Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/omDC7K2uBd9H54js75O6KojcICI.roa
File: omDC7K2uBd9H54js75O6KojcICI.roa (raw, json)
Hash identifier: 8ndYCj1yiChBRZAuoYtt5eWSHrns3lUj9P/rI3N0ciI=
Subject key identifier: A2:60:C2:EC:AD:AE:05:DF:47:E7:88:EC:EF:93:BA:2A:88:DC:20:22
Certificate issuer: /CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Certificate serial: 018CC794B083630BB683AC06B09B821BCDDC
Authority key identifier: 60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/omDC7K2uBd9H54js75O6KojcICI.roa
Signing time: Tue 02 Jan 2024 00:30:59 +0000
ROA not before: Tue 02 Jan 2024 00:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199284
IP address blocks: 91.137.16.0/20 maxlen: 24
91.137.50.0/23 maxlen: 24
91.137.48.0/22 maxlen: 24
91.137.56.0/21 maxlen: 22
91.137.60.0/22 maxlen: 24
91.137.62.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 28 Jun 2024 20:47:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:b0:83:63:0b:b6:83:ac:06:b0:9b:82:1b:cd:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60ea8385a14fd9967978ae7f06ec4dd52229a44a
Validity
Not Before: Jan 2 00:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a260c2ecadae05df47e788ecef93ba2a88dc2022
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:11:b3:2d:c5:b9:8b:49:41:28:71:db:59:f7:
9b:61:a1:77:a0:6c:33:84:3a:fd:b8:ca:26:06:5b:
29:20:44:9e:b7:3f:52:c4:86:14:14:a7:19:3e:fb:
45:4d:14:7f:5c:63:05:0f:04:e1:23:2e:56:47:a2:
d9:ed:13:3b:2a:2b:26:2e:75:74:17:d8:3b:0e:47:
aa:99:05:c2:23:9e:34:0e:8f:6e:ae:41:c4:6b:1a:
6d:78:e8:ba:44:8d:33:fe:24:54:ad:ac:3b:91:49:
38:1a:9a:1c:23:30:77:20:4c:14:80:54:d3:79:a0:
d0:df:e3:bc:55:47:68:e0:c1:5b:fc:0b:50:83:8d:
7a:c2:31:9b:91:35:8c:df:1d:45:c3:22:97:b8:55:
4b:40:1e:1b:2d:36:74:cf:1d:39:bb:73:75:b5:fe:
15:c5:b1:fd:9f:ec:40:62:e5:01:68:12:7d:fe:aa:
46:e5:95:87:5c:49:97:58:b0:38:05:c0:24:bd:8f:
56:5e:55:30:8b:68:e0:91:02:9e:2d:b7:64:68:18:
32:73:fd:c1:b8:1c:6a:b2:69:c8:25:e6:9a:37:e5:
b3:ac:d7:6c:c9:1c:07:9f:de:d2:b6:29:21:f8:cb:
53:af:3e:77:d6:21:44:37:be:89:1b:81:2a:1c:52:
e7:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:60:C2:EC:AD:AE:05:DF:47:E7:88:EC:EF:93:BA:2A:88:DC:20:22
X509v3 Authority Key Identifier:
keyid:60:EA:83:85:A1:4F:D9:96:79:78:AE:7F:06:EC:4D:D5:22:29:A4:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/omDC7K2uBd9H54js75O6KojcICI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/0330fb-95d1-4302-bea1-f54577f7cc0f/1/YOqDhaFP2ZZ5eK5_BuxN1SIppEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.137.16.0/20
91.137.48.0/22
91.137.56.0/21
