Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/d4ee39-80b4-4239-8c39-051b00f858ed/1/OXOnare6dVM-zLYHWOSVEGQTw18.roa
File: OXOnare6dVM-zLYHWOSVEGQTw18.roa (raw, json)
Hash identifier: dcwy2HRQRShbBLQYZ7Zn1DYc8vKW+hy7H3ObhuzMkSQ=
Subject key identifier: 39:73:A7:6A:B7:BA:75:53:3E:CC:B6:07:58:E4:95:10:64:13:C3:5F
Certificate issuer: /CN=6a26b9e8df5da569854c61af714db303492b62f1
Certificate serial: 0195B37B2FF7BE8D7587E595924D8286B765
Authority key identifier: 6A:26:B9:E8:DF:5D:A5:69:85:4C:61:AF:71:4D:B3:03:49:2B:62:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aia56N9dpWmFTGGvcU2zA0krYvE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/d4ee39-80b4-4239-8c39-051b00f858ed/1/OXOnare6dVM-zLYHWOSVEGQTw18.roa
Signing time: Thu 20 Mar 2025 12:15:49 +0000
ROA not before: Thu 20 Mar 2025 12:15:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212665
IP address blocks: 193.200.217.0/24 maxlen: 24
2a14:9980::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/d4ee39-80b4-4239-8c39-051b00f858ed/1/aia56N9dpWmFTGGvcU2zA0krYvE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/d4ee39-80b4-4239-8c39-051b00f858ed/1/aia56N9dpWmFTGGvcU2zA0krYvE.mft
rsync://rpki.ripe.net/repository/DEFAULT/aia56N9dpWmFTGGvcU2zA0krYvE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 06:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:b3:7b:2f:f7:be:8d:75:87:e5:95:92:4d:82:86:b7:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a26b9e8df5da569854c61af714db303492b62f1
Validity
Not Before: Mar 20 12:15:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3973a76ab7ba75533eccb60758e495106413c35f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:8b:2c:ac:87:3e:82:03:8d:e0:49:29:e0:40:
ae:f8:cd:ed:49:77:9e:33:41:a2:37:5d:dd:db:8d:
58:f9:4b:ae:1e:80:6d:f2:bf:07:3d:67:54:f2:02:
b8:2e:0c:56:47:da:5c:82:0f:cf:1c:4a:25:e8:c3:
57:a4:35:5c:36:d5:d5:1d:f8:04:d5:6d:e1:7a:0d:
a5:bd:cc:44:a5:d9:d8:bb:12:18:1e:27:db:90:2c:
13:ce:28:10:84:ba:fd:ae:1b:75:fe:6d:1e:ea:ea:
26:f7:33:74:c2:8c:47:bb:2d:a2:ee:42:55:c3:1c:
8a:3e:8f:59:35:fb:01:eb:51:5d:2a:0f:4f:b4:96:
24:c1:17:83:8c:03:31:70:57:05:c2:c3:14:33:84:
3c:30:b7:cb:8b:93:18:50:a7:da:49:b2:d7:5d:92:
da:29:22:72:c5:97:8b:cf:5d:43:61:cd:72:7b:82:
68:e2:e5:5a:c1:08:08:3f:d5:4e:3f:d2:07:5a:6f:
58:85:a5:d3:8d:4c:8b:ad:a9:0a:8c:f1:0e:b4:b3:
40:a8:d2:6c:c9:1e:a9:4c:f8:cc:0a:52:f5:c3:fc:
4f:49:8c:07:81:f9:9b:f8:e3:66:7d:8f:cb:cf:b8:
05:e9:57:04:32:3a:e9:02:82:bd:d6:ee:80:53:e6:
2e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:73:A7:6A:B7:BA:75:53:3E:CC:B6:07:58:E4:95:10:64:13:C3:5F
X509v3 Authority Key Identifier:
