Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/OCLegx7AAJrXlZwafZY4saWNhbA.roa
File: OCLegx7AAJrXlZwafZY4saWNhbA.roa (raw, json)
Hash identifier: e9VTWsNvHN7d5ckNNnCA+CRusyYItjY5AHniHQNomyw=
Subject key identifier: 38:22:DE:83:1E:C0:00:9A:D7:95:9C:1A:7D:96:38:B1:A5:8D:85:B0
Certificate issuer: /CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Certificate serial: 019427B60F591F4D1F133748EC6A2297989B
Authority key identifier: 42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/OCLegx7AAJrXlZwafZY4saWNhbA.roa
Signing time: Thu 02 Jan 2025 15:50:30 +0000
ROA not before: Thu 02 Jan 2025 15:50:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 194.53.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:0f:59:1f:4d:1f:13:37:48:ec:6a:22:97:98:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42ce759320195b9cc18ccfcb1b532aea949258f1
Validity
Not Before: Jan 2 15:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3822de831ec0009ad7959c1a7d9638b1a58d85b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:82:3b:20:ad:e1:92:43:8b:0e:a7:8b:c9:14:
45:2e:62:4b:ea:4f:a9:a1:fa:48:ae:b0:63:6c:c5:
b0:1f:44:0d:42:26:aa:c3:fa:73:73:57:22:c5:18:
3e:eb:60:de:08:d1:1e:1e:7d:5d:c0:d6:5e:1c:90:
53:93:f9:9c:80:c9:5a:fc:53:e3:64:77:cc:f4:4e:
83:a9:ad:e1:cb:2b:17:82:36:69:c3:bc:52:ac:91:
71:3d:0c:c0:3e:2c:46:cf:d2:bf:a0:97:89:27:95:
62:2f:a1:d6:ad:bc:28:b4:7a:0e:72:02:e8:57:a8:
ce:01:5e:13:6c:ae:75:35:32:f8:37:cb:cf:63:b7:
98:db:a1:36:8b:4f:5e:27:05:e9:2f:74:ca:e7:20:
81:48:20:48:6a:cb:8b:30:cc:4e:c6:59:55:db:cd:
6f:8d:9d:0c:cb:ce:79:51:c5:6b:b3:f6:b5:e0:4a:
a7:4b:5b:d5:1c:3e:ae:f1:4c:27:87:09:d2:ee:6e:
51:2c:d9:83:a9:c0:d0:7c:41:25:68:6e:e7:5e:fc:
2c:30:46:95:69:bf:7f:c9:ed:27:28:02:e6:07:f9:
c4:5c:86:9b:fc:b1:ed:4c:aa:9f:76:d2:82:46:25:
fe:29:bf:dd:a4:ac:57:78:e7:f3:80:bd:f2:32:4f:
e9:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:22:DE:83:1E:C0:00:9A:D7:95:9C:1A:7D:96:38:B1:A5:8D:85:B0
X509v3 Authority Key Identifier:
keyid:42:CE:75:93:20:19:5B:9C:C1:8C:CF:CB:1B:53:2A:EA:94:92:58:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/OCLegx7AAJrXlZwafZY4saWNhbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/a52048-12ca-4a03-95be-697948ea71f5/1/Qs51kyAZW5zBjM_LG1Mq6pSSWPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.53.200.0/24
Signature Algorithm: sha256WithRSAEncryption
54:b7:f8:99:00:4c:9e:aa:cc:b2:ef:31:16:20:7f:4c:33:d1:
