Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/O_nWXTxp4B7ZFpwErFFLvlWgEhI.roa
File: O_nWXTxp4B7ZFpwErFFLvlWgEhI.roa (raw, json)
Hash identifier: XvRINtgGqUzW6Lkj+0R8yuHePRW4d5CVk5EGOMC79gQ=
Subject key identifier: 3B:F9:D6:5D:3C:69:E0:1E:D9:16:9C:04:AC:51:4B:BE:55:A0:12:12
Certificate issuer: /CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Certificate serial: 018CC5DC4D9CC1ECBD15E6C8691EAD4482FB
Authority key identifier: 99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/O_nWXTxp4B7ZFpwErFFLvlWgEhI.roa
Signing time: Mon 01 Jan 2024 16:29:58 +0000
ROA not before: Mon 01 Jan 2024 16:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204031
IP address blocks: 146.255.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4d:9c:c1:ec:bd:15:e6:c8:69:1e:ad:44:82:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99e7209a8c9b176fbf623edf3ee0b82007fc2c40
Validity
Not Before: Jan 1 16:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3bf9d65d3c69e01ed9169c04ac514bbe55a01212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:87:be:32:01:9d:07:24:64:14:5a:39:3d:8c:
c2:db:a0:3d:7c:b0:ea:a6:b5:6a:56:d0:5c:b8:ed:
a4:7d:81:12:91:6c:37:8f:88:06:15:1a:37:75:ff:
e1:ee:12:1d:05:d3:86:29:8d:ff:eb:fb:10:92:15:
9e:44:4b:4f:25:a7:c5:aa:37:83:67:1c:fd:4c:c3:
de:9d:da:ba:5f:4d:72:34:46:eb:a3:a8:2b:12:66:
96:13:f0:79:6e:a0:ba:a4:db:4a:22:a4:59:de:fe:
61:57:d4:7a:40:43:e4:81:ad:7e:8c:37:d1:5e:2a:
72:0e:a6:86:f6:af:35:3b:a2:e7:a1:92:bc:81:8b:
80:94:50:88:c9:a4:4a:30:b4:a8:09:fa:ea:04:3c:
60:ab:ff:7e:e7:4d:c4:09:d7:d7:92:13:b0:d7:69:
b4:35:db:4e:58:b9:7b:77:8b:92:78:03:4d:ee:d1:
ef:7c:b9:a8:47:7a:ce:b9:49:70:58:48:1e:74:2a:
50:be:77:02:f9:50:d6:c2:3c:a8:37:b1:86:4b:b8:
12:69:89:71:df:42:9f:1f:ad:02:a3:40:41:b4:11:
cd:e2:21:b3:99:3f:ff:d7:f9:d5:27:5f:6a:26:c3:
b3:92:d4:12:ef:0b:18:d2:8b:50:aa:63:26:5e:c2:
7f:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F9:D6:5D:3C:69:E0:1E:D9:16:9C:04:AC:51:4B:BE:55:A0:12:12
X509v3 Authority Key Identifier:
keyid:99:E7:20:9A:8C:9B:17:6F:BF:62:3E:DF:3E:E0:B8:20:07:FC:2C:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mecgmoybF2-_Yj7fPuC4IAf8LEA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/O_nWXTxp4B7ZFpwErFFLvlWgEhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/ef5856-bbc0-45a4-891e-b2dcc1863e8b/1/mecgmoybF2-_Yj7fPuC4IAf8LEA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.255.76.0/24
Signature Algorithm: sha256WithRSAEncryption
