Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/2c8cc8-0fe2-491e-ad89-7e8b97528b1c/1/gs1oqbY6yQy7zAFFldXKYUCI-wY.roa
File: gs1oqbY6yQy7zAFFldXKYUCI-wY.roa (raw, json)
Hash identifier: ZNZX8jrrMnmqL1is9AmdkQLXAoTMMp75O03M5D0JqjE=
Subject key identifier: 82:CD:68:A9:B6:3A:C9:0C:BB:CC:01:45:95:D5:CA:61:40:88:FB:06
Certificate issuer: /CN=2df58aa526c81e32c1b959bfcadf08c19adc412c
Certificate serial: 01942444D0C509FDD61E8894CECA40E86B6E
Authority key identifier: 2D:F5:8A:A5:26:C8:1E:32:C1:B9:59:BF:CA:DF:08:C1:9A:DC:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LfWKpSbIHjLBuVm_yt8IwZrcQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/2c8cc8-0fe2-491e-ad89-7e8b97528b1c/1/gs1oqbY6yQy7zAFFldXKYUCI-wY.roa
Signing time: Wed 01 Jan 2025 23:47:57 +0000
ROA not before: Wed 01 Jan 2025 23:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44542
IP address blocks: 193.254.208.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/2c8cc8-0fe2-491e-ad89-7e8b97528b1c/1/LfWKpSbIHjLBuVm_yt8IwZrcQSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/2c8cc8-0fe2-491e-ad89-7e8b97528b1c/1/LfWKpSbIHjLBuVm_yt8IwZrcQSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LfWKpSbIHjLBuVm_yt8IwZrcQSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:d0:c5:09:fd:d6:1e:88:94:ce:ca:40:e8:6b:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2df58aa526c81e32c1b959bfcadf08c19adc412c
Validity
Not Before: Jan 1 23:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=82cd68a9b63ac90cbbcc014595d5ca614088fb06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:08:10:24:f7:7c:d6:6d:ef:7d:0f:de:58:96:
de:e5:2b:b6:0a:81:96:29:b2:3f:30:3b:bb:b1:91:
f2:51:b2:48:9b:60:2d:85:a9:62:2d:68:d1:94:4e:
9b:46:dc:a7:87:32:76:61:9d:94:bb:22:c7:eb:76:
09:69:24:55:40:44:08:4b:5e:31:f1:25:28:34:c8:
fb:f3:e1:dd:95:c5:9e:bd:2b:12:93:ed:56:20:4a:
ea:be:57:ce:59:ad:a4:06:0e:65:7a:d5:0c:ee:0d:
35:bf:32:8b:19:26:8d:a8:1a:5f:2f:7c:55:8f:19:
43:e6:e3:4f:04:07:55:4c:32:f9:1f:2f:45:6c:aa:
9b:25:05:ed:ca:02:6b:fe:98:06:36:0d:1e:75:d2:
08:6a:2d:ad:6f:96:0b:73:9c:a7:1d:76:ff:dc:4a:
84:95:f9:48:e1:0a:32:85:4e:ee:6d:3e:b1:27:42:
c5:e7:36:c2:6e:72:ca:59:68:df:57:5f:aa:42:d0:
dd:40:18:9a:13:1c:e6:ea:31:89:bc:83:a6:4a:86:
1c:3e:e7:41:9e:85:23:78:55:c0:e6:8b:e4:d7:04:
7e:9b:62:f3:87:9e:a4:97:42:b2:25:c7:fa:c8:1c:
30:2c:18:40:25:fc:37:02:eb:f5:4a:d8:46:66:ef:
ea:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:CD:68:A9:B6:3A:C9:0C:BB:CC:01:45:95:D5:CA:61:40:88:FB:06
X509v3 Authority Key Identifier:
keyid:2D:F5:8A:A5:26:C8:1E:32:C1:B9:59:BF:CA:DF:08:C1:9A:DC:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LfWKpSbIHjLBuVm_yt8IwZrcQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/2c8cc8-0fe2-491e-ad89-7e8b97528b1c/1/gs1oqbY6yQy7zAFFldXKYUCI-wY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/2c8cc8-0fe2-491e-ad89-7e8b97528b1c/1/LfWKpSbIHjLBuVm_yt8IwZrcQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.254.208.0/23
Signature Algorithm: sha256WithRSAEncryption
53:c1:71:ef:3d:a6:7c:76:3d:83:fe:1f:3e:c7:9b:55:3d:22:
9f:4e:0b:f1:82:91:f9:98:e4:f4:fc:4a:ba:96:0b:35:bd:ce:
34:b0:d1:cc:6f:7a:38:0a:19:f3:de:f4:5e:66:9d:f5:50:1b:
32:60:43:54:79:b8:74:fd:b4:46:a5:8a:ce:68:cb:e0:46:fd:
f0:13:f3:95:95:da:77:1f:7a:48:e2:d3:41:5b:2c:c2:94:94:
71:16:9c:08:8c:19:57:e1:cd:1d:a8:7d:8e:b4:b7:56:4e:de:
5d:1f:40:28:76:14:97:2e:18:8e:99:de:9d:46:d1:05:0b:2f:
79:7f:ca:2d:6d:54:ce:cf:ed:19:7f:dc:06:48:d7:3c:ec:2e:
fd:a9:12:19:a7:0d:18:6e:78:7f:da:a1:47:ce:2a:6d:80:9d:
de:66:15:45:af:67:f2:b8:e4:21:0f:5f:4b:25:18:84:8e:33:
b9:72:ea:a9:c5:2c:ff:ba:a0:91:da:81:62:2b:50:dc:2c:18:
f5:e5:90:40:0e:0b:5c:36:72:59:84:ef:0d:32:76:a6:28:d5:
f7:18:99:38:ff:37:70:df:1c:a0:79:0c:23:66:7a:6e:e4:65:
f1:63:8c:a8:75:0a:3a:aa:55:67:e0:7e:b7:27:9b:0d:e5:e0:
90:fa:00:dd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRNDFCf3WHoiUzspA6GtuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZjU4YWE1MjZjODFlMzJjMWI5NTliZmNhZGYwOGMxOWFk
YzQxMmMwHhcNMjUwMTAxMjM0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MmNkNjhhOWI2M2FjOTBjYmJjYzAxNDU5NWQ1Y2E2MTQwODhmYjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQgQJPd81m3vfQ/eWJbe5Su2CoGW
KbI/MDu7sZHyUbJIm2AthaliLWjRlE6bRtynhzJ2YZ2UuyLH63YJaSRVQEQIS14x
8SUoNMj78+HdlcWevSsSk+1WIErqvlfOWa2kBg5letUM7g01vzKLGSaNqBpfL3xV
jxlD5uNPBAdVTDL5Hy9FbKqbJQXtygJr/pgGNg0eddIIai2tb5YLc5ynHXb/3EqE
lflI4QoyhU7ubT6xJ0LF5zbCbnLKWWjfV1+qQtDdQBiaExzm6jGJvIOmSoYcPudB
noUjeFXA5ovk1wR+m2Lzh56kl0KyJcf6yBwwLBhAJfw3Auv1SthGZu/q5QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFILNaKm2OskMu8wBRZXVymFAiPsGMB8GA1UdIwQY
MBaAFC31iqUmyB4ywblZv8rfCMGa3EEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGZXS3BTYklIakxCdVZtX3l0OEl3WnJjUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8yYzhjYzgtMGZlMi00OTFlLWFkODkt
N2U4Yjk3NTI4YjFjLzEvZ3Mxb3FiWTZ5UXk3ekFGRmxkWEtZVUNJLXdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8yYzhjYzgtMGZlMi00OTFlLWFkODktN2U4Yjk3NTI4YjFj
LzEvTGZXS3BTYklIakxCdVZtX3l0OEl3WnJjUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwf7QMA0G
CSqGSIb3DQEBCwUAA4IBAQBTwXHvPaZ8dj2D/h8+x5tVPSKfTgvxgpH5mOT0/Eq6
lgs1vc40sNHMb3o4Chnz3vReZp31UBsyYENUebh0/bRGpYrOaMvgRv3wE/OVldp3
H3pI4tNBWyzClJRxFpwIjBlX4c0dqH2OtLdWTt5dH0AodhSXLhiOmd6dRtEFCy95
f8otbVTOz+0Zf9wGSNc87C79qRIZpw0Ybnh/2qFHziptgJ3eZhVFr2fyuOQhD19L
JRiEjjO5cuqpxSz/uqCR2oFiK1DcLBj15ZBADgtcNnJZhO8NMnamKNX3GJk4/zdw
3xygeQwjZnpu5GXxY4yodQo6qlVn4H63J5sN5eCQ+gDd
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:44:12 2025 by rpki-client