16:e9:f4:4a:9d:96:b7:1d:71:ea:7d:17:62:66:30:59:cc:96:
a6:6f:d2:bb:be:eb:b3:4d:66:b2:4e:19:c4:f5:38:53:30:c9:
fb:88:a9:b3:26:f7:79:eb:c3:c1:55:3c:21:80:e7:a5:f0:0f:
79:7b:93:94:28:f0:b0:79:c1:fe:17:35:2a:95:1c:44:5f:3a:
be:92:a5:f6:63:58:e5:6f:4c:48:0a:ab:ae:f6:fd:65:0a:b2:
45:7a:e8:b4:e0:c9:a5:13:d7:dc:7d:05:2e:65:24:a9:57:d5:
c9:13:ed:15:34:03:b0:02:90:63:12:fc:68:58:37:d4:dd:ff:
aa:de:f7:9d:5a:3b:da:70:cb:9b:91:2c:a2:0c:e5:8a:6b:62:
2c:b0:96:66:ed:5e:2b:7e:5a:f7:48:16:ee:8f:6a:ca:cf:da:
59:ea:20:72:5f:db:8d:d4:47:51:7c:7a:65:d7:08:8f:14:52:
be:4d:5b:56:8b:eb:e0:0c:9f:f9:a4:86:6e:c1:0b:55:ab:ad:
ac:3d:8e:c2:c5:de:a7:30:4f:71:cb:5f:8d:db:d9:45:92:90:
54:8a:8b:6b:25:a8:29:db:a4:16:6b:89:4c:65:a0:d8:eb:50:
69:e2:7a:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQntg9ZH00fEzdI7Goil5ibMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2U3NTkzMjAxOTViOWNjMThjY2ZjYjFiNTMyYWVhOTQ5
MjU4ZjEwHhcNMjUwMTAyMTU1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODIyZGU4MzFlYzAwMDlhZDc5NTljMWE3ZDk2MzhiMWE1OGQ4NWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA64I7IK3hkkOLDqeLyRRFLmJL6k+p
ofpIrrBjbMWwH0QNQiaqw/pzc1cixRg+62DeCNEeHn1dwNZeHJBTk/mcgMla/FPj
ZHfM9E6Dqa3hyysXgjZpw7xSrJFxPQzAPixGz9K/oJeJJ5ViL6HWrbwotHoOcgLo
V6jOAV4TbK51NTL4N8vPY7eY26E2i09eJwXpL3TK5yCBSCBIasuLMMxOxllV281v
jZ0My855UcVrs/a14EqnS1vVHD6u8UwnhwnS7m5RLNmDqcDQfEElaG7nXvwsMEaV
ab9/ye0nKALmB/nEXIab/LHtTKqfdtKCRiX+Kb/dpKxXeOfzgL3yMk/pMwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDgi3oMewACa15WcGn2WOLGljYWwMB8GA1UdIwQY
MBaAFELOdZMgGVucwYzPyxtTKuqUkljxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXM1MWt5QVpXNXpCak1fTEcxTXE2cFNTV1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC9hNTIwNDgtMTJjYS00YTAzLTk1YmUt
Njk3OTQ4ZWE3MWY1LzEvT0NMZWd4N0FBSnJYbFp3YWZaWTRzYVdOaGJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC9hNTIwNDgtMTJjYS00YTAzLTk1YmUtNjk3OTQ4ZWE3MWY1
LzEvUXM1MWt5QVpXNXpCak1fTEcxTXE2cFNTV1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjXIMA0G
CSqGSIb3DQEBCwUAA4IBAQBUt/iZAEyeqsyy7zEWIH9MM9EW6fRKnZa3HXHqfRdi
ZjBZzJamb9K7vuuzTWayThnE9ThTMMn7iKmzJvd568PBVTwhgOel8A95e5OUKPCw
ecH+FzUqlRxEXzq+kqX2Y1jlb0xICquu9v1lCrJFeui04MmlE9fcfQUuZSSpV9XJ
E+0VNAOwApBjEvxoWDfU3f+q3vedWjvacMubkSyiDOWKa2IssJZm7V4rflr3SBbu
j2rKz9pZ6iByX9uN1EdRfHpl1wiPFFK+TVtWi+vgDJ/5pIZuwQtVq62sPY7Cxd6n
ME9xy1+N29lFkpBUiotrJagp26QWa4lMZaDY61Bp4noV
-----END CERTIFICATE-----
Generated at Sat Apr 5 13:22:39 2025 by rpki-client