Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/fOa5NCQmtWasl4lGacSv5CqtTuE.roa
File: fOa5NCQmtWasl4lGacSv5CqtTuE.roa (raw, json)
Hash identifier: WtffO3fDKA3xIypbCOHAp8IkFJsEIU9sxb+c5DJyI0s=
Subject key identifier: 7C:E6:B9:34:24:26:B5:66:AC:97:89:46:69:C4:AF:E4:2A:AD:4E:E1
Certificate issuer: /CN=9eda096dbc8d59a442721cc169d6aeb649f5fd3f
Certificate serial: 01932983E5CA462178F80ED6B22BC0F0EC74
Authority key identifier: 9E:DA:09:6D:BC:8D:59:A4:42:72:1C:C1:69:D6:AE:B6:49:F5:FD:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ntoJbbyNWaRCchzBadautkn1_T8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/fOa5NCQmtWasl4lGacSv5CqtTuE.roa
Signing time: Thu 14 Nov 2024 07:12:09 +0000
ROA not before: Thu 14 Nov 2024 07:12:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201633
IP address blocks: 193.33.156.0/24 maxlen: 24
206.225.17.0/24 maxlen: 24
2a12:d4c0:b00b::/48 maxlen: 48
2a12:d4c0:beef::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/ntoJbbyNWaRCchzBadautkn1_T8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/ntoJbbyNWaRCchzBadautkn1_T8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ntoJbbyNWaRCchzBadautkn1_T8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 22:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:29:83:e5:ca:46:21:78:f8:0e:d6:b2:2b:c0:f0:ec:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9eda096dbc8d59a442721cc169d6aeb649f5fd3f
Validity
Not Before: Nov 14 07:12:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ce6b9342426b566ac97894669c4afe42aad4ee1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:a0:6e:b1:d1:f3:24:a5:ad:55:d4:b1:96:3a:
57:38:37:20:db:54:99:5a:7e:b0:e4:fe:9e:e3:5b:
88:20:ea:92:52:33:d4:e3:7f:a3:95:a9:0c:eb:91:
f8:ae:3c:86:b6:3e:ff:3c:fd:e0:9b:1a:7e:00:6e:
c8:09:00:e4:eb:60:d6:2d:bf:e9:54:a3:73:cc:03:
eb:c9:a7:28:92:f3:26:01:8b:dd:b7:8d:a9:a7:00:
62:20:77:7a:3a:c6:a6:74:1f:9f:b3:7b:9b:55:0d:
bd:72:d2:9e:6a:40:e8:56:60:61:94:b9:a1:0b:a7:
b2:f8:16:f5:d0:c4:88:71:f4:45:b4:ce:f6:23:64:
c3:8b:63:1c:0c:4a:18:17:d7:36:60:7f:d4:d3:77:
63:f9:93:c9:d3:2f:e7:8f:5b:51:7d:54:33:61:e4:
d7:53:78:92:b9:75:54:23:39:73:60:6f:fc:54:ac:
80:6d:c2:95:2d:8a:73:d7:9a:b2:00:87:ac:da:14:
58:8c:1d:57:bd:fd:4b:43:ae:49:1a:5c:07:57:3a:
4a:01:02:77:fa:e1:c6:a7:33:43:bd:2f:3c:3b:bd:
dd:bd:3d:f4:48:bc:ec:f2:db:46:48:27:70:96:d5:
f2:2a:15:50:cc:ed:20:ee:92:5b:f4:8a:d4:33:24:
01:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:E6:B9:34:24:26:B5:66:AC:97:89:46:69:C4:AF:E4:2A:AD:4E:E1
X509v3 Authority Key Identifier:
keyid:9E:DA:09:6D:BC:8D:59:A4:42:72:1C:C1:69:D6:AE:B6:49:F5:FD:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ntoJbbyNWaRCchzBadautkn1_T8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/fOa5NCQmtWasl4lGacSv5CqtTuE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/981b50-03ab-414b-a310-bdc5d6cb2141/1/ntoJbbyNWaRCchzBadautkn1_T8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.156.0/24
