Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/k09V3IpWbuei7CZ9cnDBzqGuLOQ.roa
File: k09V3IpWbuei7CZ9cnDBzqGuLOQ.roa (raw, json)
Hash identifier: RaiQ/o4ZAPJKEvNSVvdxbb7Zfzm2aZc6LuGHE5e4hns=
Subject key identifier: 93:4F:55:DC:8A:56:6E:E7:A2:EC:26:7D:72:70:C1:CE:A1:AE:2C:E4
Certificate issuer: /CN=0e086b67d8989653baeb68b8d24ab9e9bd0caf2a
Certificate serial: 018CC8DE22EE18D85139AA0A2558A0E49423
Authority key identifier: 0E:08:6B:67:D8:98:96:53:BA:EB:68:B8:D2:4A:B9:E9:BD:0C:AF:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DghrZ9iYllO662i40kq56b0Mryo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/k09V3IpWbuei7CZ9cnDBzqGuLOQ.roa
Signing time: Tue 02 Jan 2024 06:30:50 +0000
ROA not before: Tue 02 Jan 2024 06:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51964
IP address blocks: 194.9.145.0/24 maxlen: 24
194.9.141.0/24 maxlen: 24
194.9.142.0/24 maxlen: 24
194.9.149.0/24 maxlen: 24
193.17.48.0/24 maxlen: 24
194.9.166.0/24 maxlen: 24
194.9.164.0/24 maxlen: 24
2a04:1447::/45 maxlen: 45
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/DghrZ9iYllO662i40kq56b0Mryo.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/DghrZ9iYllO662i40kq56b0Mryo.mft
rsync://rpki.ripe.net/repository/DEFAULT/DghrZ9iYllO662i40kq56b0Mryo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:22:ee:18:d8:51:39:aa:0a:25:58:a0:e4:94:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e086b67d8989653baeb68b8d24ab9e9bd0caf2a
Validity
Not Before: Jan 2 06:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=934f55dc8a566ee7a2ec267d7270c1cea1ae2ce4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:6b:a8:d8:27:e5:96:d9:c7:66:59:01:e1:98:
67:1c:35:81:25:fd:fa:fd:74:29:ce:ef:12:00:8e:
ae:75:37:60:53:d7:ff:2f:1d:c6:07:4c:1c:5f:f6:
74:58:07:91:99:73:1a:06:d3:9a:9d:36:db:9c:c7:
a3:94:c7:42:5b:f8:6f:e2:7f:10:9f:24:2b:c3:de:
79:09:24:15:34:00:b4:bf:ca:03:d6:76:c5:9f:84:
aa:23:c1:ad:d8:65:ff:01:8c:ad:3e:0d:2d:b5:a1:
54:a2:ce:b7:1e:07:8c:92:88:d8:d7:20:e4:b8:77:
92:36:25:79:d4:65:c1:d2:49:0a:7d:1d:fb:8b:c0:
f2:99:3b:65:4a:38:bd:5f:2b:fe:f0:b4:40:a6:82:
5e:0f:b5:0e:c4:74:d0:1f:a8:ff:c8:93:bd:d8:e5:
b1:68:69:65:fa:8f:ae:f2:89:9f:18:ee:55:32:45:
09:c5:6d:0c:b1:f9:23:d7:fb:c3:9e:53:ef:73:8d:
9c:8d:34:2c:40:44:7c:19:e1:93:dd:a0:f9:0e:5f:
91:e6:da:f5:48:23:23:0e:0d:72:e0:d7:58:11:b2:
00:5e:3f:c2:a1:71:bd:4e:f6:9d:34:33:90:be:55:
11:cc:02:55:a2:05:26:c3:82:e8:75:17:36:27:46:
2b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:4F:55:DC:8A:56:6E:E7:A2:EC:26:7D:72:70:C1:CE:A1:AE:2C:E4
X509v3 Authority Key Identifier:
keyid:0E:08:6B:67:D8:98:96:53:BA:EB:68:B8:D2:4A:B9:E9:BD:0C:AF:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DghrZ9iYllO662i40kq56b0Mryo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/k09V3IpWbuei7CZ9cnDBzqGuLOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/3796fa-c02e-45f9-a1a4-622bb4899887/1/DghrZ9iYllO662i40kq56b0Mryo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.17.48.0/24
