Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/okhGoThPuyXKLGifvs4QTJdatNU.roa
File: okhGoThPuyXKLGifvs4QTJdatNU.roa (raw, json)
Hash identifier: K6vXGOgIrqKBSojubQEXgfQcqjt+UY53TgEHVoRYHYc=
Subject key identifier: A2:48:46:A1:38:4F:BB:25:CA:2C:68:9F:BE:CE:10:4C:97:5A:B4:D5
Certificate issuer: /CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Certificate serial: 019159236D4A9D5555B9D44818B83F99B232
Authority key identifier: DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/okhGoThPuyXKLGifvs4QTJdatNU.roa
Signing time: Fri 16 Aug 2024 03:02:59 +0000
ROA not before: Fri 16 Aug 2024 03:02:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8100
IP address blocks: 31.220.14.0/24 maxlen: 24
45.12.52.0/23 maxlen: 23
45.12.91.0/24 maxlen: 24
185.238.249.0/24 maxlen: 24
185.238.251.0/24 maxlen: 24
193.9.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:59:23:6d:4a:9d:55:55:b9:d4:48:18:b8:3f:99:b2:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3fdc4bf33bd80fe128d756843f60b39d5beee3
Validity
Not Before: Aug 16 03:02:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a24846a1384fbb25ca2c689fbece104c975ab4d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:58:25:9e:b7:58:95:22:f0:7d:e6:36:02:dd:
70:3c:1e:49:68:f9:8c:11:0c:92:8e:18:dd:9e:d3:
73:3a:bc:52:82:6b:33:f8:88:23:87:84:be:92:bd:
f0:66:be:97:ac:7d:f8:51:9b:f7:41:c9:7d:f1:24:
98:b8:2a:f7:25:28:5a:a5:72:66:6b:22:32:21:45:
a7:26:e9:95:6e:7c:39:2e:91:d5:75:69:0e:e2:f3:
61:e0:8c:3d:e8:4a:3f:6b:4b:70:36:24:c4:80:c2:
fe:db:16:1c:2d:16:aa:a6:51:24:ba:08:c2:41:32:
0e:64:06:7c:06:eb:1d:66:64:9e:ce:0e:3a:14:48:
be:9d:c4:fe:37:d8:85:7d:81:21:93:10:fb:12:cb:
a1:4a:67:ba:6c:01:ec:59:e0:e9:05:33:57:67:dc:
05:31:ed:a6:0a:3a:6d:0f:97:09:49:01:71:b1:8b:
d9:71:a7:76:2a:bf:9d:6e:07:52:2a:61:f7:f8:95:
72:8f:ee:f8:41:3d:f7:40:86:e0:67:d4:a9:95:09:
cf:06:ae:36:a3:cf:01:12:2c:5a:80:b9:9a:af:4f:
0d:37:24:ba:53:30:01:99:8d:fd:63:dc:08:54:8a:
94:42:2a:de:86:03:fe:a6:44:75:ec:d8:b0:b5:64:
fa:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:48:46:A1:38:4F:BB:25:CA:2C:68:9F:BE:CE:10:4C:97:5A:B4:D5
X509v3 Authority Key Identifier:
keyid:DF:3F:DC:4B:F3:3B:D8:0F:E1:28:D7:56:84:3F:60:B3:9D:5B:EE:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3z_cS_M72A_hKNdWhD9gs51b7uM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/okhGoThPuyXKLGifvs4QTJdatNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/325cd3-7edb-4026-8583-a473ec5410c3/1/3z_cS_M72A_hKNdWhD9gs51b7uM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.220.14.0/24
45.12.52.0/23
