Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/1e98c2-2bae-4d14-9bcc-855e6072ef36/1/o4ajNcsXNuds7whWbEEiB8N48Sg.roa
File: o4ajNcsXNuds7whWbEEiB8N48Sg.roa (raw, json)
Hash identifier: VhGoFDXA8q9WuqYcjRwzGIiXmDseGSRa3R378JsK3+E=
Subject key identifier: A3:86:A3:35:CB:17:36:E7:6C:EF:08:56:6C:41:22:07:C3:78:F1:28
Certificate issuer: /CN=7ddd236d804d5aa9a2cab39cf51022ac05e0b183
Certificate serial: 018CC56EEC7B68FF917C1A67D4D07A89C13B
Authority key identifier: 7D:DD:23:6D:80:4D:5A:A9:A2:CA:B3:9C:F5:10:22:AC:05:E0:B1:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fd0jbYBNWqmiyrOc9RAirAXgsYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/1e98c2-2bae-4d14-9bcc-855e6072ef36/1/o4ajNcsXNuds7whWbEEiB8N48Sg.roa
Signing time: Mon 01 Jan 2024 14:30:30 +0000
ROA not before: Mon 01 Jan 2024 14:30:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47908
IP address blocks: 193.142.111.0/24 maxlen: 24
2001:67c:170::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/1e98c2-2bae-4d14-9bcc-855e6072ef36/1/fd0jbYBNWqmiyrOc9RAirAXgsYM.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/1e98c2-2bae-4d14-9bcc-855e6072ef36/1/fd0jbYBNWqmiyrOc9RAirAXgsYM.mft
rsync://rpki.ripe.net/repository/DEFAULT/fd0jbYBNWqmiyrOc9RAirAXgsYM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:ec:7b:68:ff:91:7c:1a:67:d4:d0:7a:89:c1:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ddd236d804d5aa9a2cab39cf51022ac05e0b183
Validity
Not Before: Jan 1 14:30:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a386a335cb1736e76cef08566c412207c378f128
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:d1:37:c4:7a:8e:b7:d0:93:b4:8d:dc:f1:fc:
aa:28:25:5c:c5:9a:71:c9:ef:b8:8d:5b:34:23:c5:
cf:c7:a1:f3:d9:7a:56:06:dd:10:44:ec:bd:f2:e5:
6e:57:c5:67:3a:de:40:43:2b:fa:cf:f8:3a:27:be:
10:90:c3:18:5e:84:ce:ab:4d:e7:e0:ab:7b:18:f5:
ce:d4:54:9a:70:a1:03:43:41:eb:4e:04:c7:51:a6:
3f:1d:ee:13:44:3c:e1:1e:6c:39:b1:f4:fa:3c:be:
b6:d9:fe:fe:d4:be:88:5f:57:08:c4:c0:27:37:e8:
bd:8d:c3:5b:39:a3:f0:c2:74:3e:2e:98:d8:e8:c0:
8b:42:82:76:00:bb:d5:6c:d4:d4:e2:5c:1c:9d:88:
9c:03:af:c6:36:67:0f:24:63:37:af:de:ff:3d:d0:
3f:76:18:23:9a:c6:80:01:a7:b9:f0:35:ac:23:87:
7e:5a:5c:4c:7e:6c:6d:b6:41:d9:0a:1d:07:05:37:
84:8d:d0:87:8a:fd:c9:64:05:8c:84:63:94:19:3b:
dd:c2:2e:a9:ab:23:ed:81:56:49:d3:5a:b1:e8:56:
b8:c2:6c:b1:4d:c7:6c:fb:d0:40:54:b1:49:9b:2d:
1f:64:da:88:4e:da:a2:9e:8d:d5:21:80:84:14:8f:
38:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:86:A3:35:CB:17:36:E7:6C:EF:08:56:6C:41:22:07:C3:78:F1:28
X509v3 Authority Key Identifier:
keyid:7D:DD:23:6D:80:4D:5A:A9:A2:CA:B3:9C:F5:10:22:AC:05:E0:B1:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd0jbYBNWqmiyrOc9RAirAXgsYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/1e98c2-2bae-4d14-9bcc-855e6072ef36/1/o4ajNcsXNuds7whWbEEiB8N48Sg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/1e98c2-2bae-4d14-9bcc-855e6072ef36/1/fd0jbYBNWqmiyrOc9RAirAXgsYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.142.111.0/24
IPv6:
2001:67c:170::/48
Signature Algorithm: sha256WithRSAEncryption
a6:bb:a5:5d:16:ba:c0:0e:77:3d:e4:ea:c9:e1:94:9c:63:f2:
87:3b:d4:e9:fc:f8:d3:bf:f6:fa:61:02:e3:f4:7f:56:25:57:
a0:65:73:9f:47:23:98:1b:fa:2d:fa:d0:23:22:fb:b5:7a:a5:
1e:01:25:6f:6e:44:f7:16:b8:3b:70:95:59:9b:e3:fc:00:96:
18:bd:0a:d4:ce:4a:ca:f1:c4:dd:a2:7b:95:3e:e1:6a:cf:ab:
97:63:f9:ca:a0:9b:fe:13:5b:cb:99:fb:38:05:81:da:59:f8:
2c:b4:af:ac:f6:b0:01:32:1c:c2:f7:99:bb:10:1e:ab:e9:c4:
a1:5b:68:6a:dc:6c:89:10:e2:ed:ba:ad:89:21:63:c2:09:1e:
ba:29:3c:30:d7:a5:03:d7:94:dd:0f:01:89:09:41:ff:31:d4:
a4:ec:a2:46:59:24:51:f9:24:b2:06:39:7b:6b:dc:05:e0:64:
76:d3:99:22:85:e6:68:f9:08:db:bc:b4:7e:e9:26:42:63:80:
fe:ae:ca:bf:e8:1f:b1:7b:fa:46:36:39:21:2e:a4:65:50:a5:
b6:62:20:b1:15:ef:4e:55:66:cf:4c:17:56:1e:71:08:56:13:
f4:5d:d9:12:54:8e:f9:e0:6d:70:1c:a3:38:b3:85:5b:fd:05:
9e:b6:b8:79
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFbux7aP+RfBpn1NB6icE7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZGQyMzZkODA0ZDVhYTlhMmNhYjM5Y2Y1MTAyMmFjMDVl
MGIxODMwHhcNMjQwMTAxMTQzMDMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzg2YTMzNWNiMTczNmU3NmNlZjA4NTY2YzQxMjIwN2MzNzhmMTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA69E3xHqOt9CTtI3c8fyqKCVcxZpx
ye+4jVs0I8XPx6Hz2XpWBt0QROy98uVuV8VnOt5AQyv6z/g6J74QkMMYXoTOq03n
4Kt7GPXO1FSacKEDQ0HrTgTHUaY/He4TRDzhHmw5sfT6PL622f7+1L6IX1cIxMAn
N+i9jcNbOaPwwnQ+LpjY6MCLQoJ2ALvVbNTU4lwcnYicA6/GNmcPJGM3r97/PdA/
dhgjmsaAAae58DWsI4d+WlxMfmxttkHZCh0HBTeEjdCHiv3JZAWMhGOUGTvdwi6p
qyPtgVZJ01qx6Fa4wmyxTcds+9BAVLFJmy0fZNqITtqino3VIYCEFI84twIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKOGozXLFzbnbO8IVmxBIgfDePEoMB8GA1UdIwQY
MBaAFH3dI22ATVqposqznPUQIqwF4LGDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmQwamJZQk5XcW1peXJPYzlSQWlyQVhnc1lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xZTk4YzItMmJhZS00ZDE0LTliY2Mt
ODU1ZTYwNzJlZjM2LzEvbzRhak5jc1hOdWRzN3doV2JFRWlCOE40OFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xZTk4YzItMmJhZS00ZDE0LTliY2MtODU1ZTYwNzJlZjM2
LzEvZmQwamJZQk5XcW1peXJPYzlSQWlyQVhnc1lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwY5vMA8E
AgACMAkDBwAgAQZ8AXAwDQYJKoZIhvcNAQELBQADggEBAKa7pV0WusAOdz3k6snh
lJxj8oc71On8+NO/9vphAuP0f1YlV6Blc59HI5gb+i360CMi+7V6pR4BJW9uRPcW
uDtwlVmb4/wAlhi9CtTOSsrxxN2ie5U+4WrPq5dj+cqgm/4TW8uZ+zgFgdpZ+Cy0
r6z2sAEyHML3mbsQHqvpxKFbaGrcbIkQ4u26rYkhY8IJHropPDDXpQPXlN0PAYkJ
Qf8x1KTsokZZJFH5JLIGOXtr3AXgZHbTmSKF5mj5CNu8tH7pJkJjgP6uyr/oH7F7
+kY2OSEupGVQpbZiILEV705VZs9MF1YecQhWE/Rd2RJUjvngbXAcozizhVv9BZ62
uHk=
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:22:05 2024 by rpki-client on console-ams.rpki-client.org