Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/OodCxvf3GjWkcuNj0EkGv25RPf4.roa
File: OodCxvf3GjWkcuNj0EkGv25RPf4.roa (raw, json)
Hash identifier: NzQmG/viVCRIM9t8kAyuFhtTg9NIY9BsNYueeJqnvNg=
Subject key identifier: 3A:87:42:C6:F7:F7:1A:35:A4:72:E3:63:D0:49:06:BF:6E:51:3D:FE
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 018EC86B6B4F6BF8D81060005A522AE6CEC8
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/OodCxvf3GjWkcuNj0EkGv25RPf4.roa
Signing time: Wed 10 Apr 2024 14:31:06 +0000
ROA not before: Wed 10 Apr 2024 14:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 62.68.80.0/24 maxlen: 24
178.211.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c8:6b:6b:4f:6b:f8:d8:10:60:00:5a:52:2a:e6:ce:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Apr 10 14:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a8742c6f7f71a35a472e363d04906bf6e513dfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:99:12:a5:38:21:11:a4:42:67:7f:0b:bd:c0:
1f:41:5d:a0:7b:d7:71:bc:ef:e4:b1:9f:06:33:74:
91:d6:c8:73:aa:d6:d2:c7:ef:8f:a6:d5:a9:b6:bf:
33:44:af:43:d4:1a:c6:b2:7a:ee:a7:c9:28:0e:19:
11:64:93:11:a1:f0:9b:e9:c9:ba:3c:58:32:f4:f1:
63:7e:9d:45:82:59:29:44:da:70:f4:fc:32:a9:eb:
fb:c7:2e:ec:2f:13:fb:50:62:ec:c6:20:56:f4:5a:
a2:9a:3e:20:a6:65:32:51:6e:f0:2e:ac:ad:4b:bc:
5c:f3:32:30:d4:bf:be:42:45:6e:70:79:52:74:8d:
a5:fb:89:35:16:69:85:20:20:72:49:bc:f0:6b:c9:
a4:eb:d2:16:20:0f:3d:b0:53:8a:f9:85:34:b2:ed:
74:04:e5:1a:f0:f9:f2:51:28:5f:e3:15:70:ea:4c:
6a:08:d3:05:d8:b9:cf:73:9d:ef:b8:70:6a:73:bf:
12:dd:4b:08:2b:f6:ed:46:ff:97:9b:a9:1e:43:c4:
bc:a3:75:f7:d7:c5:c8:33:0c:a4:db:fc:29:3a:b9:
fa:30:2f:7c:79:04:73:65:aa:c3:af:fe:6e:f9:fc:
1d:18:e2:c8:34:37:67:b3:1a:4f:84:a3:bf:0d:73:
13:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:87:42:C6:F7:F7:1A:35:A4:72:E3:63:D0:49:06:BF:6E:51:3D:FE
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/OodCxvf3GjWkcuNj0EkGv25RPf4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.68.80.0/24
178.211.159.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:84:80:94:27:fa:5b:82:81:75:0f:a0:4c:04:3f:5c:28:31:
7a:2c:86:82:5c:77:a0:48:2c:15:5a:db:0f:fc:9b:74:17:3c:
db:ef:cf:2e:cc:7d:a5:01:51:57:fb:9d:80:4b:be:29:7c:9c:
93:79:f2:4b:5f:e9:0f:4d:e4:aa:ab:02:6b:48:f4:df:5e:0c:
7c:00:2b:be:a2:29:f5:b4:23:4a:9f:4c:75:c6:5a:80:14:89:
e5:6c:81:e7:24:c9:97:28:35:9b:0c:46:83:86:91:89:90:ac:
8c:9c:b2:32:35:c9:b4:e4:ca:c1:a4:73:86:fb:51:09:bb:c6:
c0:42:00:c4:6d:e5:82:61:7e:de:a4:fc:6d:6c:2c:7a:9c:d4:
11:7d:fa:a4:6a:76:0a:5e:23:e5:b4:69:ef:25:8b:23:03:7b:
49:fc:b4:08:88:f6:16:9d:ab:47:22:92:67:69:3c:3b:86:39:
e2:4d:fd:8d:f5:31:b5:53:96:f5:ce:69:65:e3:23:08:21:7c:
74:9e:fd:0f:18:69:87:63:7f:eb:16:52:48:dd:e0:f7:64:d4:
55:27:eb:f2:f4:71:21:51:0a:b4:f0:b9:56:c7:66:19:0d:75:
b8:8d:65:cf:f8:68:72:cc:0c:f7:84:75:a5:4c:e0:57:47:49:
e4:0e:68:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7Ia2tPa/jYEGAAWlIq5s7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjQwNDEwMTQzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTg3NDJjNmY3ZjcxYTM1YTQ3MmUzNjNkMDQ5MDZiZjZlNTEzZGZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhpkSpTghEaRCZ38LvcAfQV2ge9dx
vO/ksZ8GM3SR1shzqtbSx++PptWptr8zRK9D1BrGsnrup8koDhkRZJMRofCb6cm6
PFgy9PFjfp1FglkpRNpw9Pwyqev7xy7sLxP7UGLsxiBW9Fqimj4gpmUyUW7wLqyt
S7xc8zIw1L++QkVucHlSdI2l+4k1FmmFICBySbzwa8mk69IWIA89sFOK+YU0su10
BOUa8PnyUShf4xVw6kxqCNMF2LnPc53vuHBqc78S3UsIK/btRv+Xm6keQ8S8o3X3
18XIMwyk2/wpOrn6MC98eQRzZarDr/5u+fwdGOLINDdnsxpPhKO/DXMTuQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDqHQsb39xo1pHLjY9BJBr9uUT3+MB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvT29kQ3h2ZjNHaldrY3VOajBFa0d2MjVSUGY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAPkRQAwQA
stOfMA0GCSqGSIb3DQEBCwUAA4IBAQBfhICUJ/pbgoF1D6BMBD9cKDF6LIaCXHeg
SCwVWtsP/Jt0Fzzb788uzH2lAVFX+52AS74pfJyTefJLX+kPTeSqqwJrSPTfXgx8
ACu+oin1tCNKn0x1xlqAFInlbIHnJMmXKDWbDEaDhpGJkKyMnLIyNcm05MrBpHOG
+1EJu8bAQgDEbeWCYX7epPxtbCx6nNQRffqkanYKXiPltGnvJYsjA3tJ/LQIiPYW
natHIpJnaTw7hjniTf2N9TG1U5b1zmll4yMIIXx0nv0PGGmHY3/rFlJI3eD3ZNRV
J+vy9HEhUQq08LlWx2YZDXW4jWXP+GhyzAz3hHWlTOBXR0nkDmhE
-----END CERTIFICATE-----
Generated at Mon May 6 10:55:00 2024 by rpki-client on console-ams.rpki-client.org