Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/ONKzBcZlLaDvBXj0ChQkq0AcBAo.roa
File: ONKzBcZlLaDvBXj0ChQkq0AcBAo.roa (raw, json)
Hash identifier: xt6U3+zGv+p5+qldoLqBIRpHRAbFRfEFMt0N2Y4HxPA=
Subject key identifier: 38:D2:B3:05:C6:65:2D:A0:EF:05:78:F4:0A:14:24:AB:40:1C:04:0A
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 019420686CE6D141F9ABC7E4A8A45F0E98D0
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/ONKzBcZlLaDvBXj0ChQkq0AcBAo.roa
Signing time: Wed 01 Jan 2025 05:48:22 +0000
ROA not before: Wed 01 Jan 2025 05:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213183
IP address blocks: 194.42.98.0/23 maxlen: 23
194.147.93.0/24 maxlen: 24
194.147.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 07:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:6c:e6:d1:41:f9:ab:c7:e4:a8:a4:5f:0e:98:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Jan 1 05:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38d2b305c6652da0ef0578f40a1424ab401c040a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:ed:a2:86:3f:b0:5f:c1:c3:64:2d:e4:96:d4:
1b:b0:a7:0c:b1:15:4e:e1:7d:84:a4:52:b9:ee:75:
ec:9c:60:2d:cb:12:04:ca:0b:ec:ae:6e:cb:8c:a7:
e0:99:1d:77:dd:45:0e:b4:c4:cc:d9:b1:b9:9e:f6:
38:d0:70:bf:fd:56:e0:dc:0f:3a:5d:ce:fd:3a:f7:
f5:dc:a6:32:9a:cc:d1:a4:2e:6a:d5:3d:99:69:26:
4e:21:c6:e6:fc:92:e6:f0:ef:4d:6d:fd:e3:46:bf:
87:56:ab:e6:64:c1:73:9f:84:94:30:cb:9c:86:a4:
04:c1:49:24:76:7b:8e:83:c2:69:bc:5e:7f:b3:a9:
25:08:a1:02:86:58:52:2f:a9:0d:17:86:6f:d6:b2:
68:25:91:f0:5f:05:a4:72:d8:52:86:4c:46:ad:cc:
1a:13:0a:1b:6a:07:e5:56:e0:ce:cf:28:60:b8:88:
fc:6b:f1:58:f3:89:83:53:3c:2b:19:1a:be:32:46:
be:d0:58:7a:ac:2e:f6:3d:25:f5:3c:b8:81:5f:1e:
3f:e1:24:0a:4b:87:c8:ce:67:96:cd:7f:a2:9a:8a:
cd:2e:38:5c:8a:ad:00:2c:28:87:13:66:4d:46:86:
9c:1f:01:02:01:0f:35:1a:03:a2:ef:86:d6:39:f2:
eb:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:D2:B3:05:C6:65:2D:A0:EF:05:78:F4:0A:14:24:AB:40:1C:04:0A
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/ONKzBcZlLaDvBXj0ChQkq0AcBAo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.42.98.0/23
194.147.93.0-194.147.94.255
Signature Algorithm: sha256WithRSAEncryption
8b:7c:c0:e7:18:17:18:55:c8:93:04:dd:bf:e2:2a:69:40:37:
a7:31:17:ff:11:3b:91:75:01:5f:d4:ba:c1:2e:56:8b:dc:67:
30:98:95:b2:fd:8e:74:d2:e7:91:33:a2:d9:fc:81:2d:17:82:
b8:2a:42:62:1a:13:7a:f1:80:67:3a:25:e6:48:97:fd:c5:e7:
6f:5c:a7:a1:f4:a3:20:99:02:6c:70:b8:4b:b2:6a:1e:12:c0:
7f:cf:73:12:16:a3:80:f1:00:3f:2c:be:db:ea:d1:ad:5a:91:
83:b5:c8:8e:80:c7:c3:b0:e6:a9:15:4c:f8:b1:7a:fb:07:77:
a8:6c:4c:a2:84:ee:90:33:23:22:63:d6:d0:27:d1:1c:35:92:
d1:13:40:0d:99:4f:ac:c9:db:99:63:14:dd:58:e7:df:0e:db:
fb:19:62:7b:04:82:18:1f:ef:24:ef:76:ad:61:68:94:24:80:
cf:a6:ce:a4:ec:a6:62:af:2e:78:bc:61:8c:9b:82:5d:c0:a7:
e2:16:5e:d9:44:75:e3:46:de:d7:6e:5f:9a:7e:47:ab:2c:2f:
43:12:98:0c:0e:73:1c:22:e0:a4:6f:f2:8f:de:05:66:7c:a7:
f3:5b:2e:74:8d:e2:a7:8a:ce:21:b3:da:4a:d6:39:8b:51:13:
ad:af:b0:8f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQgaGzm0UH5q8fkqKRfDpjQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjUwMTAxMDU0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGQyYjMwNWM2NjUyZGEwZWYwNTc4ZjQwYTE0MjRhYjQwMWMwNDBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9O2ihj+wX8HDZC3kltQbsKcMsRVO
4X2EpFK57nXsnGAtyxIEygvsrm7LjKfgmR133UUOtMTM2bG5nvY40HC//Vbg3A86
Xc79Ovf13KYymszRpC5q1T2ZaSZOIcbm/JLm8O9Nbf3jRr+HVqvmZMFzn4SUMMuc
hqQEwUkkdnuOg8JpvF5/s6klCKEChlhSL6kNF4Zv1rJoJZHwXwWkcthShkxGrcwa
EwobagflVuDOzyhguIj8a/FY84mDUzwrGRq+Mka+0Fh6rC72PSX1PLiBXx4/4SQK
S4fIzmeWzX+imorNLjhciq0ALCiHE2ZNRoacHwECAQ81GgOi74bWOfLr6wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDjSswXGZS2g7wV49AoUJKtAHAQKMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvT05LekJjWmxMYUR2QlhqMENoUWtxMEFjQkFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBwipiMAwD
BADCk10DBADCk14wDQYJKoZIhvcNAQELBQADggEBAIt8wOcYFxhVyJME3b/iKmlA
N6cxF/8RO5F1AV/UusEuVovcZzCYlbL9jnTS55Ezotn8gS0XgrgqQmIaE3rxgGc6
JeZIl/3F529cp6H0oyCZAmxwuEuyah4SwH/PcxIWo4DxAD8svtvq0a1akYO1yI6A
x8Ow5qkVTPixevsHd6hsTKKE7pAzIyJj1tAn0Rw1ktETQA2ZT6zJ25ljFN1Y598O
2/sZYnsEghgf7yTvdq1haJQkgM+mzqTspmKvLni8YYybgl3Ap+IWXtlEdeNG3tdu
X5p+R6ssL0MSmAwOcxwi4KRv8o/eBWZ8p/NbLnSN4qeKziGz2krWOYtRE62vsI8=
-----END CERTIFICATE-----
Generated at Mon Apr 7 15:01:35 2025 by rpki-client