Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/oEHvyzSUbUGmupnZmtDrFiFK6ls.roa
File: oEHvyzSUbUGmupnZmtDrFiFK6ls.roa (raw, json)
Hash identifier: W3ctRKyxnsXXB1xBElNzqyjhF0CX66T+SfYNVly9Irg=
Subject key identifier: A0:41:EF:CB:34:94:6D:41:A6:BA:99:D9:9A:D0:EB:16:21:4A:EA:5B
Certificate issuer: /CN=c0747fbe26c9cdd7628adfedb57b78be8de75e29
Certificate serial: 018CC8DE7E2C061F4D21771A2FD1C8269CDA
Authority key identifier: C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/oEHvyzSUbUGmupnZmtDrFiFK6ls.roa
Signing time: Tue 02 Jan 2024 06:31:13 +0000
ROA not before: Tue 02 Jan 2024 06:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 36411
IP address blocks: 2a00:79e1:824::/48 maxlen: 48
2a00:79e1:826::/48 maxlen: 48
2a00:79e1:841::/48 maxlen: 48
2a00:79e1:821::/48 maxlen: 48
2a00:79e1:823::/48 maxlen: 48
2a00:79e1:840::/48 maxlen: 48
2a00:79e1:820::/47 maxlen: 47
2a00:79e1:825::/48 maxlen: 48
2a00:79e1:2200::/39 maxlen: 39
2a00:79e1:2000::/38 maxlen: 38
2a00:79e1:3000::/38 maxlen: 38
2a00:79e1:3400::/39 maxlen: 39
2a00:79e1:2600::/39 maxlen: 39
2a00:79e1:2800::/38 maxlen: 38
2a00:79e1:3800::/38 maxlen: 38
2a00:79e1:2000::/35 maxlen: 35
2a00:79e1:2400::/39 maxlen: 39
2a00:79e1:2a00::/39 maxlen: 39
2a00:79e1:3e00::/39 maxlen: 39
2a00:79e1:3a00::/39 maxlen: 39
2a00:79e1:2c00::/39 maxlen: 39
2a00:79e1:3c00::/39 maxlen: 39
2a00:79e1:3600::/39 maxlen: 39
2a00:79e1:2e00::/39 maxlen: 39
2a00:79e1:3200::/39 maxlen: 39
2a00:79e1:820::/45 maxlen: 45
2a00:79e1:822::/47 maxlen: 47
2a00:79e1:827::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.mft
rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:7e:2c:06:1f:4d:21:77:1a:2f:d1:c8:26:9c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0747fbe26c9cdd7628adfedb57b78be8de75e29
Validity
Not Before: Jan 2 06:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a041efcb34946d41a6ba99d99ad0eb16214aea5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5b:f6:42:de:84:b2:d1:e6:44:cd:65:36:5b:
b7:1a:d8:0e:80:49:22:fa:01:77:17:64:87:9d:a0:
60:f9:e1:a8:ce:8c:16:9b:11:e4:0e:7a:31:1e:b1:
52:36:73:5b:7b:92:70:21:e8:70:f3:59:2b:50:86:
44:80:f3:8c:ae:f6:ca:49:73:f3:3a:5b:49:ae:db:
91:be:65:c5:85:4d:4a:d6:df:5c:a2:17:6a:57:25:
ae:4e:3a:4b:c2:2f:a3:d7:55:a4:08:4d:43:74:d7:
86:e1:d5:06:39:80:83:19:6f:08:e5:c2:2c:80:9e:
5f:b8:9d:98:2d:41:25:32:8f:a4:24:d6:4b:2d:a2:
52:8a:31:ac:1f:4d:d4:52:1c:42:98:1e:f4:71:f7:
5b:11:bf:d0:ef:c7:42:a1:48:5b:4f:cd:8c:de:7d:
30:79:71:7c:02:60:97:13:d7:e9:69:ee:22:33:2e:
50:87:b0:99:6e:ba:c9:fa:af:fb:a1:d3:a5:a7:3b:
07:a9:1b:da:c5:2b:4e:a1:b9:88:f3:4a:30:ab:c2:
83:ea:91:1c:dd:e1:f3:b4:c4:41:9f:6d:aa:a9:d5:
83:c4:6c:29:b5:c1:fd:62:f9:73:67:5d:3f:a1:50:
71:e2:22:b4:45:5a:62:43:a0:c7:22:f9:24:56:89:
7c:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:41:EF:CB:34:94:6D:41:A6:BA:99:D9:9A:D0:EB:16:21:4A:EA:5B
X509v3 Authority Key Identifier:
