Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/ee97b4-feca-4d3d-82d3-1538e2a3ad22/1/oQkgBCVI3nvmcx_z_p5c9q49d8o.roa
File: oQkgBCVI3nvmcx_z_p5c9q49d8o.roa (raw, json)
Hash identifier: sAYDpXQFXIz/8pVpumXAQRNgVPgEz3yhzv0UPHtjZUs=
Subject key identifier: A1:09:20:04:25:48:DE:7B:E6:73:1F:F3:FE:9E:5C:F6:AE:3D:77:CA
Certificate issuer: /CN=8ad7629c11b68020d73d9b65c54e5043c3414194
Certificate serial: 018CCA29B375CEE872396756F9FD9D049422
Authority key identifier: 8A:D7:62:9C:11:B6:80:20:D7:3D:9B:65:C5:4E:50:43:C3:41:41:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/itdinBG2gCDXPZtlxU5QQ8NBQZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/ee97b4-feca-4d3d-82d3-1538e2a3ad22/1/oQkgBCVI3nvmcx_z_p5c9q49d8o.roa
Signing time: Tue 02 Jan 2024 12:32:59 +0000
ROA not before: Tue 02 Jan 2024 12:32:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44486
IP address blocks: 185.229.248.0/24 maxlen: 24
2a10:b680::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/ee97b4-feca-4d3d-82d3-1538e2a3ad22/1/itdinBG2gCDXPZtlxU5QQ8NBQZQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/ee97b4-feca-4d3d-82d3-1538e2a3ad22/1/itdinBG2gCDXPZtlxU5QQ8NBQZQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/itdinBG2gCDXPZtlxU5QQ8NBQZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:b3:75:ce:e8:72:39:67:56:f9:fd:9d:04:94:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ad7629c11b68020d73d9b65c54e5043c3414194
Validity
Not Before: Jan 2 12:32:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a10920042548de7be6731ff3fe9e5cf6ae3d77ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:86:1c:44:bb:e8:a0:e1:b0:90:3a:01:49:77:
1f:ad:86:34:b5:f3:ad:d1:13:c3:fa:9e:2a:f2:f2:
38:c1:8c:ae:75:12:e5:a7:57:21:97:e9:e4:26:57:
a7:9c:45:29:68:c3:e0:2a:2c:dd:76:37:05:e4:ef:
51:5b:87:6b:ca:96:43:c4:82:c9:2a:a0:6b:58:e3:
35:26:fb:5d:e1:15:85:d0:b7:e4:40:d6:47:42:65:
72:2a:e5:33:e9:53:57:c1:35:5c:6c:60:89:89:19:
b3:14:19:77:73:8c:f6:00:3e:5a:f7:92:4c:ca:ba:
95:d7:1d:f7:84:12:2a:f6:d7:54:31:04:9c:ea:60:
8b:36:03:64:de:e2:24:ce:91:63:10:c7:39:23:59:
41:fe:56:01:a3:f4:11:83:a1:b2:64:3c:85:d1:3b:
7a:a1:19:9c:e1:04:58:4f:0b:25:22:a1:10:37:7f:
2d:28:b7:ec:6c:26:f3:82:f2:50:b1:ad:97:57:9a:
b6:8b:f3:f7:a7:92:42:e9:91:1a:6f:4f:38:9c:8c:
16:9c:88:09:96:b9:3a:b7:95:f6:30:34:2a:05:2f:
1a:f8:fd:41:11:aa:69:76:75:40:b1:da:cb:9b:5d:
f0:c6:d5:60:07:d1:24:e9:34:78:0c:f2:c8:06:c8:
ec:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:09:20:04:25:48:DE:7B:E6:73:1F:F3:FE:9E:5C:F6:AE:3D:77:CA
X509v3 Authority Key Identifier:
keyid:8A:D7:62:9C:11:B6:80:20:D7:3D:9B:65:C5:4E:50:43:C3:41:41:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/itdinBG2gCDXPZtlxU5QQ8NBQZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ee97b4-feca-4d3d-82d3-1538e2a3ad22/1/oQkgBCVI3nvmcx_z_p5c9q49d8o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/ee97b4-feca-4d3d-82d3-1538e2a3ad22/1/itdinBG2gCDXPZtlxU5QQ8NBQZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.229.248.0/24
