Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/od_NfkWMgnzZGkwU7wJ-RgWOeM4.roa
File: od_NfkWMgnzZGkwU7wJ-RgWOeM4.roa (raw, json)
Hash identifier: OZscsQ8cir5jkIZyLY0FUkHozKmgjWJmCvTcbzJzQOg=
Subject key identifier: A1:DF:CD:7E:45:8C:82:7C:D9:1A:4C:14:EF:02:7E:46:05:8E:78:CE
Certificate issuer: /CN=621310302018a387c692146a35efd33a6ed6b1ef
Certificate serial: 019427B599CE9166C393D73CD4D452281C1B
Authority key identifier: 62:13:10:30:20:18:A3:87:C6:92:14:6A:35:EF:D3:3A:6E:D6:B1:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YhMQMCAYo4fGkhRqNe_TOm7Wse8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/od_NfkWMgnzZGkwU7wJ-RgWOeM4.roa
Signing time: Thu 02 Jan 2025 15:50:00 +0000
ROA not before: Thu 02 Jan 2025 15:50:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197099
IP address blocks: 193.7.192.0/24 maxlen: 24
193.7.193.0/24 maxlen: 24
193.7.194.0/24 maxlen: 24
2a0d:be00::/29 maxlen: 29
2a0d:d340::/29 maxlen: 29
2a10:fd40::/29 maxlen: 29
2a11:a000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/YhMQMCAYo4fGkhRqNe_TOm7Wse8.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/YhMQMCAYo4fGkhRqNe_TOm7Wse8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YhMQMCAYo4fGkhRqNe_TOm7Wse8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:99:ce:91:66:c3:93:d7:3c:d4:d4:52:28:1c:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=621310302018a387c692146a35efd33a6ed6b1ef
Validity
Not Before: Jan 2 15:50:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1dfcd7e458c827cd91a4c14ef027e46058e78ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:0e:80:db:01:bb:58:ec:20:41:ce:bf:49:10:
14:bf:6a:df:87:a4:51:0a:5e:b0:a6:fe:89:0c:99:
8c:15:33:e8:81:9e:f5:65:bd:57:3c:7c:e3:a0:4a:
4b:c8:ea:b1:c1:ff:dc:13:bc:a9:9f:e4:50:27:40:
59:d6:42:14:e8:ef:17:fa:98:0c:0b:5f:ee:0b:79:
b1:89:40:c1:38:9a:64:b0:86:92:69:76:31:2f:fa:
c9:40:a3:c4:a7:51:65:dc:3b:a0:c8:27:aa:13:e4:
e8:12:c0:85:84:b8:46:d7:be:a0:a0:13:de:34:d8:
8c:9f:4a:38:7d:b2:c4:71:d5:bf:dd:93:f0:b8:8c:
c5:38:b5:5c:2e:e3:be:ff:67:92:de:63:48:34:8c:
d0:d6:f6:dc:90:0c:24:c8:1a:b1:a6:cd:38:f1:d4:
98:b6:82:f9:e5:ea:2e:96:30:11:9d:e2:f6:1d:13:
66:9f:4d:c0:eb:9b:1e:c0:a9:7d:26:ab:14:ac:3b:
8b:16:8c:5f:e6:b6:a6:8a:95:54:00:64:64:2f:4f:
cd:3d:fb:09:5d:9b:ac:d1:98:28:56:07:65:23:3a:
dd:e3:8b:73:39:78:7b:10:15:21:3b:44:c7:d8:27:
ce:38:34:b8:7a:b8:ab:9b:b2:a9:ef:c9:16:8d:f5:
92:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:DF:CD:7E:45:8C:82:7C:D9:1A:4C:14:EF:02:7E:46:05:8E:78:CE
X509v3 Authority Key Identifier:
keyid:62:13:10:30:20:18:A3:87:C6:92:14:6A:35:EF:D3:3A:6E:D6:B1:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YhMQMCAYo4fGkhRqNe_TOm7Wse8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/od_NfkWMgnzZGkwU7wJ-RgWOeM4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/f58ac8-53e9-4ca6-acb2-be57d7dfa0de/1/YhMQMCAYo4fGkhRqNe_TOm7Wse8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.7.192.0-193.7.194.255
