Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/ohBR9gaWvOXtYQXcgJqGDXdvhgc.roa
File: ohBR9gaWvOXtYQXcgJqGDXdvhgc.roa (raw, json)
Hash identifier: mcNhcVpEskMv8R65sPOBOnqGWcTvjsQlG35vlEkEVE4=
Subject key identifier: A2:10:51:F6:06:96:BC:E5:ED:61:05:DC:80:9A:86:0D:77:6F:86:07
Certificate issuer: /CN=253a3b5f51808168c212c094a2baaff38e16464a
Certificate serial: 018CC5DC4DDB81FDB4D3AF43869FC98518D1
Authority key identifier: 25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/ohBR9gaWvOXtYQXcgJqGDXdvhgc.roa
Signing time: Mon 01 Jan 2024 16:29:58 +0000
ROA not before: Mon 01 Jan 2024 16:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61378
IP address blocks: 195.19.193.0/24 maxlen: 24
194.226.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.mft
rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:4d:db:81:fd:b4:d3:af:43:86:9f:c9:85:18:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=253a3b5f51808168c212c094a2baaff38e16464a
Validity
Not Before: Jan 1 16:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a21051f60696bce5ed6105dc809a860d776f8607
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:2e:c9:30:28:2d:a8:d3:ec:cb:ee:6c:da:41:
1a:4f:73:0b:ac:93:8e:83:c7:06:30:ec:80:25:2d:
4a:ee:8f:71:41:82:2c:af:2d:a9:a7:74:c1:df:88:
ce:65:d1:4b:dc:63:62:de:3f:3c:61:2d:73:d6:34:
a1:65:db:dc:a5:a5:5b:5a:36:07:df:f1:0e:f2:ca:
39:88:78:5c:b2:c4:d5:15:7c:d8:56:d1:30:78:19:
27:2e:6b:a2:03:09:c4:46:ad:f2:7d:cd:de:b1:6b:
93:48:ef:61:47:e1:58:3e:ac:fa:92:9f:c9:5d:be:
91:7e:d4:5d:2b:c2:0c:9a:6a:67:24:52:2f:98:7f:
9f:4d:95:b4:3f:de:bd:e8:c5:76:e9:93:20:8f:04:
a0:ea:25:3b:2e:fc:1e:0b:ea:a6:3d:e6:2a:4e:3c:
6b:13:bf:50:33:96:7f:68:b6:e5:00:71:3b:9c:a4:
d4:3e:23:b7:95:1a:e7:cd:0e:7d:a4:a6:d0:5d:37:
29:2c:0f:a7:d3:5f:80:fb:10:02:14:98:53:02:48:
5b:49:ab:49:9e:91:e2:8b:ec:93:4e:aa:71:ca:05:
be:23:05:38:d3:d9:e8:3f:eb:f8:4a:9a:95:41:46:
d3:c1:8c:b8:2f:5b:bc:82:98:09:9a:57:ea:c6:d8:
e0:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:10:51:F6:06:96:BC:E5:ED:61:05:DC:80:9A:86:0D:77:6F:86:07
X509v3 Authority Key Identifier:
keyid:25:3A:3B:5F:51:80:81:68:C2:12:C0:94:A2:BA:AF:F3:8E:16:46:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JTo7X1GAgWjCEsCUorqv844WRko.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/ohBR9gaWvOXtYQXcgJqGDXdvhgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/97474c-1dc2-462c-aadd-9e9a1e03738e/1/JTo7X1GAgWjCEsCUorqv844WRko.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.226.182.0/24
