Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/p0GYzovoibRpIcNL4x5zm5sbcEM.roa
File: p0GYzovoibRpIcNL4x5zm5sbcEM.roa (raw, json)
Hash identifier: La9kggZVzZnTCmHjgvtIBc9XIxyweBnCuqu6zwbucBc=
Subject key identifier: A7:41:98:CE:8B:E8:89:B4:69:21:C3:4B:E3:1E:73:9B:9B:1B:70:43
Certificate issuer: /CN=9854bd8a863a31895cc6cb922f3008b3f08aadae
Certificate serial: 018CC7257F066A2EFB53AD6BE4E6B8459F86
Authority key identifier: 98:54:BD:8A:86:3A:31:89:5C:C6:CB:92:2F:30:08:B3:F0:8A:AD:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/p0GYzovoibRpIcNL4x5zm5sbcEM.roa
Signing time: Mon 01 Jan 2024 22:29:32 +0000
ROA not before: Mon 01 Jan 2024 22:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31662
IP address blocks: 193.186.252.0/24 maxlen: 24
2001:67c:934::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:7f:06:6a:2e:fb:53:ad:6b:e4:e6:b8:45:9f:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9854bd8a863a31895cc6cb922f3008b3f08aadae
Validity
Not Before: Jan 1 22:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a74198ce8be889b46921c34be31e739b9b1b7043
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2e:01:18:c5:f3:55:1b:8d:19:91:2b:11:09:
4a:0e:0a:8b:67:3d:fa:0a:22:b9:5f:77:33:e7:29:
f8:d8:c4:fb:8f:d2:6f:2c:92:09:f1:3e:ba:3a:df:
a8:0d:45:0f:7a:5c:63:4d:89:45:35:99:f2:cb:07:
2b:2a:d2:fc:93:8e:15:8f:6e:51:0b:2b:fb:04:0a:
99:20:c4:9d:2e:7e:13:84:73:34:29:a2:6f:56:f4:
1f:88:42:1a:8d:f5:1a:17:45:67:3d:ef:b7:88:de:
3f:bc:bb:27:1e:f3:70:b0:3d:65:50:fd:52:54:c5:
31:cb:71:6a:4a:e1:2d:db:03:eb:fb:0e:44:a3:5c:
83:cb:96:04:68:18:11:48:5c:dc:ac:c6:fa:6a:5e:
66:ac:2f:ed:5b:f0:8f:62:b3:44:0a:9f:9c:28:67:
67:58:23:89:b5:b3:af:68:3f:fc:62:e4:fc:4b:43:
e7:f4:2a:6b:98:5e:6f:18:77:8d:b4:09:d2:17:69:
4e:ad:cb:20:52:cb:c0:5c:ae:44:84:e6:7c:26:5a:
87:ad:bb:f9:bb:a0:03:5b:57:db:bf:8a:6b:62:ad:
69:9c:f2:15:e5:00:e3:dd:42:bc:9f:c8:50:ab:f5:
59:ef:b2:5b:67:a6:2c:72:31:c3:f7:57:67:e1:68:
d5:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:41:98:CE:8B:E8:89:B4:69:21:C3:4B:E3:1E:73:9B:9B:1B:70:43
X509v3 Authority Key Identifier:
keyid:98:54:BD:8A:86:3A:31:89:5C:C6:CB:92:2F:30:08:B3:F0:8A:AD:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/p0GYzovoibRpIcNL4x5zm5sbcEM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.186.252.0/24
IPv6:
2001:67c:934::/48
Signature Algorithm: sha256WithRSAEncryption
6f:8c:bd:8f:2f:37:30:ba:2b:4d:12:5e:37:79:e6:67:ae:bf:
6b:21:94:fb:1b:47:86:0a:5d:15:a2:b7:ca:2a:85:dc:4c:ad:
