Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/osq12Rdzca4_ak4AyFDF9arrw-k.roa
File: osq12Rdzca4_ak4AyFDF9arrw-k.roa (raw, json)
Hash identifier: 4Juh1mB3V6z6X5mOBBN7PpIC6vNnTB1HOs00bjvsn2M=
Subject key identifier: A2:CA:B5:D9:17:73:71:AE:3F:6A:4E:00:C8:50:C5:F5:AA:EB:C3:E9
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 019427487785E0A256D9F054F5CA8F8FD321
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/osq12Rdzca4_ak4AyFDF9arrw-k.roa
Signing time: Thu 02 Jan 2025 13:50:48 +0000
ROA not before: Thu 02 Jan 2025 13:50:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206774
IP address blocks: 192.36.155.0/24 maxlen: 24
194.103.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:77:85:e0:a2:56:d9:f0:54:f5:ca:8f:8f:d3:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 13:50:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a2cab5d9177371ae3f6a4e00c850c5f5aaebc3e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:27:b9:79:d0:43:04:d2:7e:79:d0:b9:61:84:
6b:98:11:77:ed:d2:17:9f:24:a5:a9:f7:b7:17:b7:
eb:f9:d3:dc:3b:db:5c:b5:0b:86:6e:af:44:d8:c6:
1e:cb:03:39:35:9f:b6:1f:9d:f6:32:d9:f3:69:b3:
9a:ed:c0:5d:5f:62:28:08:f5:cf:17:3c:90:ec:47:
53:9c:c5:e8:3c:9a:0d:99:55:2c:1f:56:a8:db:07:
5b:c7:d2:06:c6:94:9e:9f:c2:de:f5:50:d2:03:61:
ad:81:85:52:6f:ef:f6:a3:8b:d4:dd:cc:e0:96:5f:
f5:ce:bd:1e:83:be:6d:e3:3d:b1:a4:63:f1:7a:30:
b8:d7:b0:1f:bc:9c:ad:f4:5c:95:e7:b6:fe:28:9a:
bf:2b:43:5b:d8:0e:68:78:82:b8:0e:dc:ca:c0:bd:
46:33:bd:47:9b:4e:fd:c8:13:48:7b:56:88:0e:20:
56:eb:91:fb:00:e3:e7:4e:12:1e:28:29:47:ba:66:
cf:79:4b:a2:36:95:c3:c4:9f:47:0d:7a:26:6f:1f:
ce:c8:fa:8f:55:8d:d9:c3:03:ed:8b:ea:b6:c9:d8:
93:a5:02:cf:cf:b7:b4:c5:75:5a:01:a1:53:ee:c4:
f4:f9:c1:3d:ce:ba:7b:74:4b:14:e5:46:cc:ac:f9:
1a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:CA:B5:D9:17:73:71:AE:3F:6A:4E:00:C8:50:C5:F5:AA:EB:C3:E9
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/osq12Rdzca4_ak4AyFDF9arrw-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.155.0/24
194.103.157.0/24
Signature Algorithm: sha256WithRSAEncryption
15:e8:ad:d2:4f:d5:00:c8:c9:a3:8a:a2:ab:3d:2e:6f:c1:7f:
d0:1e:19:49:68:e4:2d:14:27:e3:4f:87:a6:ac:f1:d0:d3:44:
b9:e2:56:b9:81:67:f7:c5:b0:61:a9:7a:c0:90:a8:82:a0:81:
6f:76:39:6b:c5:9f:08:d3:5c:ae:1c:25:7e:42:fc:66:77:62:
57:cb:ad:64:04:3d:03:98:ab:0c:22:70:43:2f:4f:a4:e7:92:
cd:81:8a:18:dc:ac:5d:a4:fb:2d:f0:b6:ac:c3:27:97:b2:c2:
e0:26:a5:fb:9e:7c:e6:2b:f7:3b:25:6d:8b:bc:b2:f5:8a:36:
f4:96:c3:b7:d4:44:7b:1d:aa:11:eb:2a:38:c0:7e:19:6b:79:
a9:43:0a:3b:3b:68:8d:04:0f:f9:2c:d9:2f:d7:06:a7:3f:28:
52:9e:6c:42:87:aa:08:1b:fa:ea:1e:15:27:b4:8c:f4:e0:7e:
23:b7:cf:97:41:fc:73:ca:99:62:26:c6:78:95:20:89:7d:ab:
04:f6:63:3e:78:64:a7:b2:29:a6:de:a0:89:2e:dd:9c:f2:1e:
be:17:f5:92:ba:78:fb:42:76:00:dd:31:4f:3a:0f:16:e5:92:
b0:dd:01:c7:7d:62:61:53:69:3d:f0:21:fb:a5:c8:17:ca:cc:
1c:d7:0d:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQnSHeF4KJW2fBU9cqPj9MhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMTAyMTM1MDQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmNhYjVkOTE3NzM3MWFlM2Y2YTRlMDBjODUwYzVmNWFhZWJjM2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqie5edBDBNJ+edC5YYRrmBF37dIX
nySlqfe3F7fr+dPcO9tctQuGbq9E2MYeywM5NZ+2H532MtnzabOa7cBdX2IoCPXP
FzyQ7EdTnMXoPJoNmVUsH1ao2wdbx9IGxpSen8Le9VDSA2GtgYVSb+/2o4vU3czg
ll/1zr0eg75t4z2xpGPxejC417AfvJyt9FyV57b+KJq/K0Nb2A5oeIK4DtzKwL1G
M71Hm079yBNIe1aIDiBW65H7AOPnThIeKClHumbPeUuiNpXDxJ9HDXombx/OyPqP
VY3ZwwPti+q2ydiTpQLPz7e0xXVaAaFT7sT0+cE9zrp7dEsU5UbMrPka6QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKLKtdkXc3GuP2pOAMhQxfWq68PpMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvb3NxMTJSZHpjYTRfYWs0QXlGREY5YXJydy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwCSbAwQA
wmedMA0GCSqGSIb3DQEBCwUAA4IBAQAV6K3ST9UAyMmjiqKrPS5vwX/QHhlJaOQt
FCfjT4emrPHQ00S54la5gWf3xbBhqXrAkKiCoIFvdjlrxZ8I01yuHCV+Qvxmd2JX
y61kBD0DmKsMInBDL0+k55LNgYoY3KxdpPst8LaswyeXssLgJqX7nnzmK/c7JW2L
vLL1ijb0lsO31ER7HaoR6yo4wH4Za3mpQwo7O2iNBA/5LNkv1wanPyhSnmxCh6oI
G/rqHhUntIz04H4jt8+XQfxzypliJsZ4lSCJfasE9mM+eGSnsimm3qCJLt2c8h6+
F/WSunj7QnYA3TFPOg8W5ZKw3QHHfWJhU2k98CH7pcgXyswc1w15
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:08:51 2025 by rpki-client