Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/acd0e2-3712-4ccc-872d-e0d9883e0fcc/1/O6dVM41jwEqSPKRr_0SQxKFdewk.roa
File: O6dVM41jwEqSPKRr_0SQxKFdewk.roa (raw, json)
Hash identifier: K3Nkn6e169cXrCSQbjs8m8AnUUsEejBqhQ4xDYUqaGI=
Subject key identifier: 3B:A7:55:33:8D:63:C0:4A:92:3C:A4:6B:FF:44:90:C4:A1:5D:7B:09
Certificate issuer: /CN=5a48b5dfc0142a68c30bdaac550603e9e45d108a
Certificate serial: 018CCA2A82C12F924DC4543DE7027961A636
Authority key identifier: 5A:48:B5:DF:C0:14:2A:68:C3:0B:DA:AC:55:06:03:E9:E4:5D:10:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wki138AUKmjDC9qsVQYD6eRdEIo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/acd0e2-3712-4ccc-872d-e0d9883e0fcc/1/O6dVM41jwEqSPKRr_0SQxKFdewk.roa
Signing time: Tue 02 Jan 2024 12:33:52 +0000
ROA not before: Tue 02 Jan 2024 12:33:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44019
IP address blocks: 193.238.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/acd0e2-3712-4ccc-872d-e0d9883e0fcc/1/Wki138AUKmjDC9qsVQYD6eRdEIo.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/acd0e2-3712-4ccc-872d-e0d9883e0fcc/1/Wki138AUKmjDC9qsVQYD6eRdEIo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wki138AUKmjDC9qsVQYD6eRdEIo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 01 Jul 2024 04:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:82:c1:2f:92:4d:c4:54:3d:e7:02:79:61:a6:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a48b5dfc0142a68c30bdaac550603e9e45d108a
Validity
Not Before: Jan 2 12:33:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ba755338d63c04a923ca46bff4490c4a15d7b09
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:7b:8e:9d:33:46:82:a9:7a:f2:37:75:25:5e:
47:f1:6c:0d:fe:9f:62:56:a2:a9:10:72:89:0d:2f:
e6:18:08:09:d6:58:b7:41:aa:98:67:29:32:3c:19:
fe:09:f8:74:12:c4:d5:73:02:a2:72:7d:de:63:49:
83:1c:57:86:e6:40:44:b2:ee:05:ac:24:3b:3f:f0:
32:cc:60:10:f4:bd:81:7d:6e:65:cf:ee:2a:e4:af:
e1:63:28:26:18:ba:7f:0c:97:bb:e2:2f:e8:06:2f:
a8:57:08:f2:59:a1:55:3f:86:a0:26:9b:79:49:69:
79:7e:f9:39:d8:1e:19:52:15:76:3d:6a:95:fc:22:
50:7e:89:82:f6:e2:b6:fe:ea:b8:53:8e:b5:0d:46:
e5:ff:ff:42:1f:c9:e1:df:a8:8c:c4:7b:77:67:e0:
f4:ad:c4:e0:8f:7d:4c:f3:55:19:ed:38:59:58:c7:
43:7f:70:61:d4:a4:68:6d:a5:ee:bc:e0:f5:ad:a0:
1e:30:92:f3:8d:7b:a3:be:45:1a:d9:1c:bf:5b:90:
39:45:1c:08:52:9d:44:9d:01:d0:1f:06:ba:4e:28:
d1:33:f8:36:0d:bb:28:e9:58:f5:dd:71:a4:00:70:
c6:41:73:c2:96:24:cf:04:39:03:6d:1a:98:44:41:
94:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:A7:55:33:8D:63:C0:4A:92:3C:A4:6B:FF:44:90:C4:A1:5D:7B:09
X509v3 Authority Key Identifier:
