Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/OwCTttVk_ltfleXjUkbqtslpWBA.roa
File: OwCTttVk_ltfleXjUkbqtslpWBA.roa (raw, json)
Hash identifier: 7ZKi/o9CkZqGu1dOojt1G/PX+BaFCGeTvCrNxHBpwo0=
Subject key identifier: 3B:00:93:B6:D5:64:FE:5B:5F:95:E5:E3:52:46:EA:B6:C9:69:58:10
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 018CC801B79ACD2646701B63C94517F46839
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/OwCTttVk_ltfleXjUkbqtslpWBA.roa
Signing time: Tue 02 Jan 2024 02:30:04 +0000
ROA not before: Tue 02 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203020
IP address blocks: 188.241.60.0/24 maxlen: 24
188.241.61.0/24 maxlen: 24
188.208.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b7:9a:cd:26:46:70:1b:63:c9:45:17:f4:68:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Jan 2 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b0093b6d564fe5b5f95e5e35246eab6c9695810
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:bc:93:99:9a:f2:3d:19:4a:31:92:bb:b3:b0:
93:60:d3:52:63:dc:41:c2:49:4a:1e:a5:05:9e:c7:
92:4e:21:82:bc:e2:77:0d:91:da:68:2f:70:a6:cd:
58:c6:90:9f:ba:85:f0:4c:58:fc:2a:6f:b6:ac:21:
c8:2e:d5:56:78:62:05:aa:2e:17:8a:b5:88:1a:7a:
f3:9b:b7:5e:9a:ae:65:77:d8:ef:82:21:07:b8:bf:
0b:66:26:f6:85:1a:1e:71:62:8e:af:fe:e9:9b:d0:
eb:78:fa:c1:6f:c6:10:70:66:92:8e:ed:aa:2c:5d:
1e:4b:72:08:80:78:3b:b6:ef:3f:c0:75:2f:7d:bc:
b0:7b:30:de:64:c9:f0:99:9d:bf:da:aa:37:93:40:
75:06:23:e0:1f:33:00:87:6c:d8:ad:46:ba:d6:60:
f5:b5:54:df:b1:fa:5f:62:09:9e:f6:dc:d5:dd:ca:
a2:f6:44:70:98:da:97:c6:53:ad:9f:f9:d8:b8:1b:
e2:41:7e:1e:0b:54:20:20:b4:5b:d5:50:b4:b1:9e:
aa:f0:51:7d:0d:9e:a8:0a:3e:a0:8c:8a:ef:11:be:
5f:25:09:6b:b5:58:7e:2d:64:9c:af:e8:46:80:f5:
7b:41:19:d3:b6:a0:0e:2c:43:4e:02:05:b3:38:2f:
15:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:00:93:B6:D5:64:FE:5B:5F:95:E5:E3:52:46:EA:B6:C9:69:58:10
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/OwCTttVk_ltfleXjUkbqtslpWBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.143.0/24
188.241.60.0/23
Signature Algorithm: sha256WithRSAEncryption
95:9b:9e:d1:67:a4:49:10:b3:a8:26:91:ac:8f:20:6b:c7:a7:
df:48:69:b6:6c:50:2b:42:37:29:26:2f:bd:8c:89:10:d3:f4:
ce:09:e9:c9:9f:00:38:b4:a1:4d:46:e7:04:c4:09:2d:0a:3d:
8f:36:a6:a8:da:e3:ee:69:50:8b:02:a5:b3:fd:f0:15:2c:5e:
ec:e6:62:f0:de:a3:50:e2:2a:9b:3f:69:02:60:9b:84:ad:44:
e1:5d:d4:41:e8:f3:bf:5c:b2:3a:82:71:ef:3f:bb:45:3f:3c:
16:1a:a6:00:c7:18:d1:5c:cd:f9:96:e8:da:97:ba:4c:76:1b:
57:db:4b:5c:88:7d:74:70:6f:23:2d:87:f0:c3:ea:ed:df:29:
b9:41:f7:d2:b7:94:00:39:a9:55:42:8f:d5:fe:bd:4d:98:c8:
8b:c7:3e:63:96:f9:08:9d:00:67:36:cc:5e:74:b3:e3:b6:7c:
01:a9:dd:f6:da:3d:ed:f9:5a:ac:f2:c2:9f:c3:3e:2e:3c:05:
64:e1:f8:ce:64:a6:9d:69:74:5c:5f:1a:c3:e4:45:77:70:01:
17:0f:42:f3:50:52:ca:bf:1f:dd:12:4b:c4:51:86:2b:d4:59:
91:6a:42:68:4e:f1:ef:29:f8:54:73:0f:8e:05:10:54:f6:62:
02:91:8d:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAbeazSZGcBtjyUUX9Gg5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjQwMTAyMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjAwOTNiNmQ1NjRmZTViNWY5NWU1ZTM1MjQ2ZWFiNmM5Njk1ODEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7yTmZryPRlKMZK7s7CTYNNSY9xB
wklKHqUFnseSTiGCvOJ3DZHaaC9wps1YxpCfuoXwTFj8Km+2rCHILtVWeGIFqi4X
irWIGnrzm7demq5ld9jvgiEHuL8LZib2hRoecWKOr/7pm9DrePrBb8YQcGaSju2q
LF0eS3IIgHg7tu8/wHUvfbywezDeZMnwmZ2/2qo3k0B1BiPgHzMAh2zYrUa61mD1
tVTfsfpfYgme9tzV3cqi9kRwmNqXxlOtn/nYuBviQX4eC1QgILRb1VC0sZ6q8FF9
DZ6oCj6gjIrvEb5fJQlrtVh+LWScr+hGgPV7QRnTtqAOLENOAgWzOC8VFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDsAk7bVZP5bX5Xl41JG6rbJaVgQMB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvT3dDVHR0VmtfbHRmbGVYalVrYnF0c2xwV0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvNCPAwQB
vPE8MA0GCSqGSIb3DQEBCwUAA4IBAQCVm57RZ6RJELOoJpGsjyBrx6ffSGm2bFAr
QjcpJi+9jIkQ0/TOCenJnwA4tKFNRucExAktCj2PNqao2uPuaVCLAqWz/fAVLF7s
5mLw3qNQ4iqbP2kCYJuErUThXdRB6PO/XLI6gnHvP7tFPzwWGqYAxxjRXM35luja
l7pMdhtX20tciH10cG8jLYfww+rt3ym5QffSt5QAOalVQo/V/r1NmMiLxz5jlvkI
nQBnNsxedLPjtnwBqd322j3t+Vqs8sKfwz4uPAVk4fjOZKadaXRcXxrD5EV3cAEX
D0LzUFLKvx/dEkvEUYYr1FmRakJoTvHvKfhUcw+OBRBU9mICkY2G
-----END CERTIFICATE-----
Generated at Mon May 20 18:22:57 2024 by rpki-client on console-ams.rpki-client.org