Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/oTihBis1T28y7TN0nSUBVLYqT_o.roa
File: oTihBis1T28y7TN0nSUBVLYqT_o.roa (raw, json)
Hash identifier: Jnp2iM4gIvUcoNXCdSOUD/DPh9eKEm2lZitJPELzSDM=
Subject key identifier: A1:38:A1:06:2B:35:4F:6F:32:ED:33:74:9D:25:01:54:B6:2A:4F:FA
Certificate issuer: /CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Certificate serial: 018CCA28635D70F279FB245FED9F680FE297
Authority key identifier: 70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/oTihBis1T28y7TN0nSUBVLYqT_o.roa
Signing time: Tue 02 Jan 2024 12:31:33 +0000
ROA not before: Tue 02 Jan 2024 12:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30768
IP address blocks: 193.19.82.0/23 maxlen: 24
194.165.0.0/23 maxlen: 24
194.165.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/cJ626qpJ3WtIPgSxQ05NrHntnTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/cJ626qpJ3WtIPgSxQ05NrHntnTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:63:5d:70:f2:79:fb:24:5f:ed:9f:68:0f:e2:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=709eb6eaaa49dd6b483e04b1434e4dac79ed9d31
Validity
Not Before: Jan 2 12:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a138a1062b354f6f32ed33749d250154b62a4ffa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b0:07:72:ee:24:c6:a2:42:29:5b:96:50:82:
14:9e:a5:ae:a8:4c:df:3f:43:ec:7e:7d:3a:5d:6b:
b0:51:15:7a:87:2a:b6:2e:17:3c:4d:59:b3:94:be:
03:ac:3c:ca:61:48:42:03:0a:1d:c0:14:22:39:f4:
d3:6b:17:e9:e8:74:c9:9c:6a:05:d3:34:3a:a2:5a:
02:44:4d:65:62:1d:2c:12:d1:e9:a4:51:17:f5:61:
c0:d5:9e:c9:33:50:16:44:fe:ba:6d:cd:0b:51:ca:
18:84:70:a5:ff:48:da:08:21:7e:e2:ed:ef:9d:5d:
e6:8c:4d:ed:b3:40:f3:1b:c2:0c:eb:34:df:d1:b3:
89:3e:23:91:22:8a:ea:01:35:ba:3a:9f:00:4e:be:
26:41:8c:37:1a:20:c1:8e:cf:dd:7a:29:c0:77:b1:
d5:2d:af:2b:83:59:e3:3f:ad:4a:eb:74:37:ee:2a:
82:43:1c:09:b6:55:04:49:9c:1e:d9:3a:3c:7f:fc:
65:c0:14:08:5f:e0:91:f0:49:16:6c:44:c7:63:cb:
14:e0:18:00:ab:bf:52:99:24:e9:e4:cb:5a:3d:4d:
a6:14:5b:17:d2:91:ff:2b:b3:b4:14:de:90:40:a4:
37:d7:da:dc:02:e4:57:c0:22:70:88:bb:ed:45:18:
71:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:38:A1:06:2B:35:4F:6F:32:ED:33:74:9D:25:01:54:B6:2A:4F:FA
X509v3 Authority Key Identifier:
keyid:70:9E:B6:EA:AA:49:DD:6B:48:3E:04:B1:43:4E:4D:AC:79:ED:9D:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJ626qpJ3WtIPgSxQ05NrHntnTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/oTihBis1T28y7TN0nSUBVLYqT_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/4bebe7-3f8e-4949-8980-9f6fa0e1a5a5/1/cJ626qpJ3WtIPgSxQ05NrHntnTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.82.0/23
