Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/5d5cc5-9d98-415a-ab0e-aa1481f0c13a/1/10dbqOUOvVuKoTWafBjt03DE0Qw.roa
File: 10dbqOUOvVuKoTWafBjt03DE0Qw.roa (raw, json)
Hash identifier: cxWEqG0wt13cPTAyeByutwzDKmaqlNHphprwcMgm8aI=
Subject key identifier: D7:47:5B:A8:E5:0E:BD:5B:8A:A1:35:9A:7C:18:ED:D3:70:C4:D1:0C
Certificate issuer: /CN=66d8a84f0e8cf755137a9680ebcc4fccd20a34b2
Certificate serial: 018CC424EAA364DEBCA0906D162F0AEB1EA4
Authority key identifier: 66:D8:A8:4F:0E:8C:F7:55:13:7A:96:80:EB:CC:4F:CC:D2:0A:34:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZtioTw6M91UTepaA68xPzNIKNLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/5d5cc5-9d98-415a-ab0e-aa1481f0c13a/1/10dbqOUOvVuKoTWafBjt03DE0Qw.roa
Signing time: Mon 01 Jan 2024 08:30:02 +0000
ROA not before: Mon 01 Jan 2024 08:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31463
IP address blocks: 195.246.200.0/22 maxlen: 24
2a0d:12c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/5d5cc5-9d98-415a-ab0e-aa1481f0c13a/1/ZtioTw6M91UTepaA68xPzNIKNLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/5d5cc5-9d98-415a-ab0e-aa1481f0c13a/1/ZtioTw6M91UTepaA68xPzNIKNLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZtioTw6M91UTepaA68xPzNIKNLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:ea:a3:64:de:bc:a0:90:6d:16:2f:0a:eb:1e:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66d8a84f0e8cf755137a9680ebcc4fccd20a34b2
Validity
Not Before: Jan 1 08:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d7475ba8e50ebd5b8aa1359a7c18edd370c4d10c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:af:b7:5f:d1:85:8b:b8:1f:c5:3f:dc:07:5b:
87:96:66:e6:d7:62:a0:fb:28:1e:31:44:b5:2b:31:
0a:3a:58:20:16:ec:d5:3a:f0:dc:90:aa:c5:6d:c2:
85:80:dc:ff:cd:51:e2:f9:d2:a1:8e:4f:6e:3a:4a:
00:2b:78:00:87:c2:94:76:f4:91:83:79:0a:95:b8:
6e:2e:6a:12:fe:60:eb:7e:26:4e:15:64:19:a4:c2:
a9:8e:a9:ff:66:e0:da:2d:cd:86:d1:93:98:90:0d:
85:02:55:5b:13:2e:2d:0d:b5:3d:17:87:4c:0c:80:
b5:a1:d4:7e:0b:9f:b3:6a:a1:4d:73:0d:fb:8b:66:
d7:af:55:61:29:4e:a0:64:bd:cc:25:4c:f2:0f:4f:
66:0f:ec:a6:a9:dd:32:c3:e5:e9:cb:ec:af:9b:df:
75:2a:91:41:bc:28:86:16:18:f2:02:16:3f:aa:e5:
40:48:3f:b8:f5:2a:43:d9:7e:40:18:87:7c:2c:64:
c0:91:dd:33:35:71:df:1d:67:53:c7:f7:29:38:ae:
e3:91:24:66:3e:0a:15:66:b0:9d:bc:4b:83:89:84:
d9:84:83:d6:92:a7:ee:3c:5d:6e:98:66:5f:80:93:
81:6f:06:38:02:b5:4d:20:58:ef:1f:37:fd:9f:ef:
e8:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:47:5B:A8:E5:0E:BD:5B:8A:A1:35:9A:7C:18:ED:D3:70:C4:D1:0C
X509v3 Authority Key Identifier:
keyid:66:D8:A8:4F:0E:8C:F7:55:13:7A:96:80:EB:CC:4F:CC:D2:0A:34:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZtioTw6M91UTepaA68xPzNIKNLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/5d5cc5-9d98-415a-ab0e-aa1481f0c13a/1/10dbqOUOvVuKoTWafBjt03DE0Qw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/5d5cc5-9d98-415a-ab0e-aa1481f0c13a/1/ZtioTw6M91UTepaA68xPzNIKNLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.246.200.0/22
