Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/OH58xhpWMtQAvnvF7QFfUrjs6c8.roa
File: OH58xhpWMtQAvnvF7QFfUrjs6c8.roa (raw, json)
Hash identifier: HM9GsrzX1civM/UIBmZ757rKFYKLDJOOLu3+7ypGM6Y=
Subject key identifier: 38:7E:7C:C6:1A:56:32:D4:00:BE:7B:C5:ED:01:5F:52:B8:EC:E9:CF
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 018CCA287D5817F03520C07A3A2BAAA33AC0
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/OH58xhpWMtQAvnvF7QFfUrjs6c8.roa
Signing time: Tue 02 Jan 2024 12:31:40 +0000
ROA not before: Tue 02 Jan 2024 12:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 32748
IP address blocks: 2a0e:1c80:b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:7d:58:17:f0:35:20:c0:7a:3a:2b:aa:a3:3a:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Jan 2 12:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=387e7cc61a5632d400be7bc5ed015f52b8ece9cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:aa:30:aa:15:1b:8d:5f:cf:86:61:37:b0:f8:
d5:12:71:fe:4f:ef:bf:19:8b:8a:e0:8e:fa:6f:04:
5d:96:cd:25:c1:5b:a0:70:3b:31:61:af:0b:ab:14:
10:cc:93:bc:79:4c:15:b9:15:6f:e8:a9:1d:38:c9:
b0:1e:87:6f:95:1f:4c:ec:54:0c:6a:3a:59:75:29:
91:2c:d8:89:1a:24:d9:87:ff:e2:f1:32:33:c1:b9:
5c:20:38:8e:13:e5:1e:67:2f:e9:89:a7:11:27:60:
ee:0f:8c:7e:c5:32:a2:9c:8f:09:95:d5:0f:b5:0b:
27:85:43:d5:c4:ce:ed:0a:35:f5:76:0c:72:fe:35:
56:8a:e5:bb:8e:6d:fe:1d:fe:4c:e0:dc:61:a8:cc:
35:78:dc:0b:6b:63:d0:9e:8e:ba:7c:07:32:11:e8:
28:81:3d:1b:20:9a:57:17:fb:53:ac:de:7a:70:49:
28:a3:c1:d8:34:c0:e2:78:db:fb:69:7f:66:4d:11:
18:61:6a:c7:a1:ad:9c:e1:2f:9d:85:6e:ce:08:a8:
b8:76:91:60:a9:c2:c6:8c:ab:44:73:2f:8d:a3:17:
61:d9:a2:2b:01:32:09:f4:6c:09:2a:6f:ca:f6:36:
80:b5:d5:9b:d1:51:d4:38:22:75:72:f6:97:86:06:
1e:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:7E:7C:C6:1A:56:32:D4:00:BE:7B:C5:ED:01:5F:52:B8:EC:E9:CF
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/OH58xhpWMtQAvnvF7QFfUrjs6c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:1c80:b::/48
Signature Algorithm: sha256WithRSAEncryption
68:8a:88:0d:06:5c:f8:a6:9d:4c:8b:a2:a7:04:3b:25:72:5e:
50:77:cd:d4:47:7e:19:a5:f6:19:ba:9a:2e:39:46:6c:44:f4:
6b:c1:3e:99:7f:c5:0c:4a:80:5d:20:ac:51:c3:cf:a3:b6:b1:
4d:03:2a:3e:7c:c6:24:b3:df:05:d8:96:47:83:c6:a4:ef:01:
3f:11:7c:29:e0:a6:b4:73:fb:26:7a:27:68:5e:11:f8:a0:1b:
b6:25:1c:c8:fc:10:3a:db:18:0b:e7:b9:e2:47:b3:eb:b8:44:
ac:97:66:80:37:6b:a4:f4:10:5f:0c:83:9a:16:0b:2e:b6:f2:
26:cc:86:0e:af:74:72:77:1c:2c:67:8e:06:b5:de:2b:90:b8:
7e:3b:37:ec:1d:52:e9:35:2c:49:33:c3:e1:61:3c:d4:eb:4a:
e1:0c:c5:19:d0:4f:2f:9b:6e:40:28:a7:70:30:17:77:8b:9b:
6a:6b:28:e8:95:82:06:d3:f9:33:97:96:a7:34:c5:81:29:a1:
75:96:b7:c0:56:02:9a:6b:8f:75:4a:2e:ba:26:9e:5e:a8:5e:
20:92:c6:fb:10:52:df:d0:d7:4c:60:bf:aa:ad:39:b7:b5:3f:
a3:21:17:73:f4:69:72:97:f2:b1:d4:3b:b7:e7:49:32:75:01:
ae:58:c1:9e
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAYzKKH1YF/A1IMB6OiuqozrAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjQwMTAyMTIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODdlN2NjNjFhNTYzMmQ0MDBiZTdiYzVlZDAxNWY1MmI4ZWNlOWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsaowqhUbjV/PhmE3sPjVEnH+T++/
GYuK4I76bwRdls0lwVugcDsxYa8LqxQQzJO8eUwVuRVv6KkdOMmwHodvlR9M7FQM
ajpZdSmRLNiJGiTZh//i8TIzwblcIDiOE+UeZy/piacRJ2DuD4x+xTKinI8JldUP
tQsnhUPVxM7tCjX1dgxy/jVWiuW7jm3+Hf5M4NxhqMw1eNwLa2PQno66fAcyEego
gT0bIJpXF/tTrN56cEkoo8HYNMDieNv7aX9mTREYYWrHoa2c4S+dhW7OCKi4dpFg
qcLGjKtEcy+Noxdh2aIrATIJ9GwJKm/K9jaAtdWb0VHUOCJ1cvaXhgYeZQIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFDh+fMYaVjLUAL57xe0BX1K47OnPMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvT0g1OHhocFdNdFFBdm52RjdRRmZVcmpzNmM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKg4cgAAL
MA0GCSqGSIb3DQEBCwUAA4IBAQBoiogNBlz4pp1Mi6KnBDslcl5Qd83UR34ZpfYZ
upouOUZsRPRrwT6Zf8UMSoBdIKxRw8+jtrFNAyo+fMYks98F2JZHg8ak7wE/EXwp
4Ka0c/smeidoXhH4oBu2JRzI/BA62xgL57niR7PruESsl2aAN2uk9BBfDIOaFgsu
tvImzIYOr3RydxwsZ44Gtd4rkLh+OzfsHVLpNSxJM8PhYTzU60rhDMUZ0E8vm25A
KKdwMBd3i5tqayjolYIG0/kzl5anNMWBKaF1lrfAVgKaa491Si66Jp5eqF4gksb7
EFLf0NdMYL+qrTm3tT+jIRdz9Glyl/Kx1Du350kydQGuWMGe
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:02:07 2024 by rpki-client on console-fra.rpki-client.org