Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/ocV8UkJAFJo9FeEyT_Ego3rrVlU.roa
File: ocV8UkJAFJo9FeEyT_Ego3rrVlU.roa (raw, json)
Hash identifier: KdxhIq+qdtpGUgHPxXp3L9C5At7jWVr3EftI6aUdemQ=
Subject key identifier: A1:C5:7C:52:42:40:14:9A:3D:15:E1:32:4F:F1:20:A3:7A:EB:56:55
Certificate issuer: /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial: 018F1B96512E854400D1C2AB83693B2C5A6B
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/ocV8UkJAFJo9FeEyT_Ego3rrVlU.roa
Signing time: Fri 26 Apr 2024 18:06:27 +0000
ROA not before: Fri 26 Apr 2024 18:06:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 176.67.84.0/24 maxlen: 24
2a05:e9c0:2600::/40 maxlen: 40
2a05:e9c0:3200::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:1b:96:51:2e:85:44:00:d1:c2:ab:83:69:3b:2c:5a:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Validity
Not Before: Apr 26 18:06:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1c57c524240149a3d15e1324ff120a37aeb5655
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:7e:78:f3:72:37:2d:b5:23:47:b7:9c:da:21:
8d:c7:61:91:e3:06:5d:c0:3d:85:4d:7a:14:4d:c4:
79:b5:f7:90:a1:69:e4:1c:d0:41:38:47:2b:0b:bc:
f1:07:28:38:f5:ea:dc:dd:da:a6:f7:cf:8f:8e:d0:
44:fc:26:a0:ad:8c:c9:fe:f4:40:83:4e:72:c7:6d:
f2:12:bd:4e:c4:5f:b0:7c:79:6e:79:2d:f5:5d:80:
54:61:24:db:8f:67:99:89:c4:ba:b0:e0:aa:41:d6:
d4:81:16:df:cb:a0:df:59:35:16:c9:58:d9:16:e3:
08:78:63:4b:11:b9:49:d4:d1:48:98:3d:ff:64:ff:
b1:4c:da:90:28:f6:6b:e2:66:cd:55:f8:1e:24:dc:
0f:51:27:95:93:0a:2a:ab:46:df:e1:9b:49:c0:b4:
a4:10:2d:bb:f1:a3:46:52:90:67:45:9d:ee:ff:a5:
e2:3b:da:dd:a4:3f:ea:0c:2d:f2:a9:30:92:b8:02:
62:5e:8f:ba:bd:7f:eb:41:37:09:d0:8b:d6:bf:a9:
a6:f3:be:66:ab:02:d5:19:7f:eb:ee:da:91:85:1e:
7e:15:9e:2a:95:08:6c:9e:b8:ed:a1:f7:3c:25:d5:
3c:49:2c:06:de:eb:7c:dc:6f:66:c9:91:58:a4:18:
1b:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:C5:7C:52:42:40:14:9A:3D:15:E1:32:4F:F1:20:A3:7A:EB:56:55
X509v3 Authority Key Identifier:
keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/ocV8UkJAFJo9FeEyT_Ego3rrVlU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.84.0/24
IPv6:
2a05:e9c0:2600::/40
2a05:e9c0:3200::/40
Signature Algorithm: sha256WithRSAEncryption
74:21:1c:fb:b0:5f:21:91:8d:54:96:a4:ea:92:ea:f0:9b:7d:
f9:71:f8:32:e4:83:05:0e:5b:58:86:48:60:8a:ff:7a:05:82:
e9:7f:64:17:b8:2f:64:57:99:ff:f7:c3:cd:15:4a:16:a4:1a:
57:fb:49:c6:8c:a1:4e:2f:2e:61:46:9a:52:f7:99:83:59:f8:
77:4f:d7:04:54:c0:5e:5c:7f:f1:63:a3:ff:ee:8a:9c:7e:e5:
00:cb:88:df:1c:c5:6f:d9:67:59:f9:32:8e:38:6f:53:fb:9e:
91:6e:07:90:d1:40:b8:ea:d8:2e:3e:a3:da:7d:3a:34:12:d0:
81:30:e2:ea:1c:a0:ae:10:43:19:ab:3d:d3:80:87:5a:1d:bb:
d9:e3:72:51:72:0c:cb:04:ee:eb:a3:a8:d5:67:3e:c0:3b:45:
54:9e:39:28:28:cc:26:37:81:5e:c0:50:97:34:d9:3b:0c:1f:
f6:63:6a:bc:1a:c3:4e:1f:07:7d:54:4c:f1:60:36:58:2f:92:
d8:9c:79:49:d8:26:a3:28:8f:fd:4b:20:52:b0:86:3f:20:87:
c0:2f:9d:b8:40:16:3d:0d:e9:7f:a6:9f:1c:5b:4e:ba:39:3b:
e1:93:f1:4a:ec:8f:fb:f3:97:22:b3:a0:78:b8:2f:43:90:8d:
e2:4a:ec:96
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY8bllEuhUQA0cKrg2k7LFprMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjQwNDI2MTgwNjI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWM1N2M1MjQyNDAxNDlhM2QxNWUxMzI0ZmYxMjBhMzdhZWI1NjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2n5483I3LbUjR7ec2iGNx2GR4wZd
wD2FTXoUTcR5tfeQoWnkHNBBOEcrC7zxByg49erc3dqm98+PjtBE/CagrYzJ/vRA
g05yx23yEr1OxF+wfHlueS31XYBUYSTbj2eZicS6sOCqQdbUgRbfy6DfWTUWyVjZ
FuMIeGNLEblJ1NFImD3/ZP+xTNqQKPZr4mbNVfgeJNwPUSeVkwoqq0bf4ZtJwLSk
EC278aNGUpBnRZ3u/6XiO9rdpD/qDC3yqTCSuAJiXo+6vX/rQTcJ0IvWv6mm875m
qwLVGX/r7tqRhR5+FZ4qlQhsnrjtofc8JdU8SSwG3ut83G9myZFYpBgbywIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKHFfFJCQBSaPRXhMk/xIKN661ZVMB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvb2NWOFVrSkFGSm85RmVFeVRfRWdvM3JyVmxVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAsENUMBYE
AgACMBADBgAqBenAJgMGACoF6cAyMA0GCSqGSIb3DQEBCwUAA4IBAQB0IRz7sF8h
kY1UlqTqkurwm335cfgy5IMFDltYhkhgiv96BYLpf2QXuC9kV5n/98PNFUoWpBpX
+0nGjKFOLy5hRppS95mDWfh3T9cEVMBeXH/xY6P/7oqcfuUAy4jfHMVv2WdZ+TKO
OG9T+56RbgeQ0UC46tguPqPafTo0EtCBMOLqHKCuEEMZqz3TgIdaHbvZ43JRcgzL
BO7ro6jVZz7AO0VUnjkoKMwmN4FewFCXNNk7DB/2Y2q8GsNOHwd9VEzxYDZYL5LY
nHlJ2CajKI/9SyBSsIY/IIfAL524QBY9Del/pp8cW066OTvhk/FK7I/785cis6B4
uC9DkI3iSuyW
-----END CERTIFICATE-----
Generated at Sat Jun 8 07:27:52 2024 by rpki-client on console-ams.rpki-client.org