Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/oFIltm0jpek9VC2OP-nElDW_7oo.roa
File: oFIltm0jpek9VC2OP-nElDW_7oo.roa (raw, json)
Hash identifier: nHx6edgvCUXZUyiYVRqWOgFzGRcgJlvVOk4Ue2CZt2k=
Subject key identifier: A0:52:25:B6:6D:23:A5:E9:3D:54:2D:8E:3F:E9:C4:94:35:BF:EE:8A
Certificate issuer: /CN=391c5d3331145ec8e271876f8042207b9d00cb64
Certificate serial: 018CC26D0110BB4AC6E108269691E624422A
Authority key identifier: 39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/oFIltm0jpek9VC2OP-nElDW_7oo.roa
Signing time: Mon 01 Jan 2024 00:29:32 +0000
ROA not before: Mon 01 Jan 2024 00:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60398
IP address blocks: 185.249.105.0/24 maxlen: 24
185.249.107.0/24 maxlen: 24
185.249.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 04:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:01:10:bb:4a:c6:e1:08:26:96:91:e6:24:42:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=391c5d3331145ec8e271876f8042207b9d00cb64
Validity
Not Before: Jan 1 00:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a05225b66d23a5e93d542d8e3fe9c49435bfee8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:cd:6d:94:ea:f4:bc:41:bc:98:9a:17:87:3a:
9c:fd:da:86:c1:ba:7f:e9:2f:c9:de:a3:12:8e:e9:
b3:cc:05:12:81:d0:02:4d:44:2b:e9:b1:82:25:fe:
fd:92:90:0f:ff:34:35:51:04:e3:21:d9:5d:da:c6:
40:00:fa:71:8e:25:47:de:7c:ac:98:65:f0:8f:7b:
ae:4a:2c:e9:38:06:68:4b:8e:21:b1:08:04:4f:b5:
cb:c4:28:88:87:77:6c:d3:53:29:16:f1:23:7e:f9:
6a:b5:6a:9f:1e:16:72:ab:3c:c9:8e:6d:37:a0:75:
f7:53:20:97:98:a1:2e:72:da:f2:a6:5c:b3:32:b9:
9a:a1:1a:93:c9:9d:75:87:26:8b:db:3f:90:0b:20:
5c:f8:04:93:2a:f0:ca:ed:f5:29:7b:fc:24:6f:d4:
8a:05:df:d4:3b:76:38:5c:a9:7f:cd:b7:bc:ff:19:
2c:ba:e1:5b:ea:ff:3e:c1:d8:16:70:fb:42:36:b8:
a4:48:4b:87:e4:4a:15:4e:57:02:0a:88:ae:f9:e3:
d2:9f:39:83:56:07:f7:2a:b7:03:3e:7c:15:76:c5:
ea:78:ab:dc:da:2a:0c:18:fd:d2:d4:43:8b:4c:b9:
69:77:7c:b8:29:99:1f:6d:a2:ca:9d:dc:64:81:25:
2c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:52:25:B6:6D:23:A5:E9:3D:54:2D:8E:3F:E9:C4:94:35:BF:EE:8A
X509v3 Authority Key Identifier:
keyid:39:1C:5D:33:31:14:5E:C8:E2:71:87:6F:80:42:20:7B:9D:00:CB:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ORxdMzEUXsjicYdvgEIge50Ay2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/oFIltm0jpek9VC2OP-nElDW_7oo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/058624-de77-4224-b540-ca3350e760cb/1/ORxdMzEUXsjicYdvgEIge50Ay2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.249.105.0-185.249.107.255