IPv6:
2a0d:be00::/29
2a0d:d340::/29
2a10:fd40::/29
2a11:a000::/29
Signature Algorithm: sha256WithRSAEncryption
39:5e:d9:ce:37:44:a9:cc:cc:ed:07:fd:e7:57:cf:84:00:52:
de:68:04:60:8f:a5:12:e2:0c:18:c2:c3:5b:ef:a8:00:a3:59:
e8:2b:8e:c6:c5:fc:96:d2:9e:8a:27:3e:7f:22:ef:35:18:ea:
9c:66:b4:4e:00:99:c4:8e:67:68:17:a7:38:d7:71:a9:91:c6:
4c:d2:22:aa:78:20:dd:70:83:c6:d4:29:2e:ef:33:f6:28:6e:
bc:1f:0a:ba:33:97:b7:3a:18:5f:84:f9:65:da:2d:c4:df:20:
e1:8a:a3:d5:3b:7d:92:76:23:71:28:69:36:8c:2e:fa:a6:8e:
da:3c:3a:b3:f3:20:c2:86:25:c7:93:16:c2:6c:5e:82:40:0b:
b6:bb:2e:6b:ad:dd:b4:0f:0e:66:ca:8f:71:85:87:d3:b4:87:
ab:86:87:e0:73:70:68:4f:b9:ae:ee:ca:cd:e1:ad:d2:1f:d1:
56:a9:7a:97:97:32:c7:51:32:7f:bc:5f:c4:ea:80:e5:94:6e:
b5:a6:f1:e0:a6:15:2c:ef:b6:ec:35:97:c2:e7:6f:45:3c:f0:
62:be:a7:9d:a0:46:52:14:72:96:59:99:78:24:5b:71:6c:c5:
20:ca:55:de:ce:e1:9e:9e:93:b9:93:f1:dd:e9:45:fe:98:1e:
63:36:2e:e7
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQntZnOkWbDk9c81NRSKBwbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMTMxMDMwMjAxOGEzODdjNjkyMTQ2YTM1ZWZkMzNhNmVk
NmIxZWYwHhcNMjUwMTAyMTU1MDAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWRmY2Q3ZTQ1OGM4MjdjZDkxYTRjMTRlZjAyN2U0NjA1OGU3OGNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyg6A2wG7WOwgQc6/SRAUv2rfh6RR
Cl6wpv6JDJmMFTPogZ71Zb1XPHzjoEpLyOqxwf/cE7ypn+RQJ0BZ1kIU6O8X+pgM
C1/uC3mxiUDBOJpksIaSaXYxL/rJQKPEp1Fl3DugyCeqE+ToEsCFhLhG176goBPe
NNiMn0o4fbLEcdW/3ZPwuIzFOLVcLuO+/2eS3mNINIzQ1vbckAwkyBqxps048dSY
toL55eouljARneL2HRNmn03A65sewKl9JqsUrDuLFoxf5ramipVUAGRkL0/NPfsJ
XZus0ZgoVgdlIzrd44tzOXh7EBUhO0TH2CfOODS4erirm7Kp78kWjfWSMQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFKHfzX5FjIJ82RpMFO8CfkYFjnjOMB8GA1UdIwQY
MBaAFGITEDAgGKOHxpIUajXv0zpu1rHvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWhNUU1DQVlvNGZHa2hScU5lX1RPbTdXc2U4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9mNThhYzgtNTNlOS00Y2E2LWFjYjIt
YmU1N2Q3ZGZhMGRlLzEvb2RfTmZrV01nbnpaR2t3VTd3Si1SZ1dPZU00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9mNThhYzgtNTNlOS00Y2E2LWFjYjItYmU1N2Q3ZGZhMGRl
LzEvWWhNUU1DQVlvNGZHa2hScU5lX1RPbTdXc2U4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAUBAIAATAOMAwDBAbBB8AD
BADBB8IwIgQCAAIwHAMFAyoNvgADBQMqDdNAAwUDKhD9QAMFAyoRoAAwDQYJKoZI
hvcNAQELBQADggEBADle2c43RKnMzO0H/edXz4QAUt5oBGCPpRLiDBjCw1vvqACj
WegrjsbF/JbSnoonPn8i7zUY6pxmtE4AmcSOZ2gXpzjXcamRxkzSIqp4IN1wg8bU
KS7vM/YobrwfCrozl7c6GF+E+WXaLcTfIOGKo9U7fZJ2I3EoaTaMLvqmjto8OrPz
IMKGJceTFsJsXoJAC7a7Lmut3bQPDmbKj3GFh9O0h6uGh+BzcGhPua7uys3hrdIf
0VapepeXMsdRMn+8X8TqgOWUbrWm8eCmFSzvtuw1l8Lnb0U88GK+p52gRlIUcpZZ
mXgkW3FsxSDKVd7O4Z6ek7mT8d3pRf6YHmM2Luc=
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:49:56 2025 by rpki-client