Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/ofxeNGnx6R5zzi9eDK1tVntGSG4.roa
File: ofxeNGnx6R5zzi9eDK1tVntGSG4.roa (raw, json)
Hash identifier: Wr5lmOqgtqR0AVUnbfhhLt1qH4qVCfxf+47UVQWD5ik=
Subject key identifier: A1:FC:5E:34:69:F1:E9:1E:73:CE:2F:5E:0C:AD:6D:56:7B:46:48:6E
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 018CC500334C6825E21E1E2435FC920EA12B
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/ofxeNGnx6R5zzi9eDK1tVntGSG4.roa
Signing time: Mon 01 Jan 2024 12:29:33 +0000
ROA not before: Mon 01 Jan 2024 12:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49649
IP address blocks: 213.109.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jul 2024 14:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:33:4c:68:25:e2:1e:1e:24:35:fc:92:0e:a1:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 1 12:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1fc5e3469f1e91e73ce2f5e0cad6d567b46486e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:3e:2a:18:fd:d3:54:b6:68:c0:51:02:79:88:
be:c5:47:d4:65:f9:90:4b:47:86:25:10:91:03:4f:
2a:8c:59:7e:0e:04:e7:e3:b0:a9:ee:99:5f:88:2c:
16:ec:a5:fb:13:7d:ff:62:ff:94:f1:01:5a:b3:ab:
c2:98:a6:41:b2:bd:05:c9:7e:7b:25:3b:87:d7:3e:
49:e9:41:ee:ca:ea:8f:91:03:75:bd:59:bc:12:82:
e3:1d:f0:98:4e:4f:d6:e3:cc:f7:e3:94:21:37:b1:
d3:26:5f:ee:29:e3:73:87:52:73:4d:69:2a:85:3c:
6d:c5:ec:e0:b3:9e:31:f8:ff:5f:bd:c2:f0:79:5b:
1e:ff:3d:53:26:e0:c7:79:00:6e:25:a5:11:12:e8:
6e:65:10:d8:2a:15:3b:5d:2a:a8:48:e7:d9:80:4e:
87:b3:8b:70:1b:a7:19:dd:1f:87:02:c7:a3:52:e7:
e0:cf:7a:ba:f4:9c:05:0e:3d:95:c7:dc:95:35:77:
91:db:ee:f2:83:58:44:2d:0e:e0:7b:08:9c:91:8b:
ba:5a:8a:28:a9:3e:05:25:7d:ce:bd:5c:36:71:6b:
9c:51:a8:ac:38:ab:83:b0:3f:0c:c3:d1:e1:b1:0c:
ac:0a:12:94:06:7b:b1:60:05:1f:77:5b:e7:72:f5:
44:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:FC:5E:34:69:F1:E9:1E:73:CE:2F:5E:0C:AD:6D:56:7B:46:48:6E
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/ofxeNGnx6R5zzi9eDK1tVntGSG4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.32.0/24
Signature Algorithm: sha256WithRSAEncryption
72:a8:52:2c:d3:84:09:79:12:a3:5c:35:c3:c7:ab:de:49:cf:
94:48:8e:f6:6b:12:8f:d5:1f:cf:f3:e7:cc:74:30:67:32:8e:
d3:02:3a:2a:a3:95:2f:92:b4:6e:98:e1:96:82:be:57:5e:1e:
da:94:a8:9a:0a:2b:67:27:df:7c:99:98:24:6c:39:1f:1e:66:
c7:20:f2:7d:d1:2e:a5:ac:4b:56:37:04:59:b8:bc:c9:6a:a6:
9d:20:1b:0b:05:d0:ba:0b:07:c3:c6:47:4d:61:3b:50:a9:3f:
88:b6:19:ec:09:0a:23:ac:d0:80:b8:fe:52:c8:37:56:a0:3d:
fa:41:f3:9a:e8:a1:cb:44:31:93:6a:22:45:ab:a2:6e:69:5d:
9e:67:89:59:19:ea:22:cf:6e:ff:fb:27:26:66:42:90:48:8a:
88:04:a3:99:06:11:c4:b5:61:08:90:d1:8b:a5:ea:b7:6c:a9:
a9:d3:67:50:21:67:7e:04:59:a6:40:97:cf:23:cc:82:ec:30:
71:a0:6f:bc:f3:d3:da:be:47:45:33:0a:ae:0a:72:01:4b:8e:
5b:48:55:4c:34:00:73:d2:27:4a:a6:ee:fd:74:e5:20:fe:6f:
e9:27:66:5b:21:05:77:e1:bc:0d:4f:42:1f:5b:72:c3:29:5a:
0b:e2:59:6b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFADNMaCXiHh4kNfySDqErMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjQwMTAxMTIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWZjNWUzNDY5ZjFlOTFlNzNjZTJmNWUwY2FkNmQ1NjdiNDY0ODZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqD4qGP3TVLZowFECeYi+xUfUZfmQ
S0eGJRCRA08qjFl+DgTn47Cp7plfiCwW7KX7E33/Yv+U8QFas6vCmKZBsr0FyX57
JTuH1z5J6UHuyuqPkQN1vVm8EoLjHfCYTk/W48z345QhN7HTJl/uKeNzh1JzTWkq
hTxtxezgs54x+P9fvcLweVse/z1TJuDHeQBuJaUREuhuZRDYKhU7XSqoSOfZgE6H
s4twG6cZ3R+HAsejUufgz3q69JwFDj2Vx9yVNXeR2+7yg1hELQ7gewickYu6Wooo
qT4FJX3OvVw2cWucUaisOKuDsD8Mw9HhsQysChKUBnuxYAUfd1vncvVExwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKH8XjRp8ekec84vXgytbVZ7RkhuMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvb2Z4ZU5Hbng2UjV6emk5ZURLMXRWbnRHU0c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1W0gMA0G
CSqGSIb3DQEBCwUAA4IBAQByqFIs04QJeRKjXDXDx6veSc+USI72axKP1R/P8+fM
dDBnMo7TAjoqo5UvkrRumOGWgr5XXh7alKiaCitnJ998mZgkbDkfHmbHIPJ90S6l
rEtWNwRZuLzJaqadIBsLBdC6CwfDxkdNYTtQqT+IthnsCQojrNCAuP5SyDdWoD36
QfOa6KHLRDGTaiJFq6JuaV2eZ4lZGeoiz27/+ycmZkKQSIqIBKOZBhHEtWEIkNGL
peq3bKmp02dQIWd+BFmmQJfPI8yC7DBxoG+889PavkdFMwquCnIBS45bSFVMNABz
0idKpu79dOUg/m/pJ2ZbIQV34bwNT0IfW3LDKVoL4llr
-----END CERTIFICATE-----
Generated at Tue Jul 2 22:53:31 2024 by rpki-client on console-ams.rpki-client.org