Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/OlW7-Km7BJbiI8B78ArRrPEDqrw.roa
File: OlW7-Km7BJbiI8B78ArRrPEDqrw.roa (raw, json)
Hash identifier: stdFhe5anM2OeANujcXwTGGyVvRvWg0rJcjCkeIVupY=
Subject key identifier: 3A:55:BB:F8:A9:BB:04:96:E2:23:C0:7B:F0:0A:D1:AC:F1:03:AA:BC
Certificate issuer: /CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Certificate serial: 0194258EA51CDFC12A9A0D95D051B3C370B1
Authority key identifier: A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/OlW7-Km7BJbiI8B78ArRrPEDqrw.roa
Signing time: Thu 02 Jan 2025 05:48:12 +0000
ROA not before: Thu 02 Jan 2025 05:48:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59836
IP address blocks: 185.69.116.0/24 maxlen: 24
185.69.118.0/24 maxlen: 24
194.35.1.0/24 maxlen: 24
194.35.5.0/24 maxlen: 24
194.35.8.0/24 maxlen: 24
194.35.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 16:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:a5:1c:df:c1:2a:9a:0d:95:d0:51:b3:c3:70:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Validity
Not Before: Jan 2 05:48:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a55bbf8a9bb0496e223c07bf00ad1acf103aabc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:20:1f:fb:ef:26:73:f7:3b:c6:ad:87:4a:9d:
c6:08:38:87:5c:0a:1b:76:a2:16:2c:c7:4b:6b:92:
f4:12:3d:49:48:34:6f:f5:fc:5b:68:34:90:1f:e4:
af:57:55:2b:dd:36:95:77:ce:31:40:3d:d2:b4:ac:
a5:06:d2:6f:88:fd:eb:da:5a:ab:77:07:87:79:da:
70:fc:75:c1:a0:e8:ff:e4:4f:d9:f1:02:5d:ba:bc:
80:9f:d2:ac:65:cc:7c:44:ce:da:86:93:14:df:c7:
52:3c:93:cc:a8:01:92:84:54:34:c7:c2:69:cd:eb:
88:ec:02:b6:2d:02:0d:4d:9c:20:f9:47:3e:09:e0:
dd:58:5a:a0:5e:3e:f5:64:bc:46:fd:7d:68:42:8f:
d0:bd:a8:a7:0a:fc:b4:60:3a:58:92:27:c9:35:30:
ae:28:0d:08:d5:8c:c0:0b:25:d7:30:a4:68:8c:c9:
b8:d1:e8:09:e4:d4:e2:11:d6:a4:0c:f8:3a:3d:c0:
1d:b3:33:67:61:16:2c:26:cb:d9:cb:54:bb:a5:72:
8e:70:bd:c1:f0:c0:a2:35:35:2d:69:7d:3f:aa:9d:
42:07:a2:4f:f0:aa:b6:d7:b4:db:5e:9b:08:97:c3:
fa:7f:f1:1e:8a:db:e2:43:b0:72:c8:fc:2b:51:80:
7f:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:55:BB:F8:A9:BB:04:96:E2:23:C0:7B:F0:0A:D1:AC:F1:03:AA:BC
X509v3 Authority Key Identifier:
keyid:A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/OlW7-Km7BJbiI8B78ArRrPEDqrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.116.0/24
185.69.118.0/24
194.35.1.0/24
194.35.5.0/24
194.35.8.0/23
Signature Algorithm: sha256WithRSAEncryption
a3:02:26:ae:3b:1b:24:b3:74:14:55:1e:06:f9:7f:7e:eb:63:
8f:19:22:24:be:c5:01:cb:f0:78:7a:cd:42:b2:ee:c6:62:43:
d4:8d:58:a1:91:ca:d5:76:b6:9d:a7:23:80:84:3a:8a:b0:34:
2e:b6:cd:2b:ab:c8:37:09:90:9f:6f:8b:cc:2a:8c:f8:d9:70:
13:46:aa:f2:01:a4:7b:63:57:cb:da:87:51:bd:8c:6b:a5:af:
2b:71:f1:7f:56:8d:50:85:6c:a3:59:99:7d:14:62:f1:19:a0:
2e:6b:72:a6:b0:47:2d:7a:70:db:d6:13:99:7a:b4:d7:b9:49:
2f:d9:6c:b1:e3:63:9d:2d:59:01:aa:d3:09:57:82:d4:b6:07:
f4:a8:33:9a:4d:58:a5:4b:66:4b:e5:2e:91:9a:4c:7d:15:20:
71:d4:31:7d:c5:7e:89:46:5d:14:c0:6a:25:d8:58:af:48:d0:
bd:41:3e:32:ec:91:3e:88:86:31:8a:ae:91:6f:cd:6c:23:da:
7d:6d:ed:2e:a4:44:58:de:e7:eb:8c:0e:6f:38:35:a2:c5:53:
c8:fa:bc:5a:7d:b2:7c:8e:a9:9a:a2:e9:da:21:5b:27:48:7a:
bc:d8:4a:eb:48:d1:1e:38:fa:c4:29:35:90:47:f6:d5:74:d0:
88:0c:62:ba
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQljqUc38Eqmg2V0FGzw3CxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTA0NmQ4NWVjZjIwMWZiZWY1MWU4YmVhMWM0ZWQzM2Y5
NWIyNjgwHhcNMjUwMTAyMDU0ODEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTU1YmJmOGE5YmIwNDk2ZTIyM2MwN2JmMDBhZDFhY2YxMDNhYWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5CAf++8mc/c7xq2HSp3GCDiHXAob
dqIWLMdLa5L0Ej1JSDRv9fxbaDSQH+SvV1Ur3TaVd84xQD3StKylBtJviP3r2lqr
dweHedpw/HXBoOj/5E/Z8QJduryAn9KsZcx8RM7ahpMU38dSPJPMqAGShFQ0x8Jp
zeuI7AK2LQINTZwg+Uc+CeDdWFqgXj71ZLxG/X1oQo/QvainCvy0YDpYkifJNTCu
KA0I1YzACyXXMKRojMm40egJ5NTiEdakDPg6PcAdszNnYRYsJsvZy1S7pXKOcL3B
8MCiNTUtaX0/qp1CB6JP8Kq217TbXpsIl8P6f/EeitviQ7ByyPwrUYB/4wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFDpVu/ipuwSW4iPAe/AK0azxA6q8MB8GA1UdIwQY
MBaAFKZQRthezyAfvvUei+ocTtM/lbJoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUt
YmNjZDMyYWY5N2ZlLzEvT2xXNy1LbTdCSmJpSThCNzhBclJyUEVEcXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUtYmNjZDMyYWY5N2Zl
LzEvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuUV0AwQA
uUV2AwQAwiMBAwQAwiMFAwQBwiMIMA0GCSqGSIb3DQEBCwUAA4IBAQCjAiauOxsk
s3QUVR4G+X9+62OPGSIkvsUBy/B4es1Csu7GYkPUjVihkcrVdradpyOAhDqKsDQu
ts0rq8g3CZCfb4vMKoz42XATRqryAaR7Y1fL2odRvYxrpa8rcfF/Vo1QