Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/OW4SBqRM0pZLREvB8PwvS9CKnp0.roa
File: OW4SBqRM0pZLREvB8PwvS9CKnp0.roa (raw, json)
Hash identifier: jMEiAew60dJvOGLRJzz/Ax99USUZbxKTbl9S96vSsP4=
Subject key identifier: 39:6E:12:06:A4:4C:D2:96:4B:44:4B:C1:F0:FC:2F:4B:D0:8A:9E:9D
Certificate issuer: /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial: 019427B5C2F7C981F409A6BFB2DA590CC5BC
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/OW4SBqRM0pZLREvB8PwvS9CKnp0.roa
Signing time: Thu 02 Jan 2025 15:50:10 +0000
ROA not before: Thu 02 Jan 2025 15:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43833
IP address blocks: 80.254.224.0/22 maxlen: 22
89.29.203.0/24 maxlen: 24
185.250.196.0/23 maxlen: 23
193.177.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:c2:f7:c9:81:f4:09:a6:bf:b2:da:59:0c:c5:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Validity
Not Before: Jan 2 15:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=396e1206a44cd2964b444bc1f0fc2f4bd08a9e9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:7e:40:60:11:bc:35:de:06:e3:bd:0e:15:44:
cc:21:79:22:cb:a1:08:9f:a1:04:89:4f:64:47:0c:
ef:50:68:33:07:77:52:2b:89:2d:eb:1c:9b:1a:6f:
25:87:20:94:be:14:cf:fb:10:68:28:2b:36:c8:c4:
8e:3d:f9:24:ac:9b:3c:db:b2:d5:77:46:d9:af:ef:
3c:05:f9:49:ec:83:13:26:e6:28:30:bc:24:81:0e:
11:5c:74:6f:68:42:26:b6:1c:10:eb:e4:4d:49:6f:
ec:30:f6:0d:a3:54:46:7a:d1:d5:77:e1:bc:0f:23:
c9:5f:6b:ce:39:18:74:cf:0a:f3:23:1f:1c:e5:15:
46:18:94:21:e0:10:7e:1a:b4:db:e8:f7:25:5c:7e:
f8:00:e0:85:a7:56:5d:4e:a8:b0:a7:1f:28:60:b7:
02:a3:05:c4:97:c0:69:4e:58:72:3a:b6:1d:a4:ca:
7a:77:87:9e:4f:dd:48:e7:3c:8c:57:76:87:e0:f2:
9d:39:3d:7a:ae:a7:37:ba:91:c4:8b:b4:d3:68:d1:
4b:83:b7:84:6c:0e:6e:24:fc:3e:93:79:5a:ea:e4:
a2:8f:e7:b8:fc:81:83:d6:e0:24:41:ff:5a:50:86:
8c:66:ed:3e:44:c2:c8:17:59:e5:06:b8:9a:31:5c:
de:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:6E:12:06:A4:4C:D2:96:4B:44:4B:C1:F0:FC:2F:4B:D0:8A:9E:9D
X509v3 Authority Key Identifier:
keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/OW4SBqRM0pZLREvB8PwvS9CKnp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.224.0/22
89.29.203.0/24
185.250.196.0/23
193.177.212.0/22
Signature Algorithm: sha256WithRSAEncryption
ba:49:03:55:e6:dc:a2:13:ef:3f:68:28:60:66:b6:74:7d:98:
5f:23:bd:d2:76:99:eb:5d:e6:e9:63:a1:5c:42:28:0a:1a:4a:
2f:b5:19:2e:e1:94:b4:99:0f:ec:9f:6f:15:42:ef:13:e3:ff:
00:f4:99:42:04:c9:65:d3:25:c3:47:74:e4:9d:94:b2:d4:d3:
ed:6a:cb:15:37:d6:88:0c:d4:3b:ce:c9:35:f9:1f:46:12:d7:
fc:55:6a:a2:88:ad:a3:31:e0:df:85:94:6b:0b:00:79:8f:e5:
39:9b:b1:5f:79:bf:43:70:b0:cf:78:e3:5e:8d:24:26:c8:0d:
c6:2f:16:a5:58:f0:49:bc:a1:82:01:96:b5:60:3d:0c:47:b9:
ce:f7:b8:5c:9e:33:02:96:b1:85:74:8e:cd:05:38:b2:f1:50:
0c:89:e2:43:1c:1f:40:dd:9a:1a:94:06:62:d6:e9:8d:59:86:
c2:12:3a:b6:f5:b5:78:ef:86:d5:f4:99:ce:20:ec:1b:e8:1f:
74:d9:6c:98:bd:64:ce:76:25:6e:78:32:da:68:e4:db:23:67:
ad:14:9a:50:e6:f6:7b:cc:ba:83:86:27:ab:2a:09:0f:9b:8c:
d0:b7:fa:e6:89:6e:9a:5f:a9:5a:b2:05:0f:42:9c:c6:0d:19:
8b:a9:e0:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQntcL3yYH0Caa/stpZDMW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjUwMTAyMTU1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTZlMTIwNmE0NGNkMjk2NGI0NDRiYzFmMGZjMmY0YmQwOGE5ZTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4H5AYBG8Nd4G470OFUTMIXkiy6EI
n6EEiU9kRwzvUGgzB3dSK4kt6xybGm8lhyCUvhTP+xBoKCs2yMSOPfkkrJs827LV
d0bZr+88BflJ7IMTJuYoMLwkgQ4RXHRvaEImthwQ6+RNSW/sMPYNo1RGetHVd+G8
DyPJX2vOORh0zwrzIx8c5RVGGJQh4BB+GrTb6PclXH74AOCFp1ZdTqiwpx8oYLcC
owXEl8BpTlhyOrYdpMp6d4eeT91I5zyMV3aH4PKdOT16rqc3upHEi7TTaNFLg7eE
bA5uJPw+k3la6uSij+e4/IGD1uAkQf9aUIaMZu0+RMLIF1nlBriaMVzeMwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFDluEgakTNKWS0RLwfD8L0vQip6dMB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvT1c0U0JxUk0wcFpMUkV2QjhQd3ZTOUNLbnAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQtMWQ5MzRhMDQ4NDc0
LzEvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCUP7gAwQA
WR3LAwQBufrEAwQCwbHUMA0GCSqGSIb3DQEBCwUAA4IBAQC6SQNV5tyiE+8/aChg
ZrZ0fZhfI73SdpnrXebpY6FcQigKGkovtRku4ZS0mQ/sn28VQu8T4/8A9JlCBMll
0yXDR3TknZSy1NPtassVN9aIDNQ7zsk1+R9GEtf8VWqiiK2jMeDfhZRrCwB5j+U5
m7Ffeb9DcLDPeONejSQmyA3GLxalWPBJvKGCAZa1YD0MR7nO97hcnjMClrGFdI7N
BTiy8VAMieJDHB9A3ZoalAZi1umNWYbCEjq29bV474bV9JnOIOwb6B902WyYvWTO
diVueDLaaOTbI2etFJpQ5vZ7zLqDhierKgkPm4zQt/rmiW6aX6lasgUPQpzGDRmL
qeD0
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:47 2025 by rpki-client