Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/ojEIE9xUeewMY44GWt_SHDeMTAo.roa
File: ojEIE9xUeewMY44GWt_SHDeMTAo.roa (raw, json)
Hash identifier: PgD7SHmkSGiVf1wdkkC/MHTPCWldezQ0mPs6NheMbmo=
Subject key identifier: A2:31:08:13:DC:54:79:EC:0C:63:8E:06:5A:DF:D2:1C:37:8C:4C:0A
Certificate issuer: /CN=826605b4d27f13968e8794e6ef091223748817d8
Certificate serial: 018CC79469E3653453EDDC2DA07ED84EA612
Authority key identifier: 82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/ojEIE9xUeewMY44GWt_SHDeMTAo.roa
Signing time: Tue 02 Jan 2024 00:30:41 +0000
ROA not before: Tue 02 Jan 2024 00:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5511
IP address blocks: 168.199.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:69:e3:65:34:53:ed:dc:2d:a0:7e:d8:4e:a6:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=826605b4d27f13968e8794e6ef091223748817d8
Validity
Not Before: Jan 2 00:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2310813dc5479ec0c638e065adfd21c378c4c0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:12:d0:f8:31:de:e2:10:08:0b:7e:0d:ae:cd:
1b:cb:eb:b9:cd:5a:cf:f6:05:3f:12:be:a9:48:d9:
8f:2b:7d:4e:c5:5a:4c:07:79:82:12:73:19:9b:f9:
ef:bc:55:44:c5:02:c0:21:84:52:e6:ed:01:df:fb:
e5:32:d6:16:fb:1e:80:02:42:3e:10:63:81:0c:d3:
28:84:2f:8c:c3:39:46:48:3b:48:26:77:11:0f:cb:
9f:5f:f2:68:9f:86:42:89:29:c8:71:76:b1:98:76:
3b:13:c3:44:3b:da:60:38:a3:33:cd:30:25:44:9a:
08:9f:e4:8b:b3:e0:fe:08:ee:f9:a5:6a:14:0d:68:
95:b5:ec:e1:af:25:30:2d:9e:dc:a6:af:7d:8d:2b:
d4:84:c7:c3:cf:a6:67:69:8a:b7:c3:6e:21:41:ad:
6c:d1:98:ae:35:2a:9a:bf:af:28:85:8d:31:52:81:
94:87:6c:cf:51:06:89:64:cb:44:03:f3:13:1c:c5:
85:70:71:8d:e5:8c:55:b4:f1:f7:c9:d2:9c:e3:82:
ac:b8:b5:d5:34:0d:f3:3b:ea:11:b2:1f:51:fd:6a:
36:fa:07:74:c9:2c:b1:d4:52:0d:a4:a1:15:f2:bd:
a7:d2:85:ce:4b:0f:86:70:e0:ee:18:52:b5:4d:59:
aa:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:31:08:13:DC:54:79:EC:0C:63:8E:06:5A:DF:D2:1C:37:8C:4C:0A
X509v3 Authority Key Identifier:
keyid:82:66:05:B4:D2:7F:13:96:8E:87:94:E6:EF:09:12:23:74:88:17:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/ojEIE9xUeewMY44GWt_SHDeMTAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/fbcc32-33c8-41ff-89fa-2d1918ba1c0e/1/gmYFtNJ_E5aOh5Tm7wkSI3SIF9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
168.199.19.0/24
Signature Algorithm: sha256WithRSAEncryption
