Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/oqKseJNiM_WhBx3cMC2YR7hpDkY.roa
File: oqKseJNiM_WhBx3cMC2YR7hpDkY.roa (raw, json)
Hash identifier: fE3Mag3TKDtsBVrOh9kMVG0XwXeo4JEcnpQrFuM1EMw=
Subject key identifier: A2:A2:AC:78:93:62:33:F5:A1:07:1D:DC:30:2D:98:47:B8:69:0E:46
Certificate issuer: /CN=046ca7b604ec08f6f54b0e748906547dd375674d
Certificate serial: 018CC79451231B30AE51EDC990F08FB548B1
Authority key identifier: 04:6C:A7:B6:04:EC:08:F6:F5:4B:0E:74:89:06:54:7D:D3:75:67:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGyntgTsCPb1Sw50iQZUfdN1Z00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/oqKseJNiM_WhBx3cMC2YR7hpDkY.roa
Signing time: Tue 02 Jan 2024 00:30:35 +0000
ROA not before: Tue 02 Jan 2024 00:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39686
IP address blocks: 193.202.96.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/BGyntgTsCPb1Sw50iQZUfdN1Z00.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/BGyntgTsCPb1Sw50iQZUfdN1Z00.mft
rsync://rpki.ripe.net/repository/DEFAULT/BGyntgTsCPb1Sw50iQZUfdN1Z00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:51:23:1b:30:ae:51:ed:c9:90:f0:8f:b5:48:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=046ca7b604ec08f6f54b0e748906547dd375674d
Validity
Not Before: Jan 2 00:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2a2ac78936233f5a1071ddc302d9847b8690e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d6:1a:ea:bd:ae:d8:87:ed:c8:3a:07:79:57:
77:be:11:2d:45:68:e2:ce:4a:da:ca:ec:25:74:24:
f2:13:a2:ef:18:34:90:d6:86:8d:44:a0:53:bd:73:
d5:b7:9c:80:f8:bc:db:20:61:24:d7:84:11:51:3c:
fd:37:f9:f1:f5:14:7f:29:f4:39:32:98:24:d5:9b:
c3:4e:b9:90:b3:65:c5:48:af:69:46:fa:16:68:a3:
5e:e6:d2:f0:ad:7e:8e:34:fa:d9:a0:52:a0:da:d4:
e0:ef:11:c4:e4:d4:44:8e:71:de:b2:30:70:a7:33:
66:9d:2f:56:05:eb:f9:58:a2:82:8f:09:d9:fc:19:
1f:3c:68:34:07:30:9b:84:f6:dd:a3:ad:a8:39:05:
70:7b:e6:51:05:f6:ab:5a:b4:4b:ae:01:5c:9f:74:
21:f1:a7:e2:f9:5d:9b:15:b9:15:a2:82:13:53:f7:
11:44:39:11:22:4f:d8:7e:79:52:21:3e:4d:f3:d9:
b9:44:ce:3c:c7:8d:30:0b:33:44:6a:92:65:ff:77:
7f:3f:00:56:72:e3:03:1b:e8:2e:0f:94:d8:7e:51:
a1:06:9e:40:67:eb:88:23:29:05:43:05:65:53:46:
da:07:ca:d1:4a:11:92:4c:31:09:0a:74:73:1d:10:
4a:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:A2:AC:78:93:62:33:F5:A1:07:1D:DC:30:2D:98:47:B8:69:0E:46
X509v3 Authority Key Identifier:
keyid:04:6C:A7:B6:04:EC:08:F6:F5:4B:0E:74:89:06:54:7D:D3:75:67:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGyntgTsCPb1Sw50iQZUfdN1Z00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/oqKseJNiM_WhBx3cMC2YR7hpDkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/392ea5-9ca8-4b0f-9388-093961d38c86/1/BGyntgTsCPb1Sw50iQZUfdN1Z00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.96.0/21
