Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/d0OziBiaSaqujGGg39NmZm8WAQc.roa
File: d0OziBiaSaqujGGg39NmZm8WAQc.roa (raw, json)
Hash identifier: wPE4wVxV1u8jFuZvEhRcVJN0ZIEnlAfJeb7rkOgWfjo=
Subject key identifier: 77:43:B3:88:18:9A:49:AA:AE:8C:61:A0:DF:D3:66:66:6F:16:01:07
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 01941F8C5777D4A16566771FEE18553C9C6B
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/d0OziBiaSaqujGGg39NmZm8WAQc.roa
Signing time: Wed 01 Jan 2025 01:47:58 +0000
ROA not before: Wed 01 Jan 2025 01:47:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25408
IP address blocks: 37.112.248.0/21 maxlen: 24
88.204.96.0/23 maxlen: 23
185.42.80.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:57:77:d4:a1:65:66:77:1f:ee:18:55:3c:9c:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 1 01:47:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7743b388189a49aaae8c61a0dfd366666f160107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:82:8f:5a:cb:64:86:23:20:ee:f4:d3:8f:18:
2a:17:70:d6:6a:e0:aa:48:6e:de:e7:04:4d:4a:95:
c3:86:e1:3c:e6:7f:2b:58:be:13:48:51:0f:59:39:
48:5f:25:b7:86:b2:13:72:e0:b2:ee:44:02:e9:06:
e0:db:7e:7e:d6:08:39:29:dd:ae:96:c9:07:1d:ce:
05:e5:4a:3b:99:95:50:20:28:19:2c:ef:dc:80:9a:
4c:93:c3:12:6b:f8:a1:ed:84:3d:48:25:ef:93:f7:
c3:03:9d:f1:aa:cd:09:29:33:ce:fc:78:36:81:30:
87:05:67:77:f7:11:da:24:f5:0c:21:ba:0b:31:ea:
7d:53:f9:47:1c:a1:17:a1:7e:58:d6:24:d8:7d:63:
57:df:51:46:1b:3e:2f:e6:7d:99:ac:1b:f4:ea:af:
7a:6a:1a:82:ab:77:50:65:4c:cc:ff:24:a8:27:b6:
cc:35:07:b2:14:94:22:e7:ea:1f:86:02:77:46:f0:
f7:a5:ed:a4:bc:44:cf:1d:2c:37:91:7a:ff:49:66:
29:75:c3:c9:5a:b4:aa:27:b6:a0:ae:fc:3b:ea:a1:
a7:fa:3e:40:45:f7:00:5b:40:60:19:5f:9d:bf:12:
cc:3e:8d:ca:8c:b7:1c:69:94:8a:89:08:21:19:9f:
c6:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:43:B3:88:18:9A:49:AA:AE:8C:61:A0:DF:D3:66:66:6F:16:01:07
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/d0OziBiaSaqujGGg39NmZm8WAQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.112.248.0/21
88.204.96.0/23
185.42.80.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:bb:4d:ba:fa:79:65:14:7a:b9:90:39:49:5b:fa:7e:84:66:
19:36:7e:b4:60:6d:75:df:b8:1f:82:05:fd:9f:22:69:cc:eb:
56:35:54:73:a1:4a:36:61:25:b8:68:26:f2:24:7b:38:cd:95:
9a:c5:5c:18:f5:f2:75:94:6f:14:c2:8f:22:9a:71:84:1e:9d:
6b:08:f5:6e:d3:e5:e1:c4:30:fc:3f:bd:03:27:77:6a:bd:dc:
97:c9:e8:f1:c6:0c:51:32:a9:65:ac:71:76:ed:e0:73:76:96:
22:33:43:d5:16:00:c6:04:53:0d:37:aa:67:1b:93:0b:6f:34:
63:b9:f3:be:08:c2:f7:9e:35:13:c1:d5:de:20:55:8e:94:4d:
a7:e5:ae:2a:6f:b4:6e:86:f1:83:aa:a7:77:be:f8:ae:a8:c4:
99:97:d2:60:f0:8a:0e:9b:cc:db:56:e7:9b:51:c7:13:20:2d:
48:b2:66:df:ed:2a:f2:a6:c5:95:92:b2:46:29:28:d3:8d:77:
67:1c:f1:d5:de:e0:15:15:f3:86:f3:fb:35:89:22:e1:f9:d5:
d7:38:5a:6d:1e:64:43:db:7d:1e:53:32:9d:05:50:7f:b0:e3:
19:62:44:86:d3:a8:c7:15:82:23:bd:1e:81:93:33:56:6d:c6:
16:5d:34:0a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQfjFd31KFlZncf7hhVPJxrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTAxMDE0NzU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzQzYjM4ODE4OWE0OWFhYWU4YzYxYTBkZmQzNjY2NjZmMTYwMTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIKPWstkhiMg7vTTjxgqF3DWauCq
SG7e5wRNSpXDhuE85n8rWL4TSFEPWTlIXyW3hrITcuCy7kQC6Qbg235+1gg5Kd2u
lskHHc4F5Uo7mZVQICgZLO/cgJpMk8MSa/ih7YQ9SCXvk/fDA53xqs0JKTPO/Hg2
gTCHBWd39xHaJPUMIboLMep9U/lHHKEXoX5Y1iTYfWNX31FGGz4v5n2ZrBv06q96
ahqCq3dQZUzM/ySoJ7bMNQeyFJQi5+ofhgJ3RvD3pe2kvETPHSw3kXr/SWYpdcPJ
WrSqJ7agrvw76qGn+j5ARfcAW0BgGV+dvxLMPo3KjLccaZSKiQghGZ/GMwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHdDs4gYmkmqroxhoN/TZmZvFgEHMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvZDBPemlCaWFTYXF1akdHZzM5Tm1abThXQVFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDJXD4AwQB
WMxgAwQCuSpQMA0GCSqGSIb3DQEBCwUAA4IBAQBNu026+nllFHq5kDlJW/p+hGYZ
Nn60YG1137gfggX9nyJpzOtWNVRzoUo2YSW4aCbyJHs4zZWaxVwY9fJ1lG8Uwo8i
mnGEHp1rCPVu0+XhxDD8P70DJ3dqvdyXyejxxgxRMqllrHF27eBzdpYiM0PVFgDG
BFMNN6pnG5MLbzRjufO+CML3njUTwdXeIFWOlE2n5a4qb7RuhvGDqqd3vviuqMSZ
l9Jg8IoOm8zbVuebUccTIC1Ismbf7SrypsWVkrJGKSjTjXdnHPHV3uAVFfOG8/s1
iSLh+dXXOFptHmRD230eUzKdBVB/sOMZYkSG06jHFYIjvR6BkzNWbcYWXTQK
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:46 2025 by rpki-client