Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/8fb468-fbc5-4a57-a7fe-275c5f731b44/1/OHUq6c6kkSLxoXQ0iykKDr-o8rs.roa
File: OHUq6c6kkSLxoXQ0iykKDr-o8rs.roa (raw, json)
Hash identifier: QBn+BNzmhJ00Ox9WQ0yFfNc19qjyRirH7RwV5B1KSDA=
Subject key identifier: 38:75:2A:E9:CE:A4:91:22:F1:A1:74:34:8B:29:0A:0E:BF:A8:F2:BB
Certificate issuer: /CN=98b53b86eb1f19d0ae7c00b132e97c03a94bff61
Certificate serial: 018CC4254F34EB6A49E8E35063D6A5D61F21
Authority key identifier: 98:B5:3B:86:EB:1F:19:D0:AE:7C:00:B1:32:E9:7C:03:A9:4B:FF:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mLU7husfGdCufACxMul8A6lL_2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/8fb468-fbc5-4a57-a7fe-275c5f731b44/1/OHUq6c6kkSLxoXQ0iykKDr-o8rs.roa
Signing time: Mon 01 Jan 2024 08:30:28 +0000
ROA not before: Mon 01 Jan 2024 08:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212631
IP address blocks: 91.220.243.0/24 maxlen: 24
2a0d:2380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/8fb468-fbc5-4a57-a7fe-275c5f731b44/1/mLU7husfGdCufACxMul8A6lL_2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/8fb468-fbc5-4a57-a7fe-275c5f731b44/1/mLU7husfGdCufACxMul8A6lL_2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/mLU7husfGdCufACxMul8A6lL_2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4f:34:eb:6a:49:e8:e3:50:63:d6:a5:d6:1f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98b53b86eb1f19d0ae7c00b132e97c03a94bff61
Validity
Not Before: Jan 1 08:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38752ae9cea49122f1a174348b290a0ebfa8f2bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:8e:82:af:1a:51:ad:b4:e1:73:ed:28:4c:ee:
38:a2:a0:36:17:08:7a:55:ba:cf:11:97:94:18:dd:
78:cc:6d:da:49:2c:64:ca:ea:dc:69:17:78:b4:fb:
84:43:c9:c0:24:b8:4b:b9:c1:72:5c:e9:99:69:7d:
c0:03:d0:35:67:df:78:55:b5:d3:39:91:de:ab:3d:
8b:29:f3:64:83:6a:6b:6f:e3:20:ff:95:07:92:a2:
a2:66:76:9c:e2:6f:fa:7d:5f:08:f9:c5:12:4b:58:
c2:70:c1:ce:c0:f4:81:e1:03:ce:ed:e9:0e:1b:93:
fe:8b:80:6a:f3:0e:ed:74:1c:e0:78:15:79:53:c9:
31:97:ab:65:f1:04:4e:f0:95:ff:72:db:3e:87:93:
d7:a3:c3:94:6d:85:f5:4d:32:bd:50:80:81:0f:4a:
eb:f6:4b:22:13:15:e7:8f:b1:96:cf:34:2c:11:02:
94:24:3b:e1:be:fd:4e:12:51:2b:bf:12:68:6b:b8:
bd:ef:ab:99:96:ef:b6:26:12:71:17:a9:61:cb:94:
c6:18:1d:25:21:86:48:1b:1c:22:bc:1f:20:02:6c:
d3:88:73:9d:31:55:b7:61:5b:42:82:e1:fc:f7:56:
52:b9:f2:55:e8:db:12:ec:4d:07:5c:3a:d5:3f:9c:
ef:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:75:2A:E9:CE:A4:91:22:F1:A1:74:34:8B:29:0A:0E:BF:A8:F2:BB
X509v3 Authority Key Identifier:
keyid:98:B5:3B:86:EB:1F:19:D0:AE:7C:00:B1:32:E9:7C:03:A9:4B:FF:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mLU7husfGdCufACxMul8A6lL_2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8fb468-fbc5-4a57-a7fe-275c5f731b44/1/OHUq6c6kkSLxoXQ0iykKDr-o8rs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/8fb468-fbc5-4a57-a7fe-275c5f731b44/1/mLU7husfGdCufACxMul8A6lL_2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.243.0/24
