Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/oUVjuOKg191g1kmsQGlKBR0x-ok.roa
File: oUVjuOKg191g1kmsQGlKBR0x-ok.roa (raw, json)
Hash identifier: SUpijS7wjx22+0poQ8m98OzYAoQBAIah7wc6DA8o5tY=
Subject key identifier: A1:45:63:B8:E2:A0:D7:DD:60:D6:49:AC:40:69:4A:05:1D:31:FA:89
Certificate issuer: /CN=830555f011be5e241eb0b425de5fd86cc6834a54
Certificate serial: 018CC80239A80D367AB5C52A696BADA0496F
Authority key identifier: 83:05:55:F0:11:BE:5E:24:1E:B0:B4:25:DE:5F:D8:6C:C6:83:4A:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gwVV8BG-XiQesLQl3l_YbMaDSlQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/oUVjuOKg191g1kmsQGlKBR0x-ok.roa
Signing time: Tue 02 Jan 2024 02:30:38 +0000
ROA not before: Tue 02 Jan 2024 02:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199803
IP address blocks: 188.92.43.0/24 maxlen: 24
188.92.44.0/24 maxlen: 24
188.92.40.0/24 maxlen: 24
188.92.41.0/24 maxlen: 24
188.92.42.0/24 maxlen: 24
188.92.46.0/24 maxlen: 24
188.92.47.0/24 maxlen: 24
188.92.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/gwVV8BG-XiQesLQl3l_YbMaDSlQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/gwVV8BG-XiQesLQl3l_YbMaDSlQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/gwVV8BG-XiQesLQl3l_YbMaDSlQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:39:a8:0d:36:7a:b5:c5:2a:69:6b:ad:a0:49:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=830555f011be5e241eb0b425de5fd86cc6834a54
Validity
Not Before: Jan 2 02:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a14563b8e2a0d7dd60d649ac40694a051d31fa89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:2c:7e:fd:77:e3:c4:45:af:2e:6c:af:b6:a7:
32:fa:84:4e:08:7f:85:79:97:b7:91:b5:0c:39:ed:
09:78:b3:7c:e9:9c:01:4b:ca:21:f7:ab:f8:8a:ca:
9b:ce:ec:1d:f7:9b:57:af:8a:dc:b6:17:cb:72:f7:
2f:71:05:b9:89:96:cb:fa:60:d4:3f:54:d2:b4:0c:
c3:da:82:0b:c3:eb:78:20:ca:2e:32:b5:bd:9b:93:
4b:2a:30:35:d2:75:14:84:cd:5d:03:56:4e:d3:63:
3d:1a:4c:15:a5:70:88:33:bf:a6:36:10:89:0d:69:
33:99:a2:64:53:0c:c0:c1:f3:8c:74:65:02:d8:3d:
cf:e1:40:eb:5c:57:d4:6c:42:6a:e9:1b:c7:df:e4:
94:9e:4e:93:2b:88:53:4b:50:27:85:d2:90:ca:57:
b2:fa:21:8e:36:33:c5:36:4d:b1:58:7d:f8:23:66:
ee:5f:cb:b4:38:59:41:e1:2f:9a:2c:dc:d6:0f:00:
3e:d2:a8:7c:4c:a3:b9:ac:6e:c3:a9:c8:ec:58:de:
75:aa:59:27:91:1b:65:84:05:36:db:3b:44:03:e0:
42:65:cd:5b:82:99:6e:09:f0:93:0a:1d:85:c7:48:
a1:2a:29:27:fb:e4:0a:61:f5:20:6a:0a:4e:0e:52:
ae:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:45:63:B8:E2:A0:D7:DD:60:D6:49:AC:40:69:4A:05:1D:31:FA:89
X509v3 Authority Key Identifier:
keyid:83:05:55:F0:11:BE:5E:24:1E:B0:B4:25:DE:5F:D8:6C:C6:83:4A:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gwVV8BG-XiQesLQl3l_YbMaDSlQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/oUVjuOKg191g1kmsQGlKBR0x-ok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/bf0162-fcba-4085-b4f1-d699ddc9d09c/1/gwVV8BG-XiQesLQl3l_YbMaDSlQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.92.40.0/21
