Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/osrkqaQb3qx2EG4vPDrSx-jUbRs.roa
File: osrkqaQb3qx2EG4vPDrSx-jUbRs.roa (raw, json)
Hash identifier: 60lpTHLn4dLpnmjc421kdUFig6Uy9lDHTrD8OxkZHo4=
Subject key identifier: A2:CA:E4:A9:A4:1B:DE:AC:76:10:6E:2F:3C:3A:D2:C7:E8:D4:6D:1B
Certificate issuer: /CN=406a92250c28580f2ad4cc1c357b02a25a790cf7
Certificate serial: 019423D75930AF141BB0E20E99B9143EDF31
Authority key identifier: 40:6A:92:25:0C:28:58:0F:2A:D4:CC:1C:35:7B:02:A2:5A:79:0C:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QGqSJQwoWA8q1MwcNXsColp5DPc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/osrkqaQb3qx2EG4vPDrSx-jUbRs.roa
Signing time: Wed 01 Jan 2025 21:48:23 +0000
ROA not before: Wed 01 Jan 2025 21:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 193.104.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/QGqSJQwoWA8q1MwcNXsColp5DPc.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/QGqSJQwoWA8q1MwcNXsColp5DPc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QGqSJQwoWA8q1MwcNXsColp5DPc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:59:30:af:14:1b:b0:e2:0e:99:b9:14:3e:df:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=406a92250c28580f2ad4cc1c357b02a25a790cf7
Validity
Not Before: Jan 1 21:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2cae4a9a41bdeac76106e2f3c3ad2c7e8d46d1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:96:4e:7f:1d:27:c0:4f:d1:4a:93:95:fa:4e:
89:f4:01:40:8b:c6:c1:7a:42:03:ae:eb:b5:23:a5:
63:d6:2c:94:c8:ec:2a:ae:31:89:f3:5b:15:88:a3:
7f:ae:ba:13:16:63:cb:e6:d2:20:ed:ad:18:b2:fb:
a8:7b:01:cc:1d:30:53:da:85:6c:47:33:4a:85:fa:
19:82:3f:ca:a1:6b:46:b1:cf:ca:a0:4d:19:ee:17:
08:8e:f9:19:3c:51:e7:64:bb:ab:ab:e5:04:61:33:
86:d4:21:72:78:e6:f9:70:bd:c1:49:66:aa:3e:62:
55:25:32:c1:c7:34:3f:11:f5:e2:f2:15:c7:7d:2a:
1d:61:55:ce:19:be:af:1d:a9:d2:63:d4:a3:b3:dc:
60:3d:86:aa:ff:e2:2b:b1:41:eb:21:18:53:25:96:
f2:62:87:43:ad:e7:c1:8c:e8:41:6c:41:52:c6:77:
4c:73:0e:d7:73:05:1b:9e:d5:9c:1c:cf:20:e7:13:
ed:3f:d8:ec:a0:8a:45:c0:74:ce:22:cd:05:32:6f:
82:70:b1:42:71:d7:42:4e:04:fc:19:ee:6b:ec:6e:
50:99:34:2e:f5:3f:e7:7c:7b:d1:09:b2:69:af:bd:
41:59:cc:fa:3e:3f:27:a5:aa:a7:86:36:fd:1c:50:
ab:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:CA:E4:A9:A4:1B:DE:AC:76:10:6E:2F:3C:3A:D2:C7:E8:D4:6D:1B
X509v3 Authority Key Identifier:
keyid:40:6A:92:25:0C:28:58:0F:2A:D4:CC:1C:35:7B:02:A2:5A:79:0C:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QGqSJQwoWA8q1MwcNXsColp5DPc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/osrkqaQb3qx2EG4vPDrSx-jUbRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/6d011b-949e-4d0f-a7e3-7f20ef02f264/1/QGqSJQwoWA8q1MwcNXsColp5DPc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.147.0/24
