Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/9dc08c-e1b6-4259-a5db-d55e38868a52/1/OkTUkUEFNiJ4xQbU56ZmChaaDa8.roa
File: OkTUkUEFNiJ4xQbU56ZmChaaDa8.roa (raw, json)
Hash identifier: NzHbowZ86J8Z0PfFRnrKoSPa6IDjzcyB6zOv6Z0pNiE=
Subject key identifier: 3A:44:D4:91:41:05:36:22:78:C5:06:D4:E7:A6:66:0A:16:9A:0D:AF
Certificate issuer: /CN=29774467cc9f1ed9d957b83aa17a090b1df76946
Certificate serial: 018CC64B038C1ABE66FC8A4473ACFE02B422
Authority key identifier: 29:77:44:67:CC:9F:1E:D9:D9:57:B8:3A:A1:7A:09:0B:1D:F7:69:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXdEZ8yfHtnZV7g6oXoJCx33aUY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/9dc08c-e1b6-4259-a5db-d55e38868a52/1/OkTUkUEFNiJ4xQbU56ZmChaaDa8.roa
Signing time: Mon 01 Jan 2024 18:30:54 +0000
ROA not before: Mon 01 Jan 2024 18:30:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201806
IP address blocks: 185.60.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/9dc08c-e1b6-4259-a5db-d55e38868a52/1/KXdEZ8yfHtnZV7g6oXoJCx33aUY.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/9dc08c-e1b6-4259-a5db-d55e38868a52/1/KXdEZ8yfHtnZV7g6oXoJCx33aUY.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXdEZ8yfHtnZV7g6oXoJCx33aUY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:03:8c:1a:be:66:fc:8a:44:73:ac:fe:02:b4:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29774467cc9f1ed9d957b83aa17a090b1df76946
Validity
Not Before: Jan 1 18:30:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a44d4914105362278c506d4e7a6660a169a0daf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2c:a7:86:f4:83:fe:a2:79:3b:ac:8a:e8:dc:
de:8b:1f:d1:90:aa:15:62:d6:93:59:f3:a4:23:37:
a1:a6:81:93:2a:00:ef:ea:f9:2c:b2:e4:2c:c0:d2:
4e:72:07:af:a9:d7:0c:b1:9a:0b:41:71:0d:1f:aa:
20:ae:81:de:49:54:dc:15:00:df:ed:72:fe:06:dd:
04:7b:5a:10:a0:dc:3a:23:f3:1f:dc:26:0e:b7:57:
df:0c:b1:56:eb:ae:ea:4b:a1:93:60:0d:6a:90:33:
e9:c3:ac:eb:18:4e:2d:8a:41:e5:b0:1c:23:6a:cd:
b4:91:af:f2:14:fd:ab:2a:cf:74:ce:45:18:39:ad:
da:85:5d:08:9c:8f:08:e2:17:06:68:c6:c3:13:2f:
03:34:09:77:ef:ac:d7:c2:b1:d9:8b:e4:e9:17:aa:
48:a5:1d:7b:c1:5c:0a:08:eb:a3:9c:7b:6e:75:05:
e2:f8:2d:f7:26:cf:85:e3:f8:d0:89:71:fa:8b:13:
dc:0f:d0:ef:8b:37:34:b0:fa:2c:83:95:fb:c5:92:
96:a3:a9:82:b9:d4:2f:99:0a:d6:ca:24:31:c4:2f:
a7:05:52:4a:5f:c5:85:a0:f7:20:a5:72:91:ea:d5:
0b:56:30:96:b3:0b:be:95:5d:c3:0f:23:d3:69:2f:
78:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:44:D4:91:41:05:36:22:78:C5:06:D4:E7:A6:66:0A:16:9A:0D:AF
X509v3 Authority Key Identifier:
keyid:29:77:44:67:CC:9F:1E:D9:D9:57:B8:3A:A1:7A:09:0B:1D:F7:69:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXdEZ8yfHtnZV7g6oXoJCx33aUY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/9dc08c-e1b6-4259-a5db-d55e38868a52/1/OkTUkUEFNiJ4xQbU56ZmChaaDa8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/9dc08c-e1b6-4259-a5db-d55e38868a52/1/KXdEZ8yfHtnZV7g6oXoJCx33aUY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.60.140.0/22
