Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/O2qhNKnjc3SBHbzFgtnZkcaKxTs.roa
File: O2qhNKnjc3SBHbzFgtnZkcaKxTs.roa (raw, json)
Hash identifier: svk8Ee5jY6GukP2EAVGZNyFF8yF6P8neWrKBrCIPxIA=
Subject key identifier: 3B:6A:A1:34:A9:E3:73:74:81:1D:BC:C5:82:D9:D9:91:C6:8A:C5:3B
Certificate issuer: /CN=e43f23d68937494288dfcc7a0efe1fe74a2036e1
Certificate serial: 018CCA29CF63F763B8ACE691508B70069B4E
Authority key identifier: E4:3F:23:D6:89:37:49:42:88:DF:CC:7A:0E:FE:1F:E7:4A:20:36:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/O2qhNKnjc3SBHbzFgtnZkcaKxTs.roa
Signing time: Tue 02 Jan 2024 12:33:06 +0000
ROA not before: Tue 02 Jan 2024 12:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5479
IP address blocks: 193.219.40.0/21 maxlen: 21
193.219.48.0/21 maxlen: 21
193.219.56.0/22 maxlen: 22
193.219.80.0/20 maxlen: 20
193.219.128.0/20 maxlen: 20
193.219.144.0/21 maxlen: 21
2001:77c::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/5D8j1ok3SUKI38x6Dv4f50ogNuE.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/5D8j1ok3SUKI38x6Dv4f50ogNuE.mft
rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:cf:63:f7:63:b8:ac:e6:91:50:8b:70:06:9b:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e43f23d68937494288dfcc7a0efe1fe74a2036e1
Validity
Not Before: Jan 2 12:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b6aa134a9e37374811dbcc582d9d991c68ac53b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:02:b9:bf:7c:b3:c1:cc:4f:31:86:d0:1e:6a:
ce:5f:4f:42:21:29:79:b1:13:92:86:e1:bf:2d:32:
5c:8e:33:88:d6:5b:05:26:cb:2b:35:38:47:b0:b7:
a3:74:11:bc:7c:8c:2f:2d:8d:cb:02:92:c5:a9:ed:
d3:2e:bd:88:e8:18:d7:87:60:df:94:86:5f:c8:c6:
00:5b:ce:1d:ff:b4:70:e1:27:24:dc:5e:bd:7b:60:
92:f5:50:b7:71:20:1c:ab:11:c3:eb:28:3c:71:65:
5e:db:cc:89:a4:5a:3f:d5:ec:56:9e:b0:ac:f8:cd:
c8:51:c5:30:dd:fa:1b:65:7b:aa:57:f5:a4:16:02:
58:76:10:44:cf:6c:5f:27:db:62:53:1c:3b:19:11:
cc:12:f4:b3:43:d3:cf:2f:5b:f6:bc:19:60:f1:f4:
a8:1c:b9:0e:27:dd:f8:b0:c0:f1:0a:f8:8b:ab:d4:
d4:12:cb:62:1a:99:84:90:28:46:5c:3b:6a:69:62:
75:1d:ef:71:8b:ea:5c:76:0e:6b:5d:79:6a:69:30:
67:1c:7e:b8:2a:eb:23:73:3f:aa:f2:ae:3c:21:96:
47:a4:cd:97:05:da:5d:b7:16:44:60:e1:c9:b1:6d:
b3:cb:46:93:e3:92:4b:6e:67:ff:32:18:e1:63:f5:
39:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:6A:A1:34:A9:E3:73:74:81:1D:BC:C5:82:D9:D9:91:C6:8A:C5:3B
X509v3 Authority Key Identifier:
keyid:E4:3F:23:D6:89:37:49:42:88:DF:CC:7A:0E:FE:1F:E7:4A:20:36:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5D8j1ok3SUKI38x6Dv4f50ogNuE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/O2qhNKnjc3SBHbzFgtnZkcaKxTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/ab5fdc-9d6b-4675-9a13-9d185f738211/1/5D8j1ok3SUKI38x6Dv4f50ogNuE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.219.40.0-193.219.59.255
