Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/2mpCOGzEmenOtU99IQiP_XbKKZk.roa
File: 2mpCOGzEmenOtU99IQiP_XbKKZk.roa (raw, json)
Hash identifier: 8p9oBYakrkbHSnqSHQM7BrfVchUOJ6ezyezsBwy4K3c=
Subject key identifier: DA:6A:42:38:6C:C4:99:E9:CE:B5:4F:7D:21:08:8F:FD:76:CA:29:99
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 01927195467AFFB59DF7C08BF0E51A6908FB
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/2mpCOGzEmenOtU99IQiP_XbKKZk.roa
Signing time: Wed 09 Oct 2024 14:01:01 +0000
ROA not before: Wed 09 Oct 2024 14:01:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210644
IP address blocks: 193.232.178.0/24 maxlen: 24
194.226.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:71:95:46:7a:ff:b5:9d:f7:c0:8b:f0:e5:1a:69:08:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Oct 9 14:01:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da6a42386cc499e9ceb54f7d21088ffd76ca2999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:29:11:50:ea:bc:2c:7a:60:6f:23:df:b0:2e:
88:db:b1:28:b2:fd:95:7b:9d:60:22:da:63:1f:d4:
a7:f7:18:b6:fc:b6:45:50:99:9d:91:fb:f8:c0:c9:
9e:1e:27:f9:37:00:39:f4:32:45:96:42:f4:d7:bb:
2c:a4:9b:b1:1c:f9:ce:e3:81:56:b6:15:1f:30:48:
f3:24:e4:4f:d2:bd:ad:ec:b8:be:88:99:3a:2b:9c:
35:ba:a7:75:69:36:1a:01:5a:d5:a7:3e:eb:29:7a:
ac:29:0e:61:48:80:bb:34:90:9d:8b:0b:ed:a8:fb:
52:0c:e9:cc:7f:08:1a:35:9d:1d:0b:7e:12:25:8e:
65:bc:dc:a4:3b:a3:63:49:d7:a4:81:12:e6:fb:08:
f3:4b:12:2e:4f:ab:57:cb:99:ee:a9:c3:78:47:12:
80:da:a5:f4:79:42:b6:d3:b8:f5:e3:41:4d:5d:c9:
eb:11:1f:d8:f5:cb:9e:a2:03:7a:36:67:b2:4f:e5:
99:c8:21:ab:77:65:6b:3f:21:0a:87:82:a6:b9:73:
08:28:ef:7b:84:f1:39:0c:b5:48:10:06:15:e7:95:
60:ef:43:14:7f:0d:fc:3f:96:41:8e:5d:a9:63:e2:
fb:df:0c:1e:46:c9:a7:f2:b0:65:47:0c:68:d6:3d:
38:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:6A:42:38:6C:C4:99:E9:CE:B5:4F:7D:21:08:8F:FD:76:CA:29:99
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/2mpCOGzEmenOtU99IQiP_XbKKZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.232.178.0/24
194.226.169.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:72:86:a4:db:53:ff:f5:4f:22:8e:7f:2b:5f:c9:96:11:a2:
85:03:0e:71:d8:1d:f4:0f:e6:01:6c:3b:ee:49:c2:aa:2a:33:
92:38:51:ba:16:42:67:49:be:dd:bf:3c:f6:29:3f:ab:2f:d1:
4e:54:72:0d:64:6f:d2:4f:67:b5:88:02:0a:dd:a2:44:14:57:
6b:cb:c9:3a:1f:9e:e7:08:ce:3d:fd:f9:ac:1d:a6:28:df:24:
7e:57:5e:43:23:83:32:7a:17:c0:35:97:c7:73:ef:b1:f3:34:
dd:45:50:8b:dd:7a:f6:0a:7e:19:da:3e:56:d3:83:8f:40:95:
24:5c:9d:95:dd:32:02:58:98:69:b2:9c:67:b4:ff:14:83:35:
6a:09:8c:c7:3c:be:de:ec:73:af:64:62:56:f9:0d:20:ac:ad:
ae:0b:54:72:77:65:bd:e6:82:7c:36:15:23:e0:23:93:1f:87:
c5:a2:da:ea:37:1c:38:05:b5:0a:b6:be:01:f5:e3:b1:2c:c9:
47:f0:c8:c6:84:07:1b:1f:e9:f6:ff:b5:8c:3c:62:0a:57:eb:
b0:4e:82:fe:aa:20:e8:c0:49:e2:63:ad:d8:9b:ad:a7:90:56:
65:f3:b7:d7:22:90:9b:65:33:63:57:f3:44:91:0b:ce:c4:7d:
b0:fe:be:9b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZJxlUZ6/7Wd98CL8OUaaQj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQxMDA5MTQwMTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTZhNDIzODZjYzQ5OWU5Y2ViNTRmN2QyMTA4OGZmZDc2Y2EyOTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoykRUOq8LHpgbyPfsC6I27Eosv2V
e51gItpjH9Sn9xi2/LZFUJmdkfv4wMmeHif5NwA59DJFlkL017sspJuxHPnO44FW
thUfMEjzJORP0r2t7Li+iJk6K5w1uqd1aTYaAVrVpz7rKXqsKQ5hSIC7NJCdiwvt
qPtSDOnMfwgaNZ0dC34SJY5lvNykO6NjSdekgRLm+wjzSxIuT6tXy5nuqcN4RxKA
2qX0eUK207j140FNXcnrER/Y9cueogN6NmeyT+WZyCGrd2VrPyEKh4KmuXMIKO97
hPE5DLVIEAYV55Vg70MUfw38P5ZBjl2pY+L73wweRsmn8rBlRwxo1j04gQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNpqQjhsxJnpzrVPfSEIj/12yimZMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvMm1wQ09HekVtZW5PdFU5OUlRaVBfWGJLS1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAweiyAwQA
wuKpMA0GCSqGSIb3DQEBCwUAA4IBAQAfcoak21P/9U8ijn8rX8mWEaKFAw5x2B30
D+YBbDvuScKqKjOSOFG6FkJnSb7dvzz2KT+rL9FOVHINZG/ST2e1iAIK3aJEFFdr
y8k6H57nCM49/fmsHaYo3yR+V15DI4MyehfANZfHc++x8zTdRVCL3Xr2Cn4Z2j5W
04OPQJUkXJ2V3TICWJhpspxntP8UgzVqCYzHPL7e7HOvZGJW+Q0grK2uC1Ryd2W9
5oJ8NhUj4COTH4fFotrqNxw4BbUKtr4B9eOxLMlH8MjGhAcbH+n2/7WMPGIKV+uw
ToL+qiDowEniY63Ym62nkFZl87fXIpCbZTNjV/NEkQvOxH2w/r6b
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:35:26 2024 by rpki-client on console-fra.rpki-client.org