Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/DN7cb2WxNWOTpycH6YaG66edbbs.roa
File: DN7cb2WxNWOTpycH6YaG66edbbs.roa (raw, json)
Hash identifier: xHRCbbCrWIHuruRPkilEuXWa24rKkDGqIeFboryKMwQ=
Subject key identifier: 0C:DE:DC:6F:65:B1:35:63:93:A7:27:07:E9:86:86:EB:A7:9D:6D:BB
Certificate issuer: /CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Certificate serial: 01942748949616F02EA19F0088F6166BE985
Authority key identifier: 09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/DN7cb2WxNWOTpycH6YaG66edbbs.roa
Signing time: Thu 02 Jan 2025 13:50:55 +0000
ROA not before: Thu 02 Jan 2025 13:50:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199614
IP address blocks: 80.93.192.0/24 maxlen: 24
80.93.194.0/24 maxlen: 24
80.93.195.0/24 maxlen: 24
80.93.196.0/24 maxlen: 24
80.93.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 23:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:94:96:16:f0:2e:a1:9f:00:88:f6:16:6b:e9:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=098f7ba34bc6567bd3616d574f7285dd7556dbfd
Validity
Not Before: Jan 2 13:50:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0cdedc6f65b1356393a72707e98686eba79d6dbb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:8e:21:e2:5e:f0:ed:e7:ea:91:c2:6c:e3:e7:
2b:00:d8:89:3b:73:9c:80:5e:d2:51:98:94:dc:51:
e8:b3:80:74:63:ea:0f:d4:9e:69:12:08:3f:06:d8:
2a:bb:a6:f0:b6:28:39:72:f3:e1:76:48:4b:b0:93:
ce:c7:a3:16:2c:52:41:ef:31:da:5b:e0:0e:f1:69:
f6:ce:55:e8:1e:77:cc:c0:67:6d:32:44:5a:79:26:
cd:b9:3d:cb:fc:7b:ee:d6:58:e8:32:26:85:ae:81:
db:1e:cf:f7:b1:6d:c7:f6:9d:eb:3b:47:bb:30:5d:
a3:54:b5:6e:6a:68:be:36:a9:d3:a1:4f:b1:85:e0:
8f:89:99:32:a6:ec:e5:2e:6d:34:dc:13:fd:ba:d7:
3b:be:07:3b:34:8a:50:a9:e4:b0:f6:06:c1:a6:98:
87:be:02:03:80:0c:25:98:aa:6d:41:26:f8:5d:65:
d2:a8:72:ed:dd:2f:34:92:03:d5:5d:c8:8d:34:17:
da:d3:d0:a8:21:07:bb:d6:97:22:fc:b1:34:f7:6f:
8e:1b:e0:02:d9:26:74:b8:08:c5:a4:f6:ff:ad:21:
15:3d:87:5a:45:1d:d9:4a:0c:c4:f2:dc:93:a9:7d:
66:6c:22:11:79:a2:7f:21:96:c8:48:10:09:2b:0a:
13:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:DE:DC:6F:65:B1:35:63:93:A7:27:07:E9:86:86:EB:A7:9D:6D:BB
X509v3 Authority Key Identifier:
keyid:09:8F:7B:A3:4B:C6:56:7B:D3:61:6D:57:4F:72:85:DD:75:56:DB:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CY97o0vGVnvTYW1XT3KF3XVW2_0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/DN7cb2WxNWOTpycH6YaG66edbbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/38c5ac-b7e7-40dd-98d3-e2166ad74e3f/1/CY97o0vGVnvTYW1XT3KF3XVW2_0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.93.192.0/24
