Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/ojtOox8Wt7SMQ6_zO5wsZAGpkD4.roa
File: ojtOox8Wt7SMQ6_zO5wsZAGpkD4.roa (raw, json)
Hash identifier: peaSBJk7FlakYQEu3Xb5IumLjSrReNSbyW/hip0rUPQ=
Subject key identifier: A2:3B:4E:A3:1F:16:B7:B4:8C:43:AF:F3:3B:9C:2C:64:01:A9:90:3E
Certificate issuer: /CN=380dd9e7355c72c751fff4f175dace7daa7b9cbf
Certificate serial: 019420D5AD4FCF35FED66470460D80AE327D
Authority key identifier: 38:0D:D9:E7:35:5C:72:C7:51:FF:F4:F1:75:DA:CE:7D:AA:7B:9C:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OA3Z5zVccsdR__TxddrOfap7nL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/ojtOox8Wt7SMQ6_zO5wsZAGpkD4.roa
Signing time: Wed 01 Jan 2025 07:47:41 +0000
ROA not before: Wed 01 Jan 2025 07:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40966
IP address blocks: 185.67.164.0/22 maxlen: 22
185.67.164.0/24 maxlen: 24
185.67.165.0/24 maxlen: 24
185.67.166.0/24 maxlen: 24
185.67.167.0/24 maxlen: 24
217.112.32.0/20 maxlen: 20
217.112.36.0/23 maxlen: 23
217.112.42.0/23 maxlen: 23
217.112.44.0/24 maxlen: 24
217.112.45.0/24 maxlen: 24
217.112.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/OA3Z5zVccsdR__TxddrOfap7nL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/OA3Z5zVccsdR__TxddrOfap7nL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/OA3Z5zVccsdR__TxddrOfap7nL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:ad:4f:cf:35:fe:d6:64:70:46:0d:80:ae:32:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=380dd9e7355c72c751fff4f175dace7daa7b9cbf
Validity
Not Before: Jan 1 07:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a23b4ea31f16b7b48c43aff33b9c2c6401a9903e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:97:63:e5:4a:3e:74:b6:de:44:ee:a0:da:48:
ca:c0:b5:ed:27:cb:85:c2:77:40:a3:e9:5f:cc:d4:
9d:d4:73:bb:f7:0c:c1:9f:26:ae:9d:f3:ea:71:bf:
96:ac:e6:e0:86:0e:3c:7e:9e:7c:c2:73:5d:af:e4:
3d:4b:f3:58:94:85:e4:2b:1f:b1:7f:97:36:87:7c:
36:ab:f6:2a:49:2d:31:f1:cd:47:93:8a:e3:98:7e:
12:bc:6a:34:68:02:00:5d:ac:a8:35:fc:89:c5:94:
70:dc:78:24:49:7a:d4:5d:fa:89:1e:00:94:41:77:
0b:c3:79:4d:44:2b:62:68:0e:42:34:9f:78:fd:b2:
43:6c:af:16:aa:64:ce:4f:c6:6a:01:1d:23:8e:c2:
8d:55:4c:e0:16:9c:ae:4e:38:50:78:0c:3b:b9:03:
5f:47:77:a5:c4:8b:8e:87:4c:37:27:75:61:9e:e1:
0f:a8:dd:00:5d:63:3f:b6:5d:a8:a1:94:b6:e9:e9:
62:ac:64:8c:f7:57:d2:0d:31:3b:40:fa:bd:5d:ee:
2f:21:c8:ba:be:03:7b:77:1d:73:fb:b7:e6:9f:7d:
c5:e9:a8:c8:c5:b6:73:55:54:bb:e1:ce:52:86:f2:
fb:2d:aa:f5:54:35:98:c2:fb:40:97:75:c8:21:be:
c7:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:3B:4E:A3:1F:16:B7:B4:8C:43:AF:F3:3B:9C:2C:64:01:A9:90:3E
X509v3 Authority Key Identifier:
keyid:38:0D:D9:E7:35:5C:72:C7:51:FF:F4:F1:75:DA:CE:7D:AA:7B:9C:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OA3Z5zVccsdR__TxddrOfap7nL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/ojtOox8Wt7SMQ6_zO5wsZAGpkD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/b7fea2-a32d-4a5e-9982-54b4ca50d248/1/OA3Z5zVccsdR__TxddrOfap7nL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.67.164.0/22
217.112.32.0/20
Signature Algorithm: sha256WithRSAEncryption
4b:a9:91:4e:e7:f6:6d:72:87:5d:9f:63:ff:a9:4d:a2:a3:03:
01:10:6e:42:16:21:51:26:b9:78:25:45:c2:7e:62:d8:86:cd:
4b:e9:9a:61:75:bd:c0:5c:f4:87:61:fa:4b:5d:97:ec:b6:f4:
7a:42:e7:bf:91:f5:2b:34:24:cc:05:cd:31:df:9f:15:2e:ce:
0b:70:0e:bc:5a:1c:51:96:8f:88:a3:e1:2f:cf:74:1c:e1:6c:
c4:73:be:14:f6:60:85:ce:a6:b7:13:ed:c4:ee:d8:36:a3:be:
3d:a5:67:cd:01:36:48:50:7b:bd:52:15:99:ba:6a:dc:c5:6f:
fa:eb:27:f1:de:aa:b0:97:68:2c:d3:d6:9c:cb:23:f1:9c:ee:
81:8b:76:e8:95:a5:87:bd:e8:c4:a3:ae:71:07:e7:62:59:7a:
0a:48:1a:93:65:97:73:3b:fc:13:b9:b3:83:78:9e:64:f3:14:
95:4f:b8:de:82:ca:01:1f:93:9b:ba:40:51:5d:2e:68:63:15:
43:27:52:1c:86:92:cc:33:86:6e:c3:18:18:4c:72:3e:86:b8:
c9:22:cb:cb:48:e3:d8:d4:b2:b6:29:12:0a:6e:b6:36:26:4c:
c6:dc:8c:b6:e8:17:4e:11:5b:88:23:d5:89:4e:5b:0f:77:95:
0e:bf:54:3e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQg1a1PzzX+1mRwRg2ArjJ9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4MGRkOWU3MzU1YzcyYzc1MWZmZjRmMTc1ZGFjZTdkYWE3
YjljYmYwHhcNMjUwMTAxMDc0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjNiNGVhMzFmMTZiN2I0OGM0M2FmZjMzYjljMmM2NDAxYTk5MDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5dj5Uo+dLbeRO6g2kjKwLXtJ8uF
wndAo+lfzNSd1HO79wzBnyaunfPqcb+WrObghg48fp58wnNdr+Q9S/NYlIXkKx+x
f5c2h3w2q/YqSS0x8c1Hk4rjmH4SvGo0aAIAXayoNfyJxZRw3HgkSXrUXfqJHgCU
QXcLw3lNRCtiaA5CNJ94/bJDbK8WqmTOT8ZqAR0jjsKNVUzgFpyuTjhQeAw7uQNf
R3elxIuOh0w3J3VhnuEPqN0AXWM/tl2ooZS26elirGSM91fSDTE7QPq9Xe4vIci6
vgN7dx1z+7fmn33F6ajIxbZzVVS74c5ShvL7Lar1VDWYwvtAl3XIIb7HfwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKI7TqMfFre0jEOv8zucLGQBqZA+MB8GA1UdIwQY
MBaAFDgN2ec1XHLHUf/08XXazn2qe5y/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0EzWjV6VmNjc2RSX19UeGRkck9mYXA3bkw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9iN2ZlYTItYTMyZC00YTVlLTk5ODIt
NTRiNGNhNTBkMjQ4LzEvb2p0T294OFd0N1NNUTZfek81d3NaQUdwa0Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9iN2ZlYTItYTMyZC00YTVlLTk5ODItNTRiNGNhNTBkMjQ4
LzEvT0EzWjV6VmNjc2RSX19UeGRkck9mYXA3bkw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUOkAwQE
2XAgMA0GCSqGSIb3DQEBCwUAA4IBAQBLqZFO5/Ztcoddn2P/qU2iowMBEG5CFiFR
Jrl4JUXCfmLYhs1L6Zphdb3AXPSHYfpLXZfstvR6Que/kfUrNCTMBc0x358VLs4L
cA68WhxRlo+Io+Evz3Qc4WzEc74U9mCFzqa3E+3E7tg2o749pWfNATZIUHu9UhWZ
umrcxW/66yfx3qqwl2gs09acyyPxnO6Bi3bolaWHvejEo65xB+diWXoKSBqTZZdz
O/wTubODeJ5k8xSVT7jegsoBH5ObukBRXS5oYxVDJ1IchpLMM4ZuwxgYTHI+hrjJ
IsvLSOPY1LK2KRIKbrY2JkzG3Iy26BdOEVuII9WJTlsPd5UOv1Q+
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:47:15 2025 by rpki-client