Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/oMsbWqKig1Jz9KhQZB1o-hLbsjQ.roa
File: oMsbWqKig1Jz9KhQZB1o-hLbsjQ.roa (raw, json)
Hash identifier: OocXoaK/KzmHtgXJpn4l6UhsAXqtzLQU0zedQi9+930=
Subject key identifier: A0:CB:1B:5A:A2:A2:83:52:73:F4:A8:50:64:1D:68:FA:12:DB:B2:34
Certificate issuer: /CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Certificate serial: 019421B1D9663010F018FBAEDB81547EC6BE
Authority key identifier: F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/oMsbWqKig1Jz9KhQZB1o-hLbsjQ.roa
Signing time: Wed 01 Jan 2025 11:48:11 +0000
ROA not before: Wed 01 Jan 2025 11:48:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47324
IP address blocks: 91.120.33.0/24 maxlen: 24
195.56.124.0/24 maxlen: 24
195.56.125.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.mft
rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 08:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:d9:66:30:10:f0:18:fb:ae:db:81:54:7e:c6:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f02dac605f4659718c0a15e1f732cbd4f48aae7b
Validity
Not Before: Jan 1 11:48:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0cb1b5aa2a2835273f4a850641d68fa12dbb234
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a3:83:93:51:dd:2e:56:78:47:03:56:f9:1c:
ca:93:44:88:30:3b:51:71:77:ff:ea:49:de:c8:65:
fe:26:78:73:e8:7e:ee:ae:21:38:a5:f3:15:52:00:
98:1c:03:7b:d3:95:a0:c5:b0:dd:9c:59:58:39:ca:
95:56:2f:c4:d9:fe:ca:0e:35:6b:d1:c0:99:51:c1:
b0:18:fd:32:81:46:3c:97:6c:f6:78:ea:59:fe:0d:
0a:ff:85:b5:3c:0b:51:84:e6:b8:e1:1e:e8:8a:7c:
b6:94:be:05:3d:c0:13:34:a7:dd:99:fd:d1:6c:bb:
78:d6:48:cc:7e:32:fd:a2:76:5a:0a:27:4c:89:19:
5f:e0:1c:c0:52:34:2c:f3:dd:de:ed:47:93:e6:91:
78:02:b7:d1:46:a1:aa:34:02:bc:9f:65:db:1c:81:
1c:52:f5:ed:ce:16:9e:10:46:b4:df:c8:4a:e4:0c:
db:5b:8d:e7:41:f2:4c:da:73:5a:10:53:65:c5:24:
b1:2d:f5:82:ec:d4:22:d7:6e:84:f9:3f:30:35:e2:
2d:ad:da:e7:e7:89:45:12:58:d9:f6:69:bc:b6:e3:
5c:33:7e:91:fd:76:77:5d:fd:d4:98:93:87:12:d0:
e3:08:66:63:ea:d1:04:62:22:9d:f9:ee:fd:d2:db:
cb:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:CB:1B:5A:A2:A2:83:52:73:F4:A8:50:64:1D:68:FA:12:DB:B2:34
X509v3 Authority Key Identifier:
keyid:F0:2D:AC:60:5F:46:59:71:8C:0A:15:E1:F7:32:CB:D4:F4:8A:AE:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8C2sYF9GWXGMChXh9zLL1PSKrns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/oMsbWqKig1Jz9KhQZB1o-hLbsjQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/e90976-3dd1-4716-bbf6-292ae46e6302/1/8C2sYF9GWXGMChXh9zLL1PSKrns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.120.33.0/24
