Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/oiGEPig_MWt2Tjhol_VI2Ys_9kQ.roa
File: oiGEPig_MWt2Tjhol_VI2Ys_9kQ.roa (raw, json)
Hash identifier: swSM228e6N+HikfI2gosftImWT36zpNYsonAnVvdp+w=
Subject key identifier: A2:21:84:3E:28:3F:31:6B:76:4E:38:68:97:F5:48:D9:8B:3F:F6:44
Certificate issuer: /CN=2d698baf9ff3eeebe66284889fbf689d4e683c81
Certificate serial: 018CC9BC8E717E8C2DC46795EF2DA184CB69
Authority key identifier: 2D:69:8B:AF:9F:F3:EE:EB:E6:62:84:88:9F:BF:68:9D:4E:68:3C:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LWmLr5_z7uvmYoSIn79onU5oPIE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/oiGEPig_MWt2Tjhol_VI2Ys_9kQ.roa
Signing time: Tue 02 Jan 2024 10:33:46 +0000
ROA not before: Tue 02 Jan 2024 10:33:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3209
IP address blocks: 2.200.0.0/13 maxlen: 24
109.44.0.0/15 maxlen: 15
90.186.0.0/16 maxlen: 24
80.226.0.0/16 maxlen: 24
109.40.0.0/14 maxlen: 24
109.46.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/LWmLr5_z7uvmYoSIn79onU5oPIE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/LWmLr5_z7uvmYoSIn79onU5oPIE.mft
rsync://rpki.ripe.net/repository/DEFAULT/LWmLr5_z7uvmYoSIn79onU5oPIE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:8e:71:7e:8c:2d:c4:67:95:ef:2d:a1:84:cb:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d698baf9ff3eeebe66284889fbf689d4e683c81
Validity
Not Before: Jan 2 10:33:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a221843e283f316b764e386897f548d98b3ff644
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:6a:54:c5:1a:a7:37:e8:6d:95:87:ce:a5:eb:
c3:9b:44:ff:07:39:0b:ed:a8:66:02:f4:cf:34:76:
43:0e:f9:5e:65:12:e2:e1:a1:dc:c1:44:c0:d6:f0:
e3:24:f3:f1:bd:ef:76:d2:89:49:f6:e1:b9:c9:eb:
d7:71:56:3c:ed:33:11:69:fc:bd:26:1e:4a:d0:4f:
da:e0:f8:d7:2e:bd:26:64:db:b8:d7:96:a4:50:16:
8b:98:96:25:96:59:0e:59:91:89:46:82:0c:3b:4a:
7e:02:02:36:72:97:d8:89:b6:d9:02:25:7e:79:4e:
ea:da:6a:19:a8:41:99:f4:03:e5:d4:74:92:b2:0c:
01:03:2b:08:8b:c8:97:be:79:a6:90:c4:b7:b3:d4:
06:97:31:d3:6d:ee:97:85:22:73:27:44:fb:c1:14:
7b:3a:7b:eb:1a:cc:4e:eb:c6:fc:e0:e0:f5:b3:87:
54:ee:79:d2:84:59:58:0b:09:4f:61:c4:83:a3:a6:
d9:0d:e5:5a:3a:c6:c4:9e:bd:9a:82:b9:a3:83:22:
1d:09:49:f3:b9:40:c0:e1:07:a0:ad:c3:e0:50:c2:
e9:e6:2e:dd:65:24:72:16:5c:e1:ac:00:eb:ec:c5:
23:fe:c6:25:4c:67:33:78:59:37:9a:18:07:38:d1:
ed:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:21:84:3E:28:3F:31:6B:76:4E:38:68:97:F5:48:D9:8B:3F:F6:44
X509v3 Authority Key Identifier:
keyid:2D:69:8B:AF:9F:F3:EE:EB:E6:62:84:88:9F:BF:68:9D:4E:68:3C:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LWmLr5_z7uvmYoSIn79onU5oPIE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/oiGEPig_MWt2Tjhol_VI2Ys_9kQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/572a98-3bb7-4276-9d39-dff5a09a82cb/1/LWmLr5_z7uvmYoSIn79onU5oPIE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.200.0.0/13
