Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/b05268-8d18-4521-abb6-4b29e9dc74c5/1/iOsVPSzZeKu_GpAxh4HElCaSMFU.roa
File: iOsVPSzZeKu_GpAxh4HElCaSMFU.roa (raw, json)
Hash identifier: AzLs0VLFJkqJP3rzT9WbseTSbDWK38sW9aaDyk0oNy4=
Subject key identifier: 88:EB:15:3D:2C:D9:78:AB:BF:1A:90:31:87:81:C4:94:26:92:30:55
Certificate issuer: /CN=6b4aa1e3d8cf43a36b41bbb25dc8fa2ba71c3584
Certificate serial: 0194266BA4FD1C39675FE763E60891F1C72B
Authority key identifier: 6B:4A:A1:E3:D8:CF:43:A3:6B:41:BB:B2:5D:C8:FA:2B:A7:1C:35:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0qh49jPQ6NrQbuyXcj6K6ccNYQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/b05268-8d18-4521-abb6-4b29e9dc74c5/1/iOsVPSzZeKu_GpAxh4HElCaSMFU.roa
Signing time: Thu 02 Jan 2025 09:49:36 +0000
ROA not before: Thu 02 Jan 2025 09:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16075
IP address blocks: 193.104.220.0/24 maxlen: 24
2001:67c:13c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/b05268-8d18-4521-abb6-4b29e9dc74c5/1/a0qh49jPQ6NrQbuyXcj6K6ccNYQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/b05268-8d18-4521-abb6-4b29e9dc74c5/1/a0qh49jPQ6NrQbuyXcj6K6ccNYQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0qh49jPQ6NrQbuyXcj6K6ccNYQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:a4:fd:1c:39:67:5f:e7:63:e6:08:91:f1:c7:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b4aa1e3d8cf43a36b41bbb25dc8fa2ba71c3584
Validity
Not Before: Jan 2 09:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88eb153d2cd978abbf1a90318781c49426923055
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:38:5b:6b:9e:05:fc:4d:10:17:e4:97:9d:b8:
bc:eb:2c:10:ec:bd:42:51:59:9b:86:1c:ea:5c:27:
55:00:fa:9b:95:2f:88:8d:e3:e4:e6:d0:22:d6:24:
0f:33:23:41:a7:1f:17:be:c3:dd:e3:2e:42:4a:ee:
27:e7:5f:9d:e4:6b:88:f9:43:8f:15:6b:30:df:10:
df:47:41:34:8b:d4:ef:91:a8:70:00:49:1f:bd:f2:
32:79:c4:8e:62:3d:be:a9:1b:e6:84:d7:5c:ba:85:
95:ff:20:e4:b4:c7:16:d4:40:c4:79:c1:72:df:01:
53:c3:05:eb:60:89:04:94:f2:39:5c:55:f2:82:91:
6a:7f:79:82:fb:90:ae:2b:fd:d1:0e:5d:14:24:34:
23:b9:fd:bf:a8:7f:16:37:9e:44:b2:ec:ec:5b:dc:
94:07:a1:61:a9:61:ff:79:d6:86:d6:74:6b:5d:6e:
e8:1b:47:b4:1c:d3:82:27:d4:92:1f:70:5a:3a:79:
98:a0:fc:57:8c:5d:0f:c6:b4:88:10:c4:bd:40:0c:
fa:b2:61:6b:19:3b:ff:da:b5:87:cf:92:50:ab:7a:
e7:92:77:9a:ef:5d:bc:1e:74:9b:57:09:5f:27:21:
31:8c:31:25:08:a1:d8:20:46:e7:99:81:f7:e3:10:
00:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:EB:15:3D:2C:D9:78:AB:BF:1A:90:31:87:81:C4:94:26:92:30:55
X509v3 Authority Key Identifier:
keyid:6B:4A:A1:E3:D8:CF:43:A3:6B:41:BB:B2:5D:C8:FA:2B:A7:1C:35:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0qh49jPQ6NrQbuyXcj6K6ccNYQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b05268-8d18-4521-abb6-4b29e9dc74c5/1/iOsVPSzZeKu_GpAxh4HElCaSMFU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/b05268-8d18-4521-abb6-4b29e9dc74c5/1/a0qh49jPQ6NrQbuyXcj6K6ccNYQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.220.0/24
