Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/vO2o7TijtOrHPldvA6_HcltVHbk.roa
File: vO2o7TijtOrHPldvA6_HcltVHbk.roa (raw, json)
Hash identifier: J1Ri+TQHaKvqdduQJOPiENP/mtiq0x6pRh069E6Rdco=
Subject key identifier: BC:ED:A8:ED:38:A3:B4:EA:C7:3E:57:6F:03:AF:C7:72:5B:55:1D:B9
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 0191E90CFF58C48DE38C32DF6432CC005683
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/vO2o7TijtOrHPldvA6_HcltVHbk.roa
Signing time: Fri 13 Sep 2024 01:43:48 +0000
ROA not before: Fri 13 Sep 2024 01:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208949
IP address blocks: 194.76.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e9:0c:ff:58:c4:8d:e3:8c:32:df:64:32:cc:00:56:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Sep 13 01:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bceda8ed38a3b4eac73e576f03afc7725b551db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:f6:26:e8:7a:5a:45:40:1c:46:07:78:10:89:
e1:df:08:c5:4d:b3:b3:75:b7:fb:78:ee:8a:c4:e1:
80:b3:2d:51:b9:07:c5:bb:c0:1d:cc:e3:be:8d:4f:
38:a8:f5:17:06:3a:2b:6a:2c:e3:62:0c:78:be:b2:
9d:08:52:e5:92:d6:e6:15:68:5e:2e:0f:74:6a:23:
e9:9c:5a:10:03:bb:dc:eb:18:6f:b7:08:71:64:da:
5e:b2:35:6d:bd:b8:39:cf:00:db:09:21:b5:3e:6f:
8f:40:8e:25:5d:4f:66:b7:31:ab:6a:c9:ed:2e:59:
cb:f7:14:ec:84:14:12:15:fc:26:40:b3:3b:84:cc:
3b:67:ad:4a:c2:a4:85:5a:1c:8d:5f:86:71:5b:b4:
b4:62:dc:06:67:25:10:0b:16:16:4d:26:b1:97:37:
bf:7f:35:76:0e:91:fd:9d:e4:3d:bf:ee:3c:14:87:
99:a9:24:9e:76:1a:8b:91:64:0b:13:71:d6:1a:07:
07:64:6a:03:12:07:cd:9c:6b:ed:a9:53:f9:a7:3a:
c8:c3:b5:5f:3a:92:7c:51:46:5f:80:61:60:7c:57:
ce:31:a1:36:dc:df:44:af:7e:eb:39:71:d3:1b:56:
1b:75:ec:a8:a7:63:7d:cc:46:44:26:e2:b1:4a:00:
4e:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:ED:A8:ED:38:A3:B4:EA:C7:3E:57:6F:03:AF:C7:72:5B:55:1D:B9
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/vO2o7TijtOrHPldvA6_HcltVHbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.76.0.0/24
Signature Algorithm: sha256WithRSAEncryption
77:47:f7:d5:16:3a:f5:c1:62:2c:e3:9a:32:52:36:81:1b:c3:
0a:bf:ea:01:c4:9c:39:3f:5d:bd:6f:75:51:e2:45:25:15:e6:
be:c0:d9:fa:d7:b6:bb:99:56:30:5f:e7:2c:06:d4:27:d0:e7:
15:ef:67:3a:aa:8c:df:f7:08:8b:4c:d6:ef:a9:62:08:d7:4c:
b2:2e:7d:3b:ef:1d:79:6d:74:e9:33:77:bc:80:2d:7e:01:07:
ba:96:0e:72:0e:89:5b:e2:09:cc:47:36:cf:d3:4f:d5:9b:b1:
bf:1a:8f:29:68:3d:f8:97:be:4e:54:f6:b7:01:54:66:82:15:
99:6f:e0:cb:7a:78:fa:c2:65:72:a0:62:38:29:92:6d:1e:d5:
6e:77:2a:0d:37:2e:04:26:1c:1e:43:75:56:5f:47:33:2c:87:
75:b9:f8:57:ca:f0:5c:bc:73:17:e4:d9:37:0a:83:ea:bb:2a:
29:2c:c5:d2:dd:0f:b8:4c:40:30:7b:60:eb:41:6a:8c:9e:94:
ac:52:f2:05:3f:0d:4a:f4:fb:97:7a:66:07:4c:25:eb:72:a2:
d8:18:ad:03:d9:49:72:dd:89:70:a9:ac:a7:cc:71:dd:58:e1:
d6:f8:8d:4d:5d:0d:c3:34:d4:56:fb:d5:c1:bf:b0:76:8a:ef:
8d:6a:15:29
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHpDP9YxI3jjDLfZDLMAFaDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwOTEzMDE0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2VkYThlZDM4YTNiNGVhYzczZTU3NmYwM2FmYzc3MjViNTUxZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0PYm6HpaRUAcRgd4EInh3wjFTbOz
dbf7eO6KxOGAsy1RuQfFu8AdzOO+jU84qPUXBjoraizjYgx4vrKdCFLlktbmFWhe
Lg90aiPpnFoQA7vc6xhvtwhxZNpesjVtvbg5zwDbCSG1Pm+PQI4lXU9mtzGrasnt
LlnL9xTshBQSFfwmQLM7hMw7Z61KwqSFWhyNX4ZxW7S0YtwGZyUQCxYWTSaxlze/
fzV2DpH9neQ9v+48FIeZqSSedhqLkWQLE3HWGgcHZGoDEgfNnGvtqVP5pzrIw7Vf
OpJ8UUZfgGFgfFfOMaE23N9Er37rOXHTG1Ybdeyop2N9zEZEJuKxSgBObQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLztqO04o7Tqxz5XbwOvx3JbVR25MB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvdk8ybzdUaWp0T3JIUGxkdkE2X0hjbHRWSGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwkwAMA0G
CSqGSIb3DQEBCwUAA4IBAQB3R/fVFjr1wWIs45oyUjaBG8MKv+oBxJw5P129b3VR
4kUlFea+wNn617a7mVYwX+csBtQn0OcV72c6qozf9wiLTNbvqWII10yyLn077x15
bXTpM3e8gC1+AQe6lg5yDolb4gnMRzbP00/Vm7G/Go8paD34l75OVPa3AVRmghWZ
b+DLenj6wmVyoGI4KZJtHtVudyoNNy4EJhweQ3VWX0czLId1ufhXyvBcvHMX5Nk3
CoPquyopLMXS3Q+4TEAwe2DrQWqMnpSsUvIFPw1K9PuXemYHTCXrcqLYGK0D2Uly
3YlwqaynzHHdWOHW+I1NXQ3DNNRW+9XBv7B2iu+NahUp
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:51:01 2024 by rpki-client on console-fra.rpki-client.org