Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/0Ar0wlqwghSfTnjNQdVx5daWVKM.roa
File: 0Ar0wlqwghSfTnjNQdVx5daWVKM.roa (raw, json)
Hash identifier: YqeD70fPCBZLTkyGsTI9wVD0E12YB5tEhPnwmDruBUk=
Subject key identifier: D0:0A:F4:C2:5A:B0:82:14:9F:4E:78:CD:41:D5:71:E5:D6:96:54:A3
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 01922A37BD55E738B4605B423C2024970749
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/0Ar0wlqwghSfTnjNQdVx5daWVKM.roa
Signing time: Wed 25 Sep 2024 17:25:48 +0000
ROA not before: Wed 25 Sep 2024 17:25:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204769
IP address blocks: 192.144.34.0/24 maxlen: 24
193.38.248.0/24 maxlen: 24
2a09:ff00:103::/48 maxlen: 48
2a09:ff00:104::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:2a:37:bd:55:e7:38:b4:60:5b:42:3c:20:24:97:07:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Sep 25 17:25:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d00af4c25ab082149f4e78cd41d571e5d69654a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7c:35:ee:28:6b:6a:67:56:5b:aa:39:e3:2f:
4f:f8:74:37:b3:f0:7b:4d:b6:92:34:0c:1c:b2:2e:
56:28:72:44:3e:55:c5:4e:01:13:54:73:52:fa:78:
2b:59:c5:aa:d7:b7:90:d1:82:c3:aa:79:0e:b0:f4:
2e:28:ee:a1:0f:4a:e6:0c:6e:28:a6:33:39:20:cd:
ba:d7:09:01:dd:70:98:2c:e6:01:13:fb:17:5c:8f:
b9:97:de:62:e6:0b:b0:4a:40:ff:5a:e2:f6:93:2e:
42:56:eb:85:e1:67:17:ca:e3:8b:7d:58:bb:6c:df:
f3:6f:b4:19:c2:e2:ed:d5:02:4f:11:af:30:67:9a:
b0:2b:0e:53:5f:e5:46:44:52:dc:b9:2c:3d:93:d9:
04:f2:c5:9d:52:d4:f6:cc:74:96:cd:fe:1a:e3:59:
dc:19:f8:7c:22:f8:7b:3c:d7:6e:af:b4:c0:23:a0:
e4:fc:e4:8d:13:b5:c8:6e:bb:2d:bf:c8:8e:84:71:
5a:80:e0:cb:13:22:c3:07:38:c3:3d:91:ad:db:9a:
23:44:48:fa:e1:9f:ae:1e:c3:30:be:d1:71:bd:d0:
ab:48:2a:2f:db:a2:df:30:f9:ac:bd:f2:00:1f:2a:
cf:26:29:84:23:7b:22:bb:c2:00:84:ed:da:7a:2b:
4d:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:0A:F4:C2:5A:B0:82:14:9F:4E:78:CD:41:D5:71:E5:D6:96:54:A3
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/0Ar0wlqwghSfTnjNQdVx5daWVKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.144.34.0/24
193.38.248.0/24
IPv6:
2a09:ff00:103::-2a09:ff00:104:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
3f:a8:ff:87:84:8f:7c:e4:65:fa:1e:50:1d:66:70:03:8c:ba:
8d:48:ae:c7:45:a0:52:01:55:d3:bc:bd:a8:1d:29:72:ea:83:
07:cc:42:2b:e9:99:6e:80:73:87:44:c2:4d:ae:1d:90:36:e6:
f3:db:10:e6:83:06:99:3f:b4:22:d4:02:35:77:87:68:a3:49:
1c:b7:70:23:e9:94:83:c8:95:7c:15:80:48:83:8e:f0:1a:e2:
df:96:39:a8:b0:34:6c:10:06:ca:db:19:04:bc:ff:6f:1e:5e:
22:ba:63:36:70:b3:cf:62:ed:7d:e5:77:e5:e8:47:11:9b:27:
0e:c5:e7:a3:9e:8a:c6:ef:70:31:db:10:17:79:2e:2b:60:92:
fc:29:46:11:8c:be:77:6f:2a:ac:e7:52:e5:36:e0:f5:a1:d9:
e3:83:fd:ca:79:16:1e:46:e7:5e:47:7c:48:0a:7c:89:32:98:
43:46:34:78:bd:d4:79:82:d6:60:95:1b:0b:86:cc:85:b8:6f:
77:89:ed:d8:e5:28:bf:d0:10:c2:96:ff:c8:ea:1d:70:42:49:
d6:0e:a4:7f:54:5e:0d:ec:6d:2d:54:bd:69:ae:72:0f:94:af:
f2:cf:c9:c6:c2:7e:b5:e5:d7:dc:e3:94:34:b1:7d:9d:ad:fc:
60:22:27:e7
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZIqN71V5zi0YFtCPCAklwdJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwOTI1MTcyNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDBhZjRjMjVhYjA4MjE0OWY0ZTc4Y2Q0MWQ1NzFlNWQ2OTY1NGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHw17ihramdWW6o54y9P+HQ3s/B7
TbaSNAwcsi5WKHJEPlXFTgETVHNS+ngrWcWq17eQ0YLDqnkOsPQuKO6hD0rmDG4o
pjM5IM261wkB3XCYLOYBE/sXXI+5l95i5guwSkD/WuL2ky5CVuuF4WcXyuOLfVi7
bN/zb7QZwuLt1QJPEa8wZ5qwKw5TX+VGRFLcuSw9k9kE8sWdUtT2zHSWzf4a41nc
Gfh8Ivh7PNdur7TAI6Dk/OSNE7XIbrstv8iOhHFagODLEyLDBzjDPZGt25ojREj6
4Z+uHsMwvtFxvdCrSCov26LfMPmsvfIAHyrPJimEI3siu8IAhO3aeitNjwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNAK9MJasIIUn054zUHVceXWllSjMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvMEFyMHdscXdnaFNmVG5qTlFkVng1ZGFXVktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDASBAIAATAMAwQAwJAiAwQA
wSb4MBoEAgACMBQwEgMHACoJ/wABAwMHACoJ/wABBDANBgkqhkiG9w0BAQsFAAOC
AQEAP6j/h4SPfORl+h5QHWZwA4y6jUiux0WgUgFV07y9qB0pcuqDB8xCK+mZboBz
h0TCTa4dkDbm89sQ5oMGmT+0ItQCNXeHaKNJHLdwI+mUg8iVfBWASIOO8Bri35Y5
qLA0bBAGytsZBLz/bx5eIrpjNnCzz2LtfeV35ehHEZsnDsXno56Kxu9wMdsQF3ku
K2CS/ClGEYy+d28qrOdS5Tbg9aHZ44P9ynkWHkbnXkd8SAp8iTKYQ0Y0eL3UeYLW
YJUbC4bMhbhvd4nt2OUov9AQwpb/yOodcEJJ1g6kf1ReDextLVS9aa5yD5Sv8s/J
xsJ+teXX3OOUNLF9na38YCIn5w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:45:13 2024 by rpki-client on console-ams.rpki-client.org