Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/34nsar2gfWQMMOY8tCpJec3_HUA.roa
File: 34nsar2gfWQMMOY8tCpJec3_HUA.roa (raw, json)
Hash identifier: qHqL67WUPiM0VW5Mkgg1jP4+rMDRoJNp+6mte0aAhHk=
Subject key identifier: DF:89:EC:6A:BD:A0:7D:64:0C:30:E6:3C:B4:2A:49:79:CD:FF:1D:40
Certificate issuer: /CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Certificate serial: 018CC348AC2C01C42B7F3665300C5141D95E
Authority key identifier: 0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/34nsar2gfWQMMOY8tCpJec3_HUA.roa
Signing time: Mon 01 Jan 2024 04:29:28 +0000
ROA not before: Mon 01 Jan 2024 04:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54103
IP address blocks: 194.55.129.0/24 maxlen: 24
193.201.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:ac:2c:01:c4:2b:7f:36:65:30:0c:51:41:d9:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d2999042c5e2006bd5aeb7a05de1e96a5e73664
Validity
Not Before: Jan 1 04:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=df89ec6abda07d640c30e63cb42a4979cdff1d40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e3:d7:ef:6e:60:02:05:65:32:c4:a3:82:4a:
9d:06:5c:e3:f2:ba:a3:df:b2:49:2b:b1:cd:5a:72:
c9:0e:8b:7a:e6:57:7b:95:a5:6b:af:aa:d8:b9:e1:
b5:b2:e5:e5:23:21:f0:0d:87:2d:96:79:46:d8:07:
41:b8:19:c4:fd:59:6d:07:8d:b6:f0:75:a4:24:07:
7c:09:96:86:b8:25:7c:b9:85:0a:d8:46:8b:f2:dd:
84:8d:5d:93:ca:ea:da:08:f0:f2:85:ee:30:29:c6:
47:e8:1f:d2:99:af:f5:20:71:09:8b:60:f9:61:b0:
ad:3a:df:4e:00:f2:c7:96:b2:56:fe:2f:94:cf:99:
28:6b:e1:a2:83:76:dd:9c:18:a9:5e:3f:db:09:49:
c5:87:4a:70:83:91:fa:7d:ec:19:b0:0d:ea:93:7a:
94:5e:eb:8b:12:18:d3:f1:58:ae:87:63:c8:78:bd:
61:3e:81:f6:ca:9b:18:b3:5e:b2:0d:70:f5:52:41:
5f:8b:2c:ae:58:cf:fa:02:19:d1:28:98:c0:d7:ca:
0e:af:6a:c0:44:ed:be:45:48:0a:94:08:e9:31:3a:
f2:32:3a:73:d4:87:91:55:77:76:10:14:0b:71:13:
68:d7:16:9c:5d:df:be:6f:90:36:41:57:8c:e6:70:
3c:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:89:EC:6A:BD:A0:7D:64:0C:30:E6:3C:B4:2A:49:79:CD:FF:1D:40
X509v3 Authority Key Identifier:
keyid:0D:29:99:04:2C:5E:20:06:BD:5A:EB:7A:05:DE:1E:96:A5:E7:36:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/34nsar2gfWQMMOY8tCpJec3_HUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/2c3316-efc7-4952-9efe-8c153965bac9/1/DSmZBCxeIAa9Wut6Bd4elqXnNmQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.201.203.0/24
194.55.129.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:f2:03:92:f1:3b:53:9b:34:a9:0c:5c:7c:6f:42:ef:a6:69:
