Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/1e1ebf-c3ac-49a1-b6a8-a4a075398b0e/1/O48jEEYUgpxHVWQhDbmyrmPrD4U.roa
File: O48jEEYUgpxHVWQhDbmyrmPrD4U.roa (raw, json)
Hash identifier: iD2cZrPAYA9ipDEAchRlnwWRV18tT/Bk0Z8E12J3+4o=
Subject key identifier: 3B:8F:23:10:46:14:82:9C:47:55:64:21:0D:B9:B2:AE:63:EB:0F:85
Certificate issuer: /CN=9748828d7b99b0a97017ec26bcbefe96fdbe9579
Certificate serial: 018CC86F6561117BAA5C181B32D45B6C3B86
Authority key identifier: 97:48:82:8D:7B:99:B0:A9:70:17:EC:26:BC:BE:FE:96:FD:BE:95:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l0iCjXuZsKlwF-wmvL7-lv2-lXk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/1e1ebf-c3ac-49a1-b6a8-a4a075398b0e/1/O48jEEYUgpxHVWQhDbmyrmPrD4U.roa
Signing time: Tue 02 Jan 2024 04:29:52 +0000
ROA not before: Tue 02 Jan 2024 04:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29432
IP address blocks: 195.140.192.0/22 maxlen: 23
2001:7f8:1d::/48 maxlen: 48
2001:67c:2b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/1e1ebf-c3ac-49a1-b6a8-a4a075398b0e/1/l0iCjXuZsKlwF-wmvL7-lv2-lXk.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/1e1ebf-c3ac-49a1-b6a8-a4a075398b0e/1/l0iCjXuZsKlwF-wmvL7-lv2-lXk.mft
rsync://rpki.ripe.net/repository/DEFAULT/l0iCjXuZsKlwF-wmvL7-lv2-lXk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:03:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:65:61:11:7b:aa:5c:18:1b:32:d4:5b:6c:3b:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9748828d7b99b0a97017ec26bcbefe96fdbe9579
Validity
Not Before: Jan 2 04:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b8f23104614829c475564210db9b2ae63eb0f85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:04:1c:f5:fe:25:bf:d1:a0:ae:e9:54:91:f9:
97:a5:13:66:4f:32:4c:b5:ec:d3:10:77:4d:13:72:
cf:aa:26:36:c8:52:67:0e:51:f9:eb:ef:d6:25:de:
fb:ad:de:9c:e5:5d:8f:8a:20:e2:f2:08:71:5d:ee:
cf:2e:99:2d:fc:dd:53:e0:fc:32:84:e2:c9:6c:ad:
40:f1:f7:75:75:53:07:37:ae:fa:31:1c:49:9d:45:
9e:f4:1a:40:66:5d:75:ea:7b:3f:d9:7a:72:f4:0c:
af:e3:36:f4:b3:01:19:df:e1:11:75:f8:50:42:7b:
ed:f2:d9:e3:12:e0:73:ef:80:59:68:6d:fb:ba:91:
1b:03:93:38:8d:a8:0b:e9:51:e7:c0:82:42:f8:7b:
59:7a:5a:82:d6:fd:48:75:74:88:ea:d0:8e:70:67:
69:19:34:ee:e3:34:ce:be:7f:7f:5e:37:e0:ae:9a:
76:63:f6:fa:07:ba:59:3a:09:b4:ed:06:1c:39:03:
8b:82:77:6a:b0:5a:ef:e6:40:c1:6e:e5:17:52:1c:
f0:d8:53:ee:13:f3:3d:99:51:fd:a3:83:87:6f:f6:
a8:83:3a:76:d0:2f:7b:da:1e:80:02:56:c0:6f:7d:
ac:64:04:44:cf:86:39:9b:15:07:08:64:d5:f9:58:
bf:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:8F:23:10:46:14:82:9C:47:55:64:21:0D:B9:B2:AE:63:EB:0F:85
X509v3 Authority Key Identifier:
keyid:97:48:82:8D:7B:99:B0:A9:70:17:EC:26:BC:BE:FE:96:FD:BE:95:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l0iCjXuZsKlwF-wmvL7-lv2-lXk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/1e1ebf-c3ac-49a1-b6a8-a4a075398b0e/1/O48jEEYUgpxHVWQhDbmyrmPrD4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/1e1ebf-c3ac-49a1-b6a8-a4a075398b0e/1/l0iCjXuZsKlwF-wmvL7-lv2-lXk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.140.192.0/22
