Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/OJOKARPn4UTNT4roJWhO6uqd0ew.roa
File: OJOKARPn4UTNT4roJWhO6uqd0ew.roa (raw, json)
Hash identifier: Ctwf7kfl2U9NXYOORUxYCkDGRb2F1yea/BylZyV0I8A=
Subject key identifier: 38:93:8A:01:13:E7:E1:44:CD:4F:8A:E8:25:68:4E:EA:EA:9D:D1:EC
Certificate issuer: /CN=8e06f5a7314b2f966b24fc53155ce7bf604c07a6
Certificate serial: 0190CC732E2D9C996FEBCA991782C15540DB
Authority key identifier: 8E:06:F5:A7:31:4B:2F:96:6B:24:FC:53:15:5C:E7:BF:60:4C:07:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/OJOKARPn4UTNT4roJWhO6uqd0ew.roa
Signing time: Fri 19 Jul 2024 19:23:38 +0000
ROA not before: Fri 19 Jul 2024 19:23:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199614
IP address blocks: 2a13:a280::/29 maxlen: 29
2a13:a280::/33 maxlen: 33
2a13:a280:8000::/33 maxlen: 33
2a13:a281::/33 maxlen: 33
2a13:a281:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 13 Dec 2024 14:48:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:cc:73:2e:2d:9c:99:6f:eb:ca:99:17:82:c1:55:40:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e06f5a7314b2f966b24fc53155ce7bf604c07a6
Validity
Not Before: Jul 19 19:23:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38938a0113e7e144cd4f8ae825684eeaea9dd1ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5c:b7:6b:8a:75:f1:92:a2:f9:02:39:26:9c:
0b:05:07:49:78:1b:a4:8c:4a:ad:e2:3a:21:c9:a5:
bb:3f:fd:01:1a:a8:e1:74:87:6f:81:f8:78:e9:2a:
24:fc:ae:38:d9:f8:df:e1:70:d0:f8:e1:f7:a0:33:
2e:4d:8f:b7:82:14:01:59:d0:8d:c1:1d:69:08:cd:
36:a7:bd:9e:af:3d:92:43:ef:15:c5:e2:f6:6d:47:
5c:7e:22:af:01:d4:cc:a2:0d:6d:e7:40:92:51:3e:
11:70:d4:2a:ee:73:6a:f8:91:85:44:9e:4e:6e:1a:
57:38:99:79:1b:bd:78:e1:af:5d:87:9c:81:86:46:
9a:6c:07:69:38:f9:5f:32:42:3e:12:38:7a:f9:8b:
d2:a8:9c:6b:ba:5f:1d:59:e4:48:89:1b:27:3b:31:
2d:67:86:a4:6c:53:b8:f8:83:4a:1d:5a:88:2d:e4:
b7:73:ff:31:f3:42:52:14:b9:cf:9c:ab:b5:7f:9e:
12:15:ff:01:76:99:16:74:16:f7:b3:67:e7:74:4b:
d2:0e:c9:98:51:4a:cb:83:f9:51:7f:1a:f3:23:a3:
4c:84:a8:91:f3:84:50:20:f6:15:3e:4c:62:d3:fa:
f0:be:61:c3:a8:e0:4e:2d:76:8d:c9:b3:46:f0:4f:
2c:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:93:8A:01:13:E7:E1:44:CD:4F:8A:E8:25:68:4E:EA:EA:9D:D1:EC
X509v3 Authority Key Identifier:
keyid:8E:06:F5:A7:31:4B:2F:96:6B:24:FC:53:15:5C:E7:BF:60:4C:07:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/OJOKARPn4UTNT4roJWhO6uqd0ew.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/62633f-2b3f-4072-8f4a-b474970eca66/1/jgb1pzFLL5ZrJPxTFVznv2BMB6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:a280::/29
