Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/ohITddIqQJ2UnMdoqcq6H9rFY1M.roa
File: ohITddIqQJ2UnMdoqcq6H9rFY1M.roa (raw, json)
Hash identifier: tkmucaYMD9po26tZKYbnEdZdE0fdnV2ludNYd/PBHHE=
Subject key identifier: A2:12:13:75:D2:2A:40:9D:94:9C:C7:68:A9:CA:BA:1F:DA:C5:63:53
Certificate issuer: /CN=3ce7566bb5b19e700f48e25e07506c2f222df384
Certificate serial: 018CC6B93857F58210E47FE0ABDE73C714B6
Authority key identifier: 3C:E7:56:6B:B5:B1:9E:70:0F:48:E2:5E:07:50:6C:2F:22:2D:F3:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/POdWa7WxnnAPSOJeB1BsLyIt84Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/ohITddIqQJ2UnMdoqcq6H9rFY1M.roa
Signing time: Mon 01 Jan 2024 20:31:16 +0000
ROA not before: Mon 01 Jan 2024 20:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43019
IP address blocks: 95.214.212.0/24 maxlen: 24
95.214.213.0/24 maxlen: 24
95.214.215.0/24 maxlen: 24
95.214.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/POdWa7WxnnAPSOJeB1BsLyIt84Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/POdWa7WxnnAPSOJeB1BsLyIt84Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/POdWa7WxnnAPSOJeB1BsLyIt84Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:38:57:f5:82:10:e4:7f:e0:ab:de:73:c7:14:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ce7566bb5b19e700f48e25e07506c2f222df384
Validity
Not Before: Jan 1 20:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2121375d22a409d949cc768a9caba1fdac56353
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:61:f0:d2:72:0e:19:24:df:33:ad:b3:cb:49:
27:20:73:ea:ce:d1:5e:2f:6d:6f:2a:a9:fa:18:b0:
19:6d:d9:ad:f2:23:fc:17:f5:39:44:47:40:d3:fc:
76:f3:94:fd:13:d0:66:5f:1d:db:60:7d:fc:18:82:
e0:98:f0:e1:5b:e5:18:8f:62:2e:7b:7f:49:e9:13:
18:1f:14:61:a2:d2:c9:90:38:19:4a:23:bb:bf:fc:
c3:37:4a:b6:15:ff:f8:ad:b7:d4:53:04:26:82:b7:
ae:a0:bb:06:85:27:f4:38:1b:42:5f:50:bf:4d:6c:
cd:b0:9f:c2:4a:0d:df:58:0c:5a:9c:29:5d:55:e0:
71:6e:49:c0:7c:b6:2f:cd:db:cf:a1:7a:3a:fa:81:
bb:37:99:f8:cc:b5:29:bb:38:25:ee:88:5b:2b:5a:
0b:05:cd:3c:5b:fc:6e:b5:e1:1b:63:6c:66:8d:37:
2a:e3:b2:4a:22:be:3b:30:57:59:f2:c3:54:33:fd:
66:7e:b2:31:c2:f9:fb:31:68:85:be:f9:86:80:1f:
bb:77:93:09:d0:a7:3c:2a:70:6f:c2:dc:68:24:6e:
50:bd:c4:a1:bb:4e:b3:9e:84:9b:be:c8:2c:a2:8f:
6f:df:8c:fc:91:b6:0b:78:cc:75:13:61:4f:09:8c:
3d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:12:13:75:D2:2A:40:9D:94:9C:C7:68:A9:CA:BA:1F:DA:C5:63:53
X509v3 Authority Key Identifier:
keyid:3C:E7:56:6B:B5:B1:9E:70:0F:48:E2:5E:07:50:6C:2F:22:2D:F3:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/POdWa7WxnnAPSOJeB1BsLyIt84Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/ohITddIqQJ2UnMdoqcq6H9rFY1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/86ff77-9772-4b28-aa12-89ff06f79635/1/POdWa7WxnnAPSOJeB1BsLyIt84Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.214.212.0/22
Signature Algorithm: sha256WithRSAEncryption
39:fa:a7:a9:8a:ab:4d:0c:ae:3e:88:91:7a:fe:ca:d5:f3:75:
c4:08:cb:25:c3:5e:ef:8c:82:b6:dc:fb:9e:af:a2:28:fb:3d:
97:97:da:3b:6e:ae:b5:c4:8c:d1:a0:f9:f3:be:b6:7b:d3:15:
da:de:19:6a:be:87:6e:87:38:b2:59:a3:17:13:00:c9:e3:a5:
cd:5d:fc:70:28:9c:cc:63:5d:bb:0c:7f:17:e8:a9:25:07:8e:
95:41:f8:89:cf:9d:f3:fa:82:38:48:a5:7c:d1:9c:7c:3a:a4:
7d:fb:83:96:29:b2:b9:7a:d5:64:7a:bb:0e:6f:49:c9:dd:44:
ef:d9:e8:99:39:8f:0c:27:f4:61:54:bb:ec:2f:67:1c:d6:fe:
d5:e1:9f:ab:e5:1a:3d:8e:c4:38:7b:12:68:2d:0f:9b:0d:6a:
90:11:f4:05:48:11:2a:f1:04:3a:e8:e3:17:92:70:49:33:5a:
b1:4e:15:06:d7:12:25:ac:0a:fd:09:fb:0c:45:2b:56:63:ea:
94:9d:73:67:f9:c0:f7:70:d0:6e:d1:99:48:8f:21:f7:fc:a5:
f8:48:a2:17:2d:fb:cc:13:46:05:9b:1b:b6:18:df:fa:d6:e4:
9c:bf:44:ce:15:8c:3c:c0:75:3c:62:38:59:92:7b:85:87:38:
25:7b:ad:23
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuThX9YIQ5H/gq95zxxS2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNjZTc1NjZiYjViMTllNzAwZjQ4ZTI1ZTA3NTA2YzJmMjIy
ZGYzODQwHhcNMjQwMTAxMjAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjEyMTM3NWQyMmE0MDlkOTQ5Y2M3NjhhOWNhYmExZmRhYzU2MzUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4GHw0nIOGSTfM62zy0knIHPqztFe
L21vKqn6GLAZbdmt8iP8F/U5REdA0/x285T9E9BmXx3bYH38GILgmPDhW+UYj2Iu
e39J6RMYHxRhotLJkDgZSiO7v/zDN0q2Ff/4rbfUUwQmgreuoLsGhSf0OBtCX1C/
TWzNsJ/CSg3fWAxanCldVeBxbknAfLYvzdvPoXo6+oG7N5n4zLUpuzgl7ohbK1oL
Bc08W/xuteEbY2xmjTcq47JKIr47MFdZ8sNUM/1mfrIxwvn7MWiFvvmGgB+7d5MJ
0Kc8KnBvwtxoJG5QvcShu06znoSbvsgsoo9v34z8kbYLeMx1E2FPCYw90QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKISE3XSKkCdlJzHaKnKuh/axWNTMB8GA1UdIwQY
MBaAFDznVmu1sZ5wD0jiXgdQbC8iLfOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUE9kV2E3V3hubkFQU09KZUIxQnNMeUl0ODRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC84NmZmNzctOTc3Mi00YjI4LWFhMTIt
ODlmZjA2Zjc5NjM1LzEvb2hJVGRkSXFRSjJVbk1kb3FjcTZIOXJGWTFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC84NmZmNzctOTc3Mi00YjI4LWFhMTItODlmZjA2Zjc5NjM1
LzEvUE9kV2E3V3hubkFQU09KZUIxQnNMeUl0ODRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCX9bUMA0G
CSqGSIb3DQEBCwUAA4IBAQA5+qepiqtNDK4+iJF6/srV83XECMslw17vjIK23Pue
r6Io+z2Xl9o7bq61xIzRoPnzvrZ70xXa3hlqvoduhziyWaMXEwDJ46XNXfxwKJzM
Y127DH8X6KklB46VQfiJz53z+oI4SKV80Zx8OqR9+4OWKbK5etVkersOb0nJ3UTv
2eiZOY8MJ/RhVLvsL2cc1v7V4Z+r5Ro9jsQ4exJoLQ+bDWqQEfQFSBEq8QQ66OMX
knBJM1qxThUG1xIlrAr9CfsMRStWY+qUnXNn+cD3cNBu0ZlIjyH3/KX4SKIXLfvM
E0YFmxu2GN/61uScv0TOFYw8wHU8YjhZknuFhzgle60j
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:11:13 2024 by rpki-client on console-ams.rpki-client.org