Signature Algorithm: sha256WithRSAEncryption
2b:b3:a3:27:29:c2:74:cf:36:d7:19:ba:80:56:76:f8:44:1c:
74:0c:5c:6c:95:37:b7:3c:0e:f4:3b:89:76:17:87:3a:91:6f:
e9:68:df:c8:d5:65:29:16:f8:7a:05:17:9c:0b:33:7f:28:28:
35:ad:ad:8e:74:35:1d:e7:49:e0:a4:fd:14:8e:06:4a:35:a6:
e2:d8:4c:dc:8d:6f:24:b1:d8:71:bd:d2:39:9c:75:c8:36:26:
8b:91:30:34:65:1e:05:a9:98:1e:78:ae:b8:17:58:f6:44:6b:
5d:ed:87:72:3b:07:b4:46:46:d2:42:ec:a8:cd:26:3a:03:7d:
3a:5b:79:f3:23:17:4b:00:36:c9:d7:94:f5:f5:65:b4:60:ea:
ae:bd:f0:c5:f6:60:4f:4e:6d:60:0d:d2:78:11:7b:c9:6b:7a:
7d:3a:80:3d:47:92:a3:fd:a5:0e:fd:7e:52:33:c8:84:ce:84:
7b:65:08:95:f4:6c:64:70:03:6d:63:3c:36:05:cb:03:57:7a:
35:ef:2e:1b:3f:58:95:33:cc:2f:bc:58:15:09:2b:bc:58:80:
51:92:f3:8c:69:2d:83:4a:00:f5:49:85:5f:0a:b7:5e:3d:f5:
1e:69:d4:69:c0:dd:77:97:be:e7:5d:6d:9c:2b:e4:d0:69:d0:
e5:9c:38:77
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAjmoDTZ6tcUqaWutoElvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMDU1NWYwMTFiZTVlMjQxZWIwYjQyNWRlNWZkODZjYzY4
MzRhNTQwHhcNMjQwMTAyMDIzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTQ1NjNiOGUyYTBkN2RkNjBkNjQ5YWM0MDY5NGEwNTFkMzFmYTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5yx+/XfjxEWvLmyvtqcy+oROCH+F
eZe3kbUMOe0JeLN86ZwBS8oh96v4isqbzuwd95tXr4rcthfLcvcvcQW5iZbL+mDU
P1TStAzD2oILw+t4IMouMrW9m5NLKjA10nUUhM1dA1ZO02M9GkwVpXCIM7+mNhCJ
DWkzmaJkUwzAwfOMdGUC2D3P4UDrXFfUbEJq6RvH3+SUnk6TK4hTS1AnhdKQyley
+iGONjPFNk2xWH34I2buX8u0OFlB4S+aLNzWDwA+0qh8TKO5rG7DqcjsWN51qlkn
kRtlhAU22ztEA+BCZc1bgpluCfCTCh2Fx0ihKikn++QKYfUgagpODlKuewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKFFY7jioNfdYNZJrEBpSgUdMfqJMB8GA1UdIwQY
MBaAFIMFVfARvl4kHrC0Jd5f2GzGg0pUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3dWVjhCRy1YaVFlc0xRbDNsX1liTWFEU2xRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9iZjAxNjItZmNiYS00MDg1LWI0ZjEt
ZDY5OWRkYzlkMDljLzEvb1VWanVPS2cxOTFnMWttc1FHbEtCUjB4LW9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9iZjAxNjItZmNiYS00MDg1LWI0ZjEtZDY5OWRkYzlkMDlj
LzEvZ3dWVjhCRy1YaVFlc0xRbDNsX1liTWFEU2xRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDvFwoMA0G
CSqGSIb3DQEBCwUAA4IBAQArs6MnKcJ0zzbXGbqAVnb4RBx0DFxslTe3PA70O4l2
F4c6kW/paN/I1WUpFvh6BRecCzN/KCg1ra2OdDUd50ngpP0UjgZKNabi2EzcjW8k
sdhxvdI5nHXINiaLkTA0ZR4FqZgeeK64F1j2RGtd7YdyOwe0RkbSQuyozSY6A306
W3nzIxdLADbJ15T19WW0YOquvfDF9mBPTm1gDdJ4EXvJa3p9OoA9R5Kj/aUO/X5S
M8iEzoR7ZQiV9GxkcANtYzw2BcsDV3o17y4bP1iVM8wvvFgVCSu8WIBRkvOMaS2D
SgD1SYVfCrdePfUeadRpwN13l77nXW2cK+TQadDlnDh3
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:20:38 2024 by rpki-client on console-ams.rpki-client.org