Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/oHDG3ql9huSDQQpItY7KNmojymE.roa
File: oHDG3ql9huSDQQpItY7KNmojymE.roa (raw, json)
Hash identifier: 8FCfGSfv0WMuJ3QNazOngY2x96DrMYtArh6g+ZuOFRQ=
Subject key identifier: A0:70:C6:DE:A9:7D:86:E4:83:41:0A:48:B5:8E:CA:36:6A:23:CA:61
Certificate issuer: /CN=cb1d15194278a29aad57ca375f99588b976ef829
Certificate serial: 018CC64AD19E140026AFBDA2CCF54E841C9F
Authority key identifier: CB:1D:15:19:42:78:A2:9A:AD:57:CA:37:5F:99:58:8B:97:6E:F8:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yx0VGUJ4opqtV8o3X5lYi5du-Ck.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/oHDG3ql9huSDQQpItY7KNmojymE.roa
Signing time: Mon 01 Jan 2024 18:30:41 +0000
ROA not before: Mon 01 Jan 2024 18:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1930
IP address blocks: 192.86.138.0/24 maxlen: 24
192.92.142.0/24 maxlen: 24
192.82.127.0/24 maxlen: 24
192.88.17.0/24 maxlen: 24
192.88.251.0/24 maxlen: 24
192.88.252.0/24 maxlen: 24
192.88.253.0/24 maxlen: 24
192.88.250.0/24 maxlen: 24
192.88.254.0/24 maxlen: 24
192.135.187.0/24 maxlen: 24
192.68.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/yx0VGUJ4opqtV8o3X5lYi5du-Ck.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/yx0VGUJ4opqtV8o3X5lYi5du-Ck.mft
rsync://rpki.ripe.net/repository/DEFAULT/yx0VGUJ4opqtV8o3X5lYi5du-Ck.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:d1:9e:14:00:26:af:bd:a2:cc:f5:4e:84:1c:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb1d15194278a29aad57ca375f99588b976ef829
Validity
Not Before: Jan 1 18:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a070c6dea97d86e483410a48b58eca366a23ca61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:92:96:d1:47:c7:be:68:18:5a:fa:a4:24:0d:
9f:a0:32:c6:6d:4d:46:5b:25:a8:5f:22:10:0d:b1:
12:95:98:f8:07:d3:1c:28:cb:e7:ba:f5:29:d9:94:
c3:d5:2c:99:e9:92:b2:f3:8b:8f:7f:7c:f2:4b:61:
28:8a:d4:5c:3a:50:37:aa:d4:e4:09:de:19:ca:9c:
66:8d:0a:54:f3:7b:e2:c6:9f:8b:e1:1c:75:85:60:
91:80:37:e2:ff:99:47:d9:31:9a:6d:81:df:14:b7:
f3:e6:80:bb:7d:ef:7d:c7:f6:8d:a6:af:05:42:f3:
84:17:26:ea:82:c8:6a:37:80:4d:fe:bc:a2:4f:a3:
b4:90:f6:b2:b3:44:eb:8c:e0:0e:b0:40:da:8b:93:
d3:4a:32:ba:80:3d:23:ff:76:22:ee:44:12:34:a1:
7c:b7:4a:25:2e:77:82:a2:79:83:d9:11:35:f4:78:
e0:aa:93:d8:82:0b:24:68:97:42:f5:4c:80:b2:2a:
85:98:9c:30:4c:af:28:0d:03:15:d8:01:eb:66:fd:
5e:b7:10:80:02:2d:7c:83:e2:11:56:3b:57:da:e6:
15:ef:2d:36:de:1f:d1:61:0d:54:b1:47:a0:75:7e:
7a:b1:df:51:da:66:76:7a:26:e6:bd:ab:66:f1:8c:
79:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:70:C6:DE:A9:7D:86:E4:83:41:0A:48:B5:8E:CA:36:6A:23:CA:61
X509v3 Authority Key Identifier:
keyid:CB:1D:15:19:42:78:A2:9A:AD:57:CA:37:5F:99:58:8B:97:6E:F8:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yx0VGUJ4opqtV8o3X5lYi5du-Ck.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/oHDG3ql9huSDQQpItY7KNmojymE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/eb2361-8d34-4ff4-b3d1-1fb38435af77/1/yx0VGUJ4opqtV8o3X5lYi5du-Ck.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.68.209.0/24
