Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/0c258a-5203-43e6-9672-fd9c74906baa/1/u0scP9pFeODESdtFIy2s5CtMpO0.roa
File: u0scP9pFeODESdtFIy2s5CtMpO0.roa (raw, json)
Hash identifier: aQ7/aPZcaLPu9mMomBkXgHzIa471D+E0xQaiu2Gmz+w=
Subject key identifier: BB:4B:1C:3F:DA:45:78:E0:C4:49:DB:45:23:2D:AC:E4:2B:4C:A4:ED
Certificate issuer: /CN=13d62220648d6eee42ac92c396bf2d1e81ae65f7
Certificate serial: 018CC64AF53E0D587775B4A87011137FD001
Authority key identifier: 13:D6:22:20:64:8D:6E:EE:42:AC:92:C3:96:BF:2D:1E:81:AE:65:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E9YiIGSNbu5CrJLDlr8tHoGuZfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/0c258a-5203-43e6-9672-fd9c74906baa/1/u0scP9pFeODESdtFIy2s5CtMpO0.roa
Signing time: Mon 01 Jan 2024 18:30:50 +0000
ROA not before: Mon 01 Jan 2024 18:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31276
IP address blocks: 193.24.236.0/22 maxlen: 22
194.147.128.0/22 maxlen: 22
2a07:ea80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/0c258a-5203-43e6-9672-fd9c74906baa/1/E9YiIGSNbu5CrJLDlr8tHoGuZfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/0c258a-5203-43e6-9672-fd9c74906baa/1/E9YiIGSNbu5CrJLDlr8tHoGuZfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/E9YiIGSNbu5CrJLDlr8tHoGuZfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:f5:3e:0d:58:77:75:b4:a8:70:11:13:7f:d0:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13d62220648d6eee42ac92c396bf2d1e81ae65f7
Validity
Not Before: Jan 1 18:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb4b1c3fda4578e0c449db45232dace42b4ca4ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:8e:88:2a:eb:05:75:0f:1d:83:d4:f8:52:64:
2a:ca:d2:1e:60:95:57:25:1c:91:a5:87:84:07:4d:
8e:6f:8c:b4:0a:18:81:bd:ec:1e:1b:3b:f9:67:f5:
d0:35:64:37:b9:f4:cc:21:7d:d3:02:29:c1:00:02:
e0:ca:eb:2c:67:4e:a8:e6:5c:fa:a3:f6:97:a3:41:
87:9d:cf:f6:19:61:a2:c0:53:f6:fc:b6:78:38:ce:
dd:06:e0:8e:5f:99:e5:b5:d8:74:88:57:2e:f3:b6:
6b:05:83:85:c9:09:e9:d8:f1:bf:1f:88:64:73:33:
01:4a:8e:c1:2c:1e:08:66:90:d6:48:11:f1:49:68:
db:dd:ca:9a:db:1a:2a:83:f3:1a:80:21:b0:6f:09:
66:c1:3a:41:9b:5b:bd:83:47:7f:a9:be:f0:c2:11:
1a:f0:a0:43:16:d4:6f:2b:34:d0:98:0a:19:71:9c:
e4:16:59:a5:75:e7:9a:50:8a:d5:dc:5b:79:f2:cd:
22:19:2f:b5:e7:6c:bf:63:b8:84:57:42:a5:db:0b:
f5:dd:86:ae:d0:71:2a:60:48:fd:ad:d6:08:d8:b1:
25:f4:b5:1e:b1:5d:84:a4:4c:10:74:89:4c:9d:01:
00:30:de:82:98:a7:b1:df:ce:61:cf:f6:73:d3:7c:
57:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:4B:1C:3F:DA:45:78:E0:C4:49:DB:45:23:2D:AC:E4:2B:4C:A4:ED
X509v3 Authority Key Identifier:
keyid:13:D6:22:20:64:8D:6E:EE:42:AC:92:C3:96:BF:2D:1E:81:AE:65:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E9YiIGSNbu5CrJLDlr8tHoGuZfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0c258a-5203-43e6-9672-fd9c74906baa/1/u0scP9pFeODESdtFIy2s5CtMpO0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/0c258a-5203-43e6-9672-fd9c74906baa/1/E9YiIGSNbu5CrJLDlr8tHoGuZfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.24.236.0/22
