Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/51fdbb-8ba2-4b7e-980f-ee60b0ddbdaa/1/1Oz2TycldyHxmtakQX-1HGXNfYA.roa
File: 1Oz2TycldyHxmtakQX-1HGXNfYA.roa (raw, json)
Hash identifier: jtDUW0vLTGuS+6XPgIsYD7INVk9FL6kJu7I01J+xahA=
Subject key identifier: D4:EC:F6:4F:27:25:77:21:F1:9A:D6:A4:41:7F:B5:1C:65:CD:7D:80
Certificate issuer: /CN=90dcce91000451494c43c15d172da2eb9d5b7956
Certificate serial: 018CC8712E14D6771991D6C18DCE1DB1B25E
Authority key identifier: 90:DC:CE:91:00:04:51:49:4C:43:C1:5D:17:2D:A2:EB:9D:5B:79:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kNzOkQAEUUlMQ8FdFy2i651beVY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/51fdbb-8ba2-4b7e-980f-ee60b0ddbdaa/1/1Oz2TycldyHxmtakQX-1HGXNfYA.roa
Signing time: Tue 02 Jan 2024 04:31:49 +0000
ROA not before: Tue 02 Jan 2024 04:31:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 137
IP address blocks: 131.114.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/51fdbb-8ba2-4b7e-980f-ee60b0ddbdaa/1/kNzOkQAEUUlMQ8FdFy2i651beVY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/51fdbb-8ba2-4b7e-980f-ee60b0ddbdaa/1/kNzOkQAEUUlMQ8FdFy2i651beVY.mft
rsync://rpki.ripe.net/repository/DEFAULT/kNzOkQAEUUlMQ8FdFy2i651beVY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:2e:14:d6:77:19:91:d6:c1:8d:ce:1d:b1:b2:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90dcce91000451494c43c15d172da2eb9d5b7956
Validity
Not Before: Jan 2 04:31:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4ecf64f27257721f19ad6a4417fb51c65cd7d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:db:43:fe:ea:42:ef:7a:a0:03:43:dd:ad:06:
9b:6f:72:55:d9:c9:5a:88:8d:18:0c:7f:cc:51:38:
13:aa:44:81:1d:a7:4f:9e:a3:df:4c:1e:f3:fe:04:
d5:2a:78:3f:00:c3:d7:86:5c:94:e7:c2:d2:86:28:
c6:f4:94:fc:cf:ab:f8:60:13:2d:2f:b7:68:59:3a:
8d:83:5f:1e:9e:01:82:65:7c:1b:7d:6e:bb:0c:1c:
dd:bc:4d:bd:a8:32:85:56:59:99:ba:75:2b:26:07:
dc:f7:53:5b:47:43:c1:d6:b2:ea:4a:c1:c2:41:1d:
05:82:5f:0c:d8:a5:55:dc:63:e8:69:8e:3d:31:2a:
1c:95:8e:e8:2b:76:86:af:cf:c8:19:ec:e9:6d:57:
e9:32:74:04:bc:db:0f:e8:08:6e:7e:72:ae:16:9d:
73:b8:29:11:a3:34:6f:8d:1f:d3:93:de:1b:d3:32:
3a:26:93:f2:d6:3b:53:c6:e6:4b:de:ec:85:81:8f:
10:85:54:a3:0d:28:0f:9b:0c:4a:cf:77:f4:67:58:
40:df:23:c4:40:2f:76:20:0f:52:cf:51:3d:c6:87:
bf:0f:b7:21:a4:43:d1:f2:e6:2c:63:37:73:4a:ce:
93:2b:53:b3:36:2c:80:29:1c:ac:78:87:f6:07:4d:
21:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:EC:F6:4F:27:25:77:21:F1:9A:D6:A4:41:7F:B5:1C:65:CD:7D:80
X509v3 Authority Key Identifier:
keyid:90:DC:CE:91:00:04:51:49:4C:43:C1:5D:17:2D:A2:EB:9D:5B:79:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kNzOkQAEUUlMQ8FdFy2i651beVY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/51fdbb-8ba2-4b7e-980f-ee60b0ddbdaa/1/1Oz2TycldyHxmtakQX-1HGXNfYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/51fdbb-8ba2-4b7e-980f-ee60b0ddbdaa/1/kNzOkQAEUUlMQ8FdFy2i651beVY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