80.93.194.0-80.93.196.255
80.93.201.0/24
Signature Algorithm: sha256WithRSAEncryption
69:9d:ee:79:82:f6:8f:8d:c3:5e:71:6d:5b:94:4b:84:0f:0c:
00:04:d3:09:64:2c:a1:c7:0e:00:9e:02:eb:ce:04:c1:3b:af:
1b:df:96:09:22:c8:ce:25:15:fa:b1:bb:7d:35:5c:21:40:d8:
e4:38:ed:c5:83:4e:eb:9d:39:ab:9c:0d:2e:94:22:a3:d5:f2:
80:9b:73:6e:3d:75:dc:77:9e:a3:bf:8a:e2:2b:4d:f2:a1:3e:
02:63:b0:0c:14:82:21:24:60:e5:01:8e:2b:5d:0d:ff:7f:04:
e5:0f:90:b8:ec:aa:6d:e4:fe:0a:fa:2d:1a:88:56:f4:f4:87:
72:ad:96:28:e0:dd:1c:d7:58:bc:ea:35:4f:5e:7c:f8:4f:24:
7e:4f:61:54:1a:95:92:26:9c:ca:1f:b2:c2:d1:11:f3:24:df:
07:53:18:9b:4f:b5:f0:4f:3f:98:1c:b0:30:2f:c9:9c:81:dd:
c0:31:17:5b:06:78:5a:b7:86:a8:61:77:a3:21:d5:c4:62:96:
8c:b0:82:b8:7a:3c:99:92:ca:a3:99:5c:9f:9b:75:34:05:ec:
d4:70:2a:9a:3b:3d:84:16:14:e9:33:0e:c7:42:ba:ef:21:44:
7d:92:34:bd:70:bb:c0:2b:28:98:06:3e:39:33:38:90:f4:ea:
3f:35:ea:f0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQnSJSWFvAuoZ8AiPYWa+mFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OGY3YmEzNGJjNjU2N2JkMzYxNmQ1NzRmNzI4NWRkNzU1
NmRiZmQwHhcNMjUwMTAyMTM1MDU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2RlZGM2ZjY1YjEzNTYzOTNhNzI3MDdlOTg2ODZlYmE3OWQ2ZGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoI4h4l7w7efqkcJs4+crANiJO3Oc
gF7SUZiU3FHos4B0Y+oP1J5pEgg/Btgqu6bwtig5cvPhdkhLsJPOx6MWLFJB7zHa
W+AO8Wn2zlXoHnfMwGdtMkRaeSbNuT3L/Hvu1ljoMiaFroHbHs/3sW3H9p3rO0e7
MF2jVLVuami+NqnToU+xheCPiZkypuzlLm003BP9utc7vgc7NIpQqeSw9gbBppiH
vgIDgAwlmKptQSb4XWXSqHLt3S80kgPVXciNNBfa09CoIQe71pci/LE092+OG+AC
2SZ0uAjFpPb/rSEVPYdaRR3ZSgzE8tyTqX1mbCIReaJ/IZbISBAJKwoT/wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAze3G9lsTVjk6cnB+mGhuunnW27MB8GA1UdIwQY
MBaAFAmPe6NLxlZ702FtV09yhd11Vtv9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMt
ZTIxNjZhZDc0ZTNmLzEvRE43Y2IyV3hOV09UcHljSDZZYUc2NmVkYmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zOGM1YWMtYjdlNy00MGRkLTk4ZDMtZTIxNjZhZDc0ZTNm
LzEvQ1k5N28wdkdWbnZUWVcxWFQzS0YzWFZXMl8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAUF3AMAwD
BAFQXcIDBABQXcQDBABQXckwDQYJKoZIhvcNAQELBQADggEBAGmd7nmC9o+Nw15x
bVuUS4QPDAAE0wlkLKHHDgCeAuvOBME7rxvflgkiyM4lFfqxu301XCFA2OQ47cWD
TuudOaucDS6UIqPV8oCbc249ddx3nqO/iuIrTfKhPgJjsAwUgiEkYOUBjitdDf9/
BOUPkLjsqm3k/gr6LRqIVvT0h3Ktlijg3RzXWLzqNU9efPhPJH5PYVQalZImnMof
ssLREfMk3wdTGJtPtfBPP5gcsDAvyZyB3cAxF1sGeFq3hqhhd6Mh1cRiloywgrh6
PJmSyqOZXJ+bdTQF7NRwKpo7PYQWFOkzDsdCuu8hRH2SNL1wu8ArKJgGPjkzOJD0
6j816vA=
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:04:51 2025 by rpki-client