Signature Algorithm: sha256WithRSAEncryption
50:ac:0b:b3:d0:16:32:92:ff:0b:c1:8a:34:26:8e:5a:b6:20:
70:87:f8:c3:91:b5:38:91:c9:c7:e1:c2:6a:5a:c3:dd:6a:ae:
bc:70:30:49:59:a3:00:f6:48:8c:57:24:ca:49:1a:bf:b5:aa:
1e:a7:b0:c5:21:88:29:b1:45:e8:e8:8a:62:37:d9:85:43:b2:
28:aa:e5:38:ae:f8:a4:38:35:20:92:58:13:90:38:29:03:69:
a7:ef:61:02:84:47:e6:c1:0a:36:f6:7d:b0:ef:a7:e3:0d:74:
fd:d8:68:5f:c0:a8:0e:3b:55:2f:2d:f5:05:50:7e:7e:9f:c6:
05:62:2b:f6:b2:df:f8:63:90:79:6c:3b:f3:5c:b6:07:3f:80:
f8:d3:ee:e6:30:97:64:53:ff:79:f7:8b:f9:c4:2d:b2:56:f2:
f7:08:8b:71:f4:e4:52:c8:88:aa:18:53:ac:97:cb:ec:df:d9:
c2:cd:40:16:34:3d:6d:37:51:5d:2b:fa:37:3e:be:9c:c3:ac:
74:41:16:e7:11:39:d8:aa:b3:76:df:67:5e:07:8f:6b:77:66:
99:a9:07:ba:ce:23:38:24:09:09:33:f7:49:9c:83:68:aa:46:
df:d7:53:16:9a:9b:4d:05:06:1e:52:de:1f:ec:b3:39:3a:83:
b1:86:42:5d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGSwOMGr5m/IpEc6z+ArQiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5Nzc0NDY3Y2M5ZjFlZDlkOTU3YjgzYWExN2EwOTBiMWRm
NzY5NDYwHhcNMjQwMTAxMTgzMDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTQ0ZDQ5MTQxMDUzNjIyNzhjNTA2ZDRlN2E2NjYwYTE2OWEwZGFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlSynhvSD/qJ5O6yK6Nzeix/RkKoV
YtaTWfOkIzehpoGTKgDv6vkssuQswNJOcgevqdcMsZoLQXENH6ogroHeSVTcFQDf
7XL+Bt0Ee1oQoNw6I/Mf3CYOt1ffDLFW667qS6GTYA1qkDPpw6zrGE4tikHlsBwj
as20ka/yFP2rKs90zkUYOa3ahV0InI8I4hcGaMbDEy8DNAl376zXwrHZi+TpF6pI
pR17wVwKCOujnHtudQXi+C33Js+F4/jQiXH6ixPcD9Dvizc0sPosg5X7xZKWo6mC
udQvmQrWyiQxxC+nBVJKX8WFoPcgpXKR6tULVjCWswu+lV3DDyPTaS947QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDpE1JFBBTYieMUG1OemZgoWmg2vMB8GA1UdIwQY
MBaAFCl3RGfMnx7Z2Ve4OqF6CQsd92lGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1hkRVo4eWZIdG5aVjdnNm9Yb0pDeDMzYVVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC85ZGMwOGMtZTFiNi00MjU5LWE1ZGIt
ZDU1ZTM4ODY4YTUyLzEvT2tUVWtVRUZOaUo0eFFiVTU2Wm1DaGFhRGE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC85ZGMwOGMtZTFiNi00MjU5LWE1ZGItZDU1ZTM4ODY4YTUy
LzEvS1hkRVo4eWZIdG5aVjdnNm9Yb0pDeDMzYVVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuTyMMA0G
CSqGSIb3DQEBCwUAA4IBAQBQrAuz0BYykv8LwYo0Jo5atiBwh/jDkbU4kcnH4cJq
WsPdaq68cDBJWaMA9kiMVyTKSRq/taoep7DFIYgpsUXo6IpiN9mFQ7IoquU4rvik
ODUgklgTkDgpA2mn72EChEfmwQo29n2w76fjDXT92GhfwKgOO1UvLfUFUH5+n8YF
Yiv2st/4Y5B5bDvzXLYHP4D40+7mMJdkU/9594v5xC2yVvL3CItx9ORSyIiqGFOs
l8vs39nCzUAWND1tN1FdK/o3Pr6cw6x0QRbnETnYqrN232deB49rd2aZqQe6ziM4
JAkJM/dJnINoqkbf11MWmptNBQYeUt4f7LM5OoOxhkJd
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:01:17 2024 by rpki-client on console-ams.rpki-client.org