19:8f:91:cb:0d:53:9c:06:27:07:36:de:92:8b:7b:57:44:32:
ec:52:71:f4:37:0e:f2:fa:d6:d6:6b:40:18:ad:63:7f:08:e8:
42:42:7b:fb:a9:f3:6b:d0:98:16:33:df:2c:97:95:74:82:4e:
82:52:66:49:e6:90:dd:3c:a7:86:a6:17:ce:e9:47:86:c5:d7:
20:cf:b4:91:1a:a4:9d:a6:f1:73:92:5e:be:53:f2:db:52:eb:
b6:46:ed:04:a0:c9:ed:9e:02:61:a5:fe:ae:2f:f5:f1:8e:4d:
60:08:00:38:40:f3:17:a8:dc:55:91:24:f9:99:91:4c:ca:8f:
d4:52:24:2f:22:a5:54:61:35:56:91:a4:c5:a5:8c:d5:52:43:
76:3c:20:35:15:49:cc:63:62:ed:8e:80:7a:21:cc:88:ba:aa:
4a:07:06:d1:b1:43:a9:17:c7:ec:4b:58:ba:d7:2a:89:6e:19:
81:32:04:a8:81:9e:fb:0e:53:d5:d9:87:0b:4f:d2:10:36:80:
1b:78:ce:1e:f2:fe:2d:48:c7:e8:99:66:74:d8:5c:15:22:ed:
13:ff:ef:d8:9e:d7:4a:ee:54:15:9c:15:19:8c:f8:4f:66:14:
5c:a8:14:7b:c6:18:7c:fa:48:5c:73:a7:c7:3a:a8:0f:bc:d0:
7c:30:da:44
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzIcS4U1ncZkdbBjc4dsbJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZGNjZTkxMDAwNDUxNDk0YzQzYzE1ZDE3MmRhMmViOWQ1
Yjc5NTYwHhcNMjQwMTAyMDQzMTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGVjZjY0ZjI3MjU3NzIxZjE5YWQ2YTQ0MTdmYjUxYzY1Y2Q3ZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgttD/upC73qgA0PdrQabb3JV2cla
iI0YDH/MUTgTqkSBHadPnqPfTB7z/gTVKng/AMPXhlyU58LShijG9JT8z6v4YBMt
L7doWTqNg18engGCZXwbfW67DBzdvE29qDKFVlmZunUrJgfc91NbR0PB1rLqSsHC
QR0Fgl8M2KVV3GPoaY49MSoclY7oK3aGr8/IGezpbVfpMnQEvNsP6AhufnKuFp1z
uCkRozRvjR/Tk94b0zI6JpPy1jtTxuZL3uyFgY8QhVSjDSgPmwxKz3f0Z1hA3yPE
QC92IA9Sz1E9xoe/D7chpEPR8uYsYzdzSs6TK1OzNiyAKRyseIf2B00hHQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFNTs9k8nJXch8ZrWpEF/tRxlzX2AMB8GA1UdIwQY
MBaAFJDczpEABFFJTEPBXRctouudW3lWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva056T2tRQUVVVWxNUThGZEZ5Mmk2NTFiZVZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi81MWZkYmItOGJhMi00YjdlLTk4MGYt
ZWU2MGIwZGRiZGFhLzEvMU96MlR5Y2xkeUh4bXRha1FYLTFIR1hOZllBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi81MWZkYmItOGJhMi00YjdlLTk4MGYtZWU2MGIwZGRiZGFh
LzEva056T2tRQUVVVWxNUThGZEZ5Mmk2NTFiZVZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAg3IwDQYJ
KoZIhvcNAQELBQADggEBABmPkcsNU5wGJwc23pKLe1dEMuxScfQ3DvL61tZrQBit
Y38I6EJCe/up82vQmBYz3yyXlXSCToJSZknmkN08p4amF87pR4bF1yDPtJEapJ2m
8XOSXr5T8ttS67ZG7QSgye2eAmGl/q4v9fGOTWAIADhA8xeo3FWRJPmZkUzKj9RS
JC8ipVRhNVaRpMWljNVSQ3Y8IDUVScxjYu2OgHohzIi6qkoHBtGxQ6kXx+xLWLrX
KoluGYEyBKiBnvsOU9XZhwtP0hA2gBt4zh7y/i1Ix+iZZnTYXBUi7RP/79ie10ru
VBWcFRmM+E9mFFyoFHvGGHz6SFxzp8c6qA+80Hww2kQ=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:47:22 2024 by rpki-client on console-fra.rpki-client.org