Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/O0chdNUK9QD4Hd3H-IY6SZ-vnDI.roa
File: O0chdNUK9QD4Hd3H-IY6SZ-vnDI.roa (raw, json)
Hash identifier: OtTrbOVxNOKUHNonRMxy6aalLe2uzECnv9JuoNnNDnU=
Subject key identifier: 3B:47:21:74:D5:0A:F5:00:F8:1D:DD:C7:F8:86:3A:49:9F:AF:9C:32
Certificate issuer: /CN=11c79e8a27cde9911bd7da63873c5cc558dbd531
Certificate serial: 018CC3B68958C7B8D19D37E43B44BA5E95E4
Authority key identifier: 11:C7:9E:8A:27:CD:E9:91:1B:D7:DA:63:87:3C:5C:C5:58:DB:D5:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EceeiifN6ZEb19pjhzxcxVjb1TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/O0chdNUK9QD4Hd3H-IY6SZ-vnDI.roa
Signing time: Mon 01 Jan 2024 06:29:28 +0000
ROA not before: Mon 01 Jan 2024 06:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212684
IP address blocks: 107.150.165.0/24 maxlen: 24
91.192.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/EceeiifN6ZEb19pjhzxcxVjb1TE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/EceeiifN6ZEb19pjhzxcxVjb1TE.mft
rsync://rpki.ripe.net/repository/DEFAULT/EceeiifN6ZEb19pjhzxcxVjb1TE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:89:58:c7:b8:d1:9d:37:e4:3b:44:ba:5e:95:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11c79e8a27cde9911bd7da63873c5cc558dbd531
Validity
Not Before: Jan 1 06:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b472174d50af500f81dddc7f8863a499faf9c32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:e5:98:07:97:e5:c7:4f:a1:6e:a9:01:1f:26:
b3:12:4e:65:50:dd:5a:6f:61:a8:6b:24:76:5b:2d:
0e:35:0c:c3:f0:21:bc:67:45:90:cc:fe:3d:91:bb:
96:ff:bd:04:0e:b3:68:62:f7:e3:d1:73:56:4b:3a:
d1:af:55:11:91:5e:38:76:dc:89:65:4e:24:ed:30:
26:07:4a:6a:42:fd:24:11:63:23:5a:f0:99:4f:be:
07:11:a9:92:fd:72:fa:de:28:69:65:80:ec:5d:98:
82:7a:7e:cc:83:a8:60:f4:25:69:16:d7:93:1d:0c:
a6:f6:d2:96:9f:d9:28:84:af:30:5d:97:f2:5f:0e:
cf:e7:df:7b:46:67:69:5a:3c:16:66:82:ce:b8:69:
75:1e:6b:46:07:f0:0b:eb:e0:45:58:6a:fe:d9:50:
ea:d2:37:61:9e:14:52:09:ba:b3:eb:d1:da:55:3f:
33:76:76:9e:58:dd:9a:1c:ee:5a:12:8b:82:6d:e7:
f1:1b:b7:5d:46:4d:c3:b5:ba:78:de:1f:64:34:8d:
4c:47:69:cd:31:5e:c3:25:df:92:ae:c8:35:39:61:
1f:d7:11:c4:12:5d:1b:17:08:08:89:9d:7a:81:25:
1b:5f:a5:82:34:30:c6:b2:07:b0:2e:a2:f4:ac:ea:
99:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:47:21:74:D5:0A:F5:00:F8:1D:DD:C7:F8:86:3A:49:9F:AF:9C:32
X509v3 Authority Key Identifier:
keyid:11:C7:9E:8A:27:CD:E9:91:1B:D7:DA:63:87:3C:5C:C5:58:DB:D5:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EceeiifN6ZEb19pjhzxcxVjb1TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/O0chdNUK9QD4Hd3H-IY6SZ-vnDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/414e5a-52f8-4845-b1bb-b9930510d0a0/1/EceeiifN6ZEb19pjhzxcxVjb1TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.192.9.0/24
