Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/o9m7H6R95dfX9L09MrhAsNN7cc0.roa
File: o9m7H6R95dfX9L09MrhAsNN7cc0.roa (raw, json)
Hash identifier: TVcYvdG9IZe0rainAVdlMUH5ZqzNYCVSI6t5eZ4+wQk=
Subject key identifier: A3:D9:BB:1F:A4:7D:E5:D7:D7:F4:BD:3D:32:B8:40:B0:D3:7B:71:CD
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 018CC2DB32432D4CE602FAFB792D50584D8C
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/o9m7H6R95dfX9L09MrhAsNN7cc0.roa
Signing time: Mon 01 Jan 2024 02:29:54 +0000
ROA not before: Mon 01 Jan 2024 02:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203025
IP address blocks: 194.50.188.0/23 maxlen: 23
194.50.184.0/23 maxlen: 23
2a09:ef40::/29 maxlen: 29
2a02:c580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:32:43:2d:4c:e6:02:fa:fb:79:2d:50:58:4d:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jan 1 02:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3d9bb1fa47de5d7d7f4bd3d32b840b0d37b71cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:f8:56:3d:48:86:60:eb:bf:77:8d:d4:71:79:
12:6e:5f:3d:e4:ef:24:19:a4:ff:96:52:2a:a5:d0:
f5:05:91:94:7d:34:43:79:e3:56:09:b2:e8:d7:5d:
76:5b:6e:2e:28:6c:40:60:25:6b:12:08:cf:da:92:
89:07:a0:3c:77:77:90:82:b6:e6:20:ae:1c:dc:42:
5f:d7:e0:03:48:ec:01:3a:77:4d:76:0c:df:49:38:
e0:87:b2:b2:16:99:e7:21:96:5f:ae:8f:22:9a:af:
17:7e:7e:5f:04:34:06:31:0c:74:dc:21:21:9f:aa:
aa:de:c2:0b:56:0e:a2:a6:bb:20:ad:71:37:38:0f:
5b:cf:f5:30:27:d1:72:d0:e8:a0:c9:ef:15:97:d6:
10:c6:50:cb:0d:cc:49:68:63:be:58:40:2e:62:bc:
b3:5d:90:13:55:44:40:da:3a:82:0e:e6:17:41:de:
9a:f2:f6:03:ca:b8:6a:ba:cc:f9:81:1f:2c:c1:a5:
bc:e1:dc:26:95:74:72:27:9e:79:f5:c6:3a:f5:f5:
89:83:ee:3d:3a:9d:56:1d:f6:db:ac:1e:03:a8:88:
58:9e:43:e3:fc:e9:ad:e4:df:08:53:7d:88:0c:78:
e5:eb:b4:3f:6b:51:30:2a:68:44:30:4e:dc:55:e0:
7b:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D9:BB:1F:A4:7D:E5:D7:D7:F4:BD:3D:32:B8:40:B0:D3:7B:71:CD
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/o9m7H6R95dfX9L09MrhAsNN7cc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.184.0/23
194.50.188.0/23
IPv6:
2a02:c580::/29
2a09:ef40::/29
Signature Algorithm: sha256WithRSAEncryption
34:00:28:55:62:94:29:28:61:3c:f6:16:3a:a1:fe:75:0d:53:
32:ce:d3:23:fb:15:36:33:c2:cf:7c:d0:05:28:d7:57:0f:0e:
79:e7:47:b8:1d:2b:a2:77:3e:c1:76:af:76:ae:da:80:31:4f:
6b:69:02:4f:be:5e:2a:fe:72:39:28:37:2f:cf:50:78:6c:71:
20:43:dc:66:31:d2:07:79:b8:68:bf:83:ac:c8:c5:e9:aa:7e:
41:1c:a9:bc:76:9d:15:ed:85:cb:50:c0:b0:f1:e0:68:f6:f0:
50:76:e0:55:9f:a6:58:a8:52:3b:8a:62:fb:f4:f0:b2:ca:f1:
40:4f:16:52:b0:e4:3c:d3:7d:de:cf:75:02:ba:b2:aa:25:d6:
f9:04:ec:0e:c2:f5:14:b4:e4:2d:03:27:47:6e:d3:42:fe:18:
60:11:3a:da:db:eb:bb:73:b3:0c:27:49:88:72:b0:22:d4:00:
3b:c9:2b:44:e5:a3:e2:2c:8c:45:c1:40:4d:4e:6e:5c:f4:93:
98:9a:29:b7:aa:1d:04:b9:fc:ce:78:4c:57:4f:87:86:84:6d:
04:2a:ef:2d:aa:95:26:fc:63:e2:17:1b:57:22:76:25:4c:e2:
43:a1:97:a6:eb:c8:bb:30:81:b8:aa:23:67:cf:26:3c:08:f7:
56:a7:68:97
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzC2zJDLUzmAvr7eS1QWE2MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2Q5YmIxZmE0N2RlNWQ3ZDdmNGJkM2QzMmI4NDBiMGQzN2I3MWNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArvhWPUiGYOu/d43UcXkSbl895O8k
GaT/llIqpdD1BZGUfTRDeeNWCbLo1112W24uKGxAYCVrEgjP2pKJB6A8d3eQgrbm
IK4c3EJf1+ADSOwBOndNdgzfSTjgh7KyFpnnIZZfro8imq8Xfn5fBDQGMQx03CEh
n6qq3sILVg6iprsgrXE3OA9bz/UwJ9Fy0Oigye8Vl9YQxlDLDcxJaGO+WEAuYryz
XZATVURA2jqCDuYXQd6a8vYDyrhqusz5gR8swaW84dwmlXRyJ5559cY69fWJg+49
Op1WHfbbrB4DqIhYnkPj/Omt5N8IU32IDHjl67Q/a1EwKmhEME7cVeB7gQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFKPZux+kfeXX1/S9PTK4QLDTe3HNMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvbzltN0g2Ujk1ZGZYOUwwOU1yaEFzTk43Y2MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBwjK4AwQB
wjK8MBQEAgACMA4DBQMqAsWAAwUDKgnvQDANBgkqhkiG9w0BAQsFAAOCAQEANAAo
VWKUKShhPPYWOqH+dQ1TMs7TI/sVNjPCz3zQBSjXVw8OeedHuB0ronc+wXavdq7a
gDFPa2kCT75eKv5yOSg3L89QeGxxIEPcZjHSB3m4aL+DrMjF6ap+QRypvHadFe2F
y1DAsPHgaPbwUHbgVZ+mWKhSO4pi+/TwssrxQE8WUrDkPNN93s91ArqyqiXW+QTs
DsL1FLTkLQMnR27TQv4YYBE62tvru3OzDCdJiHKwItQAO8krROWj4iyMRcFATU5u
XPSTmJopt6odBLn8znhMV0+HhoRtBCrvLaqVJvxj4hcbVyJ2JUziQ6GXpuvIuzCB
uKojZ88mPAj3Vqdolw==
-----END CERTIFICATE-----
Generated at Sat May 4 12:52:36 2024 by rpki-client on console-ams.rpki-client.org