keyid:6A:26:B9:E8:DF:5D:A5:69:85:4C:61:AF:71:4D:B3:03:49:2B:62:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aia56N9dpWmFTGGvcU2zA0krYvE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d4ee39-80b4-4239-8c39-051b00f858ed/1/OXOnare6dVM-zLYHWOSVEGQTw18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/d4ee39-80b4-4239-8c39-051b00f858ed/1/aia56N9dpWmFTGGvcU2zA0krYvE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.200.217.0/24
IPv6:
2a14:9980::/29
Signature Algorithm: sha256WithRSAEncryption
85:ea:5b:ea:4c:0e:9d:cc:b6:32:36:7e:7c:54:9d:a2:74:d2:
b8:e0:be:a0:d5:e6:59:be:06:86:fe:0e:f8:f4:64:af:8d:4f:
18:03:2f:74:20:b7:19:57:d5:e6:d2:81:c8:c4:af:a7:41:a4:
a9:43:77:ef:b3:9a:6d:94:e9:8e:21:4f:f8:6c:4b:72:34:d4:
33:a3:ac:0c:c3:6d:7b:e1:fa:74:36:a6:d9:05:98:e2:96:21:
02:a3:1e:32:83:63:29:18:91:a7:f6:50:18:8e:91:70:ad:64:
fa:2f:a3:31:76:72:d3:0e:de:df:f9:a3:d1:8f:09:c2:d8:ec:
cf:8a:6d:8f:5f:5c:c2:0d:c2:c5:33:b3:b2:62:d6:9e:79:bf:
fd:16:00:d1:93:26:3b:df:2b:21:bf:a5:56:7c:38:d1:f7:ff:
27:62:31:4d:d7:70:85:86:e2:e7:a2:a2:db:30:6d:13:d4:d0:
29:70:37:13:89:03:43:83:89:82:57:ef:40:c0:af:b9:ba:8d:
fb:bb:23:aa:1b:ad:59:f7:eb:10:40:91:79:49:8d:de:b9:a3:
d1:c2:64:bb:c3:15:fc:39:83:46:ee:81:8a:9b:77:e3:55:de:
e7:38:59:e9:e7:f1:51:5f:50:a6:99:2b:61:dc:cb:52:8a:a7:
41:dc:63:cd
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZWzey/3vo11h+WVkk2ChrdlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMjZiOWU4ZGY1ZGE1Njk4NTRjNjFhZjcxNGRiMzAzNDky
YjYyZjEwHhcNMjUwMzIwMTIxNTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTczYTc2YWI3YmE3NTUzM2VjY2I2MDc1OGU0OTUxMDY0MTNjMzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3YssrIc+ggON4Ekp4ECu+M3tSXee
M0GiN13d241Y+UuuHoBt8r8HPWdU8gK4LgxWR9pcgg/PHEol6MNXpDVcNtXVHfgE
1W3heg2lvcxEpdnYuxIYHifbkCwTzigQhLr9rht1/m0e6uom9zN0woxHuy2i7kJV
wxyKPo9ZNfsB61FdKg9PtJYkwReDjAMxcFcFwsMUM4Q8MLfLi5MYUKfaSbLXXZLa
KSJyxZeLz11DYc1ye4Jo4uVawQgIP9VOP9IHWm9YhaXTjUyLrakKjPEOtLNAqNJs
yR6pTPjMClL1w/xPSYwHgfmb+ONmfY/Lz7gF6VcEMjrpAoK91u6AU+YuCwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDlzp2q3unVTPsy2B1jklRBkE8NfMB8GA1UdIwQY
MBaAFGomuejfXaVphUxhr3FNswNJK2LxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWlhNTZOOWRwV21GVEdHdmNVMnpBMGtyWXZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9kNGVlMzktODBiNC00MjM5LThjMzkt
MDUxYjAwZjg1OGVkLzEvT1hPbmFyZTZkVk0tekxZSFdPU1ZFR1FUdzE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9kNGVlMzktODBiNC00MjM5LThjMzktMDUxYjAwZjg1OGVk
LzEvYWlhNTZOOWRwV21GVEdHdmNVMnpBMGtyWXZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwcjZMA0E
AgACMAcDBQMqFJmAMA0GCSqGSIb3DQEBCwUAA4IBAQCF6lvqTA6dzLYyNn58VJ2i
dNK44L6g1eZZvgaG/g749GSvjU8YAy90ILcZV9Xm0oHIxK+nQaSpQ3fvs5ptlOmO
IU/4bEtyNNQzo6wMw2174fp0NqbZBZjiliECox4yg2MpGJGn9lAYjpFwrWT6L6Mx
dnLTDt7f+aPRjwnC2OzPim2PX1zCDcLFM7OyYtaeeb/9FgDRkyY73yshv6VWfDjR
9/8nYjFN13CFhuLnoqLbMG0T1NApcDcTiQNDg4mCV+9AwK+5uo37uyOqG61Z9+sQ
QJF5SY3euaPRwmS7wxX8OYNG7oGKm3fjVd7nOFnp5/FRX1CmmSth3MtSiqdB3GPN
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:15:43 2025 by rpki-client