4d:77:00:a6:9d:23:06:59:50:3e:02:c5:2b:87:94:59:52:be:
da:ac:a2:a1:ef:df:e7:f5:2a:7d:4e:bd:4c:cb:b2:e0:23:2d:
d7:a8:0e:22:3b:a6:be:e4:6b:74:2a:8a:a6:b7:76:f3:ba:e9:
99:0d:e0:f8:c2:6a:53:7c:92:62:c9:06:7a:b3:de:1d:5f:88:
f8:b5:b5:d8:81:e0:46:19:7e:63:3b:92:e6:a1:15:18:89:14:
58:38:2f:d1:a1:37:70:e3:88:2e:70:0e:10:54:49:3b:f6:94:
86:6a:8d:5d:1c:66:d8:40:be:0c:79:9c:b4:10:93:2e:0e:15:
fc:cd:9d:a3:6a:15:68:e9:63:0b:57:f8:70:1e:5e:aa:8b:1f:
51:dc:dc:19:dd:94:b7:14:2a:df:06:96:c6:68:b6:db:fa:b1:
30:c3:23:40:4a:00:e0:c8:7e:48:4d:82:aa:9d:5a:89:31:42:
17:47:5d:f4:73:5b:65:4b:48:d9:66:5c:57:9c:f8:16:34:7a:
cc:9b:29:78:51:07:bf:6a:54:bb:61:64:c1:85:ff:a9:4a:e5:
9a:cf:af:5d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHJX8Gai77U61r5Oa4RZ+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NTRiZDhhODYzYTMxODk1Y2M2Y2I5MjJmMzAwOGIzZjA4
YWFkYWUwHhcNMjQwMTAxMjIyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzQxOThjZThiZTg4OWI0NjkyMWMzNGJlMzFlNzM5YjliMWI3MDQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhC4BGMXzVRuNGZErEQlKDgqLZz36
CiK5X3cz5yn42MT7j9JvLJIJ8T66Ot+oDUUPelxjTYlFNZnyywcrKtL8k44Vj25R
Cyv7BAqZIMSdLn4ThHM0KaJvVvQfiEIajfUaF0VnPe+3iN4/vLsnHvNwsD1lUP1S
VMUxy3FqSuEt2wPr+w5Eo1yDy5YEaBgRSFzcrMb6al5mrC/tW/CPYrNECp+cKGdn
WCOJtbOvaD/8YuT8S0Pn9CprmF5vGHeNtAnSF2lOrcsgUsvAXK5EhOZ8JlqHrbv5
u6ADW1fbv4prYq1pnPIV5QDj3UK8n8hQq/VZ77JbZ6YscjHD91dn4WjV0wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKdBmM6L6Im0aSHDS+Mec5ubG3BDMB8GA1UdIwQY
MBaAFJhUvYqGOjGJXMbLki8wCLPwiq2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZTOWlvWTZNWWxjeHN1U0x6QUlzX0NLcmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yZWQxMGMtMDRiMC00ODY2LTliODIt
YzUyMmI3NGRkY2ZkLzEvcDBHWXpvdm9pYlJwSWNOTDR4NXptNXNiY0VNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yZWQxMGMtMDRiMC00ODY2LTliODItYzUyMmI3NGRkY2Zk
LzEvbUZTOWlvWTZNWWxjeHN1U0x6QUlzX0NLcmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwbr8MA8E
AgACMAkDBwAgAQZ8CTQwDQYJKoZIhvcNAQELBQADggEBAG+MvY8vNzC6K00SXjd5
5meuv2shlPsbR4YKXRWit8oqhdxMrU13AKadIwZZUD4CxSuHlFlSvtqsoqHv3+f1
Kn1OvUzLsuAjLdeoDiI7pr7ka3Qqiqa3dvO66ZkN4PjCalN8kmLJBnqz3h1fiPi1
tdiB4EYZfmM7kuahFRiJFFg4L9GhN3DjiC5wDhBUSTv2lIZqjV0cZthAvgx5nLQQ
ky4OFfzNnaNqFWjpYwtX+HAeXqqLH1Hc3BndlLcUKt8GlsZottv6sTDDI0BKAODI
fkhNgqqdWokxQhdHXfRzW2VLSNlmXFec+BY0esybKXhRB79qVLthZMGF/6lK5ZrP
r10=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:37:34 2024 by rpki-client on console-fra.rpki-client.org