39:95:6d:27:e5:10:b4:08:ba:a9:5c:ac:75:10:b1:b4:38:77:
91:d5:00:57:d4:f1:a5:9c:64:8d:f5:95:e9:b4:fa:80:cf:37:
fe:80:65:82:a3:18:f5:52:da:ae:f2:84:36:3b:dc:2a:e0:ad:
15:cb:bd:87:14:da:97:db:47:ac:11:0d:67:8a:d9:17:94:32:
74:77:57:da:d3:d4:8e:b8:97:8d:21:f3:22:9e:24:78:05:22:
6f:7d:85:c0:e0:36:97:39:c2:98:e7:89:6a:51:ba:40:4c:ab:
3d:0b:64:e7:5b:86:cc:ae:91:13:5f:07:28:2f:09:15:b0:f9:
30:42:03:82:c7:c5:cd:29:5f:d6:6f:be:74:b5:b8:e0:c6:79:
e3:9b:f3:d0:08:f8:8b:5a:13:09:05:fb:b2:1c:7f:48:65:13:
cc:6f:c5:e9:43:60:79:7f:fe:c8:32:26:df:b3:23:fd:e3:93:
32:c3:9b:9b:d5:e7:4f:e8:48:eb:e0:89:bf:21:fa:cd:99:45:
ab:79:c5:f0:16:6b:43:93:69:79:24:fc:3b:8c:1f:fb:72:f7:
95:57:10:d5:70:61:ce:d6:0b:a4:f3:0a:c4:0e:bb:1f:de:fe:
02:45:96:3b:b1:fb:0b:cf:8e:ec:7c:2d:8e:c7:18:f3:66:fb:
f3:54:da:76
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3E2cwey9FebIaR6tRIL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5ZTcyMDlhOGM5YjE3NmZiZjYyM2VkZjNlZTBiODIwMDdm
YzJjNDAwHhcNMjQwMTAxMTYyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmY5ZDY1ZDNjNjllMDFlZDkxNjljMDRhYzUxNGJiZTU1YTAxMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oe+MgGdByRkFFo5PYzC26A9fLDq
prVqVtBcuO2kfYESkWw3j4gGFRo3df/h7hIdBdOGKY3/6/sQkhWeREtPJafFqjeD
Zxz9TMPendq6X01yNEbro6grEmaWE/B5bqC6pNtKIqRZ3v5hV9R6QEPkga1+jDfR
XipyDqaG9q81O6LnoZK8gYuAlFCIyaRKMLSoCfrqBDxgq/9+503ECdfXkhOw12m0
NdtOWLl7d4uSeANN7tHvfLmoR3rOuUlwWEgedCpQvncC+VDWwjyoN7GGS7gSaYlx
30KfH60Co0BBtBHN4iGzmT//1/nVJ19qJsOzktQS7wsY0otQqmMmXsJ/RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDv51l08aeAe2RacBKxRS75VoBISMB8GA1UdIwQY
MBaAFJnnIJqMmxdvv2I+3z7guCAH/CxAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUt
YjJkY2MxODYzZThiLzEvT19uV1hUeHA0QjdaRnB3RXJGRkx2bFdnRWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi9lZjU4NTYtYmJjMC00NWE0LTg5MWUtYjJkY2MxODYzZThi
LzEvbWVjZ21veWJGMi1fWWo3ZlB1QzRJQWY4TEVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkv9MMA0G
CSqGSIb3DQEBCwUAA4IBAQA5lW0n5RC0CLqpXKx1ELG0OHeR1QBX1PGlnGSN9ZXp
tPqAzzf+gGWCoxj1Utqu8oQ2O9wq4K0Vy72HFNqX20esEQ1nitkXlDJ0d1fa09SO
uJeNIfMiniR4BSJvfYXA4DaXOcKY54lqUbpATKs9C2TnW4bMrpETXwcoLwkVsPkw
QgOCx8XNKV/Wb750tbjgxnnjm/PQCPiLWhMJBfuyHH9IZRPMb8XpQ2B5f/7IMibf
syP945Myw5ub1edP6Ejr4Im/IfrNmUWrecXwFmtDk2l5JPw7jB/7cveVVxDVcGHO
1guk8wrEDrsf3v4CRZY7sfsLz47sfC2OxxjzZvvzVNp2
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:14:55 2024 by rpki-client on console-fra.rpki-client.org