Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/OG3XOwCckIClse_-73KQEJwQCWE.roa
File: OG3XOwCckIClse_-73KQEJwQCWE.roa (raw, json)
Hash identifier: rABrls9mDGA+WVLh8PFJY+Ndk2Al9x12CJiCXuIFhPU=
Subject key identifier: 38:6D:D7:3B:00:9C:90:80:A5:B1:EF:FE:EF:72:90:10:9C:10:09:61
Certificate issuer: /CN=d2a3c8cc63d0e7e069ca523f34efb3953ee21b65
Certificate serial: 018CC86FA4023CA508CAF9C93FCA4FA2DC98
Authority key identifier: D2:A3:C8:CC:63:D0:E7:E0:69:CA:52:3F:34:EF:B3:95:3E:E2:1B:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0qPIzGPQ5-BpylI_NO-zlT7iG2U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/OG3XOwCckIClse_-73KQEJwQCWE.roa
Signing time: Tue 02 Jan 2024 04:30:08 +0000
ROA not before: Tue 02 Jan 2024 04:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25353
IP address blocks: 193.162.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.mft
rsync://rpki.ripe.net/repository/DEFAULT/0qPIzGPQ5-BpylI_NO-zlT7iG2U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a4:02:3c:a5:08:ca:f9:c9:3f:ca:4f:a2:dc:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2a3c8cc63d0e7e069ca523f34efb3953ee21b65
Validity
Not Before: Jan 2 04:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=386dd73b009c9080a5b1effeef7290109c100961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:74:83:88:b1:de:33:3e:30:7d:58:f5:0b:0d:
36:fa:24:cf:0c:0f:5c:af:e9:79:4e:82:b7:f8:32:
5e:96:c4:09:29:0a:cf:da:78:f1:bb:40:90:10:54:
73:ad:70:ee:52:46:a5:58:0d:92:cd:21:ad:6d:a7:
3c:9f:54:6c:3f:b2:3f:52:7b:df:ce:73:e5:b7:b0:
c5:cc:04:7c:45:64:03:ee:e4:b5:0f:7d:46:68:3c:
34:ca:5b:1c:eb:8d:8d:3f:17:e5:c6:e8:ee:8b:9f:
78:6d:50:fa:b7:dd:92:2d:04:98:69:b0:e6:4e:6b:
22:78:a9:b4:c9:6a:22:7a:f6:8a:9d:9a:08:97:2b:
b1:d7:f2:20:71:fd:36:e3:fc:c0:01:e2:df:08:53:
db:81:0b:bb:7b:6a:4f:b3:d6:2a:54:1a:29:5b:23:
18:3f:42:40:be:43:4b:8c:e6:cb:0e:19:6d:37:44:
b0:26:42:5e:90:a9:71:92:42:67:07:5c:33:22:db:
26:43:46:06:12:16:04:6f:91:cf:12:0d:3f:dc:f0:
e8:59:30:cf:4e:32:fe:cf:36:0e:12:81:26:72:68:
d6:0a:7b:eb:0a:e4:d5:ed:0a:02:34:b4:57:5f:01:
a8:82:27:91:35:05:57:25:4b:b2:8c:5c:ae:5b:09:
6d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:6D:D7:3B:00:9C:90:80:A5:B1:EF:FE:EF:72:90:10:9C:10:09:61
X509v3 Authority Key Identifier:
keyid:D2:A3:C8:CC:63:D0:E7:E0:69:CA:52:3F:34:EF:B3:95:3E:E2:1B:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0qPIzGPQ5-BpylI_NO-zlT7iG2U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/OG3XOwCckIClse_-73KQEJwQCWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d0a1fe-0b65-4d50-ae2f-12898697a862/1/0qPIzGPQ5-BpylI_NO-zlT7iG2U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.162.79.0/24
Signature Algorithm: sha256WithRSAEncryption
48:76:bb:9b:5c:a6:18:30:52:e7:62:7c:c0:01:c4:fc:4b:6b:
66:b0:c6:a0:46:c0:bb:b3:c3:a6:39:b6:9f:88:4f:d1:f7:eb:
2a:1c:d1:e0:28:50:7d:a0:d4:d2:51:f6:31:e1:24:98:03:bf:
a5:aa:eb:3f:8e:dc:f1:44:ac:cd:e3:7c:7e:c0:16:87:cd:b3:
da:ec:ec:61:2b:4f:50:e8:2d:d9:91:d8:99:0e:5a:be:67:4b:
a8:5e:2d:86:37:0d:2b:52:c4:f8:9e:86:c1:8a:c5:28:ce:c2:
77:3f:1e:ce:fa:ea:8c:65:cf:0f:03:e8:6a:35:36:97:27:9d:
94:c6:74:3b:81:a6:7b:14:86:3b:da:ad:5a:0a:93:4b:a5:bd:
64:8d:31:fe:7f:85:9f:81:45:26:8b:a2:a7:7d:1a:d5:8d:de:
31:ac:85:3d:a6:2c:6f:94:3b:38:cf:35:51:42:62:49:4a:d8:
b0:4d:19:92:08:50:f5:98:fe:0d:fc:a6:68:35:ec:3b:9b:cd:
fa:75:52:24:f5:8f:d1:de:ed:05:3e:a5:d7:0c:99:f0:83:da:
56:9b:ee:d8:2c:08:7f:a9:30:46:2c:7f:8c:c1:6c:07:3f:c5:
28:1e:2a:ff:55:e3:99:c1:b2:5b:00:5f:35:27:99:8d:ef:03:
a5:f6:05:67
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb6QCPKUIyvnJP8pPotyYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyYTNjOGNjNjNkMGU3ZTA2OWNhNTIzZjM0ZWZiMzk1M2Vl
MjFiNjUwHhcNMjQwMTAyMDQzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODZkZDczYjAwOWM5MDgwYTViMWVmZmVlZjcyOTAxMDljMTAwOTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtXSDiLHeMz4wfVj1Cw02+iTPDA9c
r+l5ToK3+DJelsQJKQrP2njxu0CQEFRzrXDuUkalWA2SzSGtbac8n1RsP7I/Unvf
znPlt7DFzAR8RWQD7uS1D31GaDw0ylsc642NPxflxujui594bVD6t92SLQSYabDm
TmsieKm0yWoievaKnZoIlyux1/Igcf024/zAAeLfCFPbgQu7e2pPs9YqVBopWyMY
P0JAvkNLjObLDhltN0SwJkJekKlxkkJnB1wzItsmQ0YGEhYEb5HPEg0/3PDoWTDP
TjL+zzYOEoEmcmjWCnvrCuTV7QoCNLRXXwGogieRNQVXJUuyjFyuWwltcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDht1zsAnJCApbHv/u9ykBCcEAlhMB8GA1UdIwQY
MBaAFNKjyMxj0OfgacpSPzTvs5U+4htlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHFQSXpHUFE1LUJweWxJX05PLXpsVDdpRzJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kMGExZmUtMGI2NS00ZDUwLWFlMmYt
MTI4OTg2OTdhODYyLzEvT0czWE93Q2NrSUNsc2VfLTczS1FFSndRQ1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kMGExZmUtMGI2NS00ZDUwLWFlMmYtMTI4OTg2OTdhODYy
LzEvMHFQSXpHUFE1LUJweWxJX05PLXpsVDdpRzJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwaJPMA0G
CSqGSIb3DQEBCwUAA4IBAQBIdrubXKYYMFLnYnzAAcT8S2tmsMagRsC7s8OmObaf
iE/R9+sqHNHgKFB9oNTSUfYx4SSYA7+lqus/jtzxRKzN43x+wBaHzbPa7OxhK09Q
6C3ZkdiZDlq+Z0uoXi2GNw0rUsT4nobBisUozsJ3Px7O+uqMZc8PA+hqNTaXJ52U
xnQ7gaZ7FIY72q1aCpNLpb1kjTH+f4WfgUUmi6KnfRrVjd4xrIU9pixvlDs4zzVR
QmJJStiwTRmSCFD1mP4N/KZoNew7m836dVIk9Y/R3u0FPqXXDJnwg9pWm+7YLAh/
qTBGLH+MwWwHP8UoHir/VeOZwbJbAF81J5mN7wOl9gVn
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:57:34 2024 by rpki-client on console-fra.rpki-client.org