Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/0JygCQluhWl3DJRbtOGxjk79Ips.roa
File: 0JygCQluhWl3DJRbtOGxjk79Ips.roa (raw, json)
Hash identifier: +Id1wbThYnQQAbmrRNHd5Y2jBk3MGgsEZCno1E7ofuY=
Subject key identifier: D0:9C:A0:09:09:6E:85:69:77:0C:94:5B:B4:E1:B1:8E:4E:FD:22:9B
Certificate issuer: /CN=09c50efe13aadf5423b04f0ddca8b3288395823e
Certificate serial: 018CC9BCE7B4F9771339747CAB7B399F5A61
Authority key identifier: 09:C5:0E:FE:13:AA:DF:54:23:B0:4F:0D:DC:A8:B3:28:83:95:82:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CcUO_hOq31QjsE8N3KizKIOVgj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/0JygCQluhWl3DJRbtOGxjk79Ips.roa
Signing time: Tue 02 Jan 2024 10:34:09 +0000
ROA not before: Tue 02 Jan 2024 10:34:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49865
IP address blocks: 194.24.0.0/21 maxlen: 21
194.24.1.0/24 maxlen: 24
194.24.4.0/22 maxlen: 22
2a0a:5080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/CcUO_hOq31QjsE8N3KizKIOVgj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/CcUO_hOq31QjsE8N3KizKIOVgj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/CcUO_hOq31QjsE8N3KizKIOVgj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 04:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:e7:b4:f9:77:13:39:74:7c:ab:7b:39:9f:5a:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=09c50efe13aadf5423b04f0ddca8b3288395823e
Validity
Not Before: Jan 2 10:34:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d09ca009096e8569770c945bb4e1b18e4efd229b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:53:fc:50:9e:c7:c0:26:a4:be:14:37:1f:0e:
ae:6b:cc:8f:ff:75:aa:91:eb:94:a6:2d:04:64:15:
0e:ed:4f:b9:b8:47:47:f9:d0:a9:52:81:f0:6d:4f:
fb:cd:6c:6e:e1:aa:e4:fc:f4:73:0c:21:b8:7f:3c:
bd:e6:cb:0b:19:70:fe:f4:ce:58:2c:62:c1:33:b3:
2a:d0:22:85:3e:1a:fd:73:4e:fe:55:9e:53:68:d0:
4f:1b:a7:57:70:cc:94:a2:f0:a5:5c:ae:29:2c:6c:
85:93:3b:9a:ca:30:51:94:c3:3a:95:e3:80:d7:0f:
68:b3:cf:c1:c2:60:02:a4:1a:67:fe:96:ff:71:48:
3c:1d:cd:c5:1a:76:93:47:40:8b:c3:41:3f:a6:3a:
c5:c0:59:9c:81:ba:01:19:cf:6b:87:f4:e3:4f:8e:
9e:81:1a:ce:49:f8:f1:0b:fc:96:fe:fe:e4:af:40:
00:e3:64:82:72:20:28:89:e8:20:01:8c:2b:fd:24:
85:e2:1c:c9:bd:a6:ed:05:3d:70:08:84:65:b7:88:
07:1f:ef:22:13:40:95:1b:92:36:85:c7:8f:4c:c4:
2e:b7:c9:35:b3:bd:70:3f:ac:c9:4a:25:88:f8:7f:
1a:71:7c:0a:2d:2f:3e:60:6d:c6:b2:4d:96:32:9c:
45:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:9C:A0:09:09:6E:85:69:77:0C:94:5B:B4:E1:B1:8E:4E:FD:22:9B
X509v3 Authority Key Identifier:
keyid:09:C5:0E:FE:13:AA:DF:54:23:B0:4F:0D:DC:A8:B3:28:83:95:82:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CcUO_hOq31QjsE8N3KizKIOVgj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/0JygCQluhWl3DJRbtOGxjk79Ips.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/85a208-1ab6-46f7-b1a5-a26d25bc7654/1/CcUO_hOq31QjsE8N3KizKIOVgj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.24.0.0/21