Signature Algorithm: sha256WithRSAEncryption
36:7a:77:0a:b1:90:d7:c6:8b:d5:65:36:0e:1d:ae:60:75:fb:
54:82:17:da:78:d2:b7:71:d8:95:f6:d7:c4:60:26:8b:72:2b:
cf:54:3d:16:2b:38:91:15:21:d1:42:60:54:99:53:41:b5:45:
a0:d1:97:5e:68:c2:0d:f0:9c:87:88:80:5f:64:95:af:59:71:
f1:4b:c1:38:15:a3:f4:78:11:f0:44:4f:56:82:9e:fe:60:0a:
29:99:ca:6b:fb:bf:84:97:97:24:2c:9c:75:e6:b9:e3:98:63:
28:b9:4c:0e:24:3a:44:56:7c:2b:31:de:6f:16:07:a2:53:a9:
54:d7:c3:6d:26:2b:55:fa:a6:a9:25:db:de:02:e6:59:4c:a2:
16:e4:b1:b7:db:e2:56:04:37:a4:bb:9a:dc:6e:58:bf:0f:d3:
c5:79:2e:54:c4:6e:9d:c0:81:28:27:30:d3:2e:68:84:33:4f:
91:08:c1:b4:e1:eb:ba:bf:85:93:8c:7f:20:3e:fd:ee:35:1e:
6b:ec:42:f0:c5:63:68:4b:57:77:d6:aa:f6:a5:0a:d9:39:3a:
6e:44:30:c7:f2:fa:0a:06:0c:dc:dd:d7:86:df:f2:56:93:d5:
60:37:4f:ad:47:de:44:76:88:9b:da:40:71:26:2c:7d:c6:1e:
ae:fa:bc:13
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZDMcy4tnJlv68qZF4LBVUDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlMDZmNWE3MzE0YjJmOTY2YjI0ZmM1MzE1NWNlN2JmNjA0
YzA3YTYwHhcNMjQwNzE5MTkyMzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODkzOGEwMTEzZTdlMTQ0Y2Q0ZjhhZTgyNTY4NGVlYWVhOWRkMWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoly3a4p18ZKi+QI5JpwLBQdJeBuk
jEqt4johyaW7P/0BGqjhdIdvgfh46Sok/K442fjf4XDQ+OH3oDMuTY+3ghQBWdCN
wR1pCM02p72erz2SQ+8VxeL2bUdcfiKvAdTMog1t50CSUT4RcNQq7nNq+JGFRJ5O
bhpXOJl5G7144a9dh5yBhkaabAdpOPlfMkI+Ejh6+YvSqJxrul8dWeRIiRsnOzEt
Z4akbFO4+INKHVqILeS3c/8x80JSFLnPnKu1f54SFf8BdpkWdBb3s2fndEvSDsmY
UUrLg/lRfxrzI6NMhKiR84RQIPYVPkxi0/rwvmHDqOBOLXaNybNG8E8shQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDiTigET5+FEzU+K6CVoTurqndHsMB8GA1UdIwQY
MBaAFI4G9acxSy+WayT8UxVc579gTAemMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamdiMXB6RkxMNVpySlB4VEZWem52MkJNQjZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC82MjYzM2YtMmIzZi00MDcyLThmNGEt
YjQ3NDk3MGVjYTY2LzEvT0pPS0FSUG40VVROVDRyb0pXaE82dXFkMGV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC82MjYzM2YtMmIzZi00MDcyLThmNGEtYjQ3NDk3MGVjYTY2
LzEvamdiMXB6RkxMNVpySlB4VEZWem52MkJNQjZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhOigDAN
BgkqhkiG9w0BAQsFAAOCAQEANnp3CrGQ18aL1WU2Dh2uYHX7VIIX2njSt3HYlfbX
xGAmi3Irz1Q9Fis4kRUh0UJgVJlTQbVFoNGXXmjCDfCch4iAX2SVr1lx8UvBOBWj
9HgR8ERPVoKe/mAKKZnKa/u/hJeXJCycdea545hjKLlMDiQ6RFZ8KzHebxYHolOp
VNfDbSYrVfqmqSXb3gLmWUyiFuSxt9viVgQ3pLua3G5Yvw/TxXkuVMRuncCBKCcw
0y5ohDNPkQjBtOHrur+Fk4x/ID797jUea+xC8MVjaEtXd9aq9qUK2Tk6bkQwx/L6
CgYM3N3Xht/yVpPVYDdPrUfeRHaIm9pAcSYsfcYervq8Ew==
-----END CERTIFICATE-----
Generated at Thu Dec 12 20:10:50 2024 by rpki-client on console-fra.rpki-client.org