Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/ub7Q4OLhFYoI6B62FDHhScCMDKU.roa
File: ub7Q4OLhFYoI6B62FDHhScCMDKU.roa (raw, json)
Hash identifier: 8tPOa2Ln9k1Y5xbfo10G+8BO0hyHSPYVvdlgkTyyOBQ=
Subject key identifier: B9:BE:D0:E0:E2:E1:15:8A:08:E8:1E:B6:14:31:E1:49:C0:8C:0C:A5
Certificate issuer: /CN=3e3d1c21a77a0b0f7f0ce6633e13e0c57bedb08b
Certificate serial: 018CC5DBE1760179FA577E530B8BDC775ED1
Authority key identifier: 3E:3D:1C:21:A7:7A:0B:0F:7F:0C:E6:63:3E:13:E0:C5:7B:ED:B0:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pj0cIad6Cw9_DOZjPhPgxXvtsIs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/ub7Q4OLhFYoI6B62FDHhScCMDKU.roa
Signing time: Mon 01 Jan 2024 16:29:30 +0000
ROA not before: Mon 01 Jan 2024 16:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48712
IP address blocks: 195.130.197.0/24 maxlen: 24
194.28.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/Pj0cIad6Cw9_DOZjPhPgxXvtsIs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/Pj0cIad6Cw9_DOZjPhPgxXvtsIs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pj0cIad6Cw9_DOZjPhPgxXvtsIs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 07:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:e1:76:01:79:fa:57:7e:53:0b:8b:dc:77:5e:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e3d1c21a77a0b0f7f0ce6633e13e0c57bedb08b
Validity
Not Before: Jan 1 16:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b9bed0e0e2e1158a08e81eb61431e149c08c0ca5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:0b:9d:13:d8:f8:0f:08:b7:90:ac:e3:ab:db:
16:67:2d:d0:f0:f0:c5:4e:fd:38:2f:c9:bc:bc:37:
8c:31:60:f2:0d:57:47:89:58:85:62:3e:8c:49:9d:
2a:98:7c:b1:40:3f:e3:c1:fc:8e:2f:9b:e0:36:b2:
e7:80:15:be:eb:de:75:ef:4b:04:46:19:4a:ae:24:
26:29:92:cc:1a:99:00:c2:42:0c:40:9e:31:4c:18:
74:e6:96:5a:04:79:8c:93:cf:93:f9:e4:4b:87:7a:
a4:25:02:b0:d7:6d:63:9c:3f:19:a2:e2:e4:8e:79:
03:7c:51:51:b1:83:d8:e8:1f:4f:c5:f7:31:36:4d:
be:6f:64:b3:83:03:66:79:41:38:2b:fa:cb:43:aa:
43:37:fb:2e:11:24:18:ae:58:c4:2e:8f:1b:32:c9:
9e:ca:fb:e0:2f:ac:76:56:1b:32:bb:98:4f:f9:aa:
b9:18:e3:0c:eb:19:bc:a6:6d:0c:40:bb:66:b0:5b:
f1:ff:f8:6b:db:81:f2:34:aa:54:02:26:34:79:4f:
cc:6b:58:e6:1e:fa:f5:27:99:18:8d:28:75:49:42:
03:bc:16:4f:90:29:34:a1:54:99:74:b8:1f:3e:fa:
22:2e:66:d9:d3:85:0b:c6:d3:03:29:07:92:cd:3a:
46:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:BE:D0:E0:E2:E1:15:8A:08:E8:1E:B6:14:31:E1:49:C0:8C:0C:A5
X509v3 Authority Key Identifier:
keyid:3E:3D:1C:21:A7:7A:0B:0F:7F:0C:E6:63:3E:13:E0:C5:7B:ED:B0:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pj0cIad6Cw9_DOZjPhPgxXvtsIs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/ub7Q4OLhFYoI6B62FDHhScCMDKU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/0e9e00-46e6-4863-9320-098f2598e5e3/1/Pj0cIad6Cw9_DOZjPhPgxXvtsIs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.32.0/22
