Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/94/d2362e-3256-4244-858a-ee56f1afc366/1/097n9JXtZbMVO8iEts4uU6ME2OQ.roa
File: 097n9JXtZbMVO8iEts4uU6ME2OQ.roa (raw, json)
Hash identifier: ffuIIoWmGyCSZKTbNEqtnqnFX94ui+S6wuvJtiiStA4=
Subject key identifier: D3:DE:E7:F4:95:ED:65:B3:15:3B:C8:84:B6:CE:2E:53:A3:04:D8:E4
Certificate issuer: /CN=c11ab916821c5a3148ce1252ba7801caa2ab4914
Certificate serial: 018CCA2AEA194CCD5E4C9C07A719E85F36AC
Authority key identifier: C1:1A:B9:16:82:1C:5A:31:48:CE:12:52:BA:78:01:CA:A2:AB:49:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wRq5FoIcWjFIzhJSungByqKrSRQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/94/d2362e-3256-4244-858a-ee56f1afc366/1/097n9JXtZbMVO8iEts4uU6ME2OQ.roa
Signing time: Tue 02 Jan 2024 12:34:19 +0000
ROA not before: Tue 02 Jan 2024 12:34:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21263
IP address blocks: 193.39.67.0/24 maxlen: 24
91.196.200.0/22 maxlen: 24
2a0c:7780::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/94/d2362e-3256-4244-858a-ee56f1afc366/1/wRq5FoIcWjFIzhJSungByqKrSRQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/94/d2362e-3256-4244-858a-ee56f1afc366/1/wRq5FoIcWjFIzhJSungByqKrSRQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/wRq5FoIcWjFIzhJSungByqKrSRQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:ea:19:4c:cd:5e:4c:9c:07:a7:19:e8:5f:36:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c11ab916821c5a3148ce1252ba7801caa2ab4914
Validity
Not Before: Jan 2 12:34:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d3dee7f495ed65b3153bc884b6ce2e53a304d8e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:63:43:66:9c:08:5c:2a:4a:af:79:d2:05:b6:
23:06:10:e2:01:cb:a2:26:e4:ef:81:69:22:c4:c1:
93:bf:dc:13:7d:9c:15:4c:e7:73:d9:21:b7:48:9d:
63:05:40:49:0a:bf:cf:60:d4:17:25:d7:c5:28:83:
7f:ed:26:4d:fc:72:db:39:9c:36:ad:1d:da:aa:e1:
34:52:a9:e0:75:1c:74:78:5c:4c:e1:ae:07:20:26:
8e:c4:a2:b8:1e:c5:1a:f8:28:4b:07:4d:ab:a7:d7:
c7:57:57:ed:19:7e:26:60:15:35:fd:fa:3d:1f:28:
7f:9a:98:0c:5f:6e:72:1f:26:f4:36:45:1b:fd:23:
e7:fc:7e:3d:56:95:42:bd:60:2f:d6:64:9e:bb:c8:
28:f7:94:d7:17:0e:be:76:a6:00:05:18:09:f9:6c:
da:36:e0:85:d3:86:38:58:06:60:5b:89:e3:e6:53:
b9:6b:d0:87:bc:a6:9f:d7:79:7f:b3:5b:35:90:3b:
42:5b:bf:46:e2:2a:20:fe:50:57:a4:03:a5:4a:dd:
9b:df:c1:30:aa:dd:e9:bf:7f:48:69:fc:35:01:24:
6a:e7:8d:67:ce:20:65:68:85:35:bb:75:da:09:4a:
36:eb:4f:53:3f:40:34:a5:50:f3:b6:d8:53:45:cd:
49:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:DE:E7:F4:95:ED:65:B3:15:3B:C8:84:B6:CE:2E:53:A3:04:D8:E4
X509v3 Authority Key Identifier:
keyid:C1:1A:B9:16:82:1C:5A:31:48:CE:12:52:BA:78:01:CA:A2:AB:49:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wRq5FoIcWjFIzhJSungByqKrSRQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/94/d2362e-3256-4244-858a-ee56f1afc366/1/097n9JXtZbMVO8iEts4uU6ME2OQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/94/d2362e-3256-4244-858a-ee56f1afc366/1/wRq5FoIcWjFIzhJSungByqKrSRQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.200.0/22