195.19.193.0/24
Signature Algorithm: sha256WithRSAEncryption
31:4d:72:cb:2a:bd:b1:2e:29:e8:2a:11:8d:8a:8e:7e:5d:70:
4b:8f:95:9c:e3:19:7f:8e:81:f8:75:45:bb:b3:b8:44:6e:8c:
58:b9:c5:c1:b0:2c:d6:7a:73:66:c6:0f:03:71:d1:f5:dd:f2:
52:d1:98:0c:69:99:89:88:ce:38:41:3e:88:dc:57:e6:de:da:
54:70:b8:5a:3e:df:9a:a2:d2:f3:8e:6d:94:d1:92:ba:34:1f:
7d:e9:35:0f:f6:63:a0:46:3f:26:24:8a:da:f4:d1:58:ea:86:
84:88:e2:91:26:60:5f:38:24:b2:3b:2d:83:03:9f:68:67:75:
2b:6e:82:bc:2c:ee:85:58:3d:a5:80:74:4b:34:68:3a:51:d1:
c1:4e:4e:0a:16:c6:5c:d8:65:6c:d7:15:42:5b:f7:cf:a5:96:
68:19:9a:59:71:8a:ef:69:ca:06:18:ad:9d:7e:51:27:2e:6e:
52:35:ae:6a:9f:d8:f8:fc:92:34:f4:f7:55:08:9e:0a:d0:06:
79:1e:b4:91:b2:6c:ec:b0:31:5a:9f:16:c2:3e:e9:d9:09:8f:
86:dd:f5:bb:0f:27:dd:3c:0c:ef:cf:ae:3c:52:e0:dd:ad:67:
28:6d:8c:36:54:9e:09:3c:ec:34:d8:5f:44:b4:1f:58:6a:6e:
6f:26:ea:10
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3E3bgf20069Dhp/JhRjRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1M2EzYjVmNTE4MDgxNjhjMjEyYzA5NGEyYmFhZmYzOGUx
NjQ2NGEwHhcNMjQwMTAxMTYyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjEwNTFmNjA2OTZiY2U1ZWQ2MTA1ZGM4MDlhODYwZDc3NmY4NjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoS7JMCgtqNPsy+5s2kEaT3MLrJOO
g8cGMOyAJS1K7o9xQYIsry2pp3TB34jOZdFL3GNi3j88YS1z1jShZdvcpaVbWjYH
3/EO8so5iHhcssTVFXzYVtEweBknLmuiAwnERq3yfc3esWuTSO9hR+FYPqz6kp/J
Xb6RftRdK8IMmmpnJFIvmH+fTZW0P9696MV26ZMgjwSg6iU7LvweC+qmPeYqTjxr
E79QM5Z/aLblAHE7nKTUPiO3lRrnzQ59pKbQXTcpLA+n01+A+xACFJhTAkhbSatJ
npHii+yTTqpxygW+IwU409noP+v4SpqVQUbTwYy4L1u8gpgJmlfqxtjgzQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKIQUfYGlrzl7WEF3ICahg13b4YHMB8GA1UdIwQY
MBaAFCU6O19RgIFowhLAlKK6r/OOFkZKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQt
OWU5YTFlMDM3MzhlLzEvb2hCUjlnYVd2T1h0WVFYY2dKcUdEWGR2aGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85NzQ3NGMtMWRjMi00NjJjLWFhZGQtOWU5YTFlMDM3Mzhl
LzEvSlRvN1gxR0FnV2pDRXNDVW9ycXY4NDRXUmtvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwuK2AwQA
wxPBMA0GCSqGSIb3DQEBCwUAA4IBAQAxTXLLKr2xLinoKhGNio5+XXBLj5Wc4xl/
joH4dUW7s7hEboxYucXBsCzWenNmxg8DcdH13fJS0ZgMaZmJiM44QT6I3Ffm3tpU
cLhaPt+aotLzjm2U0ZK6NB996TUP9mOgRj8mJIra9NFY6oaEiOKRJmBfOCSyOy2D
A59oZ3UrboK8LO6FWD2lgHRLNGg6UdHBTk4KFsZc2GVs1xVCW/fPpZZoGZpZcYrv
acoGGK2dflEnLm5SNa5qn9j4/JI09PdVCJ4K0AZ5HrSRsmzssDFanxbCPunZCY+G
3fW7DyfdPAzvz648UuDdrWcobYw2VJ4JPOw02F9EtB9Yam5vJuoQ
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:38:50 2024 by rpki-client on console-ams.rpki-client.org