193.219.80.0/20
193.219.128.0-193.219.151.255
IPv6:
2001:77c::/32
Signature Algorithm: sha256WithRSAEncryption
a6:bc:04:77:f2:ec:c6:cc:3b:31:57:93:1d:30:6c:2f:4d:e6:
1b:b0:b8:0c:75:89:52:a3:df:95:6d:e1:c8:e3:1d:1d:f8:2c:
a6:6f:c3:30:bb:0c:9c:55:8e:35:5f:a3:58:a1:d3:2d:8c:ad:
6b:b4:bd:d5:99:30:da:42:fc:c0:51:85:7a:d7:58:3e:cb:67:
6c:73:00:05:4c:f4:1b:0c:67:81:16:e7:e4:f9:30:fe:c6:40:
30:96:14:f1:fe:8a:df:bc:14:7f:0a:a0:0c:fc:52:6a:87:ef:
8f:98:0e:7d:47:1b:d5:0e:92:43:03:6f:06:f6:a7:b2:78:86:
8d:f5:f2:ba:5c:58:70:75:52:12:4e:60:64:f1:7f:91:01:68:
1d:b0:4b:d7:f7:94:21:03:99:7d:88:d9:ce:98:07:bd:34:95:
4b:3f:a9:7f:91:8b:93:fe:60:fb:82:25:b9:36:69:bb:af:1c:
fb:21:0e:08:75:f9:4d:97:b9:8d:e6:ea:36:2a:db:d2:e5:04:
77:bc:c8:68:00:68:a9:84:ba:7a:4a:5e:4e:81:bc:00:e4:57:
56:e9:3b:8c:ff:9d:89:98:de:5c:4f:3b:c1:e4:66:8a:bc:98:
f0:11:b7:8b:a3:91:cf:39:4a:82:29:74:77:31:54:4e:e8:79:
70:c1:8d:74
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzKKc9j92O4rOaRUItwBptOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0M2YyM2Q2ODkzNzQ5NDI4OGRmY2M3YTBlZmUxZmU3NGEy
MDM2ZTEwHhcNMjQwMTAyMTIzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjZhYTEzNGE5ZTM3Mzc0ODExZGJjYzU4MmQ5ZDk5MWM2OGFjNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugK5v3yzwcxPMYbQHmrOX09CISl5
sROShuG/LTJcjjOI1lsFJssrNThHsLejdBG8fIwvLY3LApLFqe3TLr2I6BjXh2Df
lIZfyMYAW84d/7Rw4Sck3F69e2CS9VC3cSAcqxHD6yg8cWVe28yJpFo/1exWnrCs
+M3IUcUw3fobZXuqV/WkFgJYdhBEz2xfJ9tiUxw7GRHMEvSzQ9PPL1v2vBlg8fSo
HLkOJ934sMDxCviLq9TUEstiGpmEkChGXDtqaWJ1He9xi+pcdg5rXXlqaTBnHH64
Kusjcz+q8q48IZZHpM2XBdpdtxZEYOHJsW2zy0aT45JLbmf/MhjhY/U5DQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFDtqoTSp43N0gR28xYLZ2ZHGisU7MB8GA1UdIwQY
MBaAFOQ/I9aJN0lCiN/Meg7+H+dKIDbhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUQ4ajFvazNTVUtJMzh4NkR2NGY1MG9nTnVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hYjVmZGMtOWQ2Yi00Njc1LTlhMTMt
OWQxODVmNzM4MjExLzEvTzJxaE5LbmpjM1NCSGJ6Rmd0blprY2FLeFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hYjVmZGMtOWQ2Yi00Njc1LTlhMTMtOWQxODVmNzM4MjEx
LzEvNUQ4ajFvazNTVUtJMzh4NkR2NGY1MG9nTnVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiMAwDBAPB2ygD
BALB2zgDBATB21AwDAMEB8HbgAMEA8HbkDANBAIAAjAHAwUAIAEHfDANBgkqhkiG
9w0BAQsFAAOCAQEAprwEd/Lsxsw7MVeTHTBsL03mG7C4DHWJUqPflW3hyOMdHfgs
pm/DMLsMnFWONV+jWKHTLYyta7S91Zkw2kL8wFGFetdYPstnbHMABUz0GwxngRbn
5Pkw/sZAMJYU8f6K37wUfwqgDPxSaofvj5gOfUcb1Q6SQwNvBvansniGjfXyulxY
cHVSEk5gZPF/kQFoHbBL1/eUIQOZfYjZzpgHvTSVSz+pf5GLk/5g+4IluTZpu68c
+yEOCHX5TZe5jebqNirb0uUEd7zIaABoqYS6ekpeToG8AORXVuk7jP+diZjeXE87
weRmiryY8BG3i6ORzzlKgil0dzFUTuh5cMGNdA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:07:33 2024 by rpki-client on console-ams.rpki-client.org