Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Omgb0FfO44hrmZoLogLgjzwluoE.roa
File: Omgb0FfO44hrmZoLogLgjzwluoE.roa (raw, json)
Hash identifier: aUknWH1ZZ3W0oZM8PPh6vvp4l925W6+koULvW9KK1w0=
Subject key identifier: 3A:68:1B:D0:57:CE:E3:88:6B:99:9A:0B:A2:02:E0:8F:3C:25:BA:81
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018FBF21A00A22CD8543876A7D155D3F10F5
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Omgb0FfO44hrmZoLogLgjzwluoE.roa
Signing time: Tue 28 May 2024 12:16:42 +0000
ROA not before: Tue 28 May 2024 12:16:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34628
IP address blocks: 193.183.70.0/24 maxlen: 24
193.183.75.0/24 maxlen: 24
2a01:280:328::/48 maxlen: 48
2a01:280:329::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:21:a0:0a:22:cd:85:43:87:6a:7d:15:5d:3f:10:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: May 28 12:16:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a681bd057cee3886b999a0ba202e08f3c25ba81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:53:80:38:a3:75:50:95:9a:b6:88:7d:ac:0b:
9c:91:83:e9:18:c6:5d:49:21:05:1d:60:0a:52:02:
0c:16:13:ea:28:b9:f3:3c:c3:98:f1:ac:a9:de:24:
75:00:99:26:90:31:a8:86:e5:ac:58:e0:90:9e:33:
5d:bd:4e:a0:26:a9:57:a1:a9:9d:a2:f8:c5:11:54:
57:4b:16:6f:3c:fe:0d:1e:a1:76:de:2a:a0:f4:62:
c8:1d:c5:b1:5c:d5:c9:98:da:5b:13:c3:90:3d:fd:
84:30:82:09:4b:37:06:cc:10:c0:f0:5f:b1:8e:56:
fd:ee:b5:e1:c4:e1:c5:78:3d:1a:02:55:1c:84:ba:
92:6f:ec:53:3d:68:e7:f6:3e:75:d4:80:b9:ad:b9:
83:3e:a3:12:25:db:12:0d:c4:62:77:80:e6:ac:e1:
95:4c:a7:15:28:7b:08:0f:4d:d3:52:91:00:c5:35:
68:f2:4a:44:71:aa:ba:f8:32:a0:91:c0:7d:cc:95:
3e:58:5c:1c:8d:d0:0a:3f:63:39:fc:e8:42:11:bc:
ba:d5:5b:98:45:31:97:0a:72:18:c0:ab:b7:b0:aa:
fe:f7:51:36:37:89:59:b0:89:a3:cd:52:08:66:ca:
26:bd:27:93:f5:ee:2b:a5:21:e2:95:1f:c9:6f:54:
bd:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:68:1B:D0:57:CE:E3:88:6B:99:9A:0B:A2:02:E0:8F:3C:25:BA:81
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/Omgb0FfO44hrmZoLogLgjzwluoE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.183.70.0/24
193.183.75.0/24
IPv6:
2a01:280:328::/47
Signature Algorithm: sha256WithRSAEncryption
95:f9:e7:d5:b4:0f:f6:12:63:ac:c5:91:a5:90:a1:f3:6a:ee:
00:c6:74:42:c2:1f:03:be:7a:1e:ac:cc:fb:3e:2c:48:e0:7b:
c5:90:5f:fe:67:1b:d0:92:fb:05:7e:63:03:ff:32:12:4c:e0:
2c:27:ee:0d:fe:ae:47:f7:92:8c:59:0f:67:d8:11:21:8a:e6:
7f:be:25:e4:28:83:62:99:58:9a:44:0a:9c:53:20:56:00:1f:
32:44:9f:75:ba:f9:31:43:c7:97:04:fa:f6:ab:74:b1:35:33:
6d:99:70:65:8d:b4:12:65:15:4c:00:2a:b1:ff:a3:61:5a:64:
25:c5:a9:20:87:cc:2c:8e:a9:bd:a5:be:ea:ac:e1:2f:8b:8f:
16:54:99:8a:40:3c:31:6f:d0:83:54:79:9b:5f:a1:fe:f3:e3:
db:25:c0:5f:1b:25:f3:64:ea:41:6c:71:4b:90:49:ac:39:c2:
6d:7e:e0:28:cf:a4:94:d1:00:24:dc:9f:db:39:ab:44:d3:58:
c6:f3:87:0c:4a:42:82:af:f3:ce:0a:38:a2:f1:f2:8e:b2:bb:
65:b9:a0:0d:fc:e8:2b:59:0c:66:d1:2e:71:a7:4d:9b:8a:93:
ea:05:d5:ae:b7:75:86:0f:96:a4:d0:c3:62:7b:3a:23:4c:71:
90:b1:c5:5a
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY+/IaAKIs2FQ4dqfRVdPxD1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwNTI4MTIxNjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTY4MWJkMDU3Y2VlMzg4NmI5OTlhMGJhMjAyZTA4ZjNjMjViYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFOAOKN1UJWatoh9rAuckYPpGMZd
SSEFHWAKUgIMFhPqKLnzPMOY8ayp3iR1AJkmkDGohuWsWOCQnjNdvU6gJqlXoamd
ovjFEVRXSxZvPP4NHqF23iqg9GLIHcWxXNXJmNpbE8OQPf2EMIIJSzcGzBDA8F+x
jlb97rXhxOHFeD0aAlUchLqSb+xTPWjn9j511IC5rbmDPqMSJdsSDcRid4DmrOGV
TKcVKHsID03TUpEAxTVo8kpEcaq6+DKgkcB9zJU+WFwcjdAKP2M5/OhCEby61VuY
RTGXCnIYwKu3sKr+91E2N4lZsImjzVIIZsomvSeT9e4rpSHilR/Jb1S9GQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDpoG9BXzuOIa5maC6IC4I88JbqBMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvT21nYjBGZk80NGhybVpvTG9nTGdqendsdW9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAwbdGAwQA
wbdLMA8EAgACMAkDBwEqAQKAAygwDQYJKoZIhvcNAQELBQADggEBAJX559W0D/YS
Y6zFkaWQofNq7gDGdELCHwO+eh6szPs+LEjge8WQX/5nG9CS+wV+YwP/MhJM4Cwn
7g3+rkf3koxZD2fYESGK5n++JeQog2KZWJpECpxTIFYAHzJEn3W6+TFDx5cE+var
dLE1M22ZcGWNtBJlFUwAKrH/o2FaZCXFqSCHzCyOqb2lvuqs4S+LjxZUmYpAPDFv
0INUeZtfof7z49slwF8bJfNk6kFscUuQSaw5wm1+4CjPpJTRACTcn9s5q0TTWMbz
hwxKQoKv884KOKLx8o6yu2W5oA386CtZDGbRLnGnTZuKk+oF1a63dYYPlqTQw2J7
OiNMcZCxxVo=
-----END CERTIFICATE-----
Generated at Mon Nov 25 17:04:53 2024 by rpki-client on console-ams.rpki-client.org