90:e4:84:4d:9f:f3:90:b8:cf:56:fb:a9:ca:99:72:b2:35:f9:
2e:bf:43:f6:50:33:15:6a:8a:22:94:ec:c7:ca:d0:39:83:57:
fd:db:86:16:af:8b:5f:8e:94:3b:82:7c:a4:87:dc:03:00:03:
9e:2c:92:da:b0:29:ee:c1:68:4d:b5:e0:ca:f8:f6:d3:cc:b4:
42:93:e3:91:9c:85:83:79:63:6b:be:70:32:5c:af:59:0d:cc:
bc:65:3b:17:9f:fd:76:76:07:d9:7a:e6:ae:9c:54:36:5e:db:
c5:28:2b:5d:0a:31:7f:e6:3a:ad:46:65:c4:f5:69:6c:9b:b2:
96:98:35:68:e7:ba:a0:d5:37:70:25:d8:99:49:31:4e:a3:b3:
57:4f:02:7d:8d:d9:27:80:c4:3d:a7:48:11:ee:19:5b:61:08:
86:08:4a:25:db:64:f4:8a:7e:77:c6:cc:55:a2:ee:29:e3:e8:
de:dd:80:49:cb:4c:71:ff:2f:07:c2:e4:c4:61:ee:b6:9c:d9:
02:6d:5a:38:b3:de:ca:e6:47:90:45:b5:75:1d:fa:9f:c4:4b:
e1:27:c7:01:ac:b0:76:fb:13:1b:dd:43:12:59:8c:7c:85:db:
b2:68:f4:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSKwsAcQrfzZlMAxRQdleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMjk5OTA0MmM1ZTIwMDZiZDVhZWI3YTA1ZGUxZTk2YTVl
NzM2NjQwHhcNMjQwMTAxMDQyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjg5ZWM2YWJkYTA3ZDY0MGMzMGU2M2NiNDJhNDk3OWNkZmYxZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguPX725gAgVlMsSjgkqdBlzj8rqj
37JJK7HNWnLJDot65ld7laVrr6rYueG1suXlIyHwDYctlnlG2AdBuBnE/VltB422
8HWkJAd8CZaGuCV8uYUK2EaL8t2EjV2TyuraCPDyhe4wKcZH6B/Sma/1IHEJi2D5
YbCtOt9OAPLHlrJW/i+Uz5koa+Gig3bdnBipXj/bCUnFh0pwg5H6fewZsA3qk3qU
XuuLEhjT8Viuh2PIeL1hPoH2ypsYs16yDXD1UkFfiyyuWM/6AhnRKJjA18oOr2rA
RO2+RUgKlAjpMTryMjpz1IeRVXd2EBQLcRNo1xacXd++b5A2QVeM5nA8wwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFN+J7Gq9oH1kDDDmPLQqSXnN/x1AMB8GA1UdIwQY
MBaAFA0pmQQsXiAGvVrregXeHpal5zZkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUt
OGMxNTM5NjViYWM5LzEvMzRuc2FyMmdmV1FNTU9ZOHRDcEplYzNfSFVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yYzMzMTYtZWZjNy00OTUyLTllZmUtOGMxNTM5NjViYWM5
LzEvRFNtWkJDeGVJQWE5V3V0NkJkNGVscVhuTm1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwcnLAwQA
wjeBMA0GCSqGSIb3DQEBCwUAA4IBAQB88gOS8TtTmzSpDFx8b0LvpmmQ5IRNn/OQ
uM9W+6nKmXKyNfkuv0P2UDMVaooilOzHytA5g1f924YWr4tfjpQ7gnykh9wDAAOe
LJLasCnuwWhNteDK+PbTzLRCk+ORnIWDeWNrvnAyXK9ZDcy8ZTsXn/12dgfZeuau
nFQ2XtvFKCtdCjF/5jqtRmXE9Wlsm7KWmDVo57qg1TdwJdiZSTFOo7NXTwJ9jdkn
gMQ9p0gR7hlbYQiGCEol22T0in53xsxVou4p4+je3YBJy0xx/y8HwuTEYe62nNkC
bVo4s97K5keQRbV1HfqfxEvhJ8cBrLB2+xMb3UMSWYx8hduyaPTI
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:26:51 2024 by rpki-client on console-fra.rpki-client.org