Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/0a7c4e-95bc-456b-8f74-2ccfb3b41260/1/O8gWDaOPLLQ8KGgHyopShfUhebs.roa
File: O8gWDaOPLLQ8KGgHyopShfUhebs.roa (raw, json)
Hash identifier: KRcaanOBSYmyw1kuSNJlq/X4pJnmqGxmeNdwss0hNWI=
Subject key identifier: 3B:C8:16:0D:A3:8F:2C:B4:3C:28:68:07:CA:8A:52:85:F5:21:79:BB
Certificate issuer: /CN=cbeb5fb733abb3e07d75fa80d7be9cb1813cd3e0
Certificate serial: 018D838D409AA6FD0D12E58D4E79A9B380FB
Authority key identifier: CB:EB:5F:B7:33:AB:B3:E0:7D:75:FA:80:D7:BE:9C:B1:81:3C:D3:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y-tftzOrs-B9dfqA176csYE80-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/0a7c4e-95bc-456b-8f74-2ccfb3b41260/1/O8gWDaOPLLQ8KGgHyopShfUhebs.roa
Signing time: Wed 07 Feb 2024 12:31:28 +0000
ROA not before: Wed 07 Feb 2024 12:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6730
IP address blocks: 193.135.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/0a7c4e-95bc-456b-8f74-2ccfb3b41260/1/y-tftzOrs-B9dfqA176csYE80-A.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/0a7c4e-95bc-456b-8f74-2ccfb3b41260/1/y-tftzOrs-B9dfqA176csYE80-A.mft
rsync://rpki.ripe.net/repository/DEFAULT/y-tftzOrs-B9dfqA176csYE80-A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:83:8d:40:9a:a6:fd:0d:12:e5:8d:4e:79:a9:b3:80:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbeb5fb733abb3e07d75fa80d7be9cb1813cd3e0
Validity
Not Before: Feb 7 12:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bc8160da38f2cb43c286807ca8a5285f52179bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:95:c9:66:a0:e1:a6:b1:4e:ab:4a:ad:1b:1c:
b2:76:a2:39:99:da:12:f8:a6:d2:ae:d2:7f:1d:20:
bd:04:dd:4e:e1:30:cc:18:fc:33:27:54:88:89:2f:
d4:9f:30:02:13:a2:5c:0a:7b:58:d7:a3:37:83:b9:
5f:3b:fa:77:d6:c7:29:a4:c2:5e:22:45:13:32:35:
88:a2:8a:8e:f2:d2:9a:1b:d9:fc:87:10:ff:25:28:
0d:8f:36:26:da:a7:de:47:d7:31:b0:e2:8e:64:f5:
eb:e8:1c:e9:1b:20:ab:d1:84:cb:dd:12:a2:be:67:
08:9f:0f:db:2c:ba:a9:92:83:34:68:f2:48:17:52:
8b:e2:64:ca:fa:93:90:a0:36:d7:00:2b:72:0f:a4:
62:65:5d:d9:f3:97:3f:f2:03:40:44:4e:69:46:94:
99:be:0f:4f:6d:b9:ae:c2:e3:cb:52:6b:17:71:24:
3b:4a:a9:f7:a9:a5:e2:47:2f:30:b3:5f:6c:e5:01:
63:8d:7c:6a:7e:d9:40:4f:f2:1b:bf:97:74:92:d3:
a3:7c:53:98:ba:e1:a6:9b:99:3c:be:f5:1d:5a:92:
c6:3e:a0:26:b6:b1:b0:42:c8:f3:e5:f9:59:db:1e:
2c:e8:f9:b0:e4:e9:02:ef:3f:ff:51:f6:4e:74:93:
15:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:C8:16:0D:A3:8F:2C:B4:3C:28:68:07:CA:8A:52:85:F5:21:79:BB
X509v3 Authority Key Identifier:
keyid:CB:EB:5F:B7:33:AB:B3:E0:7D:75:FA:80:D7:BE:9C:B1:81:3C:D3:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y-tftzOrs-B9dfqA176csYE80-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0a7c4e-95bc-456b-8f74-2ccfb3b41260/1/O8gWDaOPLLQ8KGgHyopShfUhebs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/0a7c4e-95bc-456b-8f74-2ccfb3b41260/1/y-tftzOrs-B9dfqA176csYE80-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.135.106.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:28:37:f5:89:2d:86:95:36:8b:22:63:99:5c:87:d0:03:bd:
65:06:a2:ba:a9:f6:25:77:24:35:72:41:03:68:04:9e:ce:0b:
1c:3d:21:37:dc:fb:79:74:cf:96:7a:d8:3b:ac:83:2a:4c:d1:
c3:32:15:23:b7:68:ed:06:5b:68:e2:ea:b5:b9:d8:9f:57:50:
c5:26:c9:23:45:38:59:e2:90:13:35:5a:a6:52:d8:87:09:b7:
39:01:87:51:a7:e4:2e:45:66:7a:f9:49:03:a5:93:54:04:ec:
0d:56:55:1d:8d:6a:f0:e0:62:6b:60:8a:d8:d4:d0:bb:77:72:
a0:58:b5:cd:c8:d8:98:cc:42:e5:6e:07:25:c2:7d:07:1d:76:
fd:87:13:1a:3f:4e:7e:b9:ac:e4:32:6b:9f:0c:c2:13:c6:34:
95:a7:cf:56:6f:01:84:8f:68:24:b3:18:34:44:08:72:e4:1e:
9a:1f:b7:ae:6c:3b:9b:4f:37:42:a5:33:3a:85:64:b7:dc:5b:
ce:15:de:23:73:86:09:c9:3f:32:92:c1:da:8b:f8:07:4e:35:
5f:e8:b3:28:aa:06:96:18:3e:85:95:ed:06:22:16:46:6c:97:
33:e2:ab:de:fc:f2:fa:d3:6a:e9:d2:46:3a:aa:d1:ae:b5:65:
f2:d5:db:9c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2DjUCapv0NEuWNTnmps4D7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZWI1ZmI3MzNhYmIzZTA3ZDc1ZmE4MGQ3YmU5Y2IxODEz
Y2QzZTAwHhcNMjQwMjA3MTIzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmM4MTYwZGEzOGYyY2I0M2MyODY4MDdjYThhNTI4NWY1MjE3OWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA15XJZqDhprFOq0qtGxyydqI5mdoS
+KbSrtJ/HSC9BN1O4TDMGPwzJ1SIiS/UnzACE6JcCntY16M3g7lfO/p31scppMJe
IkUTMjWIooqO8tKaG9n8hxD/JSgNjzYm2qfeR9cxsOKOZPXr6BzpGyCr0YTL3RKi
vmcInw/bLLqpkoM0aPJIF1KL4mTK+pOQoDbXACtyD6RiZV3Z85c/8gNARE5pRpSZ
vg9PbbmuwuPLUmsXcSQ7Sqn3qaXiRy8ws19s5QFjjXxqftlAT/Ibv5d0ktOjfFOY
uuGmm5k8vvUdWpLGPqAmtrGwQsjz5flZ2x4s6Pmw5OkC7z//UfZOdJMVwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDvIFg2jjyy0PChoB8qKUoX1IXm7MB8GA1UdIwQY
MBaAFMvrX7czq7PgfXX6gNe+nLGBPNPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveS10ZnR6T3JzLUI5ZGZxQTE3NmNzWUU4MC1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS8wYTdjNGUtOTViYy00NTZiLThmNzQt
MmNjZmIzYjQxMjYwLzEvTzhnV0RhT1BMTFE4S0dnSHlvcFNoZlVoZWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS8wYTdjNGUtOTViYy00NTZiLThmNzQtMmNjZmIzYjQxMjYw
LzEveS10ZnR6T3JzLUI5ZGZxQTE3NmNzWUU4MC1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwYdqMA0G
CSqGSIb3DQEBCwUAA4IBAQCpKDf1iS2GlTaLImOZXIfQA71lBqK6qfYldyQ1ckED
aASezgscPSE33Pt5dM+Wetg7rIMqTNHDMhUjt2jtBlto4uq1udifV1DFJskjRThZ
4pATNVqmUtiHCbc5AYdRp+QuRWZ6+UkDpZNUBOwNVlUdjWrw4GJrYIrY1NC7d3Kg
WLXNyNiYzELlbgclwn0HHXb9hxMaP05+uazkMmufDMITxjSVp89WbwGEj2gksxg0
RAhy5B6aH7eubDubTzdCpTM6hWS33FvOFd4jc4YJyT8yksHai/gHTjVf6LMoqgaW
GD6Fle0GIhZGbJcz4qve/PL602rp0kY6qtGutWXy1duc
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:46:03 2024 by rpki-client on console-ams.rpki-client.org