Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/op052EwSdQJYCzo0GIgfp_oJb0c.roa
File: op052EwSdQJYCzo0GIgfp_oJb0c.roa (raw, json)
Hash identifier: XFwoZxm2V1IOIT/ZJlELYiDftm+ELjQPleGHxgS1zA8=
Subject key identifier: A2:9D:39:D8:4C:12:75:02:58:0B:3A:34:18:88:1F:A7:FA:09:6F:47
Certificate issuer: /CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Certificate serial: 0192D04C58A8B9B3706FF0F3A670E1F07B81
Authority key identifier: 51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/op052EwSdQJYCzo0GIgfp_oJb0c.roa
Signing time: Sun 27 Oct 2024 23:25:17 +0000
ROA not before: Sun 27 Oct 2024 23:25:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62443
IP address blocks: 194.39.255.0/24 maxlen: 24
2a13:cc80::/32 maxlen: 32
2a13:cc81::/32 maxlen: 32
2a13:cc82:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UXoMloQrr8n2MLoUuD6nm9EqU7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UXoMloQrr8n2MLoUuD6nm9EqU7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:d0:4c:58:a8:b9:b3:70:6f:f0:f3:a6:70:e1:f0:7b:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Validity
Not Before: Oct 27 23:25:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a29d39d84c127502580b3a3418881fa7fa096f47
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:d1:49:3a:40:62:fd:19:72:3e:79:81:23:b0:
05:32:e4:43:a1:38:5e:21:7a:79:37:21:23:b9:09:
f3:19:38:d1:90:cf:40:bf:92:dc:ff:7f:40:bf:e1:
bc:8f:00:d7:12:f4:9f:58:fa:76:74:98:94:23:e8:
40:84:8c:3f:c2:6e:a7:64:5a:82:3f:3d:17:6a:49:
97:6c:53:54:cb:0e:bf:ab:e0:8f:1b:9b:51:ea:1f:
47:6f:8c:4e:df:8e:42:24:97:2b:f1:12:d9:fa:91:
8b:ad:64:54:99:75:c5:74:5b:33:e5:e4:b2:14:e2:
2f:9b:f5:42:9b:90:bc:b8:92:50:2f:2c:e6:32:60:
5c:b3:ef:cd:53:ac:26:bc:4e:84:10:42:90:7d:ab:
51:69:79:1e:db:fa:e4:af:62:14:54:f1:f8:6e:c4:
97:df:60:10:d2:28:e6:c3:63:9b:ed:b4:a9:3f:d4:
da:43:70:99:d5:92:73:d6:61:d6:a1:bb:85:7d:05:
fb:1d:19:f4:44:1f:63:f2:df:5e:be:a5:2f:da:ce:
e1:82:95:04:ec:b3:79:3d:29:0e:be:c0:d8:f5:44:
9e:cb:af:de:f0:27:fe:f9:1b:fb:e1:10:1d:55:87:
c7:63:58:33:4a:f0:91:42:92:61:2c:b7:c1:15:14:
9a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:9D:39:D8:4C:12:75:02:58:0B:3A:34:18:88:1F:A7:FA:09:6F:47
X509v3 Authority Key Identifier:
keyid:51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/op052EwSdQJYCzo0GIgfp_oJb0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UXoMloQrr8n2MLoUuD6nm9EqU7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.255.0/24
IPv6:
2a13:cc80::/31
