Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/qOsX_uybPOsQvQFRTJA0IasrsE8.roa
File: qOsX_uybPOsQvQFRTJA0IasrsE8.roa (raw, json)
Hash identifier: 6Fyly/2Xq9mLReDzMa34yM+Jn7YQg77jgGkZ6YRGNlc=
Subject key identifier: A8:EB:17:FE:EC:9B:3C:EB:10:BD:01:51:4C:90:34:21:AB:2B:B0:4F
Certificate issuer: /CN=debe517e7475e17c069643910fd6f77b317b8538
Certificate serial: 018CC56EC49919B6BABD6FA9AF8C880EAD6E
Authority key identifier: DE:BE:51:7E:74:75:E1:7C:06:96:43:91:0F:D6:F7:7B:31:7B:85:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/qOsX_uybPOsQvQFRTJA0IasrsE8.roa
Signing time: Mon 01 Jan 2024 14:30:19 +0000
ROA not before: Mon 01 Jan 2024 14:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208023
IP address blocks: 193.194.131.0/24 maxlen: 24
193.194.130.0/24 maxlen: 24
193.194.142.0/24 maxlen: 24
193.194.143.0/24 maxlen: 24
2a0f:9d40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.mft
rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:c4:99:19:b6:ba:bd:6f:a9:af:8c:88:0e:ad:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=debe517e7475e17c069643910fd6f77b317b8538
Validity
Not Before: Jan 1 14:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a8eb17feec9b3ceb10bd01514c903421ab2bb04f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:7d:fc:de:dc:e2:30:c4:c0:39:b7:2b:72:13:
48:43:e1:df:ce:3d:08:af:31:64:4d:72:c7:3d:82:
49:b6:b6:a9:d4:7f:9c:6f:26:21:f1:6a:b0:33:e9:
2f:f1:a5:16:b5:98:46:b0:1d:21:e6:f0:6d:51:2f:
06:b8:34:92:aa:06:9a:e6:25:cf:7b:a5:ce:3f:c0:
b2:9a:83:4d:53:8a:62:e4:dd:d9:c7:30:13:f3:b7:
4d:0e:c2:56:41:02:29:82:ac:98:ce:a7:e6:dd:dd:
b7:de:59:a3:d6:55:f3:7d:0d:c5:82:c2:ab:94:6c:
a5:e6:94:fe:76:40:1a:13:71:46:37:4c:15:d9:97:
a9:64:c4:ee:74:0c:bb:40:20:d9:52:0e:b6:aa:02:
73:be:59:78:59:f3:d2:53:69:ca:d2:40:f2:f9:3c:
05:60:fc:d9:8f:8e:b6:ed:77:2c:69:98:c9:46:ae:
f1:14:d6:8c:6e:0a:0f:de:c4:15:46:fa:83:33:79:
c0:81:d5:7c:1b:1a:36:23:54:8c:09:67:30:c5:69:
e1:52:02:22:b2:69:d7:47:9a:e1:56:e5:b1:36:53:
87:2d:ae:cc:50:0f:80:58:30:65:c6:0e:a1:bd:13:
b3:fe:fd:09:6d:c4:f9:a2:57:89:d6:d9:91:24:42:
dd:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:EB:17:FE:EC:9B:3C:EB:10:BD:01:51:4C:90:34:21:AB:2B:B0:4F
X509v3 Authority Key Identifier:
keyid:DE:BE:51:7E:74:75:E1:7C:06:96:43:91:0F:D6:F7:7B:31:7B:85:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3r5RfnR14XwGlkORD9b3ezF7hTg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/qOsX_uybPOsQvQFRTJA0IasrsE8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/3850c9-9c68-4613-a870-89f5c4f32970/1/3r5RfnR14XwGlkORD9b3ezF7hTg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.194.130.0/23
193.194.142.0/23
