Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/1-OHDPVGE0zeGaWyuyK7O9G38PCA.roa
File: 1-OHDPVGE0zeGaWyuyK7O9G38PCA.roa (raw, json)
Hash identifier: 2hwDE+GWMy8idbtUiaNvkfAuYTZr5wAwyvwPr+TCerI=
Subject key identifier: F8:E1:C3:3D:51:84:D3:37:86:69:6C:AE:C8:AE:CE:F4:6D:FC:3C:20
Certificate issuer: /CN=43fad79548afc5c83e59bbfe388c64492cb55013
Certificate serial: 018D5EC18F2785954FC1052A97FC7C9478FA
Authority key identifier: 43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/1-OHDPVGE0zeGaWyuyK7O9G38PCA.roa
Signing time: Wed 31 Jan 2024 09:02:39 +0000
ROA not before: Wed 31 Jan 2024 09:02:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44407
IP address blocks: 188.231.0.0/17 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5e:c1:8f:27:85:95:4f:c1:05:2a:97:fc:7c:94:78:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43fad79548afc5c83e59bbfe388c64492cb55013
Validity
Not Before: Jan 31 09:02:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f8e1c33d5184d33786696caec8aecef46dfc3c20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:02:e0:6b:ff:ab:4c:f8:f5:84:71:28:e1:4a:
eb:01:13:36:d0:26:46:62:05:47:eb:0e:81:40:b1:
11:31:a0:33:d5:4a:77:d6:0f:e8:2c:b9:d8:7e:de:
f3:af:be:21:3a:cc:f9:c1:eb:d8:22:83:5d:4c:9a:
3f:de:5b:4f:3d:a2:33:9a:29:62:4b:b8:97:28:7f:
cf:8d:29:65:ae:e9:40:df:ab:d4:e9:27:9c:d4:e5:
6e:d4:a8:f1:d5:f9:5c:e5:28:46:99:15:ef:be:0a:
13:13:ac:ec:99:05:d2:b9:e2:2f:df:c1:2e:d9:58:
0f:94:5b:c3:65:b5:0d:12:e0:4c:d9:1b:b9:ef:af:
fe:fd:40:f6:ee:68:05:89:35:c9:24:72:ac:f0:97:
b6:a2:b7:7e:6c:ef:36:a6:11:d0:b2:9b:0d:42:9a:
cc:02:65:07:b0:ea:f1:46:cf:8b:46:be:e3:9b:c7:
97:c1:84:55:d6:29:6e:83:57:c0:60:da:70:06:86:
c4:6e:ba:4d:1a:d9:5d:73:16:dc:f8:f6:03:31:7a:
04:1a:92:6e:63:e1:e9:ca:27:01:b1:fc:7d:a0:a1:
e8:72:52:5c:1a:e2:bb:ce:f1:d9:a6:24:8d:82:5a:
8b:f5:7c:8e:1a:61:7e:37:4c:8d:90:6a:40:ea:dd:
ae:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:E1:C3:3D:51:84:D3:37:86:69:6C:AE:C8:AE:CE:F4:6D:FC:3C:20
X509v3 Authority Key Identifier:
keyid:43:FA:D7:95:48:AF:C5:C8:3E:59:BB:FE:38:8C:64:49:2C:B5:50:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/1-OHDPVGE0zeGaWyuyK7O9G38PCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/2cf2c1-1962-4b70-9e5b-fe855dabb75e/1/Q_rXlUivxcg-Wbv-OIxkSSy1UBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.231.0.0/17
Signature Algorithm: sha256WithRSAEncryption
52:0d:dc:a2:96:0f:ba:3b:6f:c4:f1:01:69:e4:99:30:10:36:
c4:23:84:58:31:3b:4d:39:f5:e9:96:fb:e9:6c:6a:6f:97:88:
30:9e:89:fa:72:0b:ad:65:36:12:30:05:cd:5e:5a:59:e0:89:
48:f6:18:46:6f:43:09:69:fc:50:e6:c4:7c:3a:8d:05:b4:7d:
19:5e:09:c5:ab:9e:cd:b2:4d:81:d4:d9:b0:f7:54:2e:77:d1:
42:c7:04:67:23:df:e0:f5:9e:01:c7:0a:bb:74:54:6c:92:a4:
59:03:3f:51:ad:dd:9d:08:76:f3:56:c1:6c:eb:a1:ca:f3:c7:
3e:e2:89:75:da:1c:a8:8e:31:4b:d0:fa:d7:e8:c6:b4:e0:37:
e3:3e:0e:27:52:40:9f:82:23:33:8a:79:b2:3e:66:48:fa:42:
a7:b6:a7:52:7a:4d:6e:2c:8a:9a:98:6c:0a:54:8a:a2:2f:4b:
39:fe:e9:ad:6b:89:d2:7f:21:a0:1f:2a:8a:5b:d1:32:c7:21:
d2:0f:ce:16:ac:b8:e9:ce:87:c2:27:90:7e:9d:fe:30:f3:d9:
81:d7:00:aa:0d:00:ea:53:4c:87:ff:0d:ae:a1:ae:32:f1:b6:
76:49:4a:fb:6c:53:c7:5e:ac:76:e3:49:98:d9:21:82:dd:b9:
36:6e:09:6e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY1ewY8nhZVPwQUql/x8lHj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzZmFkNzk1NDhhZmM1YzgzZTU5YmJmZTM4OGM2NDQ5MmNi
NTUwMTMwHhcNMjQwMTMxMDkwMjM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOGUxYzMzZDUxODRkMzM3ODY2OTZjYWVjOGFlY2VmNDZkZmMzYzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwLga/+rTPj1hHEo4UrrARM20CZG
YgVH6w6BQLERMaAz1Up31g/oLLnYft7zr74hOsz5wevYIoNdTJo/3ltPPaIzmili
S7iXKH/PjSllrulA36vU6Sec1OVu1Kjx1flc5ShGmRXvvgoTE6zsmQXSueIv38Eu
2VgPlFvDZbUNEuBM2Ru576/+/UD27mgFiTXJJHKs8Je2ord+bO82phHQspsNQprM
AmUHsOrxRs+LRr7jm8eXwYRV1ilug1fAYNpwBobEbrpNGtldcxbc+PYDMXoEGpJu
Y+HpyicBsfx9oKHoclJcGuK7zvHZpiSNglqL9XyOGmF+N0yNkGpA6t2uMQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPjhwz1RhNM3hmlsrsiuzvRt/DwgMB8GA1UdIwQY
MBaAFEP615VIr8XIPlm7/jiMZEkstVATMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUV9yWGxVaXZ4Y2ctV2J2LU9JeGtTU3kxVUJNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8yY2YyYzEtMTk2Mi00YjcwLTllNWIt
ZmU4NTVkYWJiNzVlLzEvMS1PSERQVkdFMHplR2FXeXV5SzdPOUczOFBDQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjgvMmNmMmMxLTE5NjItNGI3MC05ZTViLWZlODU1ZGFiYjc1
ZS8xL1FfclhsVWl2eGNnLVdidi1PSXhrU1N5MVVCTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB7znADAN
BgkqhkiG9w0BAQsFAAOCAQEAUg3copYPujtvxPEBaeSZMBA2xCOEWDE7TTn16Zb7
6Wxqb5eIMJ6J+nILrWU2EjAFzV5aWeCJSPYYRm9DCWn8UObEfDqNBbR9GV4Jxaue
zbJNgdTZsPdULnfRQscEZyPf4PWeAccKu3RUbJKkWQM/Ua3dnQh281bBbOuhyvPH
PuKJddocqI4xS9D61+jGtOA34z4OJ1JAn4IjM4p5sj5mSPpCp7anUnpNbiyKmphs
ClSKoi9LOf7prWuJ0n8hoB8qilvRMsch0g/OFqy46c6HwieQfp3+MPPZgdcAqg0A
6lNMh/8NrqGuMvG2dklK+2xTx16sduNJmNkhgt25Nm4Jbg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:47:02 2024 by rpki-client on console-ams.rpki-client.org