193.39.67.0/24
IPv6:
2a0c:7780::/29
Signature Algorithm: sha256WithRSAEncryption
89:77:71:c9:7d:96:38:82:a9:68:80:cc:ce:91:c0:36:c8:1d:
70:50:37:33:19:45:ed:14:b1:1d:3d:7b:33:c9:2e:4f:67:1c:
e4:3b:26:02:b8:0a:c6:80:ea:88:b5:ad:48:d0:6c:7e:d1:4f:
43:bd:8f:d1:94:2c:10:8e:b5:b7:35:c4:42:40:42:cf:98:a5:
b4:00:95:50:b9:60:0e:62:30:f6:d2:0e:7c:52:64:7f:51:a7:
c6:01:c3:f5:5a:c3:9e:e4:8c:27:49:eb:12:26:5c:e0:a6:fc:
8a:a2:10:d8:9e:05:de:b2:8c:f3:f3:13:db:fa:0e:a3:b9:93:
fa:21:1c:a9:f2:7c:d0:58:cf:1d:ba:18:58:b3:6e:10:a6:e6:
7a:d1:2e:05:41:d5:48:7b:64:77:5a:d4:11:5b:47:fc:6a:e3:
69:fd:b0:70:80:d1:3a:d0:13:06:ad:c8:11:6c:40:86:b2:53:
5e:21:c8:46:b1:c8:63:7f:70:7b:78:f7:5a:43:29:84:3e:ce:
57:71:f4:f8:42:76:e1:32:fe:16:e7:a8:6c:1b:14:a8:23:85:
78:3a:34:dd:57:1c:23:33:62:e7:35:1c:55:33:30:39:06:8e:
f1:b0:46:01:e5:af:d2:29:2a:28:06:6c:3d:f3:c9:1f:b7:8b:
2b:65:4d:00
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKKuoZTM1eTJwHpxnoXzasMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxMWFiOTE2ODIxYzVhMzE0OGNlMTI1MmJhNzgwMWNhYTJh
YjQ5MTQwHhcNMjQwMTAyMTIzNDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2RlZTdmNDk1ZWQ2NWIzMTUzYmM4ODRiNmNlMmU1M2EzMDRkOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiWNDZpwIXCpKr3nSBbYjBhDiAcui
JuTvgWkixMGTv9wTfZwVTOdz2SG3SJ1jBUBJCr/PYNQXJdfFKIN/7SZN/HLbOZw2
rR3aquE0UqngdRx0eFxM4a4HICaOxKK4HsUa+ChLB02rp9fHV1ftGX4mYBU1/fo9
Hyh/mpgMX25yHyb0NkUb/SPn/H49VpVCvWAv1mSeu8go95TXFw6+dqYABRgJ+Wza
NuCF04Y4WAZgW4nj5lO5a9CHvKaf13l/s1s1kDtCW79G4iog/lBXpAOlSt2b38Ew
qt3pv39Iafw1ASRq541nziBlaIU1u3XaCUo2609TP0A0pVDztthTRc1JpQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNPe5/SV7WWzFTvIhLbOLlOjBNjkMB8GA1UdIwQY
MBaAFMEauRaCHFoxSM4SUrp4Acqiq0kUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1JxNUZvSWNXakZJemhKU3VuZ0J5cUtyU1JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NC9kMjM2MmUtMzI1Ni00MjQ0LTg1OGEt
ZWU1NmYxYWZjMzY2LzEvMDk3bjlKWHRaYk1WTzhpRXRzNHVVNk1FMk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NC9kMjM2MmUtMzI1Ni00MjQ0LTg1OGEtZWU1NmYxYWZjMzY2
LzEvd1JxNUZvSWNXakZJemhKU3VuZ0J5cUtyU1JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8TIAwQA
wSdDMA0EAgACMAcDBQMqDHeAMA0GCSqGSIb3DQEBCwUAA4IBAQCJd3HJfZY4gqlo
gMzOkcA2yB1wUDczGUXtFLEdPXszyS5PZxzkOyYCuArGgOqIta1I0Gx+0U9DvY/R
lCwQjrW3NcRCQELPmKW0AJVQuWAOYjD20g58UmR/UafGAcP1WsOe5IwnSesSJlzg
pvyKohDYngXesozz8xPb+g6juZP6IRyp8nzQWM8duhhYs24QpuZ60S4FQdVIe2R3
WtQRW0f8auNp/bBwgNE60BMGrcgRbECGslNeIchGschjf3B7ePdaQymEPs5XcfT4
QnbhMv4W56hsGxSoI4V4OjTdVxwjM2LnNRxVMzA5Bo7xsEYB5a/SKSooBmw988kf
t4srZU0A
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:26:03 2024 by rpki-client on console-fra.rpki-client.org