Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/OObYj1MtfaUxU3Kx1PSrToHfdOs.roa
File: OObYj1MtfaUxU3Kx1PSrToHfdOs.roa (raw, json)
Hash identifier: xc1o0NnB8rfuCRz3Pu2CSMvYQuuHgNHu+pfsV0k5a5g=
Subject key identifier: 38:E6:D8:8F:53:2D:7D:A5:31:53:72:B1:D4:F4:AB:4E:81:DF:74:EB
Certificate issuer: /CN=521aa024758d8d104e1179c55039816636afe298
Certificate serial: 018CC64AFADAEE37A1C5FA5C11CF1D14B383
Authority key identifier: 52:1A:A0:24:75:8D:8D:10:4E:11:79:C5:50:39:81:66:36:AF:E2:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UhqgJHWNjRBOEXnFUDmBZjav4pg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/OObYj1MtfaUxU3Kx1PSrToHfdOs.roa
Signing time: Mon 01 Jan 2024 18:30:51 +0000
ROA not before: Mon 01 Jan 2024 18:30:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20626
IP address blocks: 185.75.40.0/22 maxlen: 22
83.216.96.0/19 maxlen: 19
62.168.128.0/19 maxlen: 19
2001:b58::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/UhqgJHWNjRBOEXnFUDmBZjav4pg.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/UhqgJHWNjRBOEXnFUDmBZjav4pg.mft
rsync://rpki.ripe.net/repository/DEFAULT/UhqgJHWNjRBOEXnFUDmBZjav4pg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:fa:da:ee:37:a1:c5:fa:5c:11:cf:1d:14:b3:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=521aa024758d8d104e1179c55039816636afe298
Validity
Not Before: Jan 1 18:30:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38e6d88f532d7da5315372b1d4f4ab4e81df74eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:2d:4f:03:50:a6:33:e6:fb:53:00:1d:1e:c8:
04:c2:67:85:ed:4b:f5:80:7b:d6:85:6e:82:a0:92:
dd:cb:2a:82:3f:71:45:f7:42:0f:ae:af:70:e6:44:
dd:c3:20:7a:8e:ae:c0:10:32:66:cb:e7:65:1c:c7:
12:ba:37:09:a6:71:e7:ac:50:6c:19:74:0e:89:1e:
3f:fc:66:2c:2b:30:a0:ef:3a:84:2b:80:42:f2:e4:
69:f2:fe:e7:4e:92:c4:f8:be:7c:25:42:4d:1e:37:
21:eb:f1:9f:e7:b3:ba:1b:60:79:75:7e:87:83:27:
2d:0e:c9:ea:60:b7:92:66:51:49:c1:12:45:85:78:
c6:29:5d:49:2f:26:67:09:e0:bc:ab:56:20:df:8e:
f4:d9:98:6d:7c:95:ac:89:55:21:78:fd:78:b7:65:
fc:c7:25:2b:98:5e:8a:d7:6d:2c:c5:c6:92:c3:52:
0a:65:58:a5:a3:c6:07:69:50:e4:0b:92:ba:69:61:
2b:d3:ce:a2:1d:e5:6e:f8:3e:23:6b:e4:a1:34:0e:
16:1d:26:92:eb:30:ce:1c:71:c6:81:b7:10:a4:0d:
54:8f:a2:3b:70:40:93:65:8f:ea:0a:c2:fc:d0:c5:
72:41:94:38:2c:05:12:aa:4f:49:2d:3e:32:97:f1:
57:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E6:D8:8F:53:2D:7D:A5:31:53:72:B1:D4:F4:AB:4E:81:DF:74:EB
X509v3 Authority Key Identifier:
keyid:52:1A:A0:24:75:8D:8D:10:4E:11:79:C5:50:39:81:66:36:AF:E2:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UhqgJHWNjRBOEXnFUDmBZjav4pg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/OObYj1MtfaUxU3Kx1PSrToHfdOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/03f9ee-53e3-4f69-b8b0-c138e5c27c2b/1/UhqgJHWNjRBOEXnFUDmBZjav4pg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.168.128.0/19
83.216.96.0/19
185.75.40.0/22
IPv6:
2001:b58::/29
Signature Algorithm: sha256WithRSAEncryption
48:2a:48:1e:0d:ce:38:64:43:0a:57:d9:10:04:18:49:0c:9b:
e5:cc:31:e3:97:2a:4c:65:98:df:08:d1:37:18:d9:33:36:a9:
06:4b:85:37:2e:1a:f6:53:00:46:15:4d:91:96:1a:08:4a:b6:
bf:9e:ce:73:c6:ea:88:8a:ec:ca:ea:14:a0:bd:df:cb:bf:94:
5a:1d:79:d6:7e:92:64:50:c8:74:dc:f1:91:88:ff:fd:8b:70:
a2:b9:78:d4:9c:8e:79:8b:69:06:cf:87:13:60:a4:12:16:f6:
b7:2e:6c:01:95:5e:98:cc:b6:4e:86:e3:b8:b1:e5:cd:36:25:
fd:ab:40:e4:f9:18:59:8a:68:69:4b:28:94:2c:92:01:bb:3e:
68:12:3f:ef:80:c0:bd:51:bd:6f:d3:fd:f3:fe:55:af:22:34:
87:0e:8d:97:ba:ab:30:96:94:34:61:a6:9a:0f:3f:ad:c4:97:
36:e0:69:ed:8f:57:96:4c:94:84:f7:aa:11:75:29:c1:6d:f1:
66:ce:85:d4:0e:c0:0a:39:40:b0:03:a3:66:49:3f:cc:76:ec:
66:4a:06:45:9f:18:d8:ab:7e:c0:d4:aa:8d:83:b7:52:da:fb:
e6:42:f2:fc:af:6d:d8:a9:06:3a:7c:f6:5b:2d:16:6a:16:3e:
c0:e4:0c:9a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGSvra7jehxfpcEc8dFLODMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyMWFhMDI0NzU4ZDhkMTA0ZTExNzljNTUwMzk4MTY2MzZh
ZmUyOTgwHhcNMjQwMTAxMTgzMDUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGU2ZDg4ZjUzMmQ3ZGE1MzE1MzcyYjFkNGY0YWI0ZTgxZGY3NGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqS1PA1CmM+b7UwAdHsgEwmeF7Uv1
gHvWhW6CoJLdyyqCP3FF90IPrq9w5kTdwyB6jq7AEDJmy+dlHMcSujcJpnHnrFBs
GXQOiR4//GYsKzCg7zqEK4BC8uRp8v7nTpLE+L58JUJNHjch6/Gf57O6G2B5dX6H
gyctDsnqYLeSZlFJwRJFhXjGKV1JLyZnCeC8q1Yg34702ZhtfJWsiVUheP14t2X8
xyUrmF6K120sxcaSw1IKZVilo8YHaVDkC5K6aWEr086iHeVu+D4ja+ShNA4WHSaS
6zDOHHHGgbcQpA1Uj6I7cECTZY/qCsL80MVyQZQ4LAUSqk9JLT4yl/FX+QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDjm2I9TLX2lMVNysdT0q06B33TrMB8GA1UdIwQY
MBaAFFIaoCR1jY0QThF5xVA5gWY2r+KYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWhxZ0pIV05qUkJPRVhuRlVEbUJaamF2NHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wM2Y5ZWUtNTNlMy00ZjY5LWI4YjAt
YzEzOGU1YzI3YzJiLzEvT09iWWoxTXRmYVV4VTNLeDFQU3JUb0hmZE9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wM2Y5ZWUtNTNlMy00ZjY5LWI4YjAtYzEzOGU1YzI3YzJi
LzEvVWhxZ0pIV05qUkJPRVhuRlVEbUJaamF2NHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFPqiAAwQF
U9hgAwQCuUsoMA0EAgACMAcDBQMgAQtYMA0GCSqGSIb3DQEBCwUAA4IBAQBIKkge
Dc44ZEMKV9kQBBhJDJvlzDHjlypMZZjfCNE3GNkzNqkGS4U3Lhr2UwBGFU2RlhoI
Sra/ns5zxuqIiuzK6hSgvd/Lv5RaHXnWfpJkUMh03PGRiP/9i3CiuXjUnI55i2kG
z4cTYKQSFva3LmwBlV6YzLZOhuO4seXNNiX9q0Dk+RhZimhpSyiULJIBuz5oEj/v
gMC9Ub1v0/3z/lWvIjSHDo2XuqswlpQ0YaaaDz+txJc24Gntj1eWTJSE96oRdSnB
bfFmzoXUDsAKOUCwA6NmST/MduxmSgZFnxjYq37A1KqNg7dS2vvmQvL8r23YqQY6
fPZbLRZqFj7A5Aya
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:14:45 2024 by rpki-client on console-fra.rpki-client.org