194.147.128.0/22
IPv6:
2a07:ea80::/29
Signature Algorithm: sha256WithRSAEncryption
91:66:57:1e:df:3a:f6:56:bf:76:70:7a:99:31:aa:54:04:00:
19:94:09:df:2c:c3:41:fc:d1:d4:a1:9c:7d:5c:5b:42:92:07:
1d:06:82:c2:c2:74:70:c6:d9:62:e7:53:90:fc:8a:66:8d:0f:
c0:b5:b2:ca:f7:e9:7f:b5:cf:43:e9:85:35:f6:09:44:a2:7a:
02:d0:c6:d2:66:60:0a:54:de:44:95:64:01:9e:42:97:f1:bd:
6b:b0:8e:20:74:a1:bf:58:73:2e:cb:73:41:7f:f3:40:d5:23:
b2:15:1e:30:c9:6f:27:15:ce:c1:bb:15:5f:e9:0a:8c:db:b8:
48:38:f6:48:87:6f:50:2f:24:da:28:02:03:f9:aa:0b:1b:18:
ce:5e:ae:00:2f:1b:86:0a:26:d6:8e:00:b9:79:e8:fe:d8:1e:
8f:a7:56:67:18:a6:83:b3:bd:5b:0f:8c:37:03:4c:ce:22:fc:
71:14:34:db:6f:47:bd:3f:5d:79:28:15:ff:8d:1f:8c:6f:56:
f8:bb:5c:e4:8a:20:42:d0:75:56:f6:b1:1a:9b:dd:1e:da:eb:
29:69:92:e4:58:00:30:33:c0:0a:b5:ae:e0:c7:44:70:a0:11:
99:d6:70:37:5c:d0:93:b8:46:b6:44:96:d7:c1:6c:3c:95:6e:
e5:67:17:29
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGSvU+DVh3dbSocBETf9ABMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzZDYyMjIwNjQ4ZDZlZWU0MmFjOTJjMzk2YmYyZDFlODFh
ZTY1ZjcwHhcNMjQwMTAxMTgzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjRiMWMzZmRhNDU3OGUwYzQ0OWRiNDUyMzJkYWNlNDJiNGNhNGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh46IKusFdQ8dg9T4UmQqytIeYJVX
JRyRpYeEB02Ob4y0ChiBveweGzv5Z/XQNWQ3ufTMIX3TAinBAALgyussZ06o5lz6
o/aXo0GHnc/2GWGiwFP2/LZ4OM7dBuCOX5nltdh0iFcu87ZrBYOFyQnp2PG/H4hk
czMBSo7BLB4IZpDWSBHxSWjb3cqa2xoqg/MagCGwbwlmwTpBm1u9g0d/qb7wwhEa
8KBDFtRvKzTQmAoZcZzkFlmldeeaUIrV3Ft58s0iGS+152y/Y7iEV0Kl2wv13Yau
0HEqYEj9rdYI2LEl9LUesV2EpEwQdIlMnQEAMN6CmKex385hz/Zz03xXHQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLtLHD/aRXjgxEnbRSMtrOQrTKTtMB8GA1UdIwQY
MBaAFBPWIiBkjW7uQqySw5a/LR6BrmX3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTlZaUlHU05idTVDckpMRGxyOHRIb0d1WmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS8wYzI1OGEtNTIwMy00M2U2LTk2NzIt
ZmQ5Yzc0OTA2YmFhLzEvdTBzY1A5cEZlT0RFU2R0Rkl5MnM1Q3RNcE8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS8wYzI1OGEtNTIwMy00M2U2LTk2NzItZmQ5Yzc0OTA2YmFh
LzEvRTlZaUlHU05idTVDckpMRGxyOHRIb0d1WmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwRjsAwQC
wpOAMA0EAgACMAcDBQMqB+qAMA0GCSqGSIb3DQEBCwUAA4IBAQCRZlce3zr2Vr92
cHqZMapUBAAZlAnfLMNB/NHUoZx9XFtCkgcdBoLCwnRwxtli51OQ/IpmjQ/AtbLK
9+l/tc9D6YU19glEonoC0MbSZmAKVN5ElWQBnkKX8b1rsI4gdKG/WHMuy3NBf/NA
1SOyFR4wyW8nFc7BuxVf6QqM27hIOPZIh29QLyTaKAID+aoLGxjOXq4ALxuGCibW
jgC5eej+2B6Pp1ZnGKaDs71bD4w3A0zOIvxxFDTbb0e9P115KBX/jR+Mb1b4u1zk
iiBC0HVW9rEam90e2uspaZLkWAAwM8AKta7gx0RwoBGZ1nA3XNCTuEa2RJbXwWw8
lW7lZxcp
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:56:27 2024 by rpki-client on console-fra.rpki-client.org