195.130.197.0/24
Signature Algorithm: sha256WithRSAEncryption
93:9b:9b:49:86:0c:fc:3f:49:0d:ba:93:1b:5f:1e:16:c2:c9:
94:7c:5b:9e:fb:66:9f:e4:68:e8:3a:11:2c:cb:5e:3c:48:47:
99:44:e0:fd:0c:2a:6f:24:a4:7d:4a:b9:be:8d:6a:bb:f8:e3:
da:42:59:f3:a6:17:df:b3:80:9c:eb:f0:fa:95:1f:67:23:65:
b4:04:95:f3:77:43:a1:b6:ce:bf:1c:8e:ce:c6:a0:4c:68:75:
d0:d2:17:9c:f9:ec:85:49:df:a1:2a:ae:2e:f2:a2:14:72:cf:
17:ce:e9:d9:c7:38:1c:1a:72:8a:1c:6e:08:fb:e2:65:0c:af:
a0:93:c9:74:77:a7:92:09:af:f5:4e:6d:48:5b:4f:90:48:3a:
ab:d3:af:62:6d:33:85:bc:f9:1b:3b:96:eb:8d:f6:d7:6d:b9:
6d:f2:5b:95:2a:dd:75:27:01:8e:d7:75:83:f2:b3:b2:a1:9d:
f3:44:1a:c8:ec:5d:c3:d3:18:e0:bc:71:5d:62:35:a6:72:49:
f5:b6:df:66:48:74:b7:23:4e:67:a3:74:9f:0e:d7:ee:2a:cc:
c4:94:d1:2f:7b:0e:ac:c2:bc:1b:0e:d1:aa:36:b1:81:3b:34:
27:51:5d:6b:6d:65:b2:05:d0:bf:39:aa:1f:1a:cf:ef:af:94:
7d:b8:29:ba
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF2+F2AXn6V35TC4vcd17RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlM2QxYzIxYTc3YTBiMGY3ZjBjZTY2MzNlMTNlMGM1N2Jl
ZGIwOGIwHhcNMjQwMTAxMTYyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOWJlZDBlMGUyZTExNThhMDhlODFlYjYxNDMxZTE0OWMwOGMwY2E1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQudE9j4Dwi3kKzjq9sWZy3Q8PDF
Tv04L8m8vDeMMWDyDVdHiViFYj6MSZ0qmHyxQD/jwfyOL5vgNrLngBW+695170sE
RhlKriQmKZLMGpkAwkIMQJ4xTBh05pZaBHmMk8+T+eRLh3qkJQKw121jnD8ZouLk
jnkDfFFRsYPY6B9PxfcxNk2+b2SzgwNmeUE4K/rLQ6pDN/suESQYrljELo8bMsme
yvvgL6x2Vhsyu5hP+aq5GOMM6xm8pm0MQLtmsFvx//hr24HyNKpUAiY0eU/Ma1jm
Hvr1J5kYjSh1SUIDvBZPkCk0oVSZdLgfPvoiLmbZ04ULxtMDKQeSzTpGKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLm+0ODi4RWKCOgethQx4UnAjAylMB8GA1UdIwQY
MBaAFD49HCGnegsPfwzmYz4T4MV77bCLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGowY0lhZDZDdzlfRE9aalBoUGd4WHZ0c0lzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8wZTllMDAtNDZlNi00ODYzLTkzMjAt
MDk4ZjI1OThlNWUzLzEvdWI3UTRPTGhGWW9JNkI2MkZESGhTY0NNREtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8wZTllMDAtNDZlNi00ODYzLTkzMjAtMDk4ZjI1OThlNWUz
LzEvUGowY0lhZDZDdzlfRE9aalBoUGd4WHZ0c0lzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwhwgAwQA
w4LFMA0GCSqGSIb3DQEBCwUAA4IBAQCTm5tJhgz8P0kNupMbXx4WwsmUfFue+2af
5GjoOhEsy148SEeZROD9DCpvJKR9Srm+jWq7+OPaQlnzphffs4Cc6/D6lR9nI2W0
BJXzd0Ohts6/HI7OxqBMaHXQ0hec+eyFSd+hKq4u8qIUcs8XzunZxzgcGnKKHG4I
++JlDK+gk8l0d6eSCa/1Tm1IW0+QSDqr069ibTOFvPkbO5brjfbXbblt8luVKt11
JwGO13WD8rOyoZ3zRBrI7F3D0xjgvHFdYjWmckn1tt9mSHS3I05no3SfDtfuKszE
lNEvew6swrwbDtGqNrGBOzQnUV1rbWWyBdC/OaofGs/vr5R9uCm6
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:55:52 2024 by rpki-client on console-ams.rpki-client.org