Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/05ad83-9711-44b0-8cd5-dfdef6caabdf/1/_oamkq9eok8JHdL8-5Lu_oYehc8.roa
File: _oamkq9eok8JHdL8-5Lu_oYehc8.roa (raw, json)
Hash identifier: Oo+mMothK8yXFnsMf7FBZ2cks/k1vNFVF+z9vGxShYs=
Subject key identifier: FE:86:A6:92:AF:5E:A2:4F:09:1D:D2:FC:FB:92:EE:FE:86:1E:85:CF
Certificate issuer: /CN=2ab32a51f01880f48415691b6008b8f3699c343d
Certificate serial: 018CC86EED207C3C9CE3F6F3934E8226F4DA
Authority key identifier: 2A:B3:2A:51:F0:18:80:F4:84:15:69:1B:60:08:B8:F3:69:9C:34:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KrMqUfAYgPSEFWkbYAi482mcND0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/05ad83-9711-44b0-8cd5-dfdef6caabdf/1/_oamkq9eok8JHdL8-5Lu_oYehc8.roa
Signing time: Tue 02 Jan 2024 04:29:21 +0000
ROA not before: Tue 02 Jan 2024 04:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209994
IP address blocks: 193.176.88.0/22 maxlen: 24
2a0e:e900::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/05ad83-9711-44b0-8cd5-dfdef6caabdf/1/KrMqUfAYgPSEFWkbYAi482mcND0.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/05ad83-9711-44b0-8cd5-dfdef6caabdf/1/KrMqUfAYgPSEFWkbYAi482mcND0.mft
rsync://rpki.ripe.net/repository/DEFAULT/KrMqUfAYgPSEFWkbYAi482mcND0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6e:ed:20:7c:3c:9c:e3:f6:f3:93:4e:82:26:f4:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ab32a51f01880f48415691b6008b8f3699c343d
Validity
Not Before: Jan 2 04:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe86a692af5ea24f091dd2fcfb92eefe861e85cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a6:16:ae:47:49:4f:5c:5c:34:c3:df:a4:84:
f6:3b:2b:51:46:ca:26:9a:94:59:79:59:ee:ed:08:
3f:15:e6:26:16:fe:0d:47:05:18:28:17:75:45:7c:
b4:eb:79:4a:08:05:b4:7b:71:ab:8b:24:54:b3:4c:
25:55:10:b8:0c:6e:98:ca:24:2e:c9:ea:12:61:44:
43:1f:83:fd:5a:65:94:61:31:14:9b:aa:ea:04:50:
61:04:55:82:fd:63:94:6b:b9:be:05:f7:cf:8e:4e:
f8:56:16:6e:d8:89:9c:01:02:ff:1c:ab:4c:5e:5f:
6a:8e:58:ea:26:64:7a:07:3a:fd:8e:59:0a:76:ab:
d1:bd:50:6d:92:23:e3:1c:99:96:d1:ef:87:d3:fe:
47:3c:51:9e:4a:6c:f9:29:22:2d:47:fe:19:17:1e:
70:a4:b6:b3:4e:da:63:c6:68:0a:44:f9:a0:43:1a:
7e:dc:e7:08:70:1d:2d:cd:e5:ce:d3:f8:b1:36:ca:
1d:ec:dd:18:7b:cc:d1:a6:e8:84:b4:ce:8a:7e:32:
f6:c2:10:5d:54:02:fb:11:22:39:13:f2:26:11:ad:
7c:ec:3a:df:38:52:79:3e:46:da:60:6b:2e:40:7f:
bd:48:09:e0:75:c4:f6:dd:bc:e3:b5:e0:8c:04:42:
be:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:86:A6:92:AF:5E:A2:4F:09:1D:D2:FC:FB:92:EE:FE:86:1E:85:CF
X509v3 Authority Key Identifier:
keyid:2A:B3:2A:51:F0:18:80:F4:84:15:69:1B:60:08:B8:F3:69:9C:34:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KrMqUfAYgPSEFWkbYAi482mcND0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/05ad83-9711-44b0-8cd5-dfdef6caabdf/1/_oamkq9eok8JHdL8-5Lu_oYehc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/05ad83-9711-44b0-8cd5-dfdef6caabdf/1/KrMqUfAYgPSEFWkbYAi482mcND0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.176.88.0/22
