Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/oqHnRDRdhuX3E8cmEu9lTLMjIE0.roa
File: oqHnRDRdhuX3E8cmEu9lTLMjIE0.roa (raw, json)
Hash identifier: IaGon+87IRv28/xJ0VYPM80hMhFix1yzYJf3rxW2WLM=
Subject key identifier: A2:A1:E7:44:34:5D:86:E5:F7:13:C7:26:12:EF:65:4C:B3:23:20:4D
Certificate issuer: /CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Certificate serial: 018CD5FD2CE4101EF54847192AA232B86E50
Authority key identifier: 60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/oqHnRDRdhuX3E8cmEu9lTLMjIE0.roa
Signing time: Thu 04 Jan 2024 19:39:48 +0000
ROA not before: Thu 04 Jan 2024 19:39:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13335
IP address blocks: 192.35.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.mft
rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 20:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d5:fd:2c:e4:10:1e:f5:48:47:19:2a:a2:32:b8:6e:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60998d3c9d8bdc9c1dff8e319424412b6cdc1dd3
Validity
Not Before: Jan 4 19:39:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2a1e744345d86e5f713c72612ef654cb323204d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ea:1e:af:ff:15:57:59:f3:12:f1:2a:69:a4:
d4:30:8e:6c:a2:a6:35:d4:65:a5:c2:8f:1e:02:3c:
1e:71:38:8e:24:c5:bc:27:38:b7:d1:1b:fd:07:d2:
c6:00:57:3a:e3:fe:44:69:d6:cc:2f:17:14:6a:f1:
49:9b:17:c4:a0:e2:25:22:5f:8a:bf:29:c5:cd:96:
f5:01:e6:9f:ee:e9:db:5d:79:a7:40:c3:51:4e:3c:
43:bc:75:fe:68:34:37:ec:a1:0b:1c:95:5d:e1:67:
05:03:b4:6d:8a:1f:4a:e3:bf:96:18:e8:aa:0b:82:
f6:2c:14:13:ae:45:47:e7:d8:b8:b9:d4:73:f8:0f:
98:50:c1:5b:91:44:b6:dc:b7:87:7e:92:33:c2:da:
28:c5:1b:4b:ae:3d:3c:79:8f:65:98:41:41:1d:d2:
6d:a5:d8:91:1e:4b:6c:22:90:de:37:5b:c3:3c:e5:
94:38:99:f7:31:58:a2:99:69:83:da:41:44:29:34:
24:b9:4b:b5:3e:79:9c:3f:d4:fa:70:52:77:35:86:
89:ed:d1:0b:6d:ac:88:0f:5c:17:8e:13:85:63:03:
bf:a9:86:06:f7:77:bf:18:ce:74:a0:94:ab:96:c1:
d6:8f:8e:4e:7f:73:aa:4d:7f:c8:0c:07:f4:40:16:
e4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A1:E7:44:34:5D:86:E5:F7:13:C7:26:12:EF:65:4C:B3:23:20:4D
X509v3 Authority Key Identifier:
keyid:60:99:8D:3C:9D:8B:DC:9C:1D:FF:8E:31:94:24:41:2B:6C:DC:1D:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/oqHnRDRdhuX3E8cmEu9lTLMjIE0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/779ae9-7d22-4252-8c5b-0ea4d531b793/1/YJmNPJ2L3Jwd_44xlCRBK2zcHdM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.35.206.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:2a:db:0a:00:5f:b6:40:b2:0a:f6:53:02:ff:ef:b1:a4:94:
7b:5a:9e:c0:e3:13:4a:6e:e9:af:3e:50:1d:97:55:fa:fe:17:
a2:db:b0:f9:4d:fc:ae:9a:b3:ce:51:2f:7b:2c:2a:21:66:bb:
33:cc:89:4c:8d:df:4d:d1:f7:2a:d2:18:73:c0:d1:ef:02:2f:
6c:25:f3:5e:52:29:35:7f:e0:c7:13:50:e3:73:bf:c8:4c:df:
07:70:6a:d1:46:59:3c:9d:6c:03:f1:be:55:20:0d:f5:cd:5a:
6c:1b:51:64:70:4c:9c:86:2f:86:b1:b5:5f:30:07:9d:9e:5e:
56:f2:b1:df:9d:95:d6:11:52:aa:34:a8:4a:06:19:06:91:d2:
d3:09:f4:a3:48:17:36:15:93:42:39:91:f7:3d:d2:43:03:8a:
a1:17:6f:9c:35:72:89:bf:30:2e:90:04:c0:e0:9d:84:18:5d:
c9:dc:8b:13:98:c0:e5:a2:e6:b9:5f:cc:80:e4:e9:f0:97:34:
05:c2:0c:73:ab:9f:4e:af:2a:71:f6:3c:39:3f:b8:f8:90:bd:
04:c7:ce:27:ad:e6:6c:6b:c7:7e:80:cd:55:7d:05:dc:7b:c7:
a1:25:72:1c:77:cb:b3:12:75:93:5d:9d:66:60:83:4b:7c:7d:
60:c4:a5:20
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzV/SzkEB71SEcZKqIyuG5QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTk4ZDNjOWQ4YmRjOWMxZGZmOGUzMTk0MjQ0MTJiNmNk
YzFkZDMwHhcNMjQwMTA0MTkzOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmExZTc0NDM0NWQ4NmU1ZjcxM2M3MjYxMmVmNjU0Y2IzMjMyMDRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAruoer/8VV1nzEvEqaaTUMI5soqY1
1GWlwo8eAjwecTiOJMW8Jzi30Rv9B9LGAFc64/5EadbMLxcUavFJmxfEoOIlIl+K
vynFzZb1Aeaf7unbXXmnQMNRTjxDvHX+aDQ37KELHJVd4WcFA7Rtih9K47+WGOiq
C4L2LBQTrkVH59i4udRz+A+YUMFbkUS23LeHfpIzwtooxRtLrj08eY9lmEFBHdJt
pdiRHktsIpDeN1vDPOWUOJn3MViimWmD2kFEKTQkuUu1PnmcP9T6cFJ3NYaJ7dEL
bayID1wXjhOFYwO/qYYG93e/GM50oJSrlsHWj45Of3OqTX/IDAf0QBbkUQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKh50Q0XYbl9xPHJhLvZUyzIyBNMB8GA1UdIwQY
MBaAFGCZjTydi9ycHf+OMZQkQSts3B3TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWIt
MGVhNGQ1MzFiNzkzLzEvb3FIblJEUmRodVgzRThjbUV1OWxUTE1qSUUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83NzlhZTktN2QyMi00MjUyLThjNWItMGVhNGQ1MzFiNzkz
LzEvWUptTlBKMkwzSndkXzQ0eGxDUkJLMnpjSGRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwCPOMA0G
CSqGSIb3DQEBCwUAA4IBAQAdKtsKAF+2QLIK9lMC/++xpJR7Wp7A4xNKbumvPlAd
l1X6/hei27D5TfyumrPOUS97LCohZrszzIlMjd9N0fcq0hhzwNHvAi9sJfNeUik1
f+DHE1Djc7/ITN8HcGrRRlk8nWwD8b5VIA31zVpsG1FkcEychi+GsbVfMAednl5W
8rHfnZXWEVKqNKhKBhkGkdLTCfSjSBc2FZNCOZH3PdJDA4qhF2+cNXKJvzAukATA
4J2EGF3J3IsTmMDloua5X8yA5OnwlzQFwgxzq59Orypx9jw5P7j4kL0Ex84nreZs
a8d+gM1VfQXce8ehJXIcd8uzEnWTXZ1mYINLfH1gxKUg
-----END CERTIFICATE-----
Generated at Sun May 12 04:58:00 2024 by rpki-client on console-fra.rpki-client.org