Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/63a402-a56a-4a89-a745-946817b59148/1/oaSNmQwuRc13PpOWxQF_tD88Wuk.roa
File: oaSNmQwuRc13PpOWxQF_tD88Wuk.roa (raw, json)
Hash identifier: 6Dyr5RV9WiwC/4aDAUVY0pqnb50f1qBljbybKJ6z/iI=
Subject key identifier: A1:A4:8D:99:0C:2E:45:CD:77:3E:93:96:C5:01:7F:B4:3F:3C:5A:E9
Certificate issuer: /CN=22d028f1ba3cefb0debd51be9dac68c9ce56c3d5
Certificate serial: 019424453AFC274A1D79D8A1D5A34384F648
Authority key identifier: 22:D0:28:F1:BA:3C:EF:B0:DE:BD:51:BE:9D:AC:68:C9:CE:56:C3:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ItAo8bo877DevVG-naxoyc5Ww9U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/63a402-a56a-4a89-a745-946817b59148/1/oaSNmQwuRc13PpOWxQF_tD88Wuk.roa
Signing time: Wed 01 Jan 2025 23:48:24 +0000
ROA not before: Wed 01 Jan 2025 23:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201901
IP address blocks: 185.204.184.0/24 maxlen: 24
2a0e:c940::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/63a402-a56a-4a89-a745-946817b59148/1/ItAo8bo877DevVG-naxoyc5Ww9U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/63a402-a56a-4a89-a745-946817b59148/1/ItAo8bo877DevVG-naxoyc5Ww9U.mft
rsync://rpki.ripe.net/repository/DEFAULT/ItAo8bo877DevVG-naxoyc5Ww9U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:3a:fc:27:4a:1d:79:d8:a1:d5:a3:43:84:f6:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22d028f1ba3cefb0debd51be9dac68c9ce56c3d5
Validity
Not Before: Jan 1 23:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a1a48d990c2e45cd773e9396c5017fb43f3c5ae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:dc:74:b4:ff:1a:86:c2:5f:e6:d5:d0:9c:42:
3c:1f:b6:d9:ff:23:c1:36:1a:33:8a:e3:2e:f2:98:
7b:e3:1f:62:ba:8d:5d:6a:05:9d:e0:98:5c:5e:2d:
f5:4c:d7:3e:5f:8a:f0:3c:cf:35:2e:23:d4:e3:b3:
3b:a1:07:7a:8b:a1:1f:4e:80:f8:77:2e:df:ff:cc:
40:3e:f8:92:46:5f:73:96:6c:d8:99:da:d0:4f:c4:
5c:b6:db:08:25:7c:96:1b:f5:ba:97:67:ee:01:59:
fc:a4:f6:a6:a0:97:8c:31:5b:cc:96:a2:b1:11:2a:
f6:e5:28:81:44:9f:27:ba:48:e9:2f:eb:74:f2:ec:
9a:be:9b:98:a3:32:6e:e4:d7:f8:b0:c8:e1:98:80:
4a:17:d4:25:12:25:f2:7e:0e:bb:99:f2:52:ea:68:
51:03:58:7e:34:d8:93:2d:54:7f:81:f3:26:f9:bb:
b3:39:f9:50:1d:92:0e:0d:9f:65:0f:cc:f2:9c:42:
e9:e8:bf:a8:0b:41:f1:9a:cb:79:0e:b4:d1:73:9d:
7d:be:fd:c8:d8:d8:6e:64:bd:cf:29:30:8a:b5:78:
01:e0:76:ae:8f:be:67:9d:65:ec:89:97:e6:b0:ff:
e8:46:4e:82:cd:b8:55:95:6d:f9:29:3b:03:95:bb:
6e:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:A4:8D:99:0C:2E:45:CD:77:3E:93:96:C5:01:7F:B4:3F:3C:5A:E9
X509v3 Authority Key Identifier:
keyid:22:D0:28:F1:BA:3C:EF:B0:DE:BD:51:BE:9D:AC:68:C9:CE:56:C3:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ItAo8bo877DevVG-naxoyc5Ww9U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/63a402-a56a-4a89-a745-946817b59148/1/oaSNmQwuRc13PpOWxQF_tD88Wuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/63a402-a56a-4a89-a745-946817b59148/1/ItAo8bo877DevVG-naxoyc5Ww9U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.204.184.0/24