194.165.0.0/23
Signature Algorithm: sha256WithRSAEncryption
62:89:6b:a5:9a:69:be:8e:44:aa:bb:da:ea:a9:12:4e:15:1e:
69:d2:9a:a1:c2:c0:07:9e:d1:83:68:8d:56:86:5a:fd:8f:f5:
b1:e8:87:f6:d0:1e:03:71:36:af:ec:76:c5:ec:0e:0a:b4:19:
53:4f:df:fc:67:f8:bf:2c:ff:08:1c:fb:01:1c:42:35:2d:0b:
5b:e4:40:a2:9d:10:aa:55:b4:97:ac:14:51:aa:d4:02:b9:8b:
b8:bb:d3:c4:98:23:a3:3d:7f:3f:f1:78:8d:2c:d5:fd:3a:f9:
d1:40:cc:59:af:cb:12:0a:c1:7e:ba:6a:9b:11:80:87:4a:2b:
fc:87:1a:d8:fc:b3:fa:37:39:2a:0d:e0:06:9e:92:ae:23:2f:
97:f9:ea:ed:ea:b9:8b:0b:0d:31:d5:e3:f6:0e:fa:a3:07:c9:
3d:04:5e:71:c4:45:d3:87:7d:ee:8f:3f:76:e3:96:ba:78:45:
0c:41:f9:62:a5:8d:2d:b8:e7:97:ab:3b:24:2a:d2:d0:b6:65:
f9:20:7a:7a:b5:69:3e:91:c4:d2:52:6c:d6:7a:b0:20:f9:f5:
1f:bb:b0:cc:3d:2a:6a:a5:1e:90:e9:3b:3f:0f:73:7b:cc:ef:
66:96:15:b3:89:e7:a7:a8:de:e7:e4:ad:b8:f5:d2:27:03:2e:
45:f6:73:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKGNdcPJ5+yRf7Z9oD+KXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOWViNmVhYWE0OWRkNmI0ODNlMDRiMTQzNGU0ZGFjNzll
ZDlkMzEwHhcNMjQwMTAyMTIzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTM4YTEwNjJiMzU0ZjZmMzJlZDMzNzQ5ZDI1MDE1NGI2MmE0ZmZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bAHcu4kxqJCKVuWUIIUnqWuqEzf
P0Psfn06XWuwURV6hyq2Lhc8TVmzlL4DrDzKYUhCAwodwBQiOfTTaxfp6HTJnGoF
0zQ6oloCRE1lYh0sEtHppFEX9WHA1Z7JM1AWRP66bc0LUcoYhHCl/0jaCCF+4u3v
nV3mjE3ts0DzG8IM6zTf0bOJPiORIorqATW6Op8ATr4mQYw3GiDBjs/deinAd7HV
La8rg1njP61K63Q37iqCQxwJtlUESZwe2To8f/xlwBQIX+CR8EkWbETHY8sU4BgA
q79SmSTp5MtaPU2mFFsX0pH/K7O0FN6QQKQ319rcAuRXwCJwiLvtRRhxEQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKE4oQYrNU9vMu0zdJ0lAVS2Kk/6MB8GA1UdIwQY
MBaAFHCetuqqSd1rSD4EsUNOTax57Z0xMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAt
OWY2ZmEwZTFhNWE1LzEvb1RpaEJpczFUMjh5N1ROMG5TVUJWTFlxVF9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy80YmViZTctM2Y4ZS00OTQ5LTg5ODAtOWY2ZmEwZTFhNWE1
LzEvY0o2MjZxcEozV3RJUGdTeFEwNU5ySG50blRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwRNSAwQB
wqUAMA0GCSqGSIb3DQEBCwUAA4IBAQBiiWulmmm+jkSqu9rqqRJOFR5p0pqhwsAH
ntGDaI1Whlr9j/Wx6If20B4DcTav7HbF7A4KtBlTT9/8Z/i/LP8IHPsBHEI1LQtb
5ECinRCqVbSXrBRRqtQCuYu4u9PEmCOjPX8/8XiNLNX9OvnRQMxZr8sSCsF+umqb
EYCHSiv8hxrY/LP6NzkqDeAGnpKuIy+X+ert6rmLCw0x1eP2DvqjB8k9BF5xxEXT
h33ujz9245a6eEUMQflipY0tuOeXqzskKtLQtmX5IHp6tWk+kcTSUmzWerAg+fUf
u7DMPSpqpR6Q6Ts/D3N7zO9mlhWzieenqN7n5K249dInAy5F9nNU
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:38:39 2024 by rpki-client on console-fra.rpki-client.org