206.225.17.0/24
IPv6:
2a12:d4c0:b00b::/48
2a12:d4c0:beef::/48
Signature Algorithm: sha256WithRSAEncryption
40:12:b8:ea:b7:6f:1d:07:76:34:5e:99:1c:e7:c4:78:a8:65:
ae:ca:14:fa:da:a7:96:ee:b2:7e:83:6e:ab:10:72:0d:61:73:
e7:1d:fa:ad:53:c9:7f:76:63:0b:25:51:20:3c:aa:db:92:e8:
3f:8c:15:cd:f3:8e:83:36:a4:62:ea:cc:04:5f:ae:3f:b1:ee:
aa:75:3d:be:de:9f:cc:31:82:f1:5b:ed:8e:59:fa:f7:71:03:
bb:f6:6d:e2:c2:0d:b8:9a:eb:ef:d9:e1:9b:c8:ef:88:ea:81:
e4:d5:fe:9a:f7:99:c6:c4:9a:6c:c3:29:c4:9c:d3:eb:aa:48:
cb:d8:f0:41:d8:4d:0e:ad:a1:55:8d:08:d9:89:10:52:09:aa:
d8:de:68:4c:45:61:88:8b:ae:a1:ea:66:77:93:0e:96:1a:6d:
31:57:7f:aa:e9:c2:70:f2:ad:74:14:5c:ee:b5:2b:8c:a2:24:
bb:94:a3:c7:e5:8a:15:99:34:1a:24:de:85:10:6a:3b:a4:50:
d3:c8:77:cc:6e:27:ce:cc:86:55:b7:7b:2c:65:0a:92:37:4f:
0b:7b:ce:7a:79:f9:3e:20:1d:38:1f:3f:1f:9f:91:2d:98:25:
40:d2:8b:c1:38:7d:30:1a:32:35:a3:aa:d7:a4:48:8f:77:d5:
d3:85:01:43
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZMpg+XKRiF4+A7WsivA8Ox0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllZGEwOTZkYmM4ZDU5YTQ0MjcyMWNjMTY5ZDZhZWI2NDlm
NWZkM2YwHhcNMjQxMTE0MDcxMjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3Y2U2YjkzNDI0MjZiNTY2YWM5Nzg5NDY2OWM0YWZlNDJhYWQ0ZWUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA36BusdHzJKWtVdSxljpXODcg21SZ
Wn6w5P6e41uIIOqSUjPU43+jlakM65H4rjyGtj7/PP3gmxp+AG7ICQDk62DWLb/p
VKNzzAPryacokvMmAYvdt42ppwBiIHd6OsamdB+fs3ubVQ29ctKeakDoVmBhlLmh
C6ey+Bb10MSIcfRFtM72I2TDi2McDEoYF9c2YH/U03dj+ZPJ0y/nj1tRfVQzYeTX
U3iSuXVUIzlzYG/8VKyAbcKVLYpz15qyAIes2hRYjB1Xvf1LQ65JGlwHVzpKAQJ3
+uHGpzNDvS88O73dvT30SLzs8ttGSCdwltXyKhVQzO0g7pJb9IrUMyQBpQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHzmuTQkJrVmrJeJRmnEr+QqrU7hMB8GA1UdIwQY
MBaAFJ7aCW28jVmkQnIcwWnWrrZJ9f0/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnRvSmJieU5XYVJDY2h6QmFkYXV0a24xX1Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi85ODFiNTAtMDNhYi00MTRiLWEzMTAt
YmRjNWQ2Y2IyMTQxLzEvZk9hNU5DUW10V2FzbDRsR2FjU3Y1Q3F0VHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi85ODFiNTAtMDNhYi00MTRiLWEzMTAtYmRjNWQ2Y2IyMTQx
LzEvbnRvSmJieU5XYVJDY2h6QmFkYXV0a24xX1Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAwSGcAwQA
zuERMBgEAgACMBIDBwAqEtTAsAsDBwAqEtTAvu8wDQYJKoZIhvcNAQELBQADggEB
AEASuOq3bx0HdjRemRznxHioZa7KFPrap5busn6DbqsQcg1hc+cd+q1TyX92Ywsl
USA8qtuS6D+MFc3zjoM2pGLqzARfrj+x7qp1Pb7en8wxgvFb7Y5Z+vdxA7v2beLC
Dbia6+/Z4ZvI74jqgeTV/pr3mcbEmmzDKcSc0+uqSMvY8EHYTQ6toVWNCNmJEFIJ
qtjeaExFYYiLrqHqZneTDpYabTFXf6rpwnDyrXQUXO61K4yiJLuUo8flihWZNBok
3oUQajukUNPId8xuJ87MhlW3eyxlCpI3Twt7znp5+T4gHTgfPx+fkS2YJUDSi8E4
fTAaMjWjqtekSI931dOFAUM=
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:55:42 2024 by rpki-client on console-fra.rpki-client.org