194.9.141.0-194.9.142.255
194.9.145.0/24
194.9.149.0/24
194.9.164.0/24
194.9.166.0/24
IPv6:
2a04:1447::/45
Signature Algorithm: sha256WithRSAEncryption
22:56:c4:54:fe:89:a6:8c:1c:44:07:d4:b1:04:d2:14:c8:6a:
eb:b9:be:4b:cf:45:24:99:02:33:42:d3:2c:60:25:0f:db:b8:
04:94:d5:85:a5:0d:9b:ac:dc:a8:36:0e:8d:7b:28:08:58:fe:
19:03:5a:a6:20:77:4c:4e:98:6d:35:4f:dd:91:69:a1:ce:59:
96:3a:ef:e1:4f:af:82:c6:5e:79:e9:a7:a3:61:f9:e6:79:8d:
1e:7c:fd:f8:56:ac:b1:10:96:3c:06:b5:8f:5c:79:63:2b:4d:
6b:e1:33:ff:d5:36:91:fd:14:27:9b:9e:5b:46:d1:7a:25:c5:
e2:c6:62:51:e0:f0:62:b7:4b:66:8f:8a:4a:65:85:2a:28:b7:
db:ba:a5:f8:3d:e9:fa:84:cf:b9:01:0e:ff:99:ce:0b:3c:9e:
36:2e:21:fe:ae:f2:01:7c:0f:0c:b4:47:60:51:43:65:6e:4c:
54:7a:e6:e6:dd:b8:3d:92:c3:85:b1:f5:21:88:81:b2:56:69:
56:7b:cc:dd:4c:58:fb:90:ab:33:50:2d:f7:c7:84:cb:89:02:
8a:ac:23:4a:43:af:6c:9c:b7:22:83:86:e4:c4:7e:0d:46:6c:
f4:23:48:43:fb:be:34:11:7f:d4:60:ed:fe:d8:9c:ee:3e:e9:
ba:9e:60:2a
-----BEGIN CERTIFICATE-----
MIIFNDCCBBygAwIBAgISAYzI3iLuGNhROaoKJVig5JQjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMDg2YjY3ZDg5ODk2NTNiYWViNjhiOGQyNGFiOWU5YmQw
Y2FmMmEwHhcNMjQwMTAyMDYzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzRmNTVkYzhhNTY2ZWU3YTJlYzI2N2Q3MjcwYzFjZWExYWUyY2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2uo2CflltnHZlkB4ZhnHDWBJf36
/XQpzu8SAI6udTdgU9f/Lx3GB0wcX/Z0WAeRmXMaBtOanTbbnMejlMdCW/hv4n8Q
nyQrw955CSQVNAC0v8oD1nbFn4SqI8Gt2GX/AYytPg0ttaFUos63HgeMkojY1yDk
uHeSNiV51GXB0kkKfR37i8DymTtlSji9Xyv+8LRApoJeD7UOxHTQH6j/yJO92OWx
aGll+o+u8omfGO5VMkUJxW0Msfkj1/vDnlPvc42cjTQsQER8GeGT3aD5Dl+R5tr1
SCMjDg1y4NdYEbIAXj/CoXG9TvadNDOQvlURzAJVogUmw4LodRc2J0YrVQIDAQAB
o4ICQDCCAjwwHQYDVR0OBBYEFJNPVdyKVm7nouwmfXJwwc6hrizkMB8GA1UdIwQY
MBaAFA4Ia2fYmJZTuutouNJKuem9DK8qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGdoclo5aVlsbE82NjJpNDBrcTU2YjBNcnlvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8zNzk2ZmEtYzAyZS00NWY5LWExYTQt
NjIyYmI0ODk5ODg3LzEvazA5VjNJcFdidWVpN0NaOWNuREJ6cUd1TE9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8zNzk2ZmEtYzAyZS00NWY5LWExYTQtNjIyYmI0ODk5ODg3
LzEvRGdoclo5aVlsbE82NjJpNDBrcTU2YjBNcnlvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFYGCCsGAQUFBwEHAQH/BEcwRTAyBAIAATAsAwQAwREwMAwD
BADCCY0DBADCCY4DBADCCZEDBADCCZUDBADCCaQDBADCCaYwDwQCAAIwCQMHAyoE
FEcAADANBgkqhkiG9w0BAQsFAAOCAQEAIlbEVP6JpowcRAfUsQTSFMhq67m+S89F
JJkCM0LTLGAlD9u4BJTVhaUNm6zcqDYOjXsoCFj+GQNapiB3TE6YbTVP3ZFpoc5Z
ljrv4U+vgsZeeemno2H55nmNHnz9+FassRCWPAa1j1x5YytNa+Ez/9U2kf0UJ5ue
W0bReiXF4sZiUeDwYrdLZo+KSmWFKii327ql+D3p+oTPuQEO/5nOCzyeNi4h/q7y
AXwPDLRHYFFDZW5MVHrm5t24PZLDhbH1IYiBslZpVnvM3UxY+5CrM1At98eEy4kC
iqwjSkOvbJy3IoOG5MR+DUZs9CNIQ/u+NBF/1GDt/tic7j7pup5gKg==
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:50:58 2024 by rpki-client on console-fra.rpki-client.org