Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/C-07o9zYj3864GUGzezFOaqaNPU.roa
File: C-07o9zYj3864GUGzezFOaqaNPU.roa (raw, json)
Hash identifier: W7Ah1n8RLvSuGN6rGn9l+B0Oi0aU42ed1baMU9y2l0w=
Subject key identifier: 0B:ED:3B:A3:DC:D8:8F:7F:3A:E0:65:06:CD:EC:C5:39:AA:9A:34:F5
Certificate issuer: /CN=5f99fde0d63b11b5c2dd816c0f93c2ea58350336
Certificate serial: 018CC3491AC46944812CBD0F5D979C80AA6A
Authority key identifier: 5F:99:FD:E0:D6:3B:11:B5:C2:DD:81:6C:0F:93:C2:EA:58:35:03:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X5n94NY7EbXC3YFsD5PC6lg1AzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/C-07o9zYj3864GUGzezFOaqaNPU.roa
Signing time: Mon 01 Jan 2024 04:29:57 +0000
ROA not before: Mon 01 Jan 2024 04:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8542
IP address blocks: 185.81.12.0/22 maxlen: 22
2a00:ce60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/X5n94NY7EbXC3YFsD5PC6lg1AzY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/X5n94NY7EbXC3YFsD5PC6lg1AzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/X5n94NY7EbXC3YFsD5PC6lg1AzY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:1a:c4:69:44:81:2c:bd:0f:5d:97:9c:80:aa:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f99fde0d63b11b5c2dd816c0f93c2ea58350336
Validity
Not Before: Jan 1 04:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0bed3ba3dcd88f7f3ae06506cdecc539aa9a34f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:db:89:9f:d4:73:1e:13:74:9e:19:82:aa:04:
8a:e5:76:7f:73:15:17:9e:95:f2:ec:42:a2:e0:2b:
89:e2:e4:aa:18:77:ba:51:f4:a9:5c:5f:b2:93:01:
6c:bb:71:77:e7:3a:f4:da:11:23:5e:c8:51:99:99:
d5:d3:df:f9:90:58:17:eb:7b:ec:47:78:70:bc:6e:
d8:7d:54:d6:52:f6:3d:bf:d5:56:0d:b2:ca:9d:ab:
d9:41:ee:6f:eb:ac:93:a4:b9:91:86:80:ff:e9:c7:
e3:3f:12:06:ca:a8:e1:b2:27:8f:ef:35:6c:a8:09:
37:4d:89:e6:da:d2:44:47:9a:77:78:c8:bb:1e:94:
a6:fc:8d:bb:de:cc:1b:d7:47:e8:02:f9:8f:44:5e:
05:96:b2:48:9d:0d:b6:64:ff:21:a5:86:33:59:6a:
34:71:be:33:1c:1e:65:da:50:6d:69:b1:aa:3d:3a:
48:e2:ec:bb:58:f3:c2:c7:e9:45:81:4e:4d:cb:2f:
34:4e:c4:d1:99:21:42:bf:50:2a:15:e1:d0:62:82:
af:e2:28:be:3b:11:ea:56:53:58:8f:ab:ae:13:32:
d3:8e:bc:3a:37:7d:b5:bf:a4:96:a9:ac:7b:f8:ca:
64:da:06:0a:42:05:8a:fb:91:d0:6c:be:bd:b8:09:
76:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:ED:3B:A3:DC:D8:8F:7F:3A:E0:65:06:CD:EC:C5:39:AA:9A:34:F5
X509v3 Authority Key Identifier:
keyid:5F:99:FD:E0:D6:3B:11:B5:C2:DD:81:6C:0F:93:C2:EA:58:35:03:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X5n94NY7EbXC3YFsD5PC6lg1AzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/C-07o9zYj3864GUGzezFOaqaNPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/f116d7-8519-4924-8d1d-4c77d605afec/1/X5n94NY7EbXC3YFsD5PC6lg1AzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.81.12.0/22
IPv6:
2a00:ce60::/32
Signature Algorithm: sha256WithRSAEncryption
62:3f:59:97:aa:00:71:38:9d:a5:22:0d:22:eb:c8:57:7b:f0:
39:f8:25:bf:76:db:80:74:31:17:60:b4:13:99:b8:d4:3d:75:
42:15:e4:82:07:55:71:c0:5c:3b:37:dc:ea:74:98:e2:e7:4d:
dd:03:c5:02:fc:f9:2f:21:3b:fb:cc:a3:e2:fe:5b:cf:b7:eb:
0b:66:e5:04:70:85:92:c8:3d:be:03:c8:96:22:76:e2:88:08:
dc:0f:15:da:44:05:70:e7:8f:58:c2:96:58:b8:e9:02:c8:4a:
a0:5d:8e:9f:d9:e0:2d:4b:76:ad:d8:b3:7e:0f:06:cd:44:45:
3e:ba:fd:fb:f7:2c:15:23:4a:bf:aa:68:3f:40:3d:d5:0e:e7:
b8:d9:74:d1:8c:cd:59:ba:39:51:95:a7:7a:f8:b5:dc:16:70:
80:31:c2:50:52:33:fd:bb:3d:1b:15:df:b7:04:96:f5:7d:83:
27:7e:20:36:09:b9:91:e1:25:b2:4f:5b:c0:d0:77:af:2e:0c:
ad:db:e6:6c:69:3b:01:76:0e:03:bf:6e:6b:0d:5e:5b:e9:38:
6f:17:bd:7b:19:48:7a:b7:d6:09:61:3e:62:16:6e:33:80:8b:
a7:49:cb:25:76:c8:45:99:17:a3:5a:0c:a4:85:f4:31:11:8d:
7b:d7:e3:de
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDSRrEaUSBLL0PXZecgKpqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmOTlmZGUwZDYzYjExYjVjMmRkODE2YzBmOTNjMmVhNTgz
NTAzMzYwHhcNMjQwMTAxMDQyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYmVkM2JhM2RjZDg4ZjdmM2FlMDY1MDZjZGVjYzUzOWFhOWEzNGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAituJn9RzHhN0nhmCqgSK5XZ/cxUX
npXy7EKi4CuJ4uSqGHe6UfSpXF+ykwFsu3F35zr02hEjXshRmZnV09/5kFgX63vs
R3hwvG7YfVTWUvY9v9VWDbLKnavZQe5v66yTpLmRhoD/6cfjPxIGyqjhsieP7zVs
qAk3TYnm2tJER5p3eMi7HpSm/I273swb10foAvmPRF4FlrJInQ22ZP8hpYYzWWo0
cb4zHB5l2lBtabGqPTpI4uy7WPPCx+lFgU5Nyy80TsTRmSFCv1AqFeHQYoKv4ii+
OxHqVlNYj6uuEzLTjrw6N321v6SWqax7+Mpk2gYKQgWK+5HQbL69uAl2RQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAvtO6Pc2I9/OuBlBs3sxTmqmjT1MB8GA1UdIwQY
MBaAFF+Z/eDWOxG1wt2BbA+TwupYNQM2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDVuOTROWTdFYlhDM1lGc0Q1UEM2bGcxQXpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9mMTE2ZDctODUxOS00OTI0LThkMWQt
NGM3N2Q2MDVhZmVjLzEvQy0wN285ellqMzg2NEdVR3plekZPYXFhTlBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9mMTE2ZDctODUxOS00OTI0LThkMWQtNGM3N2Q2MDVhZmVj
LzEvWDVuOTROWTdFYlhDM1lGc0Q1UEM2bGcxQXpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVEMMA0E
AgACMAcDBQAqAM5gMA0GCSqGSIb3DQEBCwUAA4IBAQBiP1mXqgBxOJ2lIg0i68hX
e/A5+CW/dtuAdDEXYLQTmbjUPXVCFeSCB1VxwFw7N9zqdJji503dA8UC/PkvITv7
zKPi/lvPt+sLZuUEcIWSyD2+A8iWInbiiAjcDxXaRAVw549YwpZYuOkCyEqgXY6f
2eAtS3at2LN+DwbNREU+uv379ywVI0q/qmg/QD3VDue42XTRjM1ZujlRlad6+LXc
FnCAMcJQUjP9uz0bFd+3BJb1fYMnfiA2CbmR4SWyT1vA0HevLgyt2+ZsaTsBdg4D
v25rDV5b6ThvF717GUh6t9YJYT5iFm4zgIunScsldshFmRejWgykhfQxEY171+Pe
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:18:42 2024 by rpki-client on console-ams.rpki-client.org