Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/OPpKb5ykcXvr2dR3-oAIilutUqg.roa
File: OPpKb5ykcXvr2dR3-oAIilutUqg.roa (raw, json)
Hash identifier: ZQX74oT0uhvYBIu81pDao4YLjXrB68MifDjwXZGPBew=
Subject key identifier: 38:FA:4A:6F:9C:A4:71:7B:EB:D9:D4:77:FA:80:08:8A:5B:AD:52:A8
Certificate issuer: /CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Certificate serial: 018D0D615E8581878F4BE5EC8886EAEBA98B
Authority key identifier: 6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/OPpKb5ykcXvr2dR3-oAIilutUqg.roa
Signing time: Mon 15 Jan 2024 13:48:21 +0000
ROA not before: Mon 15 Jan 2024 13:48:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204175
IP address blocks: 185.219.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.mft
rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:0d:61:5e:85:81:87:8f:4b:e5:ec:88:86:ea:eb:a9:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ba3186597742a926cd26504e1ed76f8543fdb26
Validity
Not Before: Jan 15 13:48:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38fa4a6f9ca4717bebd9d477fa80088a5bad52a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e8:d5:6b:a8:a8:01:ac:4e:59:ab:45:b9:03:
47:ee:ad:a7:ff:24:bf:72:6a:70:04:a2:97:73:82:
83:5c:1a:41:bb:c1:f1:55:10:ad:53:2b:19:0a:b3:
78:17:bc:a6:37:ee:59:09:77:98:e4:a9:11:72:59:
6f:75:26:c8:01:17:e1:64:08:4b:9e:6e:5c:3d:fb:
b5:28:bf:b9:85:fd:fd:a5:e6:2a:47:c7:f8:62:8b:
f8:f7:1d:20:65:f3:dc:44:b9:10:af:70:1a:ab:13:
3d:95:88:be:6c:fd:6c:80:b4:87:c0:71:98:fb:f5:
32:42:11:85:97:80:3f:1b:01:32:c9:e1:1e:5c:de:
39:2a:c4:44:e0:12:5c:e5:92:ba:f4:41:96:f8:80:
e5:b6:74:39:12:cf:a7:4f:dc:53:58:aa:d3:69:f9:
4e:24:91:44:34:4d:ec:b7:bd:31:2d:67:eb:2c:69:
a3:8f:3d:25:54:65:67:34:8b:57:b3:24:34:b5:1b:
fc:ff:53:70:e9:3a:0c:5a:90:f1:d5:4a:18:c0:2f:
cc:44:1c:22:1e:98:c3:45:3f:e4:03:c4:08:54:6c:
b9:7b:20:44:23:1d:a0:10:d1:b5:bf:be:c4:f6:9c:
38:a3:ec:36:29:cf:0b:3b:3e:fb:e6:61:78:31:d5:
52:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:FA:4A:6F:9C:A4:71:7B:EB:D9:D4:77:FA:80:08:8A:5B:AD:52:A8
X509v3 Authority Key Identifier:
keyid:6B:A3:18:65:97:74:2A:92:6C:D2:65:04:E1:ED:76:F8:54:3F:DB:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6MYZZd0KpJs0mUE4e12-FQ_2yY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/OPpKb5ykcXvr2dR3-oAIilutUqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/9d5910-9f5e-446c-8d3c-bc007f2dac24/1/a6MYZZd0KpJs0mUE4e12-FQ_2yY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.219.219.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:81:b4:66:d2:fc:f6:db:7b:87:0b:20:d8:d9:48:3b:be:c8:
83:80:14:17:c7:79:b1:24:2b:90:f4:4c:2a:8a:61:17:38:8f:
4f:60:d3:d6:92:94:fa:c2:42:92:d8:73:fa:7b:0f:db:f2:d7:
28:f7:2d:3e:53:e8:e9:1d:11:d0:a8:af:e4:6c:d3:2f:ea:7a:
3c:c1:7a:9f:d7:cd:d0:1e:35:ff:13:95:da:3f:b2:27:28:5b:
31:12:d6:11:e2:12:4b:f9:83:88:16:57:9f:e0:c8:d9:48:41:
f4:21:cd:76:d2:2a:c5:92:f5:0f:a9:4f:1b:53:90:27:40:62:
27:c6:50:4a:1c:f8:04:12:64:98:86:90:c7:6e:99:61:56:76:
5f:bb:6c:45:2a:7b:08:55:32:53:66:37:22:91:a4:c6:3a:01:
2d:4e:4b:1b:7a:03:14:eb:ee:4f:a2:27:49:34:28:19:09:e8:
d4:c0:04:14:17:93:96:6b:b4:d8:1c:6f:b5:19:5f:86:1f:94:
80:57:67:40:d0:52:36:f1:bb:7f:a2:94:df:8b:78:4e:1a:29:
12:13:c0:c6:65:41:b7:04:3d:72:c9:b1:41:4f:00:13:7b:53:
ab:85:aa:e0:ac:c7:08:1b:04:ac:2c:44:af:50:af:75:b4:b7:
09:c9:88:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0NYV6FgYePS+XsiIbq66mLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYTMxODY1OTc3NDJhOTI2Y2QyNjUwNGUxZWQ3NmY4NTQz
ZmRiMjYwHhcNMjQwMTE1MTM0ODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGZhNGE2ZjljYTQ3MTdiZWJkOWQ0NzdmYTgwMDg4YTViYWQ1MmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg+jVa6ioAaxOWatFuQNH7q2n/yS/
cmpwBKKXc4KDXBpBu8HxVRCtUysZCrN4F7ymN+5ZCXeY5KkRcllvdSbIARfhZAhL
nm5cPfu1KL+5hf39peYqR8f4Yov49x0gZfPcRLkQr3AaqxM9lYi+bP1sgLSHwHGY
+/UyQhGFl4A/GwEyyeEeXN45KsRE4BJc5ZK69EGW+IDltnQ5Es+nT9xTWKrTaflO
JJFENE3st70xLWfrLGmjjz0lVGVnNItXsyQ0tRv8/1Nw6ToMWpDx1UoYwC/MRBwi
HpjDRT/kA8QIVGy5eyBEIx2gENG1v77E9pw4o+w2Kc8LOz775mF4MdVS/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDj6Sm+cpHF769nUd/qACIpbrVKoMB8GA1UdIwQY
MBaAFGujGGWXdCqSbNJlBOHtdvhUP9smMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2Mt
YmMwMDdmMmRhYzI0LzEvT1BwS2I1eWtjWHZyMmRSMy1vQUlpbHV0VXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi85ZDU5MTAtOWY1ZS00NDZjLThkM2MtYmMwMDdmMmRhYzI0
LzEvYTZNWVpaZDBLcEpzMG1VRTRlMTItRlFfMnlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAudvbMA0G
CSqGSIb3DQEBCwUAA4IBAQBfgbRm0vz223uHCyDY2Ug7vsiDgBQXx3mxJCuQ9Ewq
imEXOI9PYNPWkpT6wkKS2HP6ew/b8tco9y0+U+jpHRHQqK/kbNMv6no8wXqf183Q
HjX/E5XaP7InKFsxEtYR4hJL+YOIFlef4MjZSEH0Ic120irFkvUPqU8bU5AnQGIn
xlBKHPgEEmSYhpDHbplhVnZfu2xFKnsIVTJTZjcikaTGOgEtTksbegMU6+5PoidJ
NCgZCejUwAQUF5OWa7TYHG+1GV+GH5SAV2dA0FI28bt/opTfi3hOGikSE8DGZUG3
BD1yybFBTwATe1OrhargrMcIGwSsLESvUK91tLcJyYgE
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:49:04 2024 by rpki-client on console-ams.rpki-client.org