80.226.0.0/16
90.186.0.0/16
109.40.0.0-109.46.255.255
Signature Algorithm: sha256WithRSAEncryption
26:ff:d0:29:53:90:9b:e7:43:dd:8b:7a:b3:1f:91:c8:f6:d8:
7f:31:85:4e:f1:aa:9c:b3:4e:df:7e:f6:52:f0:01:89:19:4f:
1e:7f:e8:d8:29:34:c4:a9:ac:ac:d9:e4:f7:48:f8:2e:36:b0:
a6:50:c9:f1:55:b7:67:3a:a7:9e:fa:07:a0:9b:6c:21:ac:de:
44:10:ac:94:4e:12:c7:3c:e8:de:7b:6a:58:9b:2d:2e:22:7d:
73:2f:18:c1:5d:b8:0e:75:71:e8:53:7a:f2:64:b1:92:f3:91:
d4:de:1a:b3:9c:84:81:7b:b2:e4:85:5b:49:66:44:3a:b1:3b:
b1:55:9c:3c:45:fd:84:e0:31:31:fe:a8:06:0d:4f:72:6f:12:
02:ef:98:de:48:59:b4:be:61:ec:fe:c9:04:39:a5:f7:9e:1a:
66:fd:d6:7c:37:03:0f:ca:a7:2b:62:ec:9e:4b:7d:9c:6e:d7:
a2:ff:4b:e4:e6:72:af:9b:36:21:f7:4c:43:92:57:1d:aa:e8:
e5:5a:23:61:9e:bc:ad:f5:a6:27:c1:bc:0f:8f:ad:d1:37:fc:
0c:07:db:49:30:92:13:3b:2a:9c:72:75:d8:5f:f2:2b:72:b9:
e9:d7:30:c9:d4:b2:da:e2:26:37:91:1e:e3:15:b0:6a:55:2a:
2f:cc:07:e6
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvI5xfowtxGeV7y2hhMtpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkNjk4YmFmOWZmM2VlZWJlNjYyODQ4ODlmYmY2ODlkNGU2
ODNjODEwHhcNMjQwMTAyMTAzMzQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjIxODQzZTI4M2YzMTZiNzY0ZTM4Njg5N2Y1NDhkOThiM2ZmNjQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmpUxRqnN+htlYfOpevDm0T/BzkL
7ahmAvTPNHZDDvleZRLi4aHcwUTA1vDjJPPxve920olJ9uG5yevXcVY87TMRafy9
Jh5K0E/a4PjXLr0mZNu415akUBaLmJYlllkOWZGJRoIMO0p+AgI2cpfYibbZAiV+
eU7q2moZqEGZ9APl1HSSsgwBAysIi8iXvnmmkMS3s9QGlzHTbe6XhSJzJ0T7wRR7
OnvrGsxO68b84OD1s4dU7nnShFlYCwlPYcSDo6bZDeVaOsbEnr2agrmjgyIdCUnz
uUDA4QegrcPgUMLp5i7dZSRyFlzhrADr7MUj/sYlTGczeFk3mhgHONHtVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKIhhD4oPzFrdk44aJf1SNmLP/ZEMB8GA1UdIwQY
MBaAFC1pi6+f8+7r5mKEiJ+/aJ1OaDyBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFdtTHI1X3o3dXZtWW9TSW43OW9uVTVvUElFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81NzJhOTgtM2JiNy00Mjc2LTlkMzkt
ZGZmNWEwOWE4MmNiLzEvb2lHRVBpZ19NV3QyVGpob2xfVkkyWXNfOWtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81NzJhOTgtM2JiNy00Mjc2LTlkMzktZGZmNWEwOWE4MmNi
LzEvTFdtTHI1X3o3dXZtWW9TSW43OW9uVTVvUElFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzAhBAIAATAbAwMDAsgDAwBQ
4gMDAFq6MAoDAwNtKAMDAG0uMA0GCSqGSIb3DQEBCwUAA4IBAQAm/9ApU5Cb50Pd
i3qzH5HI9th/MYVO8aqcs07ffvZS8AGJGU8ef+jYKTTEqays2eT3SPguNrCmUMnx
VbdnOqee+gegm2whrN5EEKyUThLHPOjee2pYmy0uIn1zLxjBXbgOdXHoU3ryZLGS
85HU3hqznISBe7LkhVtJZkQ6sTuxVZw8Rf2E4DEx/qgGDU9ybxIC75jeSFm0vmHs
/skEOaX3nhpm/dZ8NwMPyqcrYuyeS32cbtei/0vk5nKvmzYh90xDklcdqujlWiNh
nryt9aYnwbwPj63RN/wMB9tJMJITOyqccnXYX/Ircrnp1zDJ1LLa4iY3kR7jFbBq
VSovzAfm
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:22:30 2024 by rpki-client on console-ams.rpki-client.org