Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/0qmydcipVxomPikDDufc8IGOF9I.roa
File: 0qmydcipVxomPikDDufc8IGOF9I.roa (raw, json)
Hash identifier: wFYsoDBWJXYh5OMXlOu6PVQ4kMIsSu5NM0DIBYie+Is=
Subject key identifier: D2:A9:B2:75:C8:A9:57:1A:26:3E:29:03:0E:E7:DC:F0:81:8E:17:D2
Certificate issuer: /CN=ed95533ef47fd94b8c554df3d228eedcd4ca0384
Certificate serial: 018CC7934FF9AAA79F43AD7EE53CCDD96C74
Authority key identifier: ED:95:53:3E:F4:7F:D9:4B:8C:55:4D:F3:D2:28:EE:DC:D4:CA:03:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/0qmydcipVxomPikDDufc8IGOF9I.roa
Signing time: Tue 02 Jan 2024 00:29:29 +0000
ROA not before: Tue 02 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 193.17.185.0/24 maxlen: 24
193.17.186.0/24 maxlen: 24
195.234.152.0/24 maxlen: 24
2001:67c:1514::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:4f:f9:aa:a7:9f:43:ad:7e:e5:3c:cd:d9:6c:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ed95533ef47fd94b8c554df3d228eedcd4ca0384
Validity
Not Before: Jan 2 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d2a9b275c8a9571a263e29030ee7dcf0818e17d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:93:e3:bf:ce:ea:0e:19:98:a3:95:2e:09:bf:
28:21:91:ca:b2:8c:77:39:69:9a:d3:51:dc:1f:20:
77:c6:9a:85:f4:47:6f:c3:79:c7:84:af:a2:f4:e7:
fe:19:82:b1:cd:7e:b2:00:7d:c2:89:ca:14:dc:e9:
51:a8:74:30:b9:80:f4:98:93:1b:2e:5b:b5:b2:32:
eb:91:50:84:31:bb:cb:77:ec:9d:ef:86:0f:a0:dd:
ca:d3:b6:cd:29:56:c7:29:4d:ad:35:ef:b4:a3:1d:
18:c5:fe:cc:72:3f:81:9c:fc:50:f7:01:77:da:df:
3c:9f:82:d9:9e:1c:ba:7c:a5:80:66:a7:6a:36:0f:
72:ab:b8:7c:18:c8:9c:c3:95:c7:f5:e7:ee:82:7b:
fe:33:fe:de:58:52:a5:7e:71:21:e1:03:33:bb:92:
5e:36:bc:9b:14:53:f9:4a:5f:ad:97:d7:51:6f:70:
0a:72:0a:03:0f:ce:8b:4c:c0:60:a0:0b:f8:b7:3f:
de:6f:5e:b4:97:b3:05:60:d9:41:fa:17:6b:bf:3b:
1e:9c:fb:15:97:d6:46:b9:aa:fa:55:f7:65:df:30:
29:e8:cf:39:f1:1f:24:7a:64:06:02:31:9d:08:85:
fe:e1:1f:06:3e:be:b4:95:68:d3:7e:67:37:2e:85:
7c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:A9:B2:75:C8:A9:57:1A:26:3E:29:03:0E:E7:DC:F0:81:8E:17:D2
X509v3 Authority Key Identifier:
keyid:ED:95:53:3E:F4:7F:D9:4B:8C:55:4D:F3:D2:28:EE:DC:D4:CA:03:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/0qmydcipVxomPikDDufc8IGOF9I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/7a0423-9a95-42c1-81e5-14da79d6c3aa/1/7ZVTPvR_2UuMVU3z0iju3NTKA4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.185.0-193.17.186.255
195.234.152.0/24
IPv6:
2001:67c:1514::/48
Signature Algorithm: sha256WithRSAEncryption
94:bf:f6:a3:88:02:cb:49:44:1e:52:d8:a5:50:af:e2:47:b5:
cf:88:c3:ae:52:af:d5:3f:0a:f5:c0:54:ec:57:37:87:fb:25:
3f:17:ce:b8:e4:8d:fe:11:a7:f9:61:ec:52:83:25:0d:53:b9:
40:74:49:ca:08:cf:72:9e:00:40:6c:7e:1a:59:e9:14:03:1e:
5a:10:f2:91:d1:b5:17:94:4a:08:fb:6e:57:da:72:9e:d4:d6:
f2:31:56:8d:24:3c:76:0e:31:85:a0:c0:57:f9:c5:3b:c9:e1:
60:ec:f3:68:40:74:2a:e4:d0:0f:56:ca:80:df:d1:01:54:ad:
4e:46:f1:60:86:98:72:51:a0:36:a4:94:61:58:b9:d5:c2:57:
d8:3d:6d:2f:0f:6c:1a:b1:de:fe:d3:f4:7b:87:30:05:9d:eb:
36:9d:f3:91:8e:e6:ae:ad:7e:56:91:43:9f:16:33:6c:81:f8:
f9:50:cd:ee:30:c4:35:59:3f:64:c2:6b:a3:83:47:c9:70:6f:
1b:3b:59:df:bb:29:3d:cd:1f:db:62:95:d3:11:ff:b2:81:10:
d0:7c:dd:36:55:fe:8d:df:6e:7e:2a:85:a0:63:b8:80:ad:62:
b7:18:46:b6:86:75:53:aa:bb:47:2b:1c:64:f6:55:b3:9b:ea:
a2:04:e3:12
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzHk0/5qqefQ61+5TzN2Wx0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkOTU1MzNlZjQ3ZmQ5NGI4YzU1NGRmM2QyMjhlZWRjZDRj
YTAzODQwHhcNMjQwMTAyMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmE5YjI3NWM4YTk1NzFhMjYzZTI5MDMwZWU3ZGNmMDgxOGUxN2QyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZPjv87qDhmYo5UuCb8oIZHKsox3
OWma01HcHyB3xpqF9Edvw3nHhK+i9Of+GYKxzX6yAH3CicoU3OlRqHQwuYD0mJMb
Llu1sjLrkVCEMbvLd+yd74YPoN3K07bNKVbHKU2tNe+0ox0Yxf7Mcj+BnPxQ9wF3
2t88n4LZnhy6fKWAZqdqNg9yq7h8GMicw5XH9efugnv+M/7eWFKlfnEh4QMzu5Je
NrybFFP5Sl+tl9dRb3AKcgoDD86LTMBgoAv4tz/eb160l7MFYNlB+hdrvzsenPsV
l9ZGuar6Vfdl3zAp6M858R8kemQGAjGdCIX+4R8GPr60lWjTfmc3LoV8owIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFNKpsnXIqVcaJj4pAw7n3PCBjhfSMB8GA1UdIwQY
MBaAFO2VUz70f9lLjFVN89Io7tzUygOEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1pWVFB2Ul8yVXVNVlUzejBpanUzTlRLQTRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC83YTA0MjMtOWE5NS00MmMxLTgxZTUt
MTRkYTc5ZDZjM2FhLzEvMHFteWRjaXBWeG9tUGlrRER1ZmM4SUdPRjlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC83YTA0MjMtOWE5NS00MmMxLTgxZTUtMTRkYTc5ZDZjM2Fh
LzEvN1pWVFB2Ul8yVXVNVlUzejBpanUzTlRLQTRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBADBEbkD
BADBEboDBADD6pgwDwQCAAIwCQMHACABBnwVFDANBgkqhkiG9w0BAQsFAAOCAQEA
lL/2o4gCy0lEHlLYpVCv4ke1z4jDrlKv1T8K9cBU7Fc3h/slPxfOuOSN/hGn+WHs
UoMlDVO5QHRJygjPcp4AQGx+GlnpFAMeWhDykdG1F5RKCPtuV9pyntTW8jFWjSQ8
dg4xhaDAV/nFO8nhYOzzaEB0KuTQD1bKgN/RAVStTkbxYIaYclGgNqSUYVi51cJX
2D1tLw9sGrHe/tP0e4cwBZ3rNp3zkY7mrq1+VpFDnxYzbIH4+VDN7jDENVk/ZMJr
o4NHyXBvGztZ37spPc0f22KV0xH/soEQ0HzdNlX+jd9ufiqFoGO4gK1itxhGtoZ1
U6q7RyscZPZVs5vqogTjEg==
-----END CERTIFICATE-----
Generated at Sat May 4 11:26:07 2024 by rpki-client on console-fra.rpki-client.org