keyid:C0:74:7F:BE:26:C9:CD:D7:62:8A:DF:ED:B5:7B:78:BE:8D:E7:5E:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wHR_vibJzddiit_ttXt4vo3nXik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/oEHvyzSUbUGmupnZmtDrFiFK6ls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/2406ab-3bcb-41bc-a942-368608385883/1/wHR_vibJzddiit_ttXt4vo3nXik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:79e1:820::/45
2a00:79e1:840::/47
2a00:79e1:2000::/35
Signature Algorithm: sha256WithRSAEncryption
93:c7:69:6e:15:14:99:f2:4a:3c:20:a1:b1:04:99:d5:0f:62:
b4:2f:2e:cf:79:e4:3f:73:50:09:f8:ba:27:76:ae:7f:d2:d9:
ca:89:93:a4:94:42:4c:f0:f5:f9:17:f8:07:69:57:47:bd:3a:
57:13:05:39:bd:2d:65:61:7a:e4:60:d1:df:9a:bd:bc:75:67:
87:cc:02:2f:a7:b1:dc:fc:93:dd:e9:ae:12:06:36:c7:20:76:
97:c0:d1:99:50:9c:5f:e4:92:51:76:e1:58:5c:f6:eb:ba:ea:
21:b7:b7:38:c7:de:07:88:0f:80:17:50:c8:bf:13:6d:1c:67:
52:50:4b:81:a0:26:09:8c:f9:fc:9d:71:8d:65:b7:4b:da:8b:
69:cf:1f:ce:e9:59:16:37:5d:f0:18:5c:d5:8e:a2:1b:45:8a:
87:ae:e6:a4:dd:98:3e:05:e1:94:39:63:b3:28:3b:42:8a:26:
15:5d:0e:b8:cd:cf:70:40:bb:81:b0:cc:9d:57:29:55:bf:db:
9a:47:7c:9f:13:5d:99:66:a6:a5:2d:6a:ad:21:2b:57:4c:e4:
aa:53:55:5f:77:48:9f:79:18:5b:f0:a4:fb:3b:f1:22:9b:fb:
32:97:06:1f:16:97:79:0d:d8:f2:37:44:8d:bd:2b:76:51:f4:
39:0d:4d:f4
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzI3n4sBh9NIXcaL9HIJpzaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNzQ3ZmJlMjZjOWNkZDc2MjhhZGZlZGI1N2I3OGJlOGRl
NzVlMjkwHhcNMjQwMTAyMDYzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDQxZWZjYjM0OTQ2ZDQxYTZiYTk5ZDk5YWQwZWIxNjIxNGFlYTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1v2Qt6EstHmRM1lNlu3GtgOgEki
+gF3F2SHnaBg+eGozowWmxHkDnoxHrFSNnNbe5JwIehw81krUIZEgPOMrvbKSXPz
OltJrtuRvmXFhU1K1t9cohdqVyWuTjpLwi+j11WkCE1DdNeG4dUGOYCDGW8I5cIs
gJ5fuJ2YLUElMo+kJNZLLaJSijGsH03UUhxCmB70cfdbEb/Q78dCoUhbT82M3n0w
eXF8AmCXE9fpae4iMy5Qh7CZbrrJ+q/7odOlpzsHqRvaxStOobmI80owq8KD6pEc
3eHztMRBn22qqdWDxGwptcH9YvlzZ10/oVBx4iK0RVpiQ6DHIvkkVol8XwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFKBB78s0lG1BprqZ2ZrQ6xYhSupbMB8GA1UdIwQY
MBaAFMB0f74myc3XYorf7bV7eL6N514pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0hSX3ZpYkp6ZGRpaXRfdHRYdDR2bzNuWGlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8yNDA2YWItM2JjYi00MWJjLWE5NDIt
MzY4NjA4Mzg1ODgzLzEvb0VIdnl6U1ViVUdtdXBuWm10RHJGaUZLNmxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8yNDA2YWItM2JjYi00MWJjLWE5NDItMzY4NjA4Mzg1ODgz
LzEvd0hSX3ZpYkp6ZGRpaXRfdHRYdDR2bzNuWGlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAAjAaAwcDKgB54Qgg
AwcBKgB54QhAAwYFKgB54SAwDQYJKoZIhvcNAQELBQADggEBAJPHaW4VFJnySjwg
obEEmdUPYrQvLs955D9zUAn4uid2rn/S2cqJk6SUQkzw9fkX+AdpV0e9OlcTBTm9
LWVheuRg0d+avbx1Z4fMAi+nsdz8k93prhIGNscgdpfA0ZlQnF/kklF24Vhc9uu6
6iG3tzjH3geID4AXUMi/E20cZ1JQS4GgJgmM+fydcY1lt0vai2nPH87pWRY3XfAY
XNWOohtFioeu5qTdmD4F4ZQ5Y7MoO0KKJhVdDrjNz3BAu4GwzJ1XKVW/25pHfJ8T
XZlmpqUtaq0hK1dM5KpTVV93SJ95GFvwpPs78SKb+zKXBh8Wl3kN2PI3RI29K3ZR
9DkNTfQ=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:31:42 2024 by rpki-client on console-ams.rpki-client.org