45.12.91.0/24
185.238.249.0/24
185.238.251.0/24
193.9.45.0/24
Signature Algorithm: sha256WithRSAEncryption
38:d2:18:48:1c:03:1f:62:2f:2a:2e:bd:b1:a1:ee:bb:a2:4b:
75:c9:9e:b1:21:de:39:7f:c7:9e:2a:a7:41:6c:7c:55:7d:cd:
55:7e:5c:97:5a:b0:02:41:de:62:f2:9f:09:4a:30:13:66:11:
f4:f4:83:b8:d5:d4:76:bb:af:b6:58:e9:61:b6:6b:fe:63:c9:
f1:5d:8e:1a:c2:fb:9a:e3:39:dd:c3:bf:5d:bc:9c:39:62:ec:
ef:38:20:e9:78:13:1b:e2:1d:eb:06:a3:c7:7b:44:b4:2d:ad:
ef:8e:72:9d:d6:fa:5b:4e:1d:44:98:0e:af:a1:0d:8a:7b:6a:
c8:7e:2d:7c:f2:5f:25:17:77:fd:0c:07:f5:53:5f:33:9e:48:
ef:ee:bc:6c:bb:7d:52:78:29:ec:7d:1b:90:60:95:76:23:4b:
01:ff:26:61:54:99:1a:91:14:52:07:0c:06:73:28:b9:cf:50:
a3:d4:4c:1e:dc:a6:73:93:7e:86:51:4e:ff:32:b4:15:a7:52:
0d:84:02:7d:92:83:32:2d:7a:cc:e2:ff:46:9f:ef:98:23:c1:
06:27:36:02:99:1f:65:7d:d0:46:6f:2d:68:16:f0:e5:b2:1f:
32:06:12:7d:a6:0b:28:64:76:cf:71:6c:be:82:a3:0d:79:70:
03:61:75:46
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZFZI21KnVVVudRIGLg/mbIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2ZkYzRiZjMzYmQ4MGZlMTI4ZDc1Njg0M2Y2MGIzOWQ1
YmVlZTMwHhcNMjQwODE2MDMwMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjQ4NDZhMTM4NGZiYjI1Y2EyYzY4OWZiZWNlMTA0Yzk3NWFiNGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwFglnrdYlSLwfeY2At1wPB5JaPmM
EQySjhjdntNzOrxSgmsz+Igjh4S+kr3wZr6XrH34UZv3Qcl98SSYuCr3JShapXJm
ayIyIUWnJumVbnw5LpHVdWkO4vNh4Iw96Eo/a0twNiTEgML+2xYcLRaqplEkugjC
QTIOZAZ8BusdZmSezg46FEi+ncT+N9iFfYEhkxD7EsuhSme6bAHsWeDpBTNXZ9wF
Me2mCjptD5cJSQFxsYvZcad2Kr+dbgdSKmH3+JVyj+74QT33QIbgZ9SplQnPBq42
o88BEixagLmar08NNyS6UzABmY39Y9wIVIqUQirehgP+pkR17NiwtWT6fwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFKJIRqE4T7slyixon77OEEyXWrTVMB8GA1UdIwQY
MBaAFN8/3EvzO9gP4SjXVoQ/YLOdW+7jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMt
YTQ3M2VjNTQxMGMzLzEvb2toR29UaFB1eVhLTEdpZnZzNFFUSmRhdE5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi8zMjVjZDMtN2VkYi00MDI2LTg1ODMtYTQ3M2VjNTQxMGMz
LzEvM3pfY1NfTTcyQV9oS05kV2hEOWdzNTFiN3VNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAH9wOAwQB
LQw0AwQALQxbAwQAue75AwQAue77AwQAwQktMA0GCSqGSIb3DQEBCwUAA4IBAQA4
0hhIHAMfYi8qLr2xoe67okt1yZ6xId45f8eeKqdBbHxVfc1VflyXWrACQd5i8p8J
SjATZhH09IO41dR2u6+2WOlhtmv+Y8nxXY4awvua4zndw79dvJw5YuzvOCDpeBMb
4h3rBqPHe0S0La3vjnKd1vpbTh1EmA6voQ2Ke2rIfi188l8lF3f9DAf1U18znkjv
7rxsu31SeCnsfRuQYJV2I0sB/yZhVJkakRRSBwwGcyi5z1Cj1Ewe3KZzk36GUU7/
MrQVp1INhAJ9koMyLXrM4v9Gn++YI8EGJzYCmR9lfdBGby1oFvDlsh8yBhJ9pgso
ZHbPcWy+gqMNeXADYXVG
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:35:29 2024 by rpki-client on console-ams.rpki-client.org