Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/OU0cv3nKYaib5bOSkCrAQimVRFE.roa
File: OU0cv3nKYaib5bOSkCrAQimVRFE.roa (raw, json)
Hash identifier: 2iK2z/J47JcslUPTE/dIloP0jrUlfqfwIkwUBn9rwi0=
Subject key identifier: 39:4D:1C:BF:79:CA:61:A8:9B:E5:B3:92:90:2A:C0:42:29:95:44:51
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018CC56EF20F9A2DDF02E3FC3CE19051C17F
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/OU0cv3nKYaib5bOSkCrAQimVRFE.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42878
IP address blocks: 109.160.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f2:0f:9a:2d:df:02:e3:fc:3c:e1:90:51:c1:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=394d1cbf79ca61a89be5b392902ac04229954451
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:58:1e:fe:98:20:d8:fb:e2:7b:a8:77:ae:4d:
bb:91:ce:c3:0d:1b:f4:9a:73:80:29:c4:19:e0:63:
a9:9e:61:43:4f:95:5d:0f:cc:cf:20:d3:5c:0d:bf:
06:eb:2d:bb:17:82:b4:84:7f:49:c8:c2:06:42:26:
71:9c:c4:e6:02:95:e0:77:fa:0a:87:75:2c:ec:9f:
70:1e:45:a1:61:f9:8a:c6:59:1a:e9:e9:7a:d2:70:
0b:ce:86:86:71:bf:45:30:c1:0c:ed:5d:54:f9:93:
71:b4:50:fa:87:b4:c5:fd:8a:13:0f:f6:e2:a6:d0:
be:f5:c1:0b:32:4a:bf:8c:6d:d3:17:2e:ce:bf:b9:
36:a6:72:b6:44:23:0e:55:87:8d:79:f3:ff:1b:1d:
ff:b6:ea:9f:1b:e1:8f:63:54:9c:10:0a:02:84:19:
f9:1c:bf:ac:ef:25:4d:cf:e5:19:8c:9d:82:1e:91:
09:4d:1e:23:c4:6f:56:fe:a4:c0:e0:e1:8f:ad:f2:
55:52:c1:59:66:a0:75:9d:f7:65:43:28:50:c9:bf:
46:c6:ac:aa:10:11:c8:92:76:c2:97:8e:1e:87:62:
36:71:10:04:a6:a6:3e:38:bb:20:c6:a2:fe:f0:ac:
08:17:6f:58:05:81:a3:80:bf:cf:bc:19:55:ea:d1:
d6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:4D:1C:BF:79:CA:61:A8:9B:E5:B3:92:90:2A:C0:42:29:95:44:51
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/OU0cv3nKYaib5bOSkCrAQimVRFE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.118.0/24
Signature Algorithm: sha256WithRSAEncryption
17:c0:d0:39:a9:07:a5:d3:2b:73:c9:39:2c:32:11:4e:84:d2:
58:85:ce:87:9c:26:03:1b:1a:19:d4:d6:cc:27:39:ad:0e:b4:
f4:ae:7d:9e:74:64:5c:2d:ae:85:01:bf:42:29:9e:fa:ed:62:
b4:06:24:66:cf:58:d5:53:bf:64:57:c2:08:be:6d:c7:51:23:
dc:8c:02:26:77:be:47:60:06:e4:f3:56:e7:65:a0:31:aa:df:
bb:b2:7f:c7:6e:dc:4b:f0:ce:31:ed:f7:a1:75:ad:d4:63:a7:
2d:eb:96:f9:3c:d9:bd:39:24:6a:8e:d1:ab:5a:13:be:19:06:
eb:64:63:13:be:80:22:9b:c4:46:53:2a:94:28:e3:37:f6:f4:
6b:2f:1c:04:ea:03:74:6c:5b:13:d5:95:70:f7:03:9a:6b:d0:
94:67:31:64:55:5b:eb:e0:7a:05:37:13:f7:10:20:7c:3d:a9:
3f:cd:53:0d:a7:93:b1:2c:4e:b5:dc:af:36:1c:bc:9e:fa:b0:
38:56:53:52:82:7c:11:96:e4:73:5e:92:52:98:0d:db:c5:62:
36:2b:f9:2c:d9:b1:b6:d3:e8:ba:50:c6:2d:5b:90:3e:02:b2:
7d:4e:9b:50:38:03:f8:1a:4c:d3:09:b6:d4:fc:29:c3:a6:db:
8f:df:17:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbvIPmi3fAuP8POGQUcF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTRkMWNiZjc5Y2E2MWE4OWJlNWIzOTI5MDJhYzA0MjI5OTU0NDUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVge/pgg2Pvie6h3rk27kc7DDRv0
mnOAKcQZ4GOpnmFDT5VdD8zPINNcDb8G6y27F4K0hH9JyMIGQiZxnMTmApXgd/oK
h3Us7J9wHkWhYfmKxlka6el60nALzoaGcb9FMMEM7V1U+ZNxtFD6h7TF/YoTD/bi
ptC+9cELMkq/jG3TFy7Ov7k2pnK2RCMOVYeNefP/Gx3/tuqfG+GPY1ScEAoChBn5
HL+s7yVNz+UZjJ2CHpEJTR4jxG9W/qTA4OGPrfJVUsFZZqB1nfdlQyhQyb9Gxqyq
EBHIknbCl44eh2I2cRAEpqY+OLsgxqL+8KwIF29YBYGjgL/PvBlV6tHWTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDlNHL95ymGom+WzkpAqwEIplURRMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvT1UwY3YzbktZYWliNWJPU2tDckFRaW1WUkZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbaB2MA0G
CSqGSIb3DQEBCwUAA4IBAQAXwNA5qQel0ytzyTksMhFOhNJYhc6HnCYDGxoZ1NbM
JzmtDrT0rn2edGRcLa6FAb9CKZ767WK0BiRmz1jVU79kV8IIvm3HUSPcjAImd75H
YAbk81bnZaAxqt+7sn/HbtxL8M4x7fehda3UY6ct65b5PNm9OSRqjtGrWhO+GQbr
ZGMTvoAim8RGUyqUKOM39vRrLxwE6gN0bFsT1ZVw9wOaa9CUZzFkVVvr4HoFNxP3
ECB8Pak/zVMNp5OxLE613K82HLye+rA4VlNSgnwRluRzXpJSmA3bxWI2K/ks2bG2
0+i6UMYtW5A+ArJ9TptQOAP4GkzTCbbU/CnDptuP3xft
-----END CERTIFICATE-----
Generated at Tue Apr 30 14:52:04 2024 by rpki-client on console-fra.rpki-client.org