Signature Algorithm: sha256WithRSAEncryption
b9:6c:fe:7b:43:2e:eb:74:91:b3:28:7a:71:f7:b5:de:9d:81:
76:9b:24:a9:64:75:e0:82:ff:ee:2e:31:1b:6b:88:8c:86:ff:
6d:2c:ec:f2:ce:47:8f:a2:19:16:ee:34:68:11:53:6a:57:5d:
c8:e9:39:dc:27:b8:ba:34:94:4f:30:0d:ad:58:8b:cd:d1:78:
dc:c0:2e:19:12:40:51:00:8b:b5:a9:eb:52:40:65:a7:5c:e2:
31:25:b8:8a:a8:8d:95:1d:07:92:36:e9:40:f1:f0:26:4d:54:
6e:bb:d8:cd:d8:77:6c:1b:ce:5c:fc:07:77:51:af:ef:35:13:
f6:36:68:9d:96:d6:c7:00:75:a5:d6:a0:73:fc:71:32:38:52:
50:9c:ad:4a:2f:63:f8:24:d2:99:f9:2a:93:3c:7f:f5:7f:2b:
f5:1f:93:7e:0d:07:a0:6c:fc:27:e3:7a:86:f2:6b:de:2e:60:
7b:82:74:60:b5:9b:8a:91:0d:55:06:e2:2f:0c:9b:02:51:ac:
91:cd:87:ef:51:7d:49:b1:20:8b:ad:4a:7b:c8:73:c7:e1:6d:
ea:a0:ee:9d:49:3e:03:ce:a8:26:84:6e:cc:f7:01:7e:50:67:
b0:ba:4c:16:28:78:2a:8b:ee:57:95:47:4e:70:bd:c5:78:8b:
9d:fa:46:c2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj11kwrxQbsOIOmbkUPt8xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNmE5MjI1MGMyODU4MGYyYWQ0Y2MxYzM1N2IwMmEyNWE3
OTBjZjcwHhcNMjUwMTAxMjE0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmNhZTRhOWE0MWJkZWFjNzYxMDZlMmYzYzNhZDJjN2U4ZDQ2ZDFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpZOfx0nwE/RSpOV+k6J9AFAi8bB
ekIDruu1I6Vj1iyUyOwqrjGJ81sViKN/rroTFmPL5tIg7a0YsvuoewHMHTBT2oVs
RzNKhfoZgj/KoWtGsc/KoE0Z7hcIjvkZPFHnZLurq+UEYTOG1CFyeOb5cL3BSWaq
PmJVJTLBxzQ/EfXi8hXHfSodYVXOGb6vHanSY9Sjs9xgPYaq/+IrsUHrIRhTJZby
YodDrefBjOhBbEFSxndMcw7XcwUbntWcHM8g5xPtP9jsoIpFwHTOIs0FMm+CcLFC
cddCTgT8Ge5r7G5QmTQu9T/nfHvRCbJpr71BWcz6Pj8npaqnhjb9HFCrcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKLK5KmkG96sdhBuLzw60sfo1G0bMB8GA1UdIwQY
MBaAFEBqkiUMKFgPKtTMHDV7AqJaeQz3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUdxU0pRd29XQThxMU13Y05Yc0NvbHA1RFBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS82ZDAxMWItOTQ5ZS00ZDBmLWE3ZTMt
N2YyMGVmMDJmMjY0LzEvb3Nya3FhUWIzcXgyRUc0dlBEclN4LWpVYlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS82ZDAxMWItOTQ5ZS00ZDBmLWE3ZTMtN2YyMGVmMDJmMjY0
LzEvUUdxU0pRd29XQThxMU13Y05Yc0NvbHA1RFBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwWiTMA0G
CSqGSIb3DQEBCwUAA4IBAQC5bP57Qy7rdJGzKHpx97XenYF2mySpZHXggv/uLjEb
a4iMhv9tLOzyzkePohkW7jRoEVNqV13I6TncJ7i6NJRPMA2tWIvN0XjcwC4ZEkBR
AIu1qetSQGWnXOIxJbiKqI2VHQeSNulA8fAmTVRuu9jN2HdsG85c/Ad3Ua/vNRP2
NmidltbHAHWl1qBz/HEyOFJQnK1KL2P4JNKZ+SqTPH/1fyv1H5N+DQegbPwn43qG
8mveLmB7gnRgtZuKkQ1VBuIvDJsCUayRzYfvUX1JsSCLrUp7yHPH4W3qoO6dST4D
zqgmhG7M9wF+UGewukwWKHgqi+5XlUdOcL3FeIud+kbC
-----END CERTIFICATE-----
Generated at Sat Apr 12 02:28:08 2025 by rpki-client