IPv6:
2001:67c:13c::/48
Signature Algorithm: sha256WithRSAEncryption
5d:63:2b:fc:22:d5:ab:9c:69:35:51:8d:87:71:61:41:8e:d1:
fd:31:ff:95:9e:b1:19:64:f3:f0:83:fe:10:75:db:d0:bf:04:
e8:64:a4:85:88:ed:7c:5f:b7:e6:aa:44:8e:4f:bd:82:96:9b:
fb:00:87:f1:68:4f:2f:63:dc:51:30:9c:87:23:03:6d:07:ef:
e8:79:17:67:cc:72:b2:45:ea:1c:25:a7:3e:00:e3:ff:1a:04:
f5:48:f8:8b:6a:76:6f:f6:08:6a:38:1a:67:34:ac:ed:8f:16:
f1:38:1b:82:7c:ea:4d:e0:e3:eb:09:59:35:ac:c5:89:0f:ee:
ed:87:f2:ff:e8:9f:ec:56:e9:3d:90:0e:51:1c:7d:6f:6f:61:
b6:cd:fa:d6:cc:05:db:70:47:f4:dc:1a:1c:64:7c:f8:ab:6f:
6c:f0:6b:39:27:78:b4:4e:f8:66:9e:00:06:ee:88:78:ba:ba:
d7:22:fc:df:96:12:71:94:b7:a0:6a:ac:bd:9d:e1:03:1a:c6:
58:42:bf:98:02:dc:74:5d:68:0f:1b:34:06:f2:06:80:9b:d8:
17:37:09:dd:3f:25:8d:59:d6:07:03:5e:c3:6f:88:2f:5f:22:
cf:69:8e:84:d6:9e:0a:7d:04:ba:fc:31:bf:f4:2b:9a:27:fb:
3f:84:76:fb
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQma6T9HDlnX+dj5giR8ccrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNGFhMWUzZDhjZjQzYTM2YjQxYmJiMjVkYzhmYTJiYTcx
YzM1ODQwHhcNMjUwMTAyMDk0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGViMTUzZDJjZDk3OGFiYmYxYTkwMzE4NzgxYzQ5NDI2OTIzMDU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsDhba54F/E0QF+SXnbi86ywQ7L1C
UVmbhhzqXCdVAPqblS+IjePk5tAi1iQPMyNBpx8XvsPd4y5CSu4n51+d5GuI+UOP
FWsw3xDfR0E0i9TvkahwAEkfvfIyecSOYj2+qRvmhNdcuoWV/yDktMcW1EDEecFy
3wFTwwXrYIkElPI5XFXygpFqf3mC+5CuK/3RDl0UJDQjuf2/qH8WN55EsuzsW9yU
B6FhqWH/edaG1nRrXW7oG0e0HNOCJ9SSH3BaOnmYoPxXjF0PxrSIEMS9QAz6smFr
GTv/2rWHz5JQq3rnknea7128HnSbVwlfJyExjDElCKHYIEbnmYH34xAA4QIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIjrFT0s2XirvxqQMYeBxJQmkjBVMB8GA1UdIwQY
MBaAFGtKoePYz0Oja0G7sl3I+iunHDWEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBxaDQ5alBRNk5yUWJ1eVhjajZLNmNjTllRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny9iMDUyNjgtOGQxOC00NTIxLWFiYjYt
NGIyOWU5ZGM3NGM1LzEvaU9zVlBTelplS3VfR3BBeGg0SEVsQ2FTTUZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny9iMDUyNjgtOGQxOC00NTIxLWFiYjYtNGIyOWU5ZGM3NGM1
LzEvYTBxaDQ5alBRNk5yUWJ1eVhjajZLNmNjTllRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAwWjcMA8E
AgACMAkDBwAgAQZ8ATwwDQYJKoZIhvcNAQELBQADggEBAF1jK/wi1aucaTVRjYdx
YUGO0f0x/5WesRlk8/CD/hB129C/BOhkpIWI7Xxft+aqRI5PvYKWm/sAh/FoTy9j
3FEwnIcjA20H7+h5F2fMcrJF6hwlpz4A4/8aBPVI+Itqdm/2CGo4Gmc0rO2PFvE4
G4J86k3g4+sJWTWsxYkP7u2H8v/on+xW6T2QDlEcfW9vYbbN+tbMBdtwR/TcGhxk
fPirb2zwazkneLRO+GaeAAbuiHi6utci/N+WEnGUt6BqrL2d4QMaxlhCv5gC3HRd
aA8bNAbyBoCb2Bc3Cd0/JY1Z1gcDXsNviC9fIs9pjoTWngp9BLr8Mb/0K5on+z+E
dvs=
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:42:04 2025 by rpki-client