Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/e63950-76e8-4f2b-8731-fb4fd07e26a0/1/OYKPc_lev13m7c0K2xIt_bDXYyc.roa
File: OYKPc_lev13m7c0K2xIt_bDXYyc.roa (raw, json)
Hash identifier: aob3cQrPcgwzLrRp5snLH1nqMq2xsJ/zTqFGEt5DzxA=
Subject key identifier: 39:82:8F:73:F9:5E:BF:5D:E6:ED:CD:0A:DB:12:2D:FD:B0:D7:63:27
Certificate issuer: /CN=f03ed4fedf56d0b02b172c8f89ec376510cd3174
Certificate serial: 01921DE214D8A9828794BF7440636846B571
Authority key identifier: F0:3E:D4:FE:DF:56:D0:B0:2B:17:2C:8F:89:EC:37:65:10:CD:31:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8D7U_t9W0LArFyyPiew3ZRDNMXQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/e63950-76e8-4f2b-8731-fb4fd07e26a0/1/OYKPc_lev13m7c0K2xIt_bDXYyc.roa
Signing time: Mon 23 Sep 2024 07:56:48 +0000
ROA not before: Mon 23 Sep 2024 07:56:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2119
IP address blocks: 2a14:34c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/e63950-76e8-4f2b-8731-fb4fd07e26a0/1/8D7U_t9W0LArFyyPiew3ZRDNMXQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/e63950-76e8-4f2b-8731-fb4fd07e26a0/1/8D7U_t9W0LArFyyPiew3ZRDNMXQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/8D7U_t9W0LArFyyPiew3ZRDNMXQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Nov 2024 07:00:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1d:e2:14:d8:a9:82:87:94:bf:74:40:63:68:46:b5:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f03ed4fedf56d0b02b172c8f89ec376510cd3174
Validity
Not Before: Sep 23 07:56:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39828f73f95ebf5de6edcd0adb122dfdb0d76327
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f9:57:f0:2e:e0:d8:e5:80:34:02:45:67:c4:
80:72:4f:2e:00:29:68:64:df:84:15:fb:ae:5a:ea:
a0:b9:5c:98:99:90:25:22:9c:07:51:9c:92:0d:a2:
e2:3e:60:d3:ed:83:9d:59:ca:db:e7:6f:c6:0d:a2:
54:af:47:35:30:e2:ee:d0:21:a5:db:da:b6:2b:a9:
8f:3f:af:9c:ea:cc:5f:ed:06:7c:13:59:04:bb:c9:
4d:fc:b5:4d:e6:a1:44:61:8a:1e:e7:44:96:8d:a0:
c9:cb:ea:5c:77:82:9f:2c:79:5d:de:a1:54:56:1b:
9a:c0:4d:62:8b:7c:09:ea:54:34:41:71:6c:35:89:
15:a1:cf:00:d7:7e:ce:84:bf:b1:6c:4e:63:85:f5:
88:4e:03:79:d6:26:69:8a:6f:86:f9:2d:45:cf:75:
18:f6:c9:98:1f:31:09:78:d6:4f:c1:21:ca:30:65:
91:0b:10:4b:90:7f:1e:26:76:53:46:c5:84:1b:88:
29:f5:32:bb:c4:25:83:74:a0:ce:23:ce:de:0a:ca:
35:3c:81:6d:2c:21:e6:99:1d:67:36:f5:f2:49:58:
ee:ec:65:aa:8f:df:ab:84:00:56:cd:b9:ac:ca:60:
3e:03:71:21:69:df:60:b8:03:3c:0d:62:6d:97:bb:
4e:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:82:8F:73:F9:5E:BF:5D:E6:ED:CD:0A:DB:12:2D:FD:B0:D7:63:27
X509v3 Authority Key Identifier:
keyid:F0:3E:D4:FE:DF:56:D0:B0:2B:17:2C:8F:89:EC:37:65:10:CD:31:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8D7U_t9W0LArFyyPiew3ZRDNMXQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e63950-76e8-4f2b-8731-fb4fd07e26a0/1/OYKPc_lev13m7c0K2xIt_bDXYyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/e63950-76e8-4f2b-8731-fb4fd07e26a0/1/8D7U_t9W0LArFyyPiew3ZRDNMXQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a14:34c0::/29
Signature Algorithm: sha256WithRSAEncryption
25:63:61:83:8e:da:93:f1:f7:83:dc:b6:a9:0c:02:9b:cf:cf:
52:db:8a:c0:05:f3:02:f6:4d:37:d5:34:b5:27:36:e4:e2:fd:
7b:43:95:06:47:e1:50:0f:c4:f4:f9:75:a4:15:c8:a1:97:61:
bb:a4:11:7c:6e:0a:e7:e7:bb:4b:1d:40:0b:a1:18:40:56:a4:
d9:05:92:02:3e:7b:ed:2c:51:9a:cd:a6:b8:f5:4e:2d:ec:cc:
62:f9:06:fe:7e:e8:83:5d:d0:84:7a:fb:bb:26:31:1f:60:0d:
96:af:c1:ab:9c:b3:ec:af:9d:09:0e:db:7b:2f:2e:24:57:bb:
88:dc:df:55:c9:e9:6c:47:1e:0e:fb:80:65:6b:73:51:9a:5c:
f0:b1:f6:c9:95:1b:9d:4c:6e:b2:50:e7:c1:64:68:0d:f0:76:
96:98:12:e0:be:5a:26:63:0e:88:bf:3d:d1:1f:44:52:2e:8a:
1f:2b:e8:87:35:dd:bb:26:01:57:52:3b:8c:9e:eb:92:ca:ec:
51:11:a3:de:eb:18:25:b4:ce:2d:e7:66:2b:a6:ae:62:7b:df:
94:00:7c:16:7e:33:ac:94:8d:00:1a:ca:06:6e:b7:1d:64:19:
32:bc:5a:19:9e:f4:c5:27:ed:c8:8a:fb:93:13:83:19:ec:ec:
43:3c:d9:4b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZId4hTYqYKHlL90QGNoRrVxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwM2VkNGZlZGY1NmQwYjAyYjE3MmM4Zjg5ZWMzNzY1MTBj
ZDMxNzQwHhcNMjQwOTIzMDc1NjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTgyOGY3M2Y5NWViZjVkZTZlZGNkMGFkYjEyMmRmZGIwZDc2MzI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqflX8C7g2OWANAJFZ8SAck8uAClo
ZN+EFfuuWuqguVyYmZAlIpwHUZySDaLiPmDT7YOdWcrb52/GDaJUr0c1MOLu0CGl
29q2K6mPP6+c6sxf7QZ8E1kEu8lN/LVN5qFEYYoe50SWjaDJy+pcd4KfLHld3qFU
VhuawE1ii3wJ6lQ0QXFsNYkVoc8A137OhL+xbE5jhfWITgN51iZpim+G+S1Fz3UY
9smYHzEJeNZPwSHKMGWRCxBLkH8eJnZTRsWEG4gp9TK7xCWDdKDOI87eCso1PIFt
LCHmmR1nNvXySVju7GWqj9+rhABWzbmsymA+A3Ehad9guAM8DWJtl7tO0QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFDmCj3P5Xr9d5u3NCtsSLf2w12MnMB8GA1UdIwQY
MBaAFPA+1P7fVtCwKxcsj4nsN2UQzTF0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEQ3VV90OVcwTEFyRnl5UGlldzNaUkROTVhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9lNjM5NTAtNzZlOC00ZjJiLTg3MzEt
ZmI0ZmQwN2UyNmEwLzEvT1lLUGNfbGV2MTNtN2MwSzJ4SXRfYkRYWXljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9lNjM5NTAtNzZlOC00ZjJiLTg3MzEtZmI0ZmQwN2UyNmEw
LzEvOEQ3VV90OVcwTEFyRnl5UGlldzNaUkROTVhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhQ0wDAN
BgkqhkiG9w0BAQsFAAOCAQEAJWNhg47ak/H3g9y2qQwCm8/PUtuKwAXzAvZNN9U0
tSc25OL9e0OVBkfhUA/E9Pl1pBXIoZdhu6QRfG4K5+e7Sx1AC6EYQFak2QWSAj57
7SxRms2muPVOLezMYvkG/n7og13QhHr7uyYxH2ANlq/Bq5yz7K+dCQ7bey8uJFe7
iNzfVcnpbEceDvuAZWtzUZpc8LH2yZUbnUxuslDnwWRoDfB2lpgS4L5aJmMOiL89
0R9EUi6KHyvohzXduyYBV1I7jJ7rksrsURGj3usYJbTOLedmK6auYnvflAB8Fn4z
rJSNABrKBm63HWQZMrxaGZ70xSftyIr7kxODGezsQzzZSw==
-----END CERTIFICATE-----
Generated at Mon Nov 4 17:30:19 2024 by rpki-client on console-ams.rpki-client.org