Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/oL6xfq9SX1OwhPWqk08WjcFE4gA.roa
File: oL6xfq9SX1OwhPWqk08WjcFE4gA.roa (raw, json)
Hash identifier: ncahTthiGmC/Kw1YYRljay1Hz0+5QxEJ1HNtsm+0avk=
Subject key identifier: A0:BE:B1:7E:AF:52:5F:53:B0:84:F5:AA:93:4F:16:8D:C1:44:E2:00
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0194274880D6DA66FCC9A6D0A26512928D8B
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/oL6xfq9SX1OwhPWqk08WjcFE4gA.roa
Signing time: Thu 02 Jan 2025 13:50:50 +0000
ROA not before: Thu 02 Jan 2025 13:50:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211353
IP address blocks: 193.182.243.0/24 maxlen: 24
193.182.244.0/24 maxlen: 24
193.183.85.0/24 maxlen: 24
194.14.27.0/24 maxlen: 24
194.103.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:80:d6:da:66:fc:c9:a6:d0:a2:65:12:92:8d:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0beb17eaf525f53b084f5aa934f168dc144e200
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4c:f8:0c:60:75:9d:ce:bf:94:8c:f9:34:ef:
db:39:d4:98:98:c6:a4:82:3e:bf:ad:f8:cf:08:59:
a4:51:b2:2e:89:fd:eb:e7:84:eb:4d:77:eb:cc:fb:
22:5b:e2:0e:d0:45:16:81:51:10:fb:b9:b8:c3:79:
b0:91:32:db:83:35:bd:37:12:e7:3d:c4:08:9b:1a:
c1:c1:8b:06:00:2b:00:64:e2:d9:c5:ee:fe:a9:bb:
64:3c:eb:2c:34:04:2d:5b:4c:ae:33:13:a8:ea:4c:
7e:75:9a:eb:2c:d7:af:7f:b2:09:0b:3b:ab:6f:29:
5f:28:6f:40:bb:06:dc:35:1e:48:67:b7:20:ac:d6:
93:8f:c0:7c:77:da:8b:37:d9:ba:e7:1c:83:d8:05:
28:6b:bc:4a:1c:d9:e6:6e:f7:83:3d:3e:65:cb:4a:
57:be:19:f7:1a:2c:77:3c:69:d7:05:58:c1:09:a4:
87:b5:0c:7c:31:44:d0:a2:48:d9:cb:b8:6b:ad:bd:
14:35:e8:29:87:14:b4:d3:5a:e0:d9:12:48:9d:55:
8c:51:9d:af:ac:71:bf:5f:5c:e2:49:93:1f:32:ca:
2a:4d:15:8b:12:e6:03:39:11:6a:a4:8c:5b:ce:b2:
14:6f:6c:ec:df:09:e5:d4:8c:88:24:78:e9:d8:67:
0d:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:BE:B1:7E:AF:52:5F:53:B0:84:F5:AA:93:4F:16:8D:C1:44:E2:00
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/oL6xfq9SX1OwhPWqk08WjcFE4gA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.182.243.0-193.182.244.255
193.183.85.0/24
194.14.27.0/24
194.103.46.0/24
Signature Algorithm: sha256WithRSAEncryption
35:bd:b9:57:61:3b:46:4e:79:70:9a:0d:ec:24:04:d7:39:12:
f9:b9:39:35:a6:75:25:49:7d:8b:0d:5b:23:ef:11:dc:ca:31:
21:87:54:9e:0f:ed:9f:14:d0:a4:a7:d0:63:79:5e:ef:67:4e:
35:9f:3f:3f:65:1d:42:87:34:37:ce:1f:22:e7:83:2a:55:6a:
49:48:d3:ea:bc:06:11:d6:1a:b6:c5:62:23:d0:3c:3f:18:1c:
dd:b2:f7:e1:5f:13:32:62:10:e1:9a:5e:dd:39:31:ab:ac:11:
a8:97:7c:66:e4:71:69:41:e1:b7:e1:b7:5e:26:73:f3:16:0a:
93:0e:c1:e2:aa:52:cb:0c:fa:7f:9b:58:f6:13:22:53:c3:92:
81:9d:31:d3:46:09:59:77:a3:78:04:32:a0:07:cf:ab:64:54:
1c:0d:35:dd:55:e1:ba:44:f2:4b:9b:37:06:cc:07:14:94:26:
76:94:5f:d7:84:a7:7f:5c:3c:3a:0a:52:c8:38:ec:84:a4:06:
14:5c:56:38:91:52:a8:9f:09:94:5d:05:46:67:36:ca:bb:64:
d5:dd:97:df:40:de:b1:86:84:7f:7f:47:b2:13:78:ee:d5:e0:
a9:63:da:71:2b:cd:58:ad:47:97:c1:b2:b7:6f:82:fe:33:53:
75:3a:ce:ac
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZQnSIDW2mb8yabQomUSko2LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGJlYjE3ZWFmNTI1ZjUzYjA4NGY1YWE5MzRmMTY4ZGMxNDRlMjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUz4DGB1nc6/lIz5NO/bOdSYmMak
gj6/rfjPCFmkUbIuif3r54TrTXfrzPsiW+IO0EUWgVEQ+7m4w3mwkTLbgzW9NxLn
PcQImxrBwYsGACsAZOLZxe7+qbtkPOssNAQtW0yuMxOo6kx+dZrrLNevf7IJCzur
bylfKG9AuwbcNR5IZ7cgrNaTj8B8d9qLN9m65xyD2AUoa7xKHNnmbveDPT5ly0pX
vhn3Gix3PGnXBVjBCaSHtQx8MUTQokjZy7hrrb0UNegphxS001rg2RJInVWMUZ2v
rHG/X1ziSZMfMsoqTRWLEuYDORFqpIxbzrIUb2zs3wnl1IyIJHjp2GcNowIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFKC+sX6vUl9TsIT1qpNPFo3BROIAMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvb0w2eGZxOVNYMU93aFBXcWswOFdqY0ZFNGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBADBtvMD
BADBtvQDBADBt1UDBADCDhsDBADCZy4wDQYJKoZIhvcNAQELBQADggEBADW9uVdh
O0ZOeXCaDewkBNc5Evm5OTWmdSVJfYsNWyPvEdzKMSGHVJ4P7Z8U0KSn0GN5Xu9n
TjWfPz9lHUKHNDfOHyLngypVaklI0+q8BhHWGrbFYiPQPD8YHN2y9+FfEzJiEOGa
Xt05MausEaiXfGbkcWlB4bfht14mc/MWCpMOweKqUssM+n+bWPYTIlPDkoGdMdNG
CVl3o3gEMqAHz6tkVBwNNd1V4bpE8kubNwbMBxSUJnaUX9eEp39cPDoKUsg47ISk
BhRcVjiRUqifCZRdBUZnNsq7ZNXdl99A3rGGhH9/R7ITeO7V4Klj2nErzVitR5fB
srdvgv4zU3U6zqw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 21:59:49 2025 by rpki-client