Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/oQgiCdHSTEa1_svHpocBB3Fsofo.roa
File: oQgiCdHSTEa1_svHpocBB3Fsofo.roa (raw, json)
Hash identifier: 1j0JnPpnK6LeFqfMxas0/T5dzO0uFUqmoGANrboWIDU=
Subject key identifier: A1:08:22:09:D1:D2:4C:46:B5:FE:CB:C7:A6:87:01:07:71:6C:A1:FA
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 018CC2DB67BFEBC80E3E86CCDF46BC01E478
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/oQgiCdHSTEa1_svHpocBB3Fsofo.roa
Signing time: Mon 01 Jan 2024 02:30:08 +0000
ROA not before: Mon 01 Jan 2024 02:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64433
IP address blocks: 92.119.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:67:bf:eb:c8:0e:3e:86:cc:df:46:bc:01:e4:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jan 1 02:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1082209d1d24c46b5fecbc7a6870107716ca1fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:bf:4f:92:f8:c4:5e:de:4e:62:5c:82:17:ce:
a9:27:e4:ce:41:93:ee:ea:f2:98:a1:08:b8:02:e4:
90:52:fd:19:e8:ac:46:d2:65:7e:bd:db:2a:9a:48:
22:5a:6d:6a:67:51:8e:af:16:c0:04:76:af:d1:ca:
17:98:6d:16:ae:39:f4:fc:0a:5d:76:cd:1f:5e:0f:
9d:99:5c:ba:a6:9c:43:19:30:d3:eb:8a:0a:09:05:
2a:dc:87:10:00:ea:33:e5:ab:1e:3c:d2:e7:d0:f3:
ce:dc:ad:d5:88:70:b9:8e:21:61:5f:ec:ca:c4:8c:
c1:9e:56:f8:71:94:af:3e:74:43:ef:28:cb:44:79:
9c:8f:c5:79:f5:3f:73:98:63:52:01:e4:54:76:b0:
01:a7:59:74:8b:af:02:a4:04:af:4e:1d:11:88:e5:
8c:31:ee:d4:0d:cc:da:30:0b:2b:14:bb:58:90:fb:
6f:fa:e6:3a:38:5f:b6:2b:35:24:c9:c0:b6:28:5f:
89:7a:5f:09:e1:ba:2e:8d:22:79:fe:1f:95:e1:9f:
df:f5:ff:55:f2:b2:02:62:37:96:35:36:d5:b2:91:
1e:07:78:8d:06:fe:f8:5d:92:36:63:73:83:55:cf:
1c:71:10:da:f4:5b:52:e0:80:d4:09:d9:7d:85:71:
21:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:08:22:09:D1:D2:4C:46:B5:FE:CB:C7:A6:87:01:07:71:6C:A1:FA
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/oQgiCdHSTEa1_svHpocBB3Fsofo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.119.228.0/24
Signature Algorithm: sha256WithRSAEncryption
69:72:a9:6d:73:3e:f5:58:b2:a7:0f:59:8a:6e:f7:b2:81:af:
32:be:38:a6:1b:8e:e8:57:9b:be:b7:84:3d:2e:3a:95:17:e5:
e9:68:13:8a:e6:5c:40:ed:df:a4:23:6b:c2:52:cf:4c:eb:34:
af:6b:21:c4:0f:86:d6:a7:0a:66:cc:ce:dc:0b:23:5f:c8:9a:
a3:c1:69:52:d4:c6:d4:d8:73:73:76:a0:de:3f:be:89:0d:ff:
5e:98:5d:f7:8d:3b:77:d9:10:d4:c7:e1:5c:79:43:e7:4b:90:
41:d6:5a:53:ee:e0:d4:fe:a5:5b:7e:12:41:f0:d6:11:40:27:
2a:ac:1e:72:26:83:93:6a:15:cf:79:fb:2e:9f:6b:7a:50:1c:
5c:bb:31:d0:8c:67:ab:36:e2:a1:bb:a9:cf:0f:81:0a:c4:ce:
2b:dc:2b:63:d1:b5:f2:4c:57:01:a9:3e:82:89:2a:b8:b1:8c:
bd:ba:1a:bc:62:83:37:0f:81:cf:84:22:6b:1c:a8:2f:6b:81:
ce:a7:74:32:61:92:28:05:9a:cb:e7:90:34:6b:64:06:82:ff:
06:73:c9:f1:08:c1:37:51:cd:a4:0e:10:8e:5d:95:71:cd:a7:
57:96:ee:64:99:a7:03:cb:84:cb:5a:2d:16:68:b3:fe:04:40:
7d:2f:16:5e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22e/68gOPobM30a8AeR4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjQwMTAxMDIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTA4MjIwOWQxZDI0YzQ2YjVmZWNiYzdhNjg3MDEwNzcxNmNhMWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArL9PkvjEXt5OYlyCF86pJ+TOQZPu
6vKYoQi4AuSQUv0Z6KxG0mV+vdsqmkgiWm1qZ1GOrxbABHav0coXmG0Wrjn0/Apd
ds0fXg+dmVy6ppxDGTDT64oKCQUq3IcQAOoz5asePNLn0PPO3K3ViHC5jiFhX+zK
xIzBnlb4cZSvPnRD7yjLRHmcj8V59T9zmGNSAeRUdrABp1l0i68CpASvTh0RiOWM
Me7UDczaMAsrFLtYkPtv+uY6OF+2KzUkycC2KF+Jel8J4boujSJ5/h+V4Z/f9f9V
8rICYjeWNTbVspEeB3iNBv74XZI2Y3ODVc8ccRDa9FtS4IDUCdl9hXEh7QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKEIIgnR0kxGtf7Lx6aHAQdxbKH6MB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvb1FnaUNkSFNURWExX3N2SHBvY0JCM0Zzb2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXHfkMA0G
CSqGSIb3DQEBCwUAA4IBAQBpcqltcz71WLKnD1mKbveyga8yvjimG47oV5u+t4Q9
LjqVF+XpaBOK5lxA7d+kI2vCUs9M6zSvayHED4bWpwpmzM7cCyNfyJqjwWlS1MbU
2HNzdqDeP76JDf9emF33jTt32RDUx+FceUPnS5BB1lpT7uDU/qVbfhJB8NYRQCcq
rB5yJoOTahXPefsun2t6UBxcuzHQjGerNuKhu6nPD4EKxM4r3Ctj0bXyTFcBqT6C
iSq4sYy9uhq8YoM3D4HPhCJrHKgva4HOp3QyYZIoBZrL55A0a2QGgv8Gc8nxCME3
Uc2kDhCOXZVxzadXlu5kmacDy4TLWi0WaLP+BEB9LxZe
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:41:23 2024 by rpki-client on console-ams.rpki-client.org