195.56.124.0/23
Signature Algorithm: sha256WithRSAEncryption
3e:61:ab:83:f4:59:fb:66:5e:42:0c:4f:1f:d0:8b:0f:a9:00:
5c:d8:cb:75:19:77:d4:43:91:05:6a:07:3f:d3:58:cc:93:72:
90:c3:64:9d:74:3d:b0:5b:16:09:40:7d:13:5e:df:0e:d6:09:
ad:1d:ca:b3:74:4a:a9:fc:54:16:78:35:32:8f:b9:e7:97:74:
e9:c6:34:4b:68:94:43:bb:bc:0c:9c:bd:eb:37:87:41:4b:9e:
2b:05:87:40:49:28:7a:90:02:a9:42:a0:5d:05:73:5b:02:72:
bc:bb:6f:f1:05:f4:d1:68:26:e7:84:87:37:d1:56:f1:95:f4:
62:0d:3a:d0:8e:8e:10:69:06:92:68:6a:19:99:74:4b:88:bd:
74:20:34:a0:92:32:80:f5:05:79:8f:87:2d:f3:ba:68:5e:7b:
09:b8:ab:8b:98:2c:82:d8:db:64:fe:18:5b:d6:62:bd:ca:04:
a5:90:25:b5:fb:d6:e2:19:7c:2d:ad:35:3a:e4:77:96:b5:9b:
91:e5:de:d1:b4:a3:6a:c9:11:e5:62:bc:f9:f7:a6:a8:ae:07:
5b:4e:ec:05:a9:a0:5b:10:63:70:b2:06:b8:db:54:5e:c4:6d:
23:f1:1a:29:c3:fb:02:e6:d9:51:8b:2a:8f:16:8c:df:2d:23:
d6:72:84:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhsdlmMBDwGPuu24FUfsa+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwMmRhYzYwNWY0NjU5NzE4YzBhMTVlMWY3MzJjYmQ0ZjQ4
YWFlN2IwHhcNMjUwMTAxMTE0ODExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGNiMWI1YWEyYTI4MzUyNzNmNGE4NTA2NDFkNjhmYTEyZGJiMjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAraODk1HdLlZ4RwNW+RzKk0SIMDtR
cXf/6kneyGX+Jnhz6H7uriE4pfMVUgCYHAN705WgxbDdnFlYOcqVVi/E2f7KDjVr
0cCZUcGwGP0ygUY8l2z2eOpZ/g0K/4W1PAtRhOa44R7oiny2lL4FPcATNKfdmf3R
bLt41kjMfjL9onZaCidMiRlf4BzAUjQs893e7UeT5pF4ArfRRqGqNAK8n2XbHIEc
UvXtzhaeEEa038hK5AzbW43nQfJM2nNaEFNlxSSxLfWC7NQi126E+T8wNeItrdrn
54lFEljZ9mm8tuNcM36R/XZ3Xf3UmJOHEtDjCGZj6tEEYiKd+e790tvL5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKDLG1qiooNSc/SoUGQdaPoS27I0MB8GA1UdIwQY
MBaAFPAtrGBfRllxjAoV4fcyy9T0iq57MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYt
MjkyYWU0NmU2MzAyLzEvb01zYldxS2lnMUp6OUtoUVpCMW8taExic2pRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lOTA5NzYtM2RkMS00NzE2LWJiZjYtMjkyYWU0NmU2MzAy
LzEvOEMyc1lGOUdXWEdNQ2hYaDl6TEwxUFNLcm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW3ghAwQB
wzh8MA0GCSqGSIb3DQEBCwUAA4IBAQA+YauD9Fn7Zl5CDE8f0IsPqQBc2Mt1GXfU
Q5EFagc/01jMk3KQw2SddD2wWxYJQH0TXt8O1gmtHcqzdEqp/FQWeDUyj7nnl3Tp
xjRLaJRDu7wMnL3rN4dBS54rBYdASSh6kAKpQqBdBXNbAnK8u2/xBfTRaCbnhIc3
0VbxlfRiDTrQjo4QaQaSaGoZmXRLiL10IDSgkjKA9QV5j4ct87poXnsJuKuLmCyC
2Ntk/hhb1mK9ygSlkCW1+9biGXwtrTU65HeWtZuR5d7RtKNqyRHlYrz596aorgdb
TuwFqaBbEGNwsga421RexG0j8Ropw/sC5tlRiyqPFozfLSPWcoSb
-----END CERTIFICATE-----
Generated at Sun Apr 13 16:24:41 2025 by rpki-client