IPv6:
2a0a:5080::/29
Signature Algorithm: sha256WithRSAEncryption
28:79:01:1e:05:16:53:91:6e:12:86:c6:41:e7:99:02:75:a5:
8c:47:e0:97:15:19:5d:dd:64:9a:2c:1e:02:09:2b:24:f6:15:
1b:7a:3a:7c:5b:b5:37:ba:3d:81:f7:60:ee:8e:66:63:c4:eb:
10:b2:b9:76:ae:fc:23:25:90:6b:9a:ae:d0:c8:c0:9e:0d:0b:
b3:96:5c:1c:e0:92:46:5d:c2:25:18:0c:f7:18:98:b2:78:4a:
a6:61:90:9c:2a:20:63:17:a0:14:ac:1c:29:94:90:aa:1d:91:
6a:ac:b5:3c:ed:42:67:0f:52:dd:e7:8a:b7:ef:46:2b:b0:26:
0c:40:61:7c:c6:d1:e0:61:75:ed:1d:0a:fc:89:91:40:a4:7b:
b4:49:32:a3:f0:16:61:cf:e1:44:4e:4b:88:4f:1c:f7:29:c4:
75:f9:86:2f:4a:5b:6c:3d:2f:41:ee:25:a7:72:9f:96:03:f2:
c8:45:83:79:3c:05:87:4c:ce:dc:0c:4f:45:b1:17:ea:05:3e:
df:ff:3e:a1:15:07:03:87:69:f8:22:0c:10:d9:9f:09:a0:22:
50:4d:18:c4:94:23:53:4d:7f:e8:7b:d8:73:59:5b:af:54:50:
d4:01:4b:14:9e:01:f0:70:3b:b8:76:4f:67:50:a4:e1:59:41:
0d:1b:e3:17
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvOe0+XcTOXR8q3s5n1phMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5YzUwZWZlMTNhYWRmNTQyM2IwNGYwZGRjYThiMzI4ODM5
NTgyM2UwHhcNMjQwMTAyMTAzNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDljYTAwOTA5NmU4NTY5NzcwYzk0NWJiNGUxYjE4ZTRlZmQyMjliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1P8UJ7HwCakvhQ3Hw6ua8yP/3Wq
keuUpi0EZBUO7U+5uEdH+dCpUoHwbU/7zWxu4ark/PRzDCG4fzy95ssLGXD+9M5Y
LGLBM7Mq0CKFPhr9c07+VZ5TaNBPG6dXcMyUovClXK4pLGyFkzuayjBRlMM6leOA
1w9os8/BwmACpBpn/pb/cUg8Hc3FGnaTR0CLw0E/pjrFwFmcgboBGc9rh/TjT46e
gRrOSfjxC/yW/v7kr0AA42SCciAoieggAYwr/SSF4hzJvabtBT1wCIRlt4gHH+8i
E0CVG5I2hcePTMQut8k1s71wP6zJSiWI+H8acXwKLS8+YG3Gsk2WMpxFcQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNCcoAkJboVpdwyUW7ThsY5O/SKbMB8GA1UdIwQY
MBaAFAnFDv4Tqt9UI7BPDdyosyiDlYI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2NVT19oT3EzMVFqc0U4TjNLaXpLSU9WZ2o0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS84NWEyMDgtMWFiNi00NmY3LWIxYTUt
YTI2ZDI1YmM3NjU0LzEvMEp5Z0NRbHVoV2wzREpSYnRPR3hqazc5SXBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS84NWEyMDgtMWFiNi00NmY3LWIxYTUtYTI2ZDI1YmM3NjU0
LzEvQ2NVT19oT3EzMVFqc0U4TjNLaXpLSU9WZ2o0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDwhgAMA0E
AgACMAcDBQMqClCAMA0GCSqGSIb3DQEBCwUAA4IBAQAoeQEeBRZTkW4ShsZB55kC
daWMR+CXFRld3WSaLB4CCSsk9hUbejp8W7U3uj2B92DujmZjxOsQsrl2rvwjJZBr
mq7QyMCeDQuzllwc4JJGXcIlGAz3GJiyeEqmYZCcKiBjF6AUrBwplJCqHZFqrLU8
7UJnD1Ld54q370YrsCYMQGF8xtHgYXXtHQr8iZFApHu0STKj8BZhz+FETkuITxz3
KcR1+YYvSltsPS9B7iWncp+WA/LIRYN5PAWHTM7cDE9FsRfqBT7f/z6hFQcDh2n4
IgwQ2Z8JoCJQTRjElCNTTX/oe9hzWVuvVFDUAUsUngHwcDu4dk9nUKThWUENG+MX
-----END CERTIFICATE-----
Generated at Wed May 29 10:52:45 2024 by rpki-client on console-ams.rpki-client.org