20:d3:dc:da:1b:9f:98:01:68:49:13:ea:1f:b8:29:8e:53:b1:
9d:7d:b8:2c:57:c5:08:4d:7f:94:4c:7b:62:a5:a8:8b:5c:2b:
ce:15:d7:50:2e:d5:b0:75:b3:db:6b:a5:6f:4e:8d:72:09:94:
76:42:f9:b2:89:d1:f4:ee:b2:ca:6b:e7:49:06:fd:54:76:e6:
d9:fc:bc:a4:34:cd:4d:b5:dc:b8:2c:7c:02:e1:0f:e1:bd:e5:
26:6a:f2:e4:22:92:a0:83:f4:c6:1d:f2:59:92:b8:6b:02:9b:
b8:17:67:2b:70:ac:e4:32:b7:2c:6b:af:58:3c:63:a1:6b:0d:
be:23:81:2b:7d:6a:66:5e:1d:7c:46:ad:a5:28:b6:44:52:a3:
1f:17:fe:41:fa:c4:d8:70:3e:dc:09:37:a1:d8:5c:c0:24:fc:
6e:23:af:84:7c:fe:da:5e:81:78:50:31:c6:b7:f0:d2:3f:be:
e8:c7:34:e9:e0:10:37:20:46:96:11:68:e6:2a:5f:60:89:dc:
f3:22:fa:a7:33:a7:14:e3:55:9d:6b:28:a6:b2:b5:e6:d8:d6:
d7:3e:46:93:6c:90:18:cf:b2:6f:97:8d:b7:1f:22:d5:bb:21:
3f:f8:25:4d:30:94:33:4a:ad:50:ce:39:9f:a0:82:e7:7c:7e:
d6:f1:11:df
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlGnjZTRT7dwtoH7YTqYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNjYwNWI0ZDI3ZjEzOTY4ZTg3OTRlNmVmMDkxMjIzNzQ4
ODE3ZDgwHhcNMjQwMTAyMDAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjMxMDgxM2RjNTQ3OWVjMGM2MzhlMDY1YWRmZDIxYzM3OGM0YzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApRLQ+DHe4hAIC34Nrs0by+u5zVrP
9gU/Er6pSNmPK31OxVpMB3mCEnMZm/nvvFVExQLAIYRS5u0B3/vlMtYW+x6AAkI+
EGOBDNMohC+MwzlGSDtIJncRD8ufX/Jon4ZCiSnIcXaxmHY7E8NEO9pgOKMzzTAl
RJoIn+SLs+D+CO75pWoUDWiVtezhryUwLZ7cpq99jSvUhMfDz6ZnaYq3w24hQa1s
0ZiuNSqav68ohY0xUoGUh2zPUQaJZMtEA/MTHMWFcHGN5YxVtPH3ydKc44KsuLXV
NA3zO+oRsh9R/Wo2+gd0ySyx1FINpKEV8r2n0oXOSw+GcODuGFK1TVmqLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKIxCBPcVHnsDGOOBlrf0hw3jEwKMB8GA1UdIwQY
MBaAFIJmBbTSfxOWjoeU5u8JEiN0iBfYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEt
MmQxOTE4YmExYzBlLzEvb2pFSUU5eFVlZXdNWTQ0R1d0X1NIRGVNVEFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9mYmNjMzItMzNjOC00MWZmLTg5ZmEtMmQxOTE4YmExYzBl
LzEvZ21ZRnROSl9FNWFPaDVUbTd3a1NJM1NJRjlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAqMcTMA0G
CSqGSIb3DQEBCwUAA4IBAQAg09zaG5+YAWhJE+ofuCmOU7GdfbgsV8UITX+UTHti
paiLXCvOFddQLtWwdbPba6VvTo1yCZR2QvmyidH07rLKa+dJBv1UdubZ/LykNM1N
tdy4LHwC4Q/hveUmavLkIpKgg/TGHfJZkrhrApu4F2crcKzkMrcsa69YPGOhaw2+
I4ErfWpmXh18Rq2lKLZEUqMfF/5B+sTYcD7cCTeh2FzAJPxuI6+EfP7aXoF4UDHG
t/DSP77oxzTp4BA3IEaWEWjmKl9gidzzIvqnM6cU41WdayimsrXm2NbXPkaTbJAY
z7Jvl423HyLVuyE/+CVNMJQzSq1QzjmfoILnfH7W8RHf
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:30:05 2024 by rpki-client on console-ams.rpki-client.org