Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/OBLD_z9V12OaihMDJ33LYt7990I.roa
File: OBLD_z9V12OaihMDJ33LYt7990I.roa (raw, json)
Hash identifier: 9DlWwRioyvsYm5f/91JByXQ/VGI3eNxDLgi0OTi8buI=
Subject key identifier: 38:12:C3:FF:3F:55:D7:63:9A:8A:13:03:27:7D:CB:62:DE:FD:F7:42
Certificate issuer: /CN=8b9e36bb6fef9328f518e4b105fc212c152a8c68
Certificate serial: 01902A421DB7AA4F557F50BEE2591DB94419
Authority key identifier: 8B:9E:36:BB:6F:EF:93:28:F5:18:E4:B1:05:FC:21:2C:15:2A:8C:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i542u2_vkyj1GOSxBfwhLBUqjGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/OBLD_z9V12OaihMDJ33LYt7990I.roa
Signing time: Tue 18 Jun 2024 07:31:34 +0000
ROA not before: Tue 18 Jun 2024 07:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207790
IP address blocks: 89.56.0.0/16 maxlen: 24
89.57.0.0/18 maxlen: 24
89.57.64.0/18 maxlen: 24
89.57.128.0/18 maxlen: 24
89.57.192.0/18 maxlen: 24
185.12.88.0/22 maxlen: 22
2a03:7840::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/i542u2_vkyj1GOSxBfwhLBUqjGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/i542u2_vkyj1GOSxBfwhLBUqjGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/i542u2_vkyj1GOSxBfwhLBUqjGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2a:42:1d:b7:aa:4f:55:7f:50:be:e2:59:1d:b9:44:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b9e36bb6fef9328f518e4b105fc212c152a8c68
Validity
Not Before: Jun 18 07:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3812c3ff3f55d7639a8a1303277dcb62defdf742
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8f:e6:75:59:2e:9d:aa:ef:b4:a5:be:54:fc:
1e:e2:58:0b:82:f6:62:85:52:4b:fb:7f:c5:a7:88:
34:2a:ba:b9:50:60:8a:e6:ad:3d:73:32:64:8b:8c:
2e:b2:39:fc:a5:e0:06:2c:a2:af:c8:ea:b2:cf:e1:
98:b8:ce:c1:fd:45:11:7b:3b:9c:92:52:6e:4c:fe:
db:5a:55:c5:21:31:22:8c:1a:c9:6f:9d:2e:86:1f:
9b:87:7d:77:92:99:cf:fd:86:03:44:be:66:75:d2:
30:48:05:22:eb:68:f1:aa:34:5b:3d:91:13:ec:8b:
43:de:4b:0a:e5:7c:3c:6f:e2:c5:f2:ee:b9:f9:a3:
57:98:7e:46:3b:57:4d:58:98:0c:83:9d:60:43:e5:
e0:cf:37:95:03:b4:dd:8d:b7:34:cf:3f:34:65:3c:
20:d9:d6:13:9e:9d:a7:9b:4b:29:19:6b:1c:be:10:
bf:9a:a2:0e:95:ce:30:c8:47:00:c8:33:cc:79:40:
ad:64:b1:32:69:2d:4b:28:cf:c1:da:79:1d:30:c4:
30:dd:df:29:6e:a1:28:2a:dd:72:bb:96:02:a0:c6:
b5:e4:14:93:fa:c7:84:ef:0a:89:c6:11:71:55:44:
4b:50:6a:aa:04:a3:92:1a:91:67:bc:5d:79:29:dc:
5e:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:12:C3:FF:3F:55:D7:63:9A:8A:13:03:27:7D:CB:62:DE:FD:F7:42
X509v3 Authority Key Identifier:
keyid:8B:9E:36:BB:6F:EF:93:28:F5:18:E4:B1:05:FC:21:2C:15:2A:8C:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i542u2_vkyj1GOSxBfwhLBUqjGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/OBLD_z9V12OaihMDJ33LYt7990I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/4a0e8d-0bbe-4213-98b1-1a116a534483/1/i542u2_vkyj1GOSxBfwhLBUqjGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.56.0.0/15