IPv6:
2a0e:c940::/29
Signature Algorithm: sha256WithRSAEncryption
e1:2c:a1:5f:3a:ca:b0:d0:1c:b3:c1:7c:ab:06:16:5e:82:55:
ba:83:f5:47:e6:70:57:0d:65:55:d3:40:76:31:a4:07:bd:48:
b4:0a:48:9b:2c:ee:13:4d:af:ca:49:d9:24:84:a6:84:f5:93:
47:c4:e7:90:4f:39:7c:55:46:4b:86:ff:9b:fd:ae:9d:11:57:
0a:80:7e:0f:20:a9:82:cd:af:db:54:02:71:f9:61:ac:a1:e2:
42:28:18:61:f9:7b:9d:c4:6b:6c:f6:09:e3:54:a2:57:72:bf:
c2:92:cc:02:02:93:11:b1:0a:7a:81:d6:8e:3f:d0:69:57:b6:
b1:2b:62:8d:ea:36:4e:47:c2:73:de:45:07:0e:70:7c:45:20:
95:51:4c:d7:29:7b:0c:20:2f:1c:9b:ca:88:90:e6:19:1b:3f:
4b:d7:4f:1c:63:b4:26:7e:31:5a:c3:96:8b:18:69:d4:ff:7e:
9d:bf:a6:7e:ec:5c:ef:c8:83:72:28:15:c7:f3:e1:b7:1a:65:
6d:99:b4:8d:0f:cb:9a:8e:7d:aa:68:da:a5:c9:8d:35:ca:0b:
ba:10:e7:1f:22:fb:c5:ad:01:64:c6:f9:d0:1d:57:ef:d4:1c:
b5:ac:60:0a:d5:f9:a4:75:7f:ae:5d:12:35:63:08:e0:fd:ab:
51:bf:c3:c7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQkRTr8J0odedih1aNDhPZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZDAyOGYxYmEzY2VmYjBkZWJkNTFiZTlkYWM2OGM5Y2U1
NmMzZDUwHhcNMjUwMTAxMjM0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWE0OGQ5OTBjMmU0NWNkNzczZTkzOTZjNTAxN2ZiNDNmM2M1YWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvNx0tP8ahsJf5tXQnEI8H7bZ/yPB
NhoziuMu8ph74x9iuo1dagWd4JhcXi31TNc+X4rwPM81LiPU47M7oQd6i6EfToD4
dy7f/8xAPviSRl9zlmzYmdrQT8RcttsIJXyWG/W6l2fuAVn8pPamoJeMMVvMlqKx
ESr25SiBRJ8nukjpL+t08uyavpuYozJu5Nf4sMjhmIBKF9QlEiXyfg67mfJS6mhR
A1h+NNiTLVR/gfMm+buzOflQHZIODZ9lD8zynELp6L+oC0Hxmst5DrTRc519vv3I
2NhuZL3PKTCKtXgB4Hauj75nnWXsiZfmsP/oRk6CzbhVlW35KTsDlbtuSQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKGkjZkMLkXNdz6TlsUBf7Q/PFrpMB8GA1UdIwQY
MBaAFCLQKPG6PO+w3r1Rvp2saMnOVsPVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXRBbzhibzg3N0RldlZHLW5heG95YzVXdzlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS82M2E0MDItYTU2YS00YTg5LWE3NDUt
OTQ2ODE3YjU5MTQ4LzEvb2FTTm1Rd3VSYzEzUHBPV3hRRl90RDg4V3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS82M2E0MDItYTU2YS00YTg5LWE3NDUtOTQ2ODE3YjU5MTQ4
LzEvSXRBbzhibzg3N0RldlZHLW5heG95YzVXdzlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAucy4MA0E
AgACMAcDBQMqDslAMA0GCSqGSIb3DQEBCwUAA4IBAQDhLKFfOsqw0ByzwXyrBhZe
glW6g/VH5nBXDWVV00B2MaQHvUi0CkibLO4TTa/KSdkkhKaE9ZNHxOeQTzl8VUZL
hv+b/a6dEVcKgH4PIKmCza/bVAJx+WGsoeJCKBhh+XudxGts9gnjVKJXcr/CkswC
ApMRsQp6gdaOP9BpV7axK2KN6jZOR8Jz3kUHDnB8RSCVUUzXKXsMIC8cm8qIkOYZ
Gz9L108cY7QmfjFaw5aLGGnU/36dv6Z+7FzvyINyKBXH8+G3GmVtmbSND8uajn2q
aNqlyY01ygu6EOcfIvvFrQFkxvnQHVfv1By1rGAK1fmkdX+uXRI1Ywjg/atRv8PH
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:08:05 2025 by rpki-client