Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/okOYZ7kMGRyz0hARkkB8Wh_AtIs.roa
File: okOYZ7kMGRyz0hARkkB8Wh_AtIs.roa (raw, json)
Hash identifier: 3QNe+8iOy8RKS7HGnD26YfOfLVkCDpD+RQCqCzlBKxw=
Subject key identifier: A2:43:98:67:B9:0C:19:1C:B3:D2:10:11:92:40:7C:5A:1F:C0:B4:8B
Certificate issuer: /CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Certificate serial: 018CC5DC1C71B4F107D9E04F047E9EFFAE61
Authority key identifier: 87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/okOYZ7kMGRyz0hARkkB8Wh_AtIs.roa
Signing time: Mon 01 Jan 2024 16:29:45 +0000
ROA not before: Mon 01 Jan 2024 16:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41921
IP address blocks: 213.33.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:1c:71:b4:f1:07:d9:e0:4f:04:7e:9e:ff:ae:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=870c589a4f22a9ca2ff99b4c48f8bdf492871725
Validity
Not Before: Jan 1 16:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2439867b90c191cb3d2101192407c5a1fc0b48b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:ea:17:64:b4:2c:d7:b8:25:15:6a:12:cc:bb:
87:68:8f:f8:30:54:6a:eb:08:67:7a:d8:34:69:4b:
2c:3c:76:79:8f:94:da:af:8e:22:5d:45:d5:c2:8d:
9f:1b:10:59:1e:10:af:d0:93:82:dd:b6:1f:4e:f2:
70:96:ad:d5:5c:d9:79:31:06:7c:27:4e:30:21:ab:
d7:63:0b:17:a6:b0:ac:54:7a:27:e0:11:61:c0:1d:
ca:7c:bd:3a:cf:be:dc:f3:c5:f6:93:6c:6c:cd:a8:
7e:a2:03:a6:35:15:e4:70:1b:2e:e2:34:62:03:46:
71:e3:5f:e9:79:b7:30:9d:49:cf:cf:03:e6:19:37:
3b:5d:21:54:36:9b:d1:d5:71:ac:60:2c:bf:0d:49:
53:2e:b5:fb:13:a2:88:aa:50:45:cd:d8:cb:b0:b3:
40:c1:74:49:61:1d:da:d4:67:cd:1c:9c:31:eb:54:
b2:a5:0c:b6:a6:c5:73:37:ba:40:ee:4f:c4:d9:0c:
c1:df:6d:81:39:53:ec:2f:45:8c:90:c6:ca:6a:97:
81:02:71:c7:ac:c6:e2:c5:aa:ad:af:bb:34:0b:52:
73:cc:e2:a4:d1:e0:01:e2:c5:78:11:ef:19:66:63:
1b:d1:f6:e2:76:0b:99:51:33:7c:50:c5:5c:ad:8d:
11:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:43:98:67:B9:0C:19:1C:B3:D2:10:11:92:40:7C:5A:1F:C0:B4:8B
X509v3 Authority Key Identifier:
keyid:87:0C:58:9A:4F:22:A9:CA:2F:F9:9B:4C:48:F8:BD:F4:92:87:17:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hwxYmk8iqcov-ZtMSPi99JKHFyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/okOYZ7kMGRyz0hARkkB8Wh_AtIs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/f505b5-0e46-4b3f-bf1b-849d3a6b9c2d/1/hwxYmk8iqcov-ZtMSPi99JKHFyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.33.116.0/24
Signature Algorithm: sha256WithRSAEncryption
cb:9b:ad:25:42:7b:3e:ae:92:d6:ae:21:02:72:e3:90:75:44:
48:55:44:10:c0:24:8a:f4:95:d0:65:e4:4e:af:96:07:8c:7c:
ae:27:e6:42:80:10:e3:ea:2b:ec:eb:c5:05:e0:48:3a:90:06:
f4:4c:85:67:0b:3c:26:98:d6:34:cb:29:a4:28:c8:df:0e:ca:
55:0e:c7:3e:4f:3d:97:59:a7:fc:97:0e:90:83:6c:a7:fc:b2:
0d:78:cf:57:4e:fa:33:7a:03:3f:ef:1d:c6:0e:36:e6:9b:61:
d2:51:bb:be:c4:e3:0f:70:87:1f:dd:63:d3:e3:9b:5f:99:7c:
9b:a0:00:69:fc:d4:0a:4d:22:c2:15:0b:89:20:36:28:de:9a:
47:ca:96:64:94:50:44:40:ab:7f:0f:5d:2e:ae:4e:6d:20:d5:
fe:0b:16:69:a6:83:e7:06:99:d7:d3:f8:db:f3:fc:09:f3:1a:
f3:e9:84:03:50:5a:ad:50:35:10:cb:9b:4d:32:70:4b:8f:1c:
86:b3:b9:93:9c:ca:4a:1c:3e:e1:59:ad:47:49:22:e1:c7:38:
61:74:15:2d:f6:e5:de:4c:24:02:d9:65:ea:cc:60:05:58:ce:
4d:96:29:f5:7f:92:9b:25:55:07:87:13:66:8c:74:60:29:39:
f6:53:60:42
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3BxxtPEH2eBPBH6e/65hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3MGM1ODlhNGYyMmE5Y2EyZmY5OWI0YzQ4ZjhiZGY0OTI4
NzE3MjUwHhcNMjQwMTAxMTYyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQzOTg2N2I5MGMxOTFjYjNkMjEwMTE5MjQwN2M1YTFmYzBiNDhiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+oXZLQs17glFWoSzLuHaI/4MFRq
6whnetg0aUssPHZ5j5Tar44iXUXVwo2fGxBZHhCv0JOC3bYfTvJwlq3VXNl5MQZ8
J04wIavXYwsXprCsVHon4BFhwB3KfL06z77c88X2k2xszah+ogOmNRXkcBsu4jRi
A0Zx41/pebcwnUnPzwPmGTc7XSFUNpvR1XGsYCy/DUlTLrX7E6KIqlBFzdjLsLNA
wXRJYR3a1GfNHJwx61SypQy2psVzN7pA7k/E2QzB322BOVPsL0WMkMbKapeBAnHH
rMbixaqtr7s0C1JzzOKk0eAB4sV4Ee8ZZmMb0fbidguZUTN8UMVcrY0RUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKJDmGe5DBkcs9IQEZJAfFofwLSLMB8GA1UdIwQY
MBaAFIcMWJpPIqnKL/mbTEj4vfSShxclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWIt
ODQ5ZDNhNmI5YzJkLzEvb2tPWVo3a01HUnl6MGhBUmtrQjhXaF9BdElzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC9mNTA1YjUtMGU0Ni00YjNmLWJmMWItODQ5ZDNhNmI5YzJk
LzEvaHd4WW1rOGlxY292LVp0TVNQaTk5SktIRnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1SF0MA0G
CSqGSIb3DQEBCwUAA4IBAQDLm60lQns+rpLWriECcuOQdURIVUQQwCSK9JXQZeRO
r5YHjHyuJ+ZCgBDj6ivs68UF4Eg6kAb0TIVnCzwmmNY0yymkKMjfDspVDsc+Tz2X
Waf8lw6Qg2yn/LINeM9XTvozegM/7x3GDjbmm2HSUbu+xOMPcIcf3WPT45tfmXyb
oABp/NQKTSLCFQuJIDYo3ppHypZklFBEQKt/D10urk5tINX+CxZppoPnBpnX0/jb
8/wJ8xrz6YQDUFqtUDUQy5tNMnBLjxyGs7mTnMpKHD7hWa1HSSLhxzhhdBUt9uXe
TCQC2WXqzGAFWM5Nlin1f5KbJVUHhxNmjHRgKTn2U2BC
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:18:11 2024 by rpki-client on console-fra.rpki-client.org