IPv6:
2a0d:12c0::/32
Signature Algorithm: sha256WithRSAEncryption
47:27:b1:1e:97:69:79:57:f1:59:88:25:60:5b:90:55:68:0e:
19:6f:4f:06:e2:2c:c1:c4:f5:ec:14:3f:ca:5e:a3:5a:e9:9b:
6b:e1:28:86:d3:0d:7c:16:4b:44:a6:26:8b:39:71:20:27:1d:
d1:e3:4f:96:fb:2f:de:4f:c8:fe:b9:66:7c:af:0c:2c:4b:1a:
ce:79:72:21:8f:97:f3:90:de:56:6c:78:eb:d6:ce:2f:88:7b:
6c:c6:d7:8b:b6:2f:90:e3:57:f8:17:11:16:80:8f:d2:dc:7b:
06:14:8a:ce:1b:1f:2a:6c:e5:48:8f:8e:61:aa:50:69:31:1f:
b9:39:23:28:0b:f7:f6:50:85:50:94:94:67:48:40:3c:b5:91:
a8:ec:c4:45:c6:3d:7c:8e:68:b6:e2:77:f2:c4:5d:90:34:69:
33:40:1d:b6:ce:85:32:68:3e:c6:0c:93:be:25:fe:b3:00:1e:
10:b9:e0:6b:8a:05:a2:fc:50:2a:a3:1e:22:79:f6:e6:b1:bc:
87:0b:31:ec:f4:73:94:ac:9b:63:5a:49:75:a8:37:ab:bd:e1:
de:db:ce:bf:d4:6c:c6:31:be:ec:88:03:5e:b6:21:3f:ca:1c:
4e:aa:73:d3:7c:f7:35:12:bc:76:ba:60:a8:2a:62:b8:8b:e2:
19:0c:43:22
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJOqjZN68oJBtFi8K6x6kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZDhhODRmMGU4Y2Y3NTUxMzdhOTY4MGViY2M0ZmNjZDIw
YTM0YjIwHhcNMjQwMTAxMDgzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzQ3NWJhOGU1MGViZDViOGFhMTM1OWE3YzE4ZWRkMzcwYzRkMTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa+3X9GFi7gfxT/cB1uHlmbm12Kg
+ygeMUS1KzEKOlggFuzVOvDckKrFbcKFgNz/zVHi+dKhjk9uOkoAK3gAh8KUdvSR
g3kKlbhuLmoS/mDrfiZOFWQZpMKpjqn/ZuDaLc2G0ZOYkA2FAlVbEy4tDbU9F4dM
DIC1odR+C5+zaqFNcw37i2bXr1VhKU6gZL3MJUzyD09mD+ymqd0yw+Xpy+yvm991
KpFBvCiGFhjyAhY/quVASD+49SpD2X5AGId8LGTAkd0zNXHfHWdTx/cpOK7jkSRm
PgoVZrCdvEuDiYTZhIPWkqfuPF1umGZfgJOBbwY4ArVNIFjvHzf9n+/ocwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNdHW6jlDr1biqE1mnwY7dNwxNEMMB8GA1UdIwQY
MBaAFGbYqE8OjPdVE3qWgOvMT8zSCjSyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnRpb1R3Nk05MVVUZXBhQTY4eFB6TklLTkxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81ZDVjYzUtOWQ5OC00MTVhLWFiMGUt
YWExNDgxZjBjMTNhLzEvMTBkYnFPVU92VnVLb1RXYWZCanQwM0RFMFF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81ZDVjYzUtOWQ5OC00MTVhLWFiMGUtYWExNDgxZjBjMTNh
LzEvWnRpb1R3Nk05MVVUZXBhQTY4eFB6TklLTkxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCw/bIMA0E
AgACMAcDBQAqDRLAMA0GCSqGSIb3DQEBCwUAA4IBAQBHJ7Eel2l5V/FZiCVgW5BV
aA4Zb08G4izBxPXsFD/KXqNa6Ztr4SiG0w18FktEpiaLOXEgJx3R40+W+y/eT8j+
uWZ8rwwsSxrOeXIhj5fzkN5WbHjr1s4viHtsxteLti+Q41f4FxEWgI/S3HsGFIrO
Gx8qbOVIj45hqlBpMR+5OSMoC/f2UIVQlJRnSEA8tZGo7MRFxj18jmi24nfyxF2Q
NGkzQB22zoUyaD7GDJO+Jf6zAB4QueBrigWi/FAqox4iefbmsbyHCzHs9HOUrJtj
Wkl1qDerveHe286/1GzGMb7siANetiE/yhxOqnPTfPc1Erx2umCoKmK4i+IZDEMi
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:41 2024 by rpki-client on console-fra.rpki-client.org