Signature Algorithm: sha256WithRSAEncryption
62:b0:38:ec:d8:bc:dd:73:0b:9d:45:57:d9:86:29:00:50:79:
b7:62:66:87:91:a7:ea:33:e9:5a:da:bd:44:c3:7e:b0:eb:e4:
09:9c:5f:58:1b:44:e7:b9:8e:95:55:67:bd:1f:a3:c0:e2:85:
72:06:0c:03:24:9b:88:20:a9:d4:4c:ac:ed:20:31:ef:e8:18:
3e:54:6c:b2:ff:1a:13:a2:e0:f3:11:8a:43:e9:c0:12:6a:15:
2f:16:fb:ff:6d:37:ec:bd:53:cf:20:ec:4b:26:f3:4b:4c:3e:
50:eb:8d:99:c6:67:69:83:4f:e3:92:e0:4c:c8:b0:9c:bd:24:
c2:cc:32:0c:1f:c4:d0:52:3e:50:ed:90:b1:b5:b0:15:f8:d6:
8e:9f:b8:02:66:ba:21:e2:b1:f9:81:5e:ab:d8:cf:7b:67:f8:
e4:79:1e:36:e5:90:63:ce:5d:20:8c:ab:a5:4f:ef:79:d5:ac:
98:38:a8:22:50:e2:75:fb:e6:0b:11:bb:5c:3a:97:fc:9e:a4:
8c:88:a6:91:c4:dc:80:be:b7:a6:b5:4f:fb:46:29:01:8e:77:
b4:4d:f9:6e:27:44:5e:21:51:6d:4b:57:8f:31:32:c2:45:04:
ce:b9:ff:4f:c1:3a:a6:c6:c6:96:c9:17:8d:5f:fb:91:50:cc:
60:3d:b4:cc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlFEjGzCuUe3JkPCPtUixMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NmNhN2I2MDRlYzA4ZjZmNTRiMGU3NDg5MDY1NDdkZDM3
NTY3NGQwHhcNMjQwMTAyMDAzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmEyYWM3ODkzNjIzM2Y1YTEwNzFkZGMzMDJkOTg0N2I4NjkwZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNYa6r2u2IftyDoHeVd3vhEtRWji
zkrayuwldCTyE6LvGDSQ1oaNRKBTvXPVt5yA+LzbIGEk14QRUTz9N/nx9RR/KfQ5
Mpgk1ZvDTrmQs2XFSK9pRvoWaKNe5tLwrX6ONPrZoFKg2tTg7xHE5NREjnHesjBw
pzNmnS9WBev5WKKCjwnZ/BkfPGg0BzCbhPbdo62oOQVwe+ZRBfarWrRLrgFcn3Qh
8afi+V2bFbkVooITU/cRRDkRIk/YfnlSIT5N89m5RM48x40wCzNEapJl/3d/PwBW
cuMDG+guD5TYflGhBp5AZ+uIIykFQwVlU0baB8rRShGSTDEJCnRzHRBK0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKKirHiTYjP1oQcd3DAtmEe4aQ5GMB8GA1UdIwQY
MBaAFARsp7YE7Aj29UsOdIkGVH3TdWdNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkd5bnRnVHNDUGIxU3c1MGlRWlVmZE4xWjAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zOTJlYTUtOWNhOC00YjBmLTkzODgt
MDkzOTYxZDM4Yzg2LzEvb3FLc2VKTmlNX1doQngzY01DMllSN2hwRGtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zOTJlYTUtOWNhOC00YjBmLTkzODgtMDkzOTYxZDM4Yzg2
LzEvQkd5bnRnVHNDUGIxU3c1MGlRWlVmZE4xWjAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDwcpgMA0G
CSqGSIb3DQEBCwUAA4IBAQBisDjs2LzdcwudRVfZhikAUHm3YmaHkafqM+la2r1E
w36w6+QJnF9YG0TnuY6VVWe9H6PA4oVyBgwDJJuIIKnUTKztIDHv6Bg+VGyy/xoT
ouDzEYpD6cASahUvFvv/bTfsvVPPIOxLJvNLTD5Q642Zxmdpg0/jkuBMyLCcvSTC
zDIMH8TQUj5Q7ZCxtbAV+NaOn7gCZroh4rH5gV6r2M97Z/jkeR425ZBjzl0gjKul
T+951ayYOKgiUOJ1++YLEbtcOpf8nqSMiKaRxNyAvremtU/7RikBjne0TfluJ0Re
IVFtS1ePMTLCRQTOuf9PwTqmxsaWyReNX/uRUMxgPbTM
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:01:25 2024 by rpki-client on console-ams.rpki-client.org