192.82.127.0/24
192.86.138.0/24
192.88.17.0/24
192.88.250.0-192.88.254.255
192.92.142.0/24
192.135.187.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:d5:4d:b7:1a:ea:7c:1d:37:d4:9e:5f:d0:10:40:36:c8:66:
92:4a:ef:c4:c1:0c:cb:db:03:db:37:c2:cc:d0:e9:4e:fa:a9:
e7:30:06:5d:47:55:9d:99:d0:1d:fe:c6:e9:4c:12:bc:68:d8:
79:73:85:c5:86:67:08:87:07:46:ec:00:6c:68:d5:7b:dc:12:
33:0e:b3:e1:ed:7e:c6:77:fe:6e:a5:ac:7c:34:e9:6e:f0:4e:
a8:03:a1:8d:fb:aa:61:36:a8:fc:4e:8c:2c:b4:94:2c:3d:c4:
8a:fb:80:58:a1:93:c4:6d:ae:b1:77:f0:84:3d:c4:fc:6e:55:
33:a7:d5:e2:48:fb:e2:38:54:8a:9b:ce:66:15:8d:17:08:20:
38:08:51:ed:0d:ba:92:87:91:e6:7d:91:c7:95:e3:c6:1a:f2:
16:8e:27:77:35:27:02:db:b9:55:1e:20:8a:f9:5a:74:18:38:
54:46:df:f5:61:fc:b8:2b:53:ee:05:66:c0:a8:d5:51:02:c2:
d8:b5:3b:70:e0:ac:4a:54:ea:0b:b6:3d:09:93:9d:8a:67:c1:
f9:1b:32:04:34:5e:a5:7c:73:a0:92:76:bd:a8:bf:57:09:b0:
af:6c:61:fd:e5:da:d2:5a:79:2b:be:6c:5c:da:4f:c2:de:ab:
62:a4:cd:7f
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzGStGeFAAmr72izPVOhByfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMWQxNTE5NDI3OGEyOWFhZDU3Y2EzNzVmOTk1ODhiOTc2
ZWY4MjkwHhcNMjQwMTAxMTgzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDcwYzZkZWE5N2Q4NmU0ODM0MTBhNDhiNThlY2EzNjZhMjNjYTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpKW0UfHvmgYWvqkJA2foDLGbU1G
WyWoXyIQDbESlZj4B9McKMvnuvUp2ZTD1SyZ6ZKy84uPf3zyS2EoitRcOlA3qtTk
Cd4ZypxmjQpU83vixp+L4Rx1hWCRgDfi/5lH2TGabYHfFLfz5oC7fe99x/aNpq8F
QvOEFybqgshqN4BN/ryiT6O0kPays0TrjOAOsEDai5PTSjK6gD0j/3Yi7kQSNKF8
t0olLneConmD2RE19HjgqpPYggskaJdC9UyAsiqFmJwwTK8oDQMV2AHrZv1etxCA
Ai18g+IRVjtX2uYV7y023h/RYQ1UsUegdX56sd9R2mZ2eibmvatm8Yx5dwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFKBwxt6pfYbkg0EKSLWOyjZqI8phMB8GA1UdIwQY
MBaAFMsdFRlCeKKarVfKN1+ZWIuXbvgpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXgwVkdVSjRvcHF0VjhvM1g1bFlpNWR1LUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9lYjIzNjEtOGQzNC00ZmY0LWIzZDEt
MWZiMzg0MzVhZjc3LzEvb0hERzNxbDlodVNEUVFwSXRZN0tObW9qeW1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9lYjIzNjEtOGQzNC00ZmY0LWIzZDEtMWZiMzg0MzVhZjc3
LzEveXgwVkdVSjRvcHF0VjhvM1g1bFlpNWR1LUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQAwETRAwQA
wFJ/AwQAwFaKAwQAwFgRMAwDBAHAWPoDBADAWP4DBADAXI4DBADAh7swDQYJKoZI
hvcNAQELBQADggEBAF3VTbca6nwdN9SeX9AQQDbIZpJK78TBDMvbA9s3wszQ6U76
qecwBl1HVZ2Z0B3+xulMErxo2HlzhcWGZwiHB0bsAGxo1XvcEjMOs+HtfsZ3/m6l
rHw06W7wTqgDoY37qmE2qPxOjCy0lCw9xIr7gFihk8RtrrF38IQ9xPxuVTOn1eJI
++I4VIqbzmYVjRcIIDgIUe0NupKHkeZ9kceV48Ya8haOJ3c1JwLbuVUeIIr5WnQY
OFRG3/Vh/LgrU+4FZsCo1VECwti1O3DgrEpU6gu2PQmTnYpnwfkbMgQ0XqV8c6CS
dr2ov1cJsK9sYf3l2tJaeSu+bFzaT8Leq2KkzX8=
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:29:37 2024 by rpki-client on console-ams.rpki-client.org