Signature Algorithm: sha256WithRSAEncryption
24:f4:b6:ab:ac:2c:34:d0:71:de:dc:70:2d:87:e6:92:2b:b1:
a6:46:c6:86:19:3c:27:57:17:9c:e8:b6:fa:a7:6a:25:09:a6:
5e:f5:ba:88:25:01:7c:84:9e:b0:50:e3:05:57:69:81:53:9a:
bd:7e:28:aa:55:be:3b:7f:ee:93:97:df:74:b6:6e:d1:9d:a1:
bc:37:6d:6a:55:32:04:8a:0d:33:ce:66:e0:41:20:95:ec:36:
a9:62:df:33:5a:a6:4f:43:14:6b:eb:db:1c:1d:02:9e:3c:72:
2d:c7:05:d5:7a:eb:24:83:3e:84:61:39:4a:fc:ad:3c:69:10:
6e:91:60:8c:14:cb:2f:af:52:6b:c9:fd:91:cc:29:56:a5:23:
fa:d8:f3:d3:6c:74:93:b1:ad:18:af:ef:7c:29:df:60:7b:31:
9d:70:8e:1f:f6:f5:cc:4d:de:59:bb:35:b0:b4:3f:6b:2c:27:
f6:2d:4a:7d:5a:96:dd:6c:c4:cc:07:c1:f1:93:7b:26:20:01:
c3:31:ac:c5:65:32:b4:ab:1b:b3:a2:1d:3c:ae:b4:f1:02:ea:
d4:21:fc:7c:7d:84:5e:a9:de:81:6a:39:42:85:06:0b:0d:34:
24:b8:6b:9b:ae:7b:f5:7b:4d:02:10:83:d7:b0:50:a9:a6:c6:
f4:57:e4:ae
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzCbQEQu0rG4QgmlpHmJEIqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5MWM1ZDMzMzExNDVlYzhlMjcxODc2ZjgwNDIyMDdiOWQw
MGNiNjQwHhcNMjQwMTAxMDAyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDUyMjViNjZkMjNhNWU5M2Q1NDJkOGUzZmU5YzQ5NDM1YmZlZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj81tlOr0vEG8mJoXhzqc/dqGwbp/
6S/J3qMSjumzzAUSgdACTUQr6bGCJf79kpAP/zQ1UQTjIdld2sZAAPpxjiVH3nys
mGXwj3uuSizpOAZoS44hsQgET7XLxCiIh3ds01MpFvEjfvlqtWqfHhZyqzzJjm03
oHX3UyCXmKEuctryplyzMrmaoRqTyZ11hyaL2z+QCyBc+ASTKvDK7fUpe/wkb9SK
Bd/UO3Y4XKl/zbe8/xksuuFb6v8+wdgWcPtCNrikSEuH5EoVTlcCCoiu+ePSnzmD
Vgf3KrcDPnwVdsXqeKvc2ioMGP3S1EOLTLlpd3y4KZkfbaLKndxkgSUsWQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFKBSJbZtI6XpPVQtjj/pxJQ1v+6KMB8GA1UdIwQY
MBaAFDkcXTMxFF7I4nGHb4BCIHudAMtkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAt
Y2EzMzUwZTc2MGNiLzEvb0ZJbHRtMGpwZWs5VkMyT1AtbkVsRFdfN29vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8wNTg2MjQtZGU3Ny00MjI0LWI1NDAtY2EzMzUwZTc2MGNi
LzEvT1J4ZE16RVVYc2ppY1lkdmdFSWdlNTBBeTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAC5+WkD
BAK5+WgwDQYJKoZIhvcNAQELBQADggEBACT0tqusLDTQcd7ccC2H5pIrsaZGxoYZ
PCdXF5zotvqnaiUJpl71uoglAXyEnrBQ4wVXaYFTmr1+KKpVvjt/7pOX33S2btGd
obw3bWpVMgSKDTPOZuBBIJXsNqli3zNapk9DFGvr2xwdAp48ci3HBdV66ySDPoRh
OUr8rTxpEG6RYIwUyy+vUmvJ/ZHMKValI/rY89NsdJOxrRiv73wp32B7MZ1wjh/2
9cxN3lm7NbC0P2ssJ/YtSn1alt1sxMwHwfGTeyYgAcMxrMVlMrSrG7OiHTyutPEC
6tQh/Hx9hF6p3oFqOUKFBgsNNCS4a5uue/V7TQIQg9ewUKmmxvRX5K4=
-----END CERTIFICATE-----
Generated at Sat Jun 15 11:48:36 2024 by rpki-client on console-ams.rpki-client.org