Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/ce1677-d927-44c6-a909-3b2b51a5e3da/1/oiM1IgrYDgTti_QMigSX_OuM4L8.roa
File: oiM1IgrYDgTti_QMigSX_OuM4L8.roa (raw, json)
Hash identifier: j20H5STQa60YP6Gw6o0EUQhhcIx+2VEjgyPJtfJNcZo=
Subject key identifier: A2:23:35:22:0A:D8:0E:04:ED:8B:F4:0C:8A:04:97:FC:EB:8C:E0:BF
Certificate issuer: /CN=08bf59899b7aca30a3c7d5db93b212d98709c89b
Certificate serial: 018CC2DAC67AE37C5D07D9668A0C6830683C
Authority key identifier: 08:BF:59:89:9B:7A:CA:30:A3:C7:D5:DB:93:B2:12:D9:87:09:C8:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CL9ZiZt6yjCjx9Xbk7IS2YcJyJs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/ce1677-d927-44c6-a909-3b2b51a5e3da/1/oiM1IgrYDgTti_QMigSX_OuM4L8.roa
Signing time: Mon 01 Jan 2024 02:29:26 +0000
ROA not before: Mon 01 Jan 2024 02:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58308
IP address blocks: 91.109.120.0/21 maxlen: 21
185.144.152.0/22 maxlen: 22
2a01:66c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/ce1677-d927-44c6-a909-3b2b51a5e3da/1/CL9ZiZt6yjCjx9Xbk7IS2YcJyJs.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/ce1677-d927-44c6-a909-3b2b51a5e3da/1/CL9ZiZt6yjCjx9Xbk7IS2YcJyJs.mft
rsync://rpki.ripe.net/repository/DEFAULT/CL9ZiZt6yjCjx9Xbk7IS2YcJyJs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c6:7a:e3:7c:5d:07:d9:66:8a:0c:68:30:68:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08bf59899b7aca30a3c7d5db93b212d98709c89b
Validity
Not Before: Jan 1 02:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a22335220ad80e04ed8bf40c8a0497fceb8ce0bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:69:73:1d:93:da:cc:9a:ef:a1:5c:5a:3f:ca:
cf:a7:7b:93:0f:90:47:a0:a9:b8:54:8f:08:52:b5:
a4:67:13:68:2b:9c:9c:f0:ca:51:30:ec:74:b2:fa:
e9:c6:56:64:5d:09:9a:d9:2c:c0:36:e4:55:12:ba:
b3:19:93:fd:35:36:35:7b:9f:a7:5a:03:30:e9:44:
1a:b3:1f:7b:d0:5b:9c:4f:be:c4:ee:fd:b2:b3:57:
33:bc:a0:b5:02:68:de:f7:1e:60:73:af:4e:c4:da:
15:70:55:cf:3c:e7:bf:ca:ac:95:5c:19:ac:64:a8:
62:19:f7:6a:20:ee:2b:85:8a:3a:8f:97:88:d5:26:
fc:5f:99:5e:65:5d:c1:7f:f6:21:ce:a1:44:d6:9d:
b3:29:2b:c7:e3:4c:d8:76:36:f2:b4:ff:f2:49:65:
27:8d:66:6a:f3:f7:93:5c:be:89:11:cb:96:1b:40:
00:94:15:6e:49:9b:45:fd:a7:da:8e:a6:cf:23:34:
0d:bf:bc:00:ce:a0:14:01:59:ac:c4:19:17:8a:3f:
08:c5:dd:ef:51:9f:ab:b4:aa:c1:d7:fb:e3:93:42:
52:c4:ca:3e:3c:57:21:4d:85:58:5b:07:89:0f:63:
bd:9d:68:bd:4c:5c:dc:10:3f:8d:b9:80:bc:ac:90:
84:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:23:35:22:0A:D8:0E:04:ED:8B:F4:0C:8A:04:97:FC:EB:8C:E0:BF
X509v3 Authority Key Identifier:
keyid:08:BF:59:89:9B:7A:CA:30:A3:C7:D5:DB:93:B2:12:D9:87:09:C8:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CL9ZiZt6yjCjx9Xbk7IS2YcJyJs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ce1677-d927-44c6-a909-3b2b51a5e3da/1/oiM1IgrYDgTti_QMigSX_OuM4L8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/ce1677-d927-44c6-a909-3b2b51a5e3da/1/CL9ZiZt6yjCjx9Xbk7IS2YcJyJs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.109.120.0/21