IPv6:
2a0e:e900::/29
Signature Algorithm: sha256WithRSAEncryption
07:37:d2:32:a2:01:a0:cb:14:75:65:28:53:fb:b3:0d:f0:f9:
9a:b6:00:be:66:6a:5b:ee:09:bd:6d:1b:07:60:98:e9:2f:48:
64:4c:92:29:eb:da:9a:18:24:ca:9d:4d:eb:19:bc:63:2a:3d:
b6:ed:f4:cb:81:c6:d6:b0:17:4d:f8:aa:b2:6c:48:26:9f:05:
e4:63:c8:30:d6:f8:c4:f8:cb:d9:20:e1:7f:40:a6:30:e5:08:
dc:15:75:38:ea:8d:fe:9e:b5:ec:ef:15:db:79:66:18:8f:21:
22:77:88:65:b8:81:14:0e:94:f5:be:ef:04:c2:16:c2:76:51:
75:14:27:dc:75:96:01:d3:13:d3:95:5a:12:bc:ad:cd:2f:ce:
38:f6:1d:23:77:82:50:3d:99:c3:c9:be:18:41:ed:a9:73:a8:
14:90:c8:91:fb:36:56:1b:7e:f8:f8:a7:54:cd:6c:2c:34:6d:
31:c9:29:57:e6:03:18:8e:71:48:b3:c5:87:be:21:8f:de:ea:
b4:dd:33:08:09:18:f6:be:fb:e0:95:4a:8b:06:4c:fe:ab:1c:
6b:7c:86:43:bf:97:61:1b:5d:7c:6c:5c:58:ab:37:d2:b8:db:
04:cc:de:b1:a0:37:89:bc:5e:88:81:e6:d4:35:72:e6:8f:90:
27:1c:20:80
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIbu0gfDyc4/bzk06CJvTaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYjMyYTUxZjAxODgwZjQ4NDE1NjkxYjYwMDhiOGYzNjk5
YzM0M2QwHhcNMjQwMTAyMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg2YTY5MmFmNWVhMjRmMDkxZGQyZmNmYjkyZWVmZTg2MWU4NWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6YWrkdJT1xcNMPfpIT2OytRRsom
mpRZeVnu7Qg/FeYmFv4NRwUYKBd1RXy063lKCAW0e3GriyRUs0wlVRC4DG6YyiQu
yeoSYURDH4P9WmWUYTEUm6rqBFBhBFWC/WOUa7m+BffPjk74VhZu2ImcAQL/HKtM
Xl9qjljqJmR6Bzr9jlkKdqvRvVBtkiPjHJmW0e+H0/5HPFGeSmz5KSItR/4ZFx5w
pLazTtpjxmgKRPmgQxp+3OcIcB0tzeXO0/ixNsod7N0Ye8zRpuiEtM6KfjL2whBd
VAL7ESI5E/ImEa187DrfOFJ5PkbaYGsuQH+9SAngdcT23bzjteCMBEK+7wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFP6GppKvXqJPCR3S/PuS7v6GHoXPMB8GA1UdIwQY
MBaAFCqzKlHwGID0hBVpG2AIuPNpnDQ9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3JNcVVmQVlnUFNFRldrYllBaTQ4Mm1jTkQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC8wNWFkODMtOTcxMS00NGIwLThjZDUt
ZGZkZWY2Y2FhYmRmLzEvX29hbWtxOWVvazhKSGRMOC01THVfb1llaGM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC8wNWFkODMtOTcxMS00NGIwLThjZDUtZGZkZWY2Y2FhYmRm
LzEvS3JNcVVmQVlnUFNFRldrYllBaTQ4Mm1jTkQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwbBYMA0E
AgACMAcDBQMqDukAMA0GCSqGSIb3DQEBCwUAA4IBAQAHN9IyogGgyxR1ZShT+7MN
8PmatgC+Zmpb7gm9bRsHYJjpL0hkTJIp69qaGCTKnU3rGbxjKj227fTLgcbWsBdN
+KqybEgmnwXkY8gw1vjE+MvZIOF/QKYw5QjcFXU46o3+nrXs7xXbeWYYjyEid4hl
uIEUDpT1vu8EwhbCdlF1FCfcdZYB0xPTlVoSvK3NL8449h0jd4JQPZnDyb4YQe2p
c6gUkMiR+zZWG374+KdUzWwsNG0xySlX5gMYjnFIs8WHviGP3uq03TMICRj2vvvg
lUqLBkz+qxxrfIZDv5dhG118bFxYqzfSuNsEzN6xoDeJvF6IgebUNXLmj5AnHCCA
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:11:35 2024 by rpki-client on console-fra.rpki-client.org