IPv6:
2001:67c:2b0::/48
2001:7f8:1d::/48
Signature Algorithm: sha256WithRSAEncryption
2f:a6:9c:70:27:a8:b1:6b:ef:21:5c:f2:b0:b4:1a:8b:4c:a0:
14:81:f3:cc:b1:83:77:5d:39:e6:45:59:ec:60:a8:66:d5:7b:
44:5c:bf:e2:cb:a1:88:a9:af:3e:8d:06:8d:11:4e:14:ca:40:
ae:48:46:9a:75:47:72:69:ea:bc:7c:2c:74:47:1b:20:3e:e7:
3e:65:4a:b4:16:0a:d3:d3:fd:b1:82:99:dd:29:0b:42:02:03:
74:69:fc:ad:4b:7e:1f:28:77:9b:c3:43:47:db:1b:ee:87:b3:
0a:ed:dd:05:d2:4c:2a:ad:d6:08:c1:9e:a1:91:64:6d:09:6a:
c1:45:bc:5d:87:c0:c7:02:28:a2:c0:ba:82:b7:c8:eb:b5:a7:
ed:20:2a:ac:06:fa:1b:80:32:9d:06:3a:bb:82:14:4c:6e:1f:
95:87:df:4e:f1:57:67:ec:59:8f:9b:82:91:9c:98:0b:f7:f9:
9d:fe:f2:9e:b4:bd:ab:a5:1b:1a:ba:b6:a0:df:f6:f6:18:ac:
e6:a8:c6:13:de:ca:82:6a:88:b7:67:09:96:52:a4:ab:36:f1:
ec:33:b8:3a:7e:f9:3a:22:44:74:44:9d:d6:9f:13:cb:b1:e0:
3c:00:ad:c8:11:05:f9:6c:b3:24:c5:31:23:ed:fd:18:63:94:
8f:7e:2a:32
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzIb2VhEXuqXBgbMtRbbDuGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3NDg4MjhkN2I5OWIwYTk3MDE3ZWMyNmJjYmVmZTk2ZmRi
ZTk1NzkwHhcNMjQwMTAyMDQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjhmMjMxMDQ2MTQ4MjljNDc1NTY0MjEwZGI5YjJhZTYzZWIwZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswQc9f4lv9GgrulUkfmXpRNmTzJM
tezTEHdNE3LPqiY2yFJnDlH56+/WJd77rd6c5V2PiiDi8ghxXe7PLpkt/N1T4Pwy
hOLJbK1A8fd1dVMHN676MRxJnUWe9BpAZl116ns/2Xpy9Ayv4zb0swEZ3+ERdfhQ
Qnvt8tnjEuBz74BZaG37upEbA5M4jagL6VHnwIJC+HtZelqC1v1IdXSI6tCOcGdp
GTTu4zTOvn9/Xjfgrpp2Y/b6B7pZOgm07QYcOQOLgndqsFrv5kDBbuUXUhzw2FPu
E/M9mVH9o4OHb/aogzp20C972h6AAlbAb32sZAREz4Y5mxUHCGTV+Vi/LQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDuPIxBGFIKcR1VkIQ25sq5j6w+FMB8GA1UdIwQY
MBaAFJdIgo17mbCpcBfsJry+/pb9vpV5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDBpQ2pYdVpzS2x3Ri13bXZMNy1sdjItbFhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8xZTFlYmYtYzNhYy00OWExLWI2YTgt
YTRhMDc1Mzk4YjBlLzEvTzQ4akVFWVVncHhIVldRaERibXlybVByRDRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8xZTFlYmYtYzNhYy00OWExLWI2YTgtYTRhMDc1Mzk4YjBl
LzEvbDBpQ2pYdVpzS2x3Ri13bXZMNy1sdjItbFhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQCw4zAMBgE
AgACMBIDBwAgAQZ8ArADBwAgAQf4AB0wDQYJKoZIhvcNAQELBQADggEBAC+mnHAn
qLFr7yFc8rC0GotMoBSB88yxg3ddOeZFWexgqGbVe0Rcv+LLoYiprz6NBo0RThTK
QK5IRpp1R3Jp6rx8LHRHGyA+5z5lSrQWCtPT/bGCmd0pC0ICA3Rp/K1Lfh8od5vD
Q0fbG+6Hswrt3QXSTCqt1gjBnqGRZG0JasFFvF2HwMcCKKLAuoK3yOu1p+0gKqwG
+huAMp0GOruCFExuH5WH307xV2fsWY+bgpGcmAv3+Z3+8p60vaulGxq6tqDf9vYY
rOaoxhPeyoJqiLdnCZZSpKs28ewzuDp++ToiRHREndafE8ux4DwArcgRBflssyTF
MSPt/RhjlI9+KjI=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:05:20 2024 by rpki-client on console-fra.rpki-client.org