Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/m0dO4YquwKFzKlsQ7tq0_Jz5W0o.roa
File: m0dO4YquwKFzKlsQ7tq0_Jz5W0o.roa (raw, json)
Hash identifier: uc9d+qgkZ29ybQie/7wlZ8vQd0RiraJU1vAwXy/bpY4=
Subject key identifier: 9B:47:4E:E1:8A:AE:C0:A1:73:2A:5B:10:EE:DA:B4:FC:9C:F9:5B:4A
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01929948D7108BA5BA39D8265F809CC3C1E7
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/m0dO4YquwKFzKlsQ7tq0_Jz5W0o.roa
Signing time: Thu 17 Oct 2024 07:02:20 +0000
ROA not before: Thu 17 Oct 2024 07:02:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44529
IP address blocks: 194.14.100.0/23 maxlen: 24
194.68.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:99:48:d7:10:8b:a5:ba:39:d8:26:5f:80:9c:c3:c1:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Oct 17 07:02:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9b474ee18aaec0a1732a5b10eedab4fc9cf95b4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:46:0f:b1:a6:d7:67:7f:ac:c4:3f:1b:99:cf:
dd:e2:08:22:18:77:de:23:dd:c5:ca:20:a0:9b:26:
42:52:3e:84:be:fb:f1:18:1c:03:63:54:3b:24:97:
a1:1f:67:dd:74:d3:49:0a:6b:24:87:f7:ee:24:7f:
1e:10:4b:a3:1a:dc:4b:5b:21:09:7f:18:05:83:58:
39:e3:17:04:b0:49:f7:46:88:ef:53:fa:01:f0:32:
fa:98:2e:df:42:c9:44:b9:f6:14:b6:ba:40:0b:f2:
57:4a:bd:d4:7b:fb:f7:10:89:72:9b:56:9c:ba:d9:
33:ea:95:02:20:14:25:4e:67:ef:2d:d8:e6:8e:27:
93:8a:35:1b:f8:ec:93:eb:44:c7:1c:f3:5e:b7:4d:
02:bc:48:78:54:de:1f:c9:3b:3d:80:55:1e:11:4a:
8c:f6:32:18:8b:f9:cb:57:4a:2d:64:13:d4:07:5c:
26:28:49:bc:48:0f:06:39:1a:d4:18:ef:d9:b8:6e:
65:87:61:26:5c:38:73:b3:45:3e:94:d2:30:56:35:
97:f3:0b:0a:9d:f0:af:c6:7d:41:42:30:3f:2f:2a:
0c:e9:5f:aa:72:c4:c1:19:4c:d3:14:4b:40:36:c7:
04:47:7e:37:5c:6d:a0:14:bf:9a:ea:db:bc:5b:89:
1e:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:47:4E:E1:8A:AE:C0:A1:73:2A:5B:10:EE:DA:B4:FC:9C:F9:5B:4A
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/m0dO4YquwKFzKlsQ7tq0_Jz5W0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.14.100.0/23
194.68.20.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:f7:67:ce:3a:23:69:3b:ab:98:45:32:ae:fe:58:3e:d5:2b:
a2:2b:d7:86:de:67:97:97:b0:c2:1d:14:75:1b:c1:42:1f:46:
d8:fb:c4:20:8c:f8:61:64:e9:1a:8d:b5:14:70:d4:5d:60:50:
16:73:4f:79:90:87:71:f5:ee:5f:f9:30:b2:84:03:df:d3:2d:
a8:e1:06:2d:bd:ad:35:8a:9d:99:fb:8e:9b:c5:25:6b:09:e3:
0f:4c:c3:90:69:84:88:cd:4a:46:e9:64:e2:98:31:55:6b:13:
aa:a9:af:75:a4:9d:1e:6a:df:9a:34:7a:d2:f5:12:b1:7a:5b:
9b:8e:05:e0:a2:cd:20:63:c2:9f:e0:75:27:69:26:1a:60:78:
f6:51:08:be:36:27:af:cc:11:af:e2:98:6e:15:b7:83:24:40:
cd:12:92:b5:20:16:c6:0d:b1:73:c9:03:43:f6:d6:73:57:f2:
52:72:33:e6:0b:42:52:51:8e:e6:e5:08:e1:04:f4:80:5f:e8:
eb:ac:04:ee:5f:f1:8e:b2:cb:d3:81:db:07:7d:f0:fd:53:87:
7e:44:2f:38:3e:09:33:e8:3f:fe:68:3e:09:70:c7:e3:3c:5b:
04:77:a6:78:57:8e:f8:08:f2:f9:42:7d:cf:1c:ba:6a:83:3f:
da:e3:3b:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKZSNcQi6W6OdgmX4Ccw8HnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQxMDE3MDcwMjIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjQ3NGVlMThhYWVjMGExNzMyYTViMTBlZWRhYjRmYzljZjk1YjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxkYPsabXZ3+sxD8bmc/d4ggiGHfe
I93FyiCgmyZCUj6EvvvxGBwDY1Q7JJehH2fddNNJCmskh/fuJH8eEEujGtxLWyEJ
fxgFg1g54xcEsEn3RojvU/oB8DL6mC7fQslEufYUtrpAC/JXSr3Ue/v3EIlym1ac
utkz6pUCIBQlTmfvLdjmjieTijUb+OyT60THHPNet00CvEh4VN4fyTs9gFUeEUqM
9jIYi/nLV0otZBPUB1wmKEm8SA8GORrUGO/ZuG5lh2EmXDhzs0U+lNIwVjWX8wsK
nfCvxn1BQjA/LyoM6V+qcsTBGUzTFEtANscER343XG2gFL+a6tu8W4keiwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJtHTuGKrsChcypbEO7atPyc+VtKMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvbTBkTzRZcXV3S0Z6S2xzUTd0cTBfSno1VzBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBwg5kAwQA
wkQUMA0GCSqGSIb3DQEBCwUAA4IBAQDA92fOOiNpO6uYRTKu/lg+1SuiK9eG3meX
l7DCHRR1G8FCH0bY+8QgjPhhZOkajbUUcNRdYFAWc095kIdx9e5f+TCyhAPf0y2o
4QYtva01ip2Z+46bxSVrCeMPTMOQaYSIzUpG6WTimDFVaxOqqa91pJ0eat+aNHrS
9RKxelubjgXgos0gY8Kf4HUnaSYaYHj2UQi+NievzBGv4phuFbeDJEDNEpK1IBbG
DbFzyQND9tZzV/JScjPmC0JSUY7m5QjhBPSAX+jrrATuX/GOssvTgdsHffD9U4d+
RC84Pgkz6D/+aD4JcMfjPFsEd6Z4V474CPL5Qn3PHLpqgz/a4zsN
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:44:00 2024 by rpki-client on console-ams.rpki-client.org