Signature Algorithm: sha256WithRSAEncryption
5d:67:a0:7c:ae:1b:f5:18:47:10:eb:14:65:fb:16:82:46:a0:
1f:92:b4:ae:07:46:f0:f7:2c:cf:e9:b8:3c:7f:d2:da:27:88:
2c:a2:52:d1:f7:99:04:3c:1e:73:00:70:e4:76:ad:e0:d8:e1:
ff:03:85:d6:c8:9b:5c:9c:02:00:06:b7:80:cd:42:b6:34:ff:
bb:ac:00:22:a0:29:ff:99:74:a5:4e:30:ae:41:4d:55:1a:53:
f9:49:97:06:94:b9:3d:21:7b:36:e0:80:b7:33:7a:da:d8:7c:
67:bc:15:bc:bc:d5:80:e1:5c:ef:3e:64:6f:02:bd:94:85:93:
fa:f6:8c:98:8c:22:e7:ef:b9:4b:a2:11:70:e3:90:89:29:0f:
37:a1:5f:e5:c3:18:98:5b:85:cf:75:33:45:a9:d6:e4:dc:ae:
31:07:88:4d:57:55:bb:c5:86:cb:34:27:52:1d:c2:c7:85:8f:
9a:1a:56:3a:be:1a:c2:7f:56:40:57:a4:a9:d7:4c:06:79:98:
5d:dd:97:88:18:2f:1d:19:06:7a:af:b2:df:5d:14:1d:bd:60:
cd:d3:2f:75:f1:df:36:7b:c6:bc:f3:c9:ce:02:a9:2b:d5:4d:
26:32:d7:a4:9a:22:d8:c6:13:19:c5:6e:41:7a:54:63:a7:05:
4b:3e:82:9f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlLCDYwu2g6wGsJuCG83cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwZWE4Mzg1YTE0ZmQ5OTY3OTc4YWU3ZjA2ZWM0ZGQ1MjIy
OWE0NGEwHhcNMjQwMTAyMDAzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjYwYzJlY2FkYWUwNWRmNDdlNzg4ZWNlZjkzYmEyYTg4ZGMyMDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhGzLcW5i0lBKHHbWfebYaF3oGwz
hDr9uMomBlspIESetz9SxIYUFKcZPvtFTRR/XGMFDwThIy5WR6LZ7RM7KismLnV0
F9g7DkeqmQXCI540Do9urkHEaxpteOi6RI0z/iRUraw7kUk4GpocIzB3IEwUgFTT
eaDQ3+O8VUdo4MFb/AtQg416wjGbkTWM3x1FwyKXuFVLQB4bLTZ0zx05u3N1tf4V
xbH9n+xAYuUBaBJ9/qpG5ZWHXEmXWLA4BcAkvY9WXlUwi2jgkQKeLbdkaBgyc/3B
uBxqsmnIJeaaN+WzrNdsyRwHn97Stikh+MtTrz531iFEN76JG4EqHFLngQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKJgwuytrgXfR+eI7O+TuiqI3CAiMB8GA1UdIwQY
MBaAFGDqg4WhT9mWeXiufwbsTdUiKaRKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWU9xRGhhRlAyWlo1ZUs1X0J1eE4xU0lwcEVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8wMzMwZmItOTVkMS00MzAyLWJlYTEt
ZjU0NTc3ZjdjYzBmLzEvb21EQzdLMnVCZDlINTRqczc1TzZLb2pjSUNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8wMzMwZmItOTVkMS00MzAyLWJlYTEtZjU0NTc3ZjdjYzBm
LzEvWU9xRGhhRlAyWlo1ZUs1X0J1eE4xU0lwcEVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEW4kQAwQC
W4kwAwQDW4k4MA0GCSqGSIb3DQEBCwUAA4IBAQBdZ6B8rhv1GEcQ6xRl+xaCRqAf
krSuB0bw9yzP6bg8f9LaJ4gsolLR95kEPB5zAHDkdq3g2OH/A4XWyJtcnAIABreA
zUK2NP+7rAAioCn/mXSlTjCuQU1VGlP5SZcGlLk9IXs24IC3M3ra2HxnvBW8vNWA
4VzvPmRvAr2UhZP69oyYjCLn77lLohFw45CJKQ83oV/lwxiYW4XPdTNFqdbk3K4x
B4hNV1W7xYbLNCdSHcLHhY+aGlY6vhrCf1ZAV6Sp10wGeZhd3ZeIGC8dGQZ6r7Lf
XRQdvWDN0y918d82e8a888nOAqkr1U0mMtekmiLYxhMZxW5BelRjpwVLPoKf
-----END CERTIFICATE-----
Generated at Fri Jun 28 05:05:41 2024 by rpki-client on console-fra.rpki-client.org