185.12.88.0/22
IPv6:
2a03:7840::/29
Signature Algorithm: sha256WithRSAEncryption
18:58:04:ae:a5:fa:c8:f3:37:30:95:62:96:73:ad:cc:7e:bd:
9d:1c:b5:e8:ce:89:bd:d4:e5:99:9d:5f:ea:ba:b2:88:26:3f:
23:13:9d:15:ac:bc:64:63:9b:c8:d8:a1:ff:c6:83:b6:4a:ac:
fd:35:78:32:4b:1c:ec:c2:58:b8:17:dd:fd:14:28:3c:bc:b5:
b1:e6:f6:99:17:20:fa:3b:53:b6:2d:81:c1:df:cb:1f:61:a9:
dd:7c:78:f7:9e:61:de:da:87:23:a9:0c:a9:c4:36:29:e3:79:
31:ec:f9:79:00:b9:8f:2b:a3:40:45:0b:6f:7a:11:3c:c0:f9:
6d:ca:1b:5c:78:e5:bd:e9:41:4e:9e:4c:66:f8:89:f7:9c:20:
1f:9c:db:e8:93:c5:69:ab:32:83:74:66:41:5b:b4:b6:39:85:
54:67:73:8b:4d:95:2b:e4:08:0b:2d:ab:ca:7b:8e:b6:92:e4:
63:45:76:bf:e5:96:19:7a:be:48:6a:cc:a6:5b:eb:e9:82:52:
7e:92:92:4f:ef:5b:1f:55:81:35:8d:38:87:97:47:6a:8b:bb:
ee:86:97:12:70:eb:01:2f:1e:b5:8a:10:ef:8a:93:c0:c8:69:
ed:67:1c:12:a9:79:8c:fe:b8:6f:60:36:58:a9:0f:9f:64:1d:
7a:ad:6f:79
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZAqQh23qk9Vf1C+4lkduUQZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiOWUzNmJiNmZlZjkzMjhmNTE4ZTRiMTA1ZmMyMTJjMTUy
YThjNjgwHhcNMjQwNjE4MDczMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODEyYzNmZjNmNTVkNzYzOWE4YTEzMDMyNzdkY2I2MmRlZmRmNzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4/mdVkunarvtKW+VPwe4lgLgvZi
hVJL+3/Fp4g0Krq5UGCK5q09czJki4wusjn8peAGLKKvyOqyz+GYuM7B/UURezuc
klJuTP7bWlXFITEijBrJb50uhh+bh313kpnP/YYDRL5mddIwSAUi62jxqjRbPZET
7ItD3ksK5Xw8b+LF8u65+aNXmH5GO1dNWJgMg51gQ+XgzzeVA7Tdjbc0zz80ZTwg
2dYTnp2nm0spGWscvhC/mqIOlc4wyEcAyDPMeUCtZLEyaS1LKM/B2nkdMMQw3d8p
bqEoKt1yu5YCoMa15BST+seE7wqJxhFxVURLUGqqBKOSGpFnvF15Kdxe5wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDgSw/8/VddjmooTAyd9y2Le/fdCMB8GA1UdIwQY
MBaAFIueNrtv75Mo9RjksQX8ISwVKoxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTU0MnUyX3ZreWoxR09TeEJmd2hMQlVxakdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS80YTBlOGQtMGJiZS00MjEzLTk4YjEt
MWExMTZhNTM0NDgzLzEvT0JMRF96OVYxMk9haWhNREozM0xZdDc5OTBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS80YTBlOGQtMGJiZS00MjEzLTk4YjEtMWExMTZhNTM0NDgz
LzEvaTU0MnUyX3ZreWoxR09TeEJmd2hMQlVxakdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMBWTgDBAK5
DFgwDQQCAAIwBwMFAyoDeEAwDQYJKoZIhvcNAQELBQADggEBABhYBK6l+sjzNzCV
YpZzrcx+vZ0ctejOib3U5ZmdX+q6sogmPyMTnRWsvGRjm8jYof/Gg7ZKrP01eDJL
HOzCWLgX3f0UKDy8tbHm9pkXIPo7U7YtgcHfyx9hqd18ePeeYd7ahyOpDKnENinj
eTHs+XkAuY8ro0BFC296ETzA+W3KG1x45b3pQU6eTGb4ifecIB+c2+iTxWmrMoN0
ZkFbtLY5hVRnc4tNlSvkCAstq8p7jraS5GNFdr/llhl6vkhqzKZb6+mCUn6Skk/v
Wx9VgTWNOIeXR2qLu+6GlxJw6wEvHrWKEO+Kk8DIae1nHBKpeYz+uG9gNlipD59k
HXqtb3k=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:53:36 2024 by rpki-client on console-ams.rpki-client.org