTtEA8jB0ws0DHzPcDfZP9DF+deGHwktMjqIUsZYU0+DzxQ9nalS
I7E4Ql3ufOG11luA8u1BOdPQ7p+HGdX0LjRnmnemitpgorVVIrWKFP8To5H7FZXT
lGyXGnOQnNN6np0qm11zJIOfxK22lbHKkDU/oqADrrfKRC65vra6a9CWbFQLVpWt
j+yl0xr6iwJg5PvTFqk8S4Bjn3Kp6jN3bn68awsLD/4UqaVa
-----END CERTIFICATE-----
Generated at Sat May 4 03:57:52 2024 by rpki-client on console-fra.rpki-client.org