Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/O42GN3qSpAMObjTxEq_cPiUkyLc.roa
File: O42GN3qSpAMObjTxEq_cPiUkyLc.roa (raw, json)
Hash identifier: dFf9JKrUmfD/DpUQ42D8thWR14x18BziQcdyzELJDxM=
Subject key identifier: 3B:8D:86:37:7A:92:A4:03:0E:6E:34:F1:12:AF:DC:3E:25:24:C8:B7
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 018CC8017F30D0B850347825A6021B6909FA
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/O42GN3qSpAMObjTxEq_cPiUkyLc.roa
Signing time: Tue 02 Jan 2024 02:29:50 +0000
ROA not before: Tue 02 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54339
IP address blocks: 91.193.253.0/24 maxlen: 24
93.89.211.0/24 maxlen: 24
193.109.160.0/22 maxlen: 24
93.89.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.mft
rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 06:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:7f:30:d0:b8:50:34:78:25:a6:02:1b:69:09:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Jan 2 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b8d86377a92a4030e6e34f112afdc3e2524c8b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:7f:c6:67:17:f3:a5:4a:de:43:d3:f1:be:b9:
00:c8:a8:98:e4:ee:49:62:26:8f:9c:27:92:e7:a9:
5a:59:e5:eb:da:0f:54:5d:1f:84:a6:4c:de:fb:1c:
aa:af:a8:6f:03:4c:80:b5:b0:96:88:c0:af:da:b1:
59:0b:e5:1a:73:1d:c0:a5:e6:78:aa:79:8d:f7:c2:
1a:07:3e:b1:cd:3c:fe:a1:7f:2a:90:2e:c0:6d:01:
43:c9:a4:13:7b:84:13:12:ad:92:ed:82:14:72:2b:
4a:1b:1a:d2:a8:36:e0:78:f2:28:6a:e2:1b:5e:4e:
45:54:b3:58:1e:26:b9:0e:eb:be:18:86:79:8a:00:
4b:1c:7d:48:72:99:37:18:0e:21:62:c1:97:46:b6:
de:05:6c:34:25:31:7d:f2:3c:64:58:e5:a2:88:bb:
58:4b:7e:c2:6e:4a:5a:f4:de:90:89:38:f4:3d:d2:
66:17:9e:97:f9:09:23:0b:29:83:2b:60:e6:38:58:
45:92:36:8e:18:cb:05:6a:3a:15:bf:5a:54:59:7b:
44:fe:c2:bb:26:1b:10:42:d9:0e:c3:48:f3:be:9a:
98:7b:ef:d0:9f:f6:df:02:93:a2:0f:0a:cc:77:85:
d3:38:41:5c:e6:38:fa:b1:43:f5:69:7d:91:a8:ac:
e9:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:8D:86:37:7A:92:A4:03:0E:6E:34:F1:12:AF:DC:3E:25:24:C8:B7
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/O42GN3qSpAMObjTxEq_cPiUkyLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.253.0/24
93.89.211.0/24
93.89.217.0/24
193.109.160.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:7a:8e:30:48:d4:a0:f2:00:81:f2:91:f9:2d:4c:10:b5:45:
60:ff:e1:d5:fd:f7:1b:c0:23:73:5f:04:4f:a5:56:a6:de:bb:
55:0d:12:33:67:cc:b7:ec:cf:b1:26:cf:28:48:f0:4a:f1:12:
77:b5:fc:87:da:2c:31:ea:13:b9:ce:1b:e4:18:6d:3b:62:4a:
2d:bd:08:ab:23:a0:e8:cd:ad:04:ba:09:e1:93:97:21:e7:d7:
01:26:fa:e8:af:47:5f:c0:72:66:c7:46:bf:4b:b1:49:9a:ea:
da:15:0e:10:27:26:d8:49:7b:96:28:32:8d:cc:0d:ca:77:11:
ba:79:5c:fe:57:01:f3:cf:74:a8:3e:2c:f6:f8:de:a5:60:97:
a5:58:86:c3:b7:80:e5:fc:82:b0:47:b9:b0:53:bf:59:32:b5:
b6:84:df:25:60:a8:1e:d8:20:00:c4:e3:2c:27:c1:49:05:d4:
a4:25:f6:f5:6b:41:36:74:98:a2:b3:9d:57:fe:5f:5a:ad:cf:
13:d4:51:79:6a:30:9b:0d:91:de:17:4a:bf:fb:6a:ed:8c:18:
6e:ce:ba:be:b9:44:d1:4a:fd:dc:46:97:94:21:5f:8f:c2:69:
e9:79:09:a8:df:6f:01:1e:03:16:f8:a3:9c:85:68:de:c7:eb:
1f:1d:44:1a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAX8w0LhQNHglpgIbaQn6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjQwMTAyMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjhkODYzNzdhOTJhNDAzMGU2ZTM0ZjExMmFmZGMzZTI1MjRjOGI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwX/GZxfzpUreQ9PxvrkAyKiY5O5J
YiaPnCeS56laWeXr2g9UXR+Epkze+xyqr6hvA0yAtbCWiMCv2rFZC+Uacx3ApeZ4
qnmN98IaBz6xzTz+oX8qkC7AbQFDyaQTe4QTEq2S7YIUcitKGxrSqDbgePIoauIb
Xk5FVLNYHia5Duu+GIZ5igBLHH1Icpk3GA4hYsGXRrbeBWw0JTF98jxkWOWiiLtY
S37Cbkpa9N6QiTj0PdJmF56X+QkjCymDK2DmOFhFkjaOGMsFajoVv1pUWXtE/sK7
JhsQQtkOw0jzvpqYe+/Qn/bfApOiDwrMd4XTOEFc5jj6sUP1aX2RqKzpyQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDuNhjd6kqQDDm408RKv3D4lJMi3MB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvTzQyR04zcVNwQU1PYmpUeEVxX2NQaVVreUxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8H9AwQA
XVnTAwQAXVnZAwQCwW2gMA0GCSqGSIb3DQEBCwUAA4IBAQBveo4wSNSg8gCB8pH5
LUwQtUVg/+HV/fcbwCNzXwRPpVam3rtVDRIzZ8y37M+xJs8oSPBK8RJ3tfyH2iwx
6hO5zhvkGG07YkotvQirI6Doza0Eugnhk5ch59cBJvror0dfwHJmx0a/S7FJmura
FQ4QJybYSXuWKDKNzA3KdxG6eVz+VwHzz3SoPiz2+N6lYJelWIbDt4Dl/IKwR7mw
U79ZMrW2hN8lYKge2CAAxOMsJ8FJBdSkJfb1a0E2dJiis51X/l9arc8T1FF5ajCb
DZHeF0q/+2rtjBhuzrq+uUTRSv3cRpeUIV+PwmnpeQmo328BHgMW+KOchWjex+sf
HUQa
-----END CERTIFICATE-----
Generated at Sun Jun 2 14:59:00 2024 by rpki-client on console-fra.rpki-client.org