IPv6:
2a0f:9d40::/29
Signature Algorithm: sha256WithRSAEncryption
6d:4a:8c:aa:fb:d8:d2:73:d3:96:2c:b0:bf:e7:bc:65:56:4b:
18:64:52:d7:f5:ca:3b:4e:30:a4:d5:b5:35:e2:9f:f2:d0:76:
82:c3:22:6e:99:5e:b1:db:f4:15:99:ac:9b:4a:ee:b3:8f:fc:
af:d2:a3:67:ac:7d:cb:2c:88:db:f3:41:9f:7c:3c:9e:b1:9e:
b3:ef:5c:4e:86:29:f0:2a:50:32:d1:7f:fe:5d:44:d4:5e:29:
19:1f:5a:1f:ea:fd:e9:dc:c5:a3:ac:a6:88:05:35:4c:09:60:
1c:bf:cf:5f:06:71:2b:c8:f2:b2:0c:6a:34:2f:74:23:af:bf:
82:51:e9:44:09:79:bd:af:b3:05:27:c5:5e:d8:8e:fb:64:74:
fa:86:85:9f:18:f2:f4:79:e8:4a:a7:cb:64:ec:6e:7a:4e:90:
3a:06:ee:6d:8d:e5:7b:8d:0d:1a:33:90:3a:2f:74:35:a5:dc:
8d:3e:e1:b5:15:90:7e:d7:47:8f:66:91:51:17:41:ba:93:f3:
ef:f6:3f:8d:8f:ef:ac:93:2d:ee:00:ca:19:7e:04:fd:a2:0e:
d3:62:0d:2e:b2:8b:af:99:5c:49:82:08:d5:60:43:17:44:38:
9d:2e:68:e6:e3:75:c0:9c:15:5f:72:02:0c:0d:0e:37:65:d5:
8c:fd:71:89
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbsSZGba6vW+pr4yIDq1uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlYmU1MTdlNzQ3NWUxN2MwNjk2NDM5MTBmZDZmNzdiMzE3
Yjg1MzgwHhcNMjQwMTAxMTQzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGViMTdmZWVjOWIzY2ViMTBiZDAxNTE0YzkwMzQyMWFiMmJiMDRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhn383tziMMTAObcrchNIQ+Hfzj0I
rzFkTXLHPYJJtrap1H+cbyYh8WqwM+kv8aUWtZhGsB0h5vBtUS8GuDSSqgaa5iXP
e6XOP8CymoNNU4pi5N3ZxzAT87dNDsJWQQIpgqyYzqfm3d233lmj1lXzfQ3FgsKr
lGyl5pT+dkAaE3FGN0wV2ZepZMTudAy7QCDZUg62qgJzvll4WfPSU2nK0kDy+TwF
YPzZj4627XcsaZjJRq7xFNaMbgoP3sQVRvqDM3nAgdV8Gxo2I1SMCWcwxWnhUgIi
smnXR5rhVuWxNlOHLa7MUA+AWDBlxg6hvROz/v0JbcT5oleJ1tmRJELdQQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFKjrF/7smzzrEL0BUUyQNCGrK7BPMB8GA1UdIwQY
MBaAFN6+UX50deF8BpZDkQ/W93sxe4U4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3I1UmZuUjE0WHdHbGtPUkQ5YjNlekY3aFRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC8zODUwYzktOWM2OC00NjEzLWE4NzAt
ODlmNWM0ZjMyOTcwLzEvcU9zWF91eWJQT3NRdlFGUlRKQTBJYXNyc0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC8zODUwYzktOWM2OC00NjEzLWE4NzAtODlmNWM0ZjMyOTcw
LzEvM3I1UmZuUjE0WHdHbGtPUkQ5YjNlekY3aFRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwcKCAwQB
wcKOMA0EAgACMAcDBQMqD51AMA0GCSqGSIb3DQEBCwUAA4IBAQBtSoyq+9jSc9OW
LLC/57xlVksYZFLX9co7TjCk1bU14p/y0HaCwyJumV6x2/QVmaybSu6zj/yv0qNn
rH3LLIjb80GffDyesZ6z71xOhinwKlAy0X/+XUTUXikZH1of6v3p3MWjrKaIBTVM
CWAcv89fBnEryPKyDGo0L3Qjr7+CUelECXm9r7MFJ8Ve2I77ZHT6hoWfGPL0eehK
p8tk7G56TpA6Bu5tjeV7jQ0aM5A6L3Q1pdyNPuG1FZB+10ePZpFRF0G6k/Pv9j+N
j++sky3uAMoZfgT9og7TYg0usouvmVxJggjVYEMXRDidLmjm43XAnBVfcgIMDQ43
ZdWM/XGJ
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:13:07 2024 by rpki-client on console-ams.rpki-client.org