2a13:cc82:100::/48
Signature Algorithm: sha256WithRSAEncryption
6f:07:91:d0:41:fc:57:58:3b:ce:6d:97:e8:12:91:9f:58:f1:
97:e8:0a:5c:25:15:34:e7:02:60:d1:e9:12:fb:7c:fd:b0:a5:
3c:69:9d:9f:20:1a:bd:05:67:c9:40:fb:3b:99:fd:43:28:ac:
62:b9:66:fc:52:db:00:e7:eb:6f:b0:4d:1e:d1:2c:35:c1:33:
33:27:e0:2a:0e:ff:d2:cd:2b:3c:0e:69:b5:72:9e:08:18:20:
dd:55:f0:e5:1e:b7:ac:8f:8d:0e:01:af:d0:db:e2:48:a0:84:
06:8f:de:1d:99:c1:f6:62:cc:a3:39:8b:51:0c:a7:9e:b6:74:
50:14:a2:5d:d3:df:6a:9f:c2:62:49:58:7c:f0:e7:73:cf:e2:
e2:25:b1:9e:d2:88:13:88:2e:6c:ea:0e:1d:6e:4e:29:59:e7:
82:36:01:7b:cf:0b:34:9d:1d:12:64:d3:71:d5:64:b4:f1:41:
10:06:29:d6:44:c5:95:c0:64:8f:04:dc:95:57:6c:bf:23:5e:
9c:57:2c:32:24:84:2e:94:9b:c0:15:74:58:20:a2:ca:cd:c0:
44:48:8f:15:b6:c6:39:96:ee:20:a5:5b:b8:1d:79:59:92:41:
22:a2:a4:bc:4b:3d:0d:7c:ff:00:a0:72:79:90:e9:ea:25:8d:
81:16:58:8b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLQTFioubNwb/DzpnDh8HuBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxN2EwYzk2ODQyYmFmYzlmNjMwYmExNGI4M2VhNzliZDEy
YTUzYjkwHhcNMjQxMDI3MjMyNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjlkMzlkODRjMTI3NTAyNTgwYjNhMzQxODg4MWZhN2ZhMDk2ZjQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAktFJOkBi/RlyPnmBI7AFMuRDoThe
IXp5NyEjuQnzGTjRkM9Av5Lc/39Av+G8jwDXEvSfWPp2dJiUI+hAhIw/wm6nZFqC
Pz0XakmXbFNUyw6/q+CPG5tR6h9Hb4xO345CJJcr8RLZ+pGLrWRUmXXFdFsz5eSy
FOIvm/VCm5C8uJJQLyzmMmBcs+/NU6wmvE6EEEKQfatRaXke2/rkr2IUVPH4bsSX
32AQ0ijmw2Ob7bSpP9TaQ3CZ1ZJz1mHWobuFfQX7HRn0RB9j8t9evqUv2s7hgpUE
7LN5PSkOvsDY9USey6/e8Cf++Rv74RAdVYfHY1gzSvCRQpJhLLfBFRSacQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKKdOdhMEnUCWAs6NBiIH6f6CW9HMB8GA1UdIwQY
MBaAFFF6DJaEK6/J9jC6FLg+p5vRKlO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMt
YjBlYjY3MTVlMGFmLzEvb3AwNTJFd1NkUUpZQ3pvMEdJZ2ZwX29KYjBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMtYjBlYjY3MTVlMGFm
LzEvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAwif/MBYE
AgACMBADBQEqE8yAAwcAKhPMggEAMA0GCSqGSIb3DQEBCwUAA4IBAQBvB5HQQfxX
WDvObZfoEpGfWPGX6ApcJRU05wJg0ekS+3z9sKU8aZ2fIBq9BWfJQPs7mf1DKKxi
uWb8UtsA5+tvsE0e0Sw1wTMzJ+AqDv/SzSs8Dmm1cp4IGCDdVfDlHresj40OAa/Q
2+JIoIQGj94dmcH2YsyjOYtRDKeetnRQFKJd099qn8JiSVh88Odzz+LiJbGe0ogT
iC5s6g4dbk4pWeeCNgF7zws0nR0SZNNx1WS08UEQBinWRMWVwGSPBNyVV2y/I16c
VywyJIQulJvAFXRYIKLKzcBESI8VtsY5lu4gpVu4HXlZkkEioqS8Sz0NfP8AoHJ5
kOnqJY2BFliL
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:50:20 2024 by rpki-client on console-ams.rpki-client.org