IPv6:
2a10:b680::/32
Signature Algorithm: sha256WithRSAEncryption
06:35:c0:38:f3:8e:dc:58:3c:74:fa:6e:4e:e9:10:4d:bf:81:
b0:3d:d7:21:b0:1c:52:d9:3e:54:4c:d0:69:f3:eb:85:08:ea:
15:7d:b9:a1:32:fa:77:69:2a:d3:f9:97:80:ff:71:d6:6e:2c:
4c:dc:63:b5:88:78:3f:76:08:25:74:99:e2:62:11:f8:ca:56:
b2:7f:a4:33:1e:54:d6:71:d2:12:76:95:09:33:43:74:ba:c0:
d7:19:54:7a:ad:05:35:e8:52:55:1a:73:32:1d:ae:cd:e5:48:
ff:11:0e:75:1a:3d:88:29:a0:6a:e1:93:8f:09:8b:78:2a:19:
e6:70:d9:67:54:4c:2a:d6:54:63:3d:52:73:31:3a:1b:18:8e:
5b:79:d6:78:1d:c7:dc:e3:b2:cb:ac:0d:de:b8:53:99:2c:d9:
4f:9c:b0:63:f4:67:f1:53:6c:d9:3d:8c:d3:a1:05:80:f3:ec:
5e:54:32:d8:fa:56:85:6b:4a:46:09:a0:7c:29:dc:21:aa:4d:
12:fd:18:ed:05:cc:e3:58:32:3f:cc:8a:f8:7b:96:45:55:6d:
75:ae:7b:65:90:9a:4b:a1:fd:3c:84:15:bb:1e:30:16:c4:64:
a9:39:3f:79:0c:31:fe:3d:2f:8d:7f:c4:d6:36:17:06:98:1e:
fa:3e:87:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzKKbN1zuhyOWdW+f2dBJQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhZDc2MjljMTFiNjgwMjBkNzNkOWI2NWM1NGU1MDQzYzM0
MTQxOTQwHhcNMjQwMTAyMTIzMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTA5MjAwNDI1NDhkZTdiZTY3MzFmZjNmZTllNWNmNmFlM2Q3N2NhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoYcRLvooOGwkDoBSXcfrYY0tfOt
0RPD+p4q8vI4wYyudRLlp1chl+nkJlennEUpaMPgKizddjcF5O9RW4drypZDxILJ
KqBrWOM1Jvtd4RWF0LfkQNZHQmVyKuUz6VNXwTVcbGCJiRmzFBl3c4z2AD5a95JM
yrqV1x33hBIq9tdUMQSc6mCLNgNk3uIkzpFjEMc5I1lB/lYBo/QRg6GyZDyF0Tt6
oRmc4QRYTwslIqEQN38tKLfsbCbzgvJQsa2XV5q2i/P3p5JC6ZEab084nIwWnIgJ
lrk6t5X2MDQqBS8a+P1BEappdnVAsdrLm13wxtVgB9Ek6TR4DPLIBsjs8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKEJIAQlSN575nMf8/6eXPauPXfKMB8GA1UdIwQY
MBaAFIrXYpwRtoAg1z2bZcVOUEPDQUGUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXRkaW5CRzJnQ0RYUFp0bHhVNVFROE5CUVpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9lZTk3YjQtZmVjYS00ZDNkLTgyZDMt
MTUzOGUyYTNhZDIyLzEvb1FrZ0JDVkkzbnZtY3hfel9wNWM5cTQ5ZDhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9lZTk3YjQtZmVjYS00ZDNkLTgyZDMtMTUzOGUyYTNhZDIy
LzEvaXRkaW5CRzJnQ0RYUFp0bHhVNVFROE5CUVpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAueX4MA0E
AgACMAcDBQAqELaAMA0GCSqGSIb3DQEBCwUAA4IBAQAGNcA4847cWDx0+m5O6RBN
v4GwPdchsBxS2T5UTNBp8+uFCOoVfbmhMvp3aSrT+ZeA/3HWbixM3GO1iHg/dggl
dJniYhH4ylayf6QzHlTWcdISdpUJM0N0usDXGVR6rQU16FJVGnMyHa7N5Uj/EQ51
Gj2IKaBq4ZOPCYt4KhnmcNlnVEwq1lRjPVJzMTobGI5bedZ4Hcfc47LLrA3euFOZ
LNlPnLBj9GfxU2zZPYzToQWA8+xeVDLY+laFa0pGCaB8Kdwhqk0S/RjtBczjWDI/
zIr4e5ZFVW11rntlkJpLof08hBW7HjAWxGSpOT95DDH+PS+Nf8TWNhcGmB76Pofu
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:17:57 2024 by rpki-client on console-ams.rpki-client.org