Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/OU0bIxmPcab-LVFGkiK2144yE3g.roa
File: OU0bIxmPcab-LVFGkiK2144yE3g.roa (raw, json)
Hash identifier: P+iD+Hs0Rur1TH60Pv45Zt7y1bEPHZRVdFslh6XhBR0=
Subject key identifier: 39:4D:1B:23:19:8F:71:A6:FE:2D:51:46:92:22:B6:D7:8E:32:13:78
Certificate issuer: /CN=fc7d4ab7761aba24f33d5b6dfbc27cab738bb5ee
Certificate serial: 018CC8DF35C2A011B48026F8C5594DB92710
Authority key identifier: FC:7D:4A:B7:76:1A:BA:24:F3:3D:5B:6D:FB:C2:7C:AB:73:8B:B5:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_H1Kt3YauiTzPVtt-8J8q3OLte4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/OU0bIxmPcab-LVFGkiK2144yE3g.roa
Signing time: Tue 02 Jan 2024 06:32:00 +0000
ROA not before: Tue 02 Jan 2024 06:32:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.109.0/24 maxlen: 24
2001:7f8:c3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/_H1Kt3YauiTzPVtt-8J8q3OLte4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/_H1Kt3YauiTzPVtt-8J8q3OLte4.mft
rsync://rpki.ripe.net/repository/DEFAULT/_H1Kt3YauiTzPVtt-8J8q3OLte4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 15:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:35:c2:a0:11:b4:80:26:f8:c5:59:4d:b9:27:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc7d4ab7761aba24f33d5b6dfbc27cab738bb5ee
Validity
Not Before: Jan 2 06:32:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=394d1b23198f71a6fe2d51469222b6d78e321378
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f4:a4:67:8a:00:95:a5:97:ed:df:72:56:ff:
bc:fa:5b:27:a6:8b:86:af:68:03:b6:6e:ec:3f:46:
7d:88:17:ff:2a:3c:00:34:f4:01:fa:48:d7:1a:97:
cb:32:b0:9e:3b:f9:22:77:f3:2f:37:82:13:63:dd:
c4:27:65:22:65:61:d0:3a:cc:a4:89:29:e3:dc:f4:
bc:f2:2e:9b:72:91:7f:54:12:7f:f5:48:c5:02:fd:
13:66:63:d1:b7:47:5c:b4:36:55:92:77:a4:ea:70:
5b:ba:08:c8:12:34:19:5b:e6:5a:43:f5:b0:df:42:
db:17:92:48:ee:85:92:ba:d7:0f:4d:23:d7:39:89:
26:cf:28:27:ef:b9:43:23:ac:72:4d:53:56:92:a3:
9f:46:f9:6d:0e:6d:82:7a:77:d1:4c:96:4e:15:af:
a0:ff:54:f0:a3:25:f2:a9:5a:7e:f6:3e:a2:24:2a:
b1:65:80:59:01:d2:5e:ab:e8:fb:d5:a8:59:c7:63:
60:6e:60:56:36:79:60:c5:04:34:93:d1:2d:1e:70:
25:e8:bb:41:63:e3:31:c4:12:47:2f:5a:25:63:6a:
5a:5c:20:1c:30:d1:38:7a:22:41:b9:20:0b:62:00:
99:8c:51:7c:73:c3:b3:6f:6d:e6:ef:c5:a3:4a:d4:
1a:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:4D:1B:23:19:8F:71:A6:FE:2D:51:46:92:22:B6:D7:8E:32:13:78
X509v3 Authority Key Identifier:
keyid:FC:7D:4A:B7:76:1A:BA:24:F3:3D:5B:6D:FB:C2:7C:AB:73:8B:B5:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_H1Kt3YauiTzPVtt-8J8q3OLte4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/OU0bIxmPcab-LVFGkiK2144yE3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0287cf-853b-4516-9f06-452ec3a9588b/1/_H1Kt3YauiTzPVtt-8J8q3OLte4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.109.0/24
IPv6:
2001:7f8:c3::/48
Signature Algorithm: sha256WithRSAEncryption
c2:bd:2c:56:aa:5c:f6:6d:6a:d5:71:fd:3c:38:ab:df:3c:37:
14:30:f9:d7:15:79:8f:66:7e:b4:f5:09:f7:c3:c7:0d:27:8e:
f6:2c:66:58:17:f3:57:43:e5:db:8a:66:6e:00:0f:dd:d7:cc:
ec:df:ad:23:b3:d7:fe:57:6b:9a:1d:93:40:05:9e:61:53:3b:
ba:12:a5:32:d2:ea:15:6d:8e:7b:1b:a5:5d:d8:82:24:cf:da:
6f:f2:24:ac:a1:02:c9:0c:46:68:6b:7d:b5:9c:1f:9b:14:a7:
f2:84:9d:f8:95:df:3a:fe:63:73:52:26:29:d2:de:8f:67:ef:
f9:f8:24:19:c3:cf:cb:76:aa:ff:e5:ee:8b:da:4a:b6:3e:07:
51:48:c4:33:b9:54:32:c0:05:71:f3:13:f7:05:c0:44:57:de:
29:5f:37:4d:f6:91:d1:52:12:91:ac:ae:f5:f6:10:62:46:b6:
30:14:b2:6c:6d:fc:19:b0:e2:b7:e0:a5:d7:79:6e:4a:73:6e:
ed:0d:cd:bc:bd:6c:7c:94:83:98:75:80:3a:52:22:07:90:58:
95:90:a0:c8:f6:0b:4a:59:57:b6:ca:89:0b:b3:74:c8:29:dd:
c6:f9:aa:47:eb:a5:49:5b:16:8e:1c:54:87:61:ac:37:da:60:
0e:75:48:01
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI3zXCoBG0gCb4xVlNuScQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjN2Q0YWI3NzYxYWJhMjRmMzNkNWI2ZGZiYzI3Y2FiNzM4
YmI1ZWUwHhcNMjQwMTAyMDYzMjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTRkMWIyMzE5OGY3MWE2ZmUyZDUxNDY5MjIyYjZkNzhlMzIxMzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PSkZ4oAlaWX7d9yVv+8+lsnpouG
r2gDtm7sP0Z9iBf/KjwANPQB+kjXGpfLMrCeO/kid/MvN4ITY93EJ2UiZWHQOsyk
iSnj3PS88i6bcpF/VBJ/9UjFAv0TZmPRt0dctDZVknek6nBbugjIEjQZW+ZaQ/Ww
30LbF5JI7oWSutcPTSPXOYkmzygn77lDI6xyTVNWkqOfRvltDm2CenfRTJZOFa+g
/1TwoyXyqVp+9j6iJCqxZYBZAdJeq+j71ahZx2NgbmBWNnlgxQQ0k9EtHnAl6LtB
Y+MxxBJHL1olY2paXCAcMNE4eiJBuSALYgCZjFF8c8Ozb23m78WjStQaZQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDlNGyMZj3Gm/i1RRpIitteOMhN4MB8GA1UdIwQY
MBaAFPx9Srd2Grok8z1bbfvCfKtzi7XuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0gxS3QzWWF1aVR6UFZ0dC04SjhxM09MdGU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wMjg3Y2YtODUzYi00NTE2LTlmMDYt
NDUyZWMzYTk1ODhiLzEvT1UwYkl4bVBjYWItTFZGR2tpSzIxNDR5RTNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wMjg3Y2YtODUzYi00NTE2LTlmMDYtNDUyZWMzYTk1ODhi
LzEvX0gxS3QzWWF1aVR6UFZ0dC04SjhxM09MdGU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuQFtMA8E
AgACMAkDBwAgAQf4AMMwDQYJKoZIhvcNAQELBQADggEBAMK9LFaqXPZtatVx/Tw4
q988NxQw+dcVeY9mfrT1CffDxw0njvYsZlgX81dD5duKZm4AD93XzOzfrSOz1/5X
a5odk0AFnmFTO7oSpTLS6hVtjnsbpV3YgiTP2m/yJKyhAskMRmhrfbWcH5sUp/KE
nfiV3zr+Y3NSJinS3o9n7/n4JBnDz8t2qv/l7ovaSrY+B1FIxDO5VDLABXHzE/cF
wERX3ilfN032kdFSEpGsrvX2EGJGtjAUsmxt/Bmw4rfgpdd5bkpzbu0Nzby9bHyU
g5h1gDpSIgeQWJWQoMj2C0pZV7bKiQuzdMgp3cb5qkfrpUlbFo4cVIdhrDfaYA51
SAE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:47:40 2024 by rpki-client on console-fra.rpki-client.org