Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/299278-c57c-4354-b966-9fb224be8b08/1/oz5qkZwj8FY8t_HJMWZaMC1EPxM.roa
File: oz5qkZwj8FY8t_HJMWZaMC1EPxM.roa (raw, json)
Hash identifier: WMjIzhS6gj5RTH6Zttv3Z8K66yFFv6Eh47FkgwbhiTk=
Subject key identifier: A3:3E:6A:91:9C:23:F0:56:3C:B7:F1:C9:31:66:5A:30:2D:44:3F:13
Certificate issuer: /CN=ae3cc567febfe34878aeb913861cf0600a283903
Certificate serial: 018CC64B11B551A12BD11664E3EEA9F1EB2C
Authority key identifier: AE:3C:C5:67:FE:BF:E3:48:78:AE:B9:13:86:1C:F0:60:0A:28:39:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rjzFZ_6_40h4rrkThhzwYAooOQM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/299278-c57c-4354-b966-9fb224be8b08/1/oz5qkZwj8FY8t_HJMWZaMC1EPxM.roa
Signing time: Mon 01 Jan 2024 18:30:57 +0000
ROA not before: Mon 01 Jan 2024 18:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51881
IP address blocks: 91.220.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/299278-c57c-4354-b966-9fb224be8b08/1/rjzFZ_6_40h4rrkThhzwYAooOQM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/299278-c57c-4354-b966-9fb224be8b08/1/rjzFZ_6_40h4rrkThhzwYAooOQM.mft
rsync://rpki.ripe.net/repository/DEFAULT/rjzFZ_6_40h4rrkThhzwYAooOQM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:02:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:11:b5:51:a1:2b:d1:16:64:e3:ee:a9:f1:eb:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae3cc567febfe34878aeb913861cf0600a283903
Validity
Not Before: Jan 1 18:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a33e6a919c23f0563cb7f1c931665a302d443f13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:cb:fb:b5:e9:6e:a7:fa:81:94:9e:69:3e:06:
53:b5:47:95:4e:51:31:0d:eb:da:4f:72:7f:76:37:
2e:2d:b8:d0:04:e7:7a:0e:e6:51:93:6f:51:88:e9:
d1:a7:82:b1:e8:16:5b:1f:b8:a4:d3:69:f3:a9:ef:
00:f6:e4:5a:6f:7f:7f:e9:e8:67:5c:c4:56:5e:c8:
69:a9:c7:57:59:d8:9f:38:f0:13:cf:29:82:74:e8:
bb:a2:e7:02:db:35:30:94:cf:e8:f6:04:48:94:83:
2e:13:66:de:9b:cd:fc:2d:78:bd:1a:ff:cd:91:6d:
61:d3:9a:74:9b:3c:3b:0b:ed:da:92:19:41:42:67:
36:30:58:b0:7d:f3:23:2c:20:76:9b:08:fc:e9:ab:
b0:4a:69:87:cb:83:44:8b:f4:bd:4e:87:68:2c:13:
9b:8a:c6:cf:d2:ec:70:09:4c:2d:3f:da:a4:1b:15:
69:29:95:41:23:fe:e4:6e:18:e1:49:0f:ca:a6:24:
a7:4f:35:e6:03:a2:90:e2:5c:0e:b2:4a:83:95:dc:
04:fb:cf:47:58:c1:75:75:8d:d9:62:aa:aa:e6:80:
1a:86:9a:05:30:5e:3b:0a:d7:95:65:43:2b:bc:5f:
9e:04:b2:9a:01:a3:c5:60:1f:bf:9d:f5:6c:2a:6a:
af:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:3E:6A:91:9C:23:F0:56:3C:B7:F1:C9:31:66:5A:30:2D:44:3F:13
X509v3 Authority Key Identifier:
keyid:AE:3C:C5:67:FE:BF:E3:48:78:AE:B9:13:86:1C:F0:60:0A:28:39:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rjzFZ_6_40h4rrkThhzwYAooOQM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/299278-c57c-4354-b966-9fb224be8b08/1/oz5qkZwj8FY8t_HJMWZaMC1EPxM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/299278-c57c-4354-b966-9fb224be8b08/1/rjzFZ_6_40h4rrkThhzwYAooOQM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.167.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:83:46:24:ea:ff:1e:be:6b:17:64:d6:ad:74:c4:2e:84:ec:
b0:6e:da:42:d5:36:e9:e0:f0:33:9b:86:43:f2:33:6a:bf:46:
1e:b9:8c:f1:a5:5a:c0:93:f2:8f:bf:59:92:f3:da:da:09:6f:
00:86:d4:5f:75:84:46:8d:b3:78:73:10:31:17:35:08:1b:15:
53:82:ed:bc:75:79:bc:a4:38:0b:3e:2d:9e:74:76:bf:29:a4:
a6:fd:b1:5d:c7:98:f6:f1:e1:d3:50:db:4a:5d:54:21:2e:8d:
c5:97:b2:3f:8c:fd:c8:cb:e6:bf:c0:eb:0d:ac:e0:91:b0:0b:
c6:94:6a:91:67:75:d0:41:cf:97:28:82:de:da:77:6c:22:f5:
e4:6f:0b:0c:24:09:86:7a:e1:47:a9:a1:01:77:b3:02:bc:41:
2f:11:ff:b0:4e:5f:52:a6:49:f1:18:0e:74:d9:d8:e6:0b:4b:
ae:fb:fa:4b:16:27:21:44:48:13:49:88:bb:20:4e:b8:db:6e:
ab:0d:df:7c:d9:d6:3d:d9:01:c1:ef:73:78:27:b5:7f:3c:16:
18:bd:0a:be:e2:b0:f0:65:e1:1e:da:1e:8d:15:8b:18:9b:4d:
4b:d1:05:b6:85:de:c0:8f:b4:28:4e:11:31:9a:68:b5:da:be:
43:7c:83:f5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSxG1UaEr0RZk4+6p8essMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlM2NjNTY3ZmViZmUzNDg3OGFlYjkxMzg2MWNmMDYwMGEy
ODM5MDMwHhcNMjQwMTAxMTgzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzNlNmE5MTljMjNmMDU2M2NiN2YxYzkzMTY2NWEzMDJkNDQzZjEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiMv7telup/qBlJ5pPgZTtUeVTlEx
DevaT3J/djcuLbjQBOd6DuZRk29RiOnRp4Kx6BZbH7ik02nzqe8A9uRab39/6ehn
XMRWXshpqcdXWdifOPATzymCdOi7oucC2zUwlM/o9gRIlIMuE2bem838LXi9Gv/N
kW1h05p0mzw7C+3akhlBQmc2MFiwffMjLCB2mwj86auwSmmHy4NEi/S9TodoLBOb
isbP0uxwCUwtP9qkGxVpKZVBI/7kbhjhSQ/KpiSnTzXmA6KQ4lwOskqDldwE+89H
WMF1dY3ZYqqq5oAahpoFMF47CteVZUMrvF+eBLKaAaPFYB+/nfVsKmqv7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKM+apGcI/BWPLfxyTFmWjAtRD8TMB8GA1UdIwQY
MBaAFK48xWf+v+NIeK65E4Yc8GAKKDkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmp6RlpfNl80MGg0cnJrVGhoendZQW9vT1FNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yOTkyNzgtYzU3Yy00MzU0LWI5NjYt
OWZiMjI0YmU4YjA4LzEvb3o1cWtad2o4Rlk4dF9ISk1XWmFNQzFFUHhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC8yOTkyNzgtYzU3Yy00MzU0LWI5NjYtOWZiMjI0YmU4YjA4
LzEvcmp6RlpfNl80MGg0cnJrVGhoendZQW9vT1FNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9ynMA0G
CSqGSIb3DQEBCwUAA4IBAQCOg0Yk6v8evmsXZNatdMQuhOywbtpC1Tbp4PAzm4ZD
8jNqv0YeuYzxpVrAk/KPv1mS89raCW8AhtRfdYRGjbN4cxAxFzUIGxVTgu28dXm8
pDgLPi2edHa/KaSm/bFdx5j28eHTUNtKXVQhLo3Fl7I/jP3Iy+a/wOsNrOCRsAvG
lGqRZ3XQQc+XKILe2ndsIvXkbwsMJAmGeuFHqaEBd7MCvEEvEf+wTl9SpknxGA50
2djmC0uu+/pLFichREgTSYi7IE64226rDd982dY92QHB73N4J7V/PBYYvQq+4rDw
ZeEe2h6NFYsYm01L0QW2hd7Aj7QoThExmmi12r5DfIP1
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:16:59 2024 by rpki-client on console-ams.rpki-client.org