Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/ObC-IJXgzioX5wtz8AJnRsGanJ8.roa
File: ObC-IJXgzioX5wtz8AJnRsGanJ8.roa (raw, json)
Hash identifier: 429l9uTSu1n2GtHtxnCg451FNEjkSOVQ35BfhEpnIMI=
Subject key identifier: 39:B0:BE:20:95:E0:CE:2A:17:E7:0B:73:F0:02:67:46:C1:9A:9C:9F
Certificate issuer: /CN=05e9fca0a8584feb1c12319071423061b08fe456
Certificate serial: 018CC4932E6E5C8EA04AA4C3582F4C886320
Authority key identifier: 05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/ObC-IJXgzioX5wtz8AJnRsGanJ8.roa
Signing time: Mon 01 Jan 2024 10:30:29 +0000
ROA not before: Mon 01 Jan 2024 10:30:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61960
IP address blocks: 185.54.48.0/22 maxlen: 24
91.243.120.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:2e:6e:5c:8e:a0:4a:a4:c3:58:2f:4c:88:63:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05e9fca0a8584feb1c12319071423061b08fe456
Validity
Not Before: Jan 1 10:30:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39b0be2095e0ce2a17e70b73f0026746c19a9c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:24:67:09:4c:8f:9d:a7:b2:5f:fa:35:b9:4d:
40:de:95:c1:35:1d:0e:0b:e7:d7:95:e0:ca:c4:5e:
a7:1e:f4:28:19:2a:03:de:61:7a:41:17:54:81:77:
3f:11:fd:ae:74:f4:e3:d9:e6:a6:2c:ca:b3:f1:71:
b2:17:98:4b:bd:4d:45:d6:f5:5b:18:73:b9:f3:d5:
0e:ec:da:27:04:ab:93:8e:28:4a:51:a5:08:36:a3:
14:6e:68:83:e2:eb:b0:61:eb:eb:91:14:77:84:82:
ce:04:bb:62:4e:16:dd:5c:4b:1d:88:a5:60:39:7f:
80:0d:a9:51:d4:f0:97:1b:e0:fd:35:18:08:28:5f:
d0:ea:3b:11:d9:47:11:75:21:a2:60:09:32:8c:0b:
d2:91:d7:f2:27:73:a1:dd:6d:ec:95:a7:48:8a:0a:
74:bd:10:58:c3:b6:98:11:ab:7f:e3:c8:da:4a:48:
eb:5b:90:d6:38:09:f7:29:00:97:40:b3:12:44:aa:
f2:6a:36:ac:08:22:62:35:45:b7:c7:43:5b:74:0c:
14:7e:a9:43:b8:b4:55:ad:32:8e:5b:9a:47:b9:3d:
cb:bd:bd:ff:02:f6:13:48:07:c8:d2:0c:8b:45:bd:
d9:6f:ad:c7:e2:d6:37:d6:c6:b7:11:9e:fb:55:6c:
04:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:B0:BE:20:95:E0:CE:2A:17:E7:0B:73:F0:02:67:46:C1:9A:9C:9F
X509v3 Authority Key Identifier:
keyid:05:E9:FC:A0:A8:58:4F:EB:1C:12:31:90:71:42:30:61:B0:8F:E4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ben8oKhYT-scEjGQcUIwYbCP5FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/ObC-IJXgzioX5wtz8AJnRsGanJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/c7ee9e-b5bf-4c2d-a983-dee3ed497aee/1/Ben8oKhYT-scEjGQcUIwYbCP5FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.243.120.0/23
185.54.48.0/22
Signature Algorithm: sha256WithRSAEncryption
88:9b:f2:19:4d:98:1e:cb:38:de:57:4e:72:cb:28:ec:ed:22:
57:ba:21:ff:69:ad:63:2f:44:83:01:fb:43:a1:a3:fb:99:b1:
22:2a:54:44:75:d8:85:63:a4:6f:d9:8b:11:1f:24:b9:88:fa:
84:70:7b:1b:c5:db:ae:ec:67:fb:75:7d:a4:af:ac:a2:b5:6c:
e3:aa:af:75:b2:30:87:a4:9d:53:f4:28:ab:f0:a2:0e:21:39:
fd:9c:a4:4f:52:88:b0:94:76:f4:3a:5a:0a:47:0a:16:71:2a:
ff:5c:ac:97:08:24:88:3f:ef:be:b8:17:13:02:b8:a6:39:90:
62:76:08:d7:d3:ed:69:50:e5:1c:70:6e:96:74:08:4d:be:82:
22:a9:4f:31:ac:b0:3a:21:7a:9f:b9:24:f3:7f:d0:8b:f0:f4:
a5:b1:fa:d8:d0:69:63:2a:a0:08:b5:4f:b7:7e:e5:84:dd:ad:
da:de:c2:4e:35:e5:3d:40:19:ee:a7:d0:ac:7e:22:6e:01:00:
ff:b3:c3:c4:dc:3c:d3:a9:c4:d9:06:cd:b1:65:5e:af:79:5d:
99:86:1c:f7:6b:48:fa:c5:96:13:ac:47:46:e2:97:21:d1:99:
95:5f:d5:fa:40:b5:b2:23:36:d3:ac:f8:a1:dc:7f:95:a0:fe:
23:ac:10:31
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEky5uXI6gSqTDWC9MiGMgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZTlmY2EwYTg1ODRmZWIxYzEyMzE5MDcxNDIzMDYxYjA4
ZmU0NTYwHhcNMjQwMTAxMTAzMDI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWIwYmUyMDk1ZTBjZTJhMTdlNzBiNzNmMDAyNjc0NmMxOWE5YzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoCRnCUyPnaeyX/o1uU1A3pXBNR0O
C+fXleDKxF6nHvQoGSoD3mF6QRdUgXc/Ef2udPTj2eamLMqz8XGyF5hLvU1F1vVb
GHO589UO7NonBKuTjihKUaUINqMUbmiD4uuwYevrkRR3hILOBLtiThbdXEsdiKVg
OX+ADalR1PCXG+D9NRgIKF/Q6jsR2UcRdSGiYAkyjAvSkdfyJ3Oh3W3sladIigp0
vRBYw7aYEat/48jaSkjrW5DWOAn3KQCXQLMSRKryajasCCJiNUW3x0NbdAwUfqlD
uLRVrTKOW5pHuT3Lvb3/AvYTSAfI0gyLRb3Zb63H4tY31sa3EZ77VWwEqQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDmwviCV4M4qF+cLc/ACZ0bBmpyfMB8GA1UdIwQY
MBaAFAXp/KCoWE/rHBIxkHFCMGGwj+RWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMt
ZGVlM2VkNDk3YWVlLzEvT2JDLUlKWGd6aW9YNXd0ejhBSm5Sc0dhbko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC9jN2VlOWUtYjViZi00YzJkLWE5ODMtZGVlM2VkNDk3YWVl
LzEvQmVuOG9LaFlULXNjRWpHUWNVSXdZYkNQNUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW/N4AwQC
uTYwMA0GCSqGSIb3DQEBCwUAA4IBAQCIm/IZTZgeyzjeV05yyyjs7SJXuiH/aa1j
L0SDAftDoaP7mbEiKlREddiFY6Rv2YsRHyS5iPqEcHsbxduu7Gf7dX2kr6yitWzj
qq91sjCHpJ1T9Cir8KIOITn9nKRPUoiwlHb0OloKRwoWcSr/XKyXCCSIP+++uBcT
ArimOZBidgjX0+1pUOUccG6WdAhNvoIiqU8xrLA6IXqfuSTzf9CL8PSlsfrY0Glj
KqAItU+3fuWE3a3a3sJONeU9QBnup9CsfiJuAQD/s8PE3DzTqcTZBs2xZV6veV2Z
hhz3a0j6xZYTrEdG4pch0ZmVX9X6QLWyIzbTrPih3H+VoP4jrBAx
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:57:08 2024 by rpki-client on console-ams.rpki-client.org