107.150.165.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:03:76:77:70:43:d4:25:1b:3e:52:d6:c7:c4:b5:06:c5:a3:
9f:b4:b8:73:de:8a:74:b0:b0:62:6f:40:22:7c:99:43:fa:d0:
d7:19:12:46:85:d9:c4:c5:62:55:42:21:d5:3e:12:7f:2f:b8:
90:72:93:1e:e1:b7:08:4f:52:a9:53:10:98:20:53:39:1e:8c:
c4:0f:59:fd:01:23:6b:58:0a:77:ee:f0:81:dc:cf:ed:c0:2e:
75:5f:59:ba:51:0c:60:1e:3c:4a:5b:14:1c:a3:8f:25:6b:88:
92:d5:6b:53:76:6e:49:43:3a:d4:dc:94:4c:ca:5d:26:67:ed:
92:56:cc:54:d5:3e:be:0f:46:df:69:ce:3a:d5:b2:36:a6:0a:
0c:31:45:97:3e:26:61:a4:b0:a0:f5:0b:35:f6:8b:99:c0:b9:
f9:f1:ee:0d:a0:81:ea:83:83:f0:4a:3d:09:c0:00:6f:00:21:
2d:86:41:cd:0d:5e:24:50:13:87:96:f7:ac:07:f0:72:46:b3:
3b:6e:a9:e8:46:b6:f6:90:a3:34:b2:4d:f5:53:05:03:4c:41:
7a:10:08:40:a7:69:36:10:d6:3c:36:f6:35:25:b8:22:ac:e8:
51:b7:28:d9:aa:bb:1b:a0:95:1a:19:b4:5b:ba:e6:53:5a:33:
ec:9b:c6:f5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtolYx7jRnTfkO0S6XpXkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYzc5ZThhMjdjZGU5OTExYmQ3ZGE2Mzg3M2M1Y2M1NThk
YmQ1MzEwHhcNMjQwMTAxMDYyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjQ3MjE3NGQ1MGFmNTAwZjgxZGRkYzdmODg2M2E0OTlmYWY5YzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApeWYB5flx0+hbqkBHyazEk5lUN1a
b2GoayR2Wy0ONQzD8CG8Z0WQzP49kbuW/70EDrNoYvfj0XNWSzrRr1URkV44dtyJ
ZU4k7TAmB0pqQv0kEWMjWvCZT74HEamS/XL63ihpZYDsXZiCen7Mg6hg9CVpFteT
HQym9tKWn9kohK8wXZfyXw7P5997RmdpWjwWZoLOuGl1HmtGB/AL6+BFWGr+2VDq
0jdhnhRSCbqz69HaVT8zdnaeWN2aHO5aEouCbefxG7ddRk3Dtbp43h9kNI1MR2nN
MV7DJd+Srsg1OWEf1xHEEl0bFwgIiZ16gSUbX6WCNDDGsgewLqL0rOqZiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDtHIXTVCvUA+B3dx/iGOkmfr5wyMB8GA1UdIwQY
MBaAFBHHnoonzemRG9faY4c8XMVY29UxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWNlZWlpZk42WkViMTlwamh6eGN4VmpiMVRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80MTRlNWEtNTJmOC00ODQ1LWIxYmIt
Yjk5MzA1MTBkMGEwLzEvTzBjaGROVUs5UUQ0SGQzSC1JWTZTWi12bkRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80MTRlNWEtNTJmOC00ODQ1LWIxYmItYjk5MzA1MTBkMGEw
LzEvRWNlZWlpZk42WkViMTlwamh6eGN4VmpiMVRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8AJAwQA
a5alMA0GCSqGSIb3DQEBCwUAA4IBAQCxA3Z3cEPUJRs+UtbHxLUGxaOftLhz3op0
sLBib0AifJlD+tDXGRJGhdnExWJVQiHVPhJ/L7iQcpMe4bcIT1KpUxCYIFM5HozE
D1n9ASNrWAp37vCB3M/twC51X1m6UQxgHjxKWxQco48la4iS1WtTdm5JQzrU3JRM
yl0mZ+2SVsxU1T6+D0bfac461bI2pgoMMUWXPiZhpLCg9Qs19ouZwLn58e4NoIHq
g4PwSj0JwABvACEthkHNDV4kUBOHlvesB/ByRrM7bqnoRrb2kKM0sk31UwUDTEF6
EAhAp2k2ENY8NvY1JbgirOhRtyjZqrsboJUaGbRbuuZTWjPsm8b1
-----END CERTIFICATE-----
Generated at Mon Nov 25 07:43:20 2024 by rpki-client on console-fra.rpki-client.org