keyid:5A:48:B5:DF:C0:14:2A:68:C3:0B:DA:AC:55:06:03:E9:E4:5D:10:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wki138AUKmjDC9qsVQYD6eRdEIo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/acd0e2-3712-4ccc-872d-e0d9883e0fcc/1/O6dVM41jwEqSPKRr_0SQxKFdewk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/acd0e2-3712-4ccc-872d-e0d9883e0fcc/1/Wki138AUKmjDC9qsVQYD6eRdEIo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.238.87.0/24
Signature Algorithm: sha256WithRSAEncryption
88:4f:e4:d8:36:b6:b2:21:90:9f:ae:c7:a1:98:a5:c1:eb:9b:
f2:49:e2:59:0a:e5:90:f0:da:11:ea:88:b5:9e:d8:08:90:5d:
6c:f4:c2:84:88:fb:5c:fc:60:41:7d:16:a4:6b:ca:d9:5a:e4:
20:8e:52:5e:d9:ec:ba:b1:1f:04:d0:5d:4c:b7:98:be:c5:a6:
38:13:24:5d:df:4a:88:4c:d5:63:2d:12:d2:9d:61:88:51:63:
dd:4a:2a:2e:0a:92:0a:f3:3d:2f:73:8d:a8:e0:a0:08:f0:45:
93:a6:e0:0c:12:d3:53:65:f1:c7:19:78:49:e0:56:97:67:37:
ae:fd:72:d1:59:3d:76:23:ce:81:8d:d3:03:b8:b7:71:d1:f3:
f2:e3:88:26:80:14:ca:c0:ef:cd:e7:f7:47:14:d5:00:60:3e:
63:2e:71:c2:c0:6f:8e:6e:d7:70:84:88:7b:a8:8b:ee:1b:d8:
1b:3e:15:f4:48:2d:6e:d2:4c:0c:9d:86:fc:f3:dc:aa:96:7b:
f4:4b:d9:d3:cd:8f:1f:69:d0:88:b8:62:c9:5c:19:c5:5d:ae:
6b:19:8e:8d:7a:2a:b6:39:0e:35:6c:06:11:e9:c9:27:3f:4c:
45:9a:4a:36:3d:7c:b9:a8:d3:19:28:a5:6e:59:b3:2b:74:86:
e3:d5:06:58
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKoLBL5JNxFQ95wJ5YaY2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNDhiNWRmYzAxNDJhNjhjMzBiZGFhYzU1MDYwM2U5ZTQ1
ZDEwOGEwHhcNMjQwMTAyMTIzMzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmE3NTUzMzhkNjNjMDRhOTIzY2E0NmJmZjQ0OTBjNGExNWQ3YjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHuOnTNGgql68jd1JV5H8WwN/p9i
VqKpEHKJDS/mGAgJ1li3QaqYZykyPBn+Cfh0EsTVcwKicn3eY0mDHFeG5kBEsu4F
rCQ7P/AyzGAQ9L2BfW5lz+4q5K/hYygmGLp/DJe74i/oBi+oVwjyWaFVP4agJpt5
SWl5fvk52B4ZUhV2PWqV/CJQfomC9uK2/uq4U461DUbl//9CH8nh36iMxHt3Z+D0
rcTgj31M81UZ7ThZWMdDf3Bh1KRobaXuvOD1raAeMJLzjXujvkUa2Ry/W5A5RRwI
Up1EnQHQHwa6TijRM/g2Dbso6Vj13XGkAHDGQXPCliTPBDkDbRqYREGU8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDunVTONY8BKkjyka/9EkMShXXsJMB8GA1UdIwQY
MBaAFFpItd/AFCpowwvarFUGA+nkXRCKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2tpMTM4QVVLbWpEQzlxc1ZRWUQ2ZVJkRUlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9hY2QwZTItMzcxMi00Y2NjLTg3MmQt
ZTBkOTg4M2UwZmNjLzEvTzZkVk00MWp3RXFTUEtScl8wU1F4S0ZkZXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9hY2QwZTItMzcxMi00Y2NjLTg3MmQtZTBkOTg4M2UwZmNj
LzEvV2tpMTM4QVVLbWpEQzlxc1ZRWUQ2ZVJkRUlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwe5XMA0G
CSqGSIb3DQEBCwUAA4IBAQCIT+TYNrayIZCfrsehmKXB65vySeJZCuWQ8NoR6oi1
ntgIkF1s9MKEiPtc/GBBfRaka8rZWuQgjlJe2ey6sR8E0F1Mt5i+xaY4EyRd30qI
TNVjLRLSnWGIUWPdSiouCpIK8z0vc42o4KAI8EWTpuAMEtNTZfHHGXhJ4FaXZzeu
/XLRWT12I86BjdMDuLdx0fPy44gmgBTKwO/N5/dHFNUAYD5jLnHCwG+ObtdwhIh7
qIvuG9gbPhX0SC1u0kwMnYb889yqlnv0S9nTzY8fadCIuGLJXBnFXa5rGY6Neiq2
OQ41bAYR6cknP0xFmko2PXy5qNMZKKVuWbMrdIbj1QZY
-----END CERTIFICATE-----
Generated at Sun Jun 30 13:03:28 2024 by rpki-client on console-ams.rpki-client.org