IPv6:
2a0d:2380::/29
Signature Algorithm: sha256WithRSAEncryption
00:db:fb:04:ac:20:ea:e7:d7:f6:d9:a4:f2:2e:39:16:1d:06:
f4:c5:3a:8c:95:e8:a2:34:39:f9:44:63:41:ce:d7:5d:5e:ab:
92:a1:a0:3b:fd:ad:0c:0e:6d:1e:32:7f:ed:f1:c9:fc:7d:4c:
47:83:ed:d4:a4:25:de:93:a8:dd:43:67:c7:20:0e:c6:73:de:
ef:19:f0:b7:f2:8b:77:85:c1:24:43:d4:f0:01:f6:cc:15:34:
0f:d7:aa:0d:6d:02:cf:6a:95:d8:50:9e:3a:7a:43:9e:8e:6b:
db:bd:8b:1b:43:ab:d1:96:4d:81:68:97:49:8c:9c:1a:51:8a:
36:ad:03:29:11:26:ff:cb:20:3c:d0:d2:a7:ca:8d:55:5e:19:
fb:68:17:82:f1:cd:ad:5d:ed:c7:a9:03:f8:5a:f0:70:7e:12:
a6:ac:4d:37:2b:83:f7:d9:2a:d3:69:6f:9b:59:ab:b6:f1:81:
b5:27:02:86:9a:e7:74:f0:a9:4b:91:3e:37:7d:8c:ba:6c:6b:
b8:b3:58:9d:6f:81:01:5c:d6:2a:97:8c:22:69:14:42:45:f7:
16:f5:04:06:31:12:b4:0c:ea:22:db:d7:8a:d9:7f:72:30:fc:
ca:c9:a6:33:a4:6c:23:43:95:bb:5f:fd:3c:b3:74:7a:b1:c4:
a8:85:9c:f4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJU8062pJ6ONQY9al1h8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YjUzYjg2ZWIxZjE5ZDBhZTdjMDBiMTMyZTk3YzAzYTk0
YmZmNjEwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODc1MmFlOWNlYTQ5MTIyZjFhMTc0MzQ4YjI5MGEwZWJmYThmMmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkY6CrxpRrbThc+0oTO44oqA2Fwh6
VbrPEZeUGN14zG3aSSxkyurcaRd4tPuEQ8nAJLhLucFyXOmZaX3AA9A1Z994VbXT
OZHeqz2LKfNkg2prb+Mg/5UHkqKiZnac4m/6fV8I+cUSS1jCcMHOwPSB4QPO7ekO
G5P+i4Bq8w7tdBzgeBV5U8kxl6tl8QRO8JX/cts+h5PXo8OUbYX1TTK9UICBD0rr
9ksiExXnj7GWzzQsEQKUJDvhvv1OElErvxJoa7i976uZlu+2JhJxF6lhy5TGGB0l
IYZIGxwivB8gAmzTiHOdMVW3YVtCguH891ZSufJV6NsS7E0HXDrVP5zvRwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDh1KunOpJEi8aF0NIspCg6/qPK7MB8GA1UdIwQY
MBaAFJi1O4brHxnQrnwAsTLpfAOpS/9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUxVN2h1c2ZHZEN1ZkFDeE11bDhBNmxMXzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy84ZmI0NjgtZmJjNS00YTU3LWE3ZmUt
Mjc1YzVmNzMxYjQ0LzEvT0hVcTZjNmtrU0x4b1hRMGl5a0tEci1vOHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy84ZmI0NjgtZmJjNS00YTU3LWE3ZmUtMjc1YzVmNzMxYjQ0
LzEvbUxVN2h1c2ZHZEN1ZkFDeE11bDhBNmxMXzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9zzMA0E
AgACMAcDBQMqDSOAMA0GCSqGSIb3DQEBCwUAA4IBAQAA2/sErCDq59f22aTyLjkW
HQb0xTqMleiiNDn5RGNBztddXquSoaA7/a0MDm0eMn/t8cn8fUxHg+3UpCXek6jd
Q2fHIA7Gc97vGfC38ot3hcEkQ9TwAfbMFTQP16oNbQLPapXYUJ46ekOejmvbvYsb
Q6vRlk2BaJdJjJwaUYo2rQMpESb/yyA80NKnyo1VXhn7aBeC8c2tXe3HqQP4WvBw
fhKmrE03K4P32SrTaW+bWau28YG1JwKGmud08KlLkT43fYy6bGu4s1idb4EBXNYq
l4wiaRRCRfcW9QQGMRK0DOoi29eK2X9yMPzKyaYzpGwjQ5W7X/08s3R6scSohZz0
-----END CERTIFICATE-----
Generated at Sat Jun 8 02:01:59 2024 by rpki-client on console-fra.rpki-client.org