185.144.152.0/22
IPv6:
2a01:66c0::/32
Signature Algorithm: sha256WithRSAEncryption
68:84:0d:1f:c6:2c:42:45:cf:e1:08:9f:05:33:3a:96:fd:7b:
9d:12:5b:21:81:1b:25:5f:ad:5f:06:27:75:b4:77:6e:11:cb:
84:99:5b:45:5a:de:6e:09:9e:7a:b4:80:90:07:99:9a:9f:ca:
f3:3c:8e:9e:29:a3:1b:88:3a:df:a6:cc:d2:ce:c5:27:98:2d:
d0:00:fa:e2:d5:32:6f:13:0f:53:b1:8e:19:91:fa:de:ff:2e:
7e:2e:32:62:6f:c4:2a:86:39:33:fb:04:75:2d:45:57:51:67:
91:5b:74:a6:5d:53:9c:13:ab:79:85:d9:aa:68:c2:9b:0f:7d:
59:03:19:0a:64:f2:77:e6:4b:ed:eb:99:79:ac:2e:bf:87:f5:
5f:ff:dd:b0:fd:5f:fa:e6:7b:f3:40:3e:9a:be:34:6b:e9:b7:
0e:23:b9:43:e0:64:61:4b:c2:37:94:08:5e:a5:c8:ce:88:59:
a7:b7:58:53:03:53:61:9b:e8:35:aa:d9:69:db:2f:04:ac:53:
6f:5a:d0:94:76:73:da:a1:8c:5a:4b:0c:38:1b:f3:8d:cd:45:
78:4e:ce:4f:c8:a0:1e:9a:95:8a:d3:27:e4:e5:4d:81:78:dd:
b8:4d:73:47:70:55:ac:0a:88:d5:d4:87:86:7c:2c:ca:b8:89:
00:2a:9d:27
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzC2sZ643xdB9lmigxoMGg8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YmY1OTg5OWI3YWNhMzBhM2M3ZDVkYjkzYjIxMmQ5ODcw
OWM4OWIwHhcNMjQwMTAxMDIyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjIzMzUyMjBhZDgwZTA0ZWQ4YmY0MGM4YTA0OTdmY2ViOGNlMGJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgmlzHZPazJrvoVxaP8rPp3uTD5BH
oKm4VI8IUrWkZxNoK5yc8MpRMOx0svrpxlZkXQma2SzANuRVErqzGZP9NTY1e5+n
WgMw6UQasx970FucT77E7v2ys1czvKC1Amje9x5gc69OxNoVcFXPPOe/yqyVXBms
ZKhiGfdqIO4rhYo6j5eI1Sb8X5leZV3Bf/YhzqFE1p2zKSvH40zYdjbytP/ySWUn
jWZq8/eTXL6JEcuWG0AAlBVuSZtF/afajqbPIzQNv7wAzqAUAVmsxBkXij8Ixd3v
UZ+rtKrB1/vjk0JSxMo+PFchTYVYWweJD2O9nWi9TFzcED+NuYC8rJCE0wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKIjNSIK2A4E7Yv0DIoEl/zrjOC/MB8GA1UdIwQY
MBaAFAi/WYmbesowo8fV25OyEtmHCcibMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0w5WmladDZ5akNqeDlYYms3SVMyWWNKeUpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9jZTE2NzctZDkyNy00NGM2LWE5MDkt
M2IyYjUxYTVlM2RhLzEvb2lNMUlncllEZ1R0aV9RTWlnU1hfT3VNNEw4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9jZTE2NzctZDkyNy00NGM2LWE5MDktM2IyYjUxYTVlM2Rh
LzEvQ0w5WmladDZ5akNqeDlYYms3SVMyWWNKeUpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDW214AwQC
uZCYMA0EAgACMAcDBQAqAWbAMA0GCSqGSIb3DQEBCwUAA4IBAQBohA0fxixCRc/h
CJ8FMzqW/XudElshgRslX61fBid1tHduEcuEmVtFWt5uCZ56tICQB5man8rzPI6e
KaMbiDrfpszSzsUnmC3QAPri1TJvEw9TsY4Zkfre/y5+LjJib8Qqhjkz+wR1LUVX
UWeRW3SmXVOcE6t5hdmqaMKbD31ZAxkKZPJ35kvt65l5rC6/h/Vf/92w/V/65nvz
QD6avjRr6bcOI7lD4GRhS8I3lAhepcjOiFmnt1hTA1Nhm+g1qtlp2y8ErFNvWtCU
dnPaoYxaSww4G/ONzUV4Ts5PyKAempWK0yfk5U2BeN24TXNHcFWsCojV1IeGfCzK
uIkAKp0n
-----END CERTIFICATE-----
Generated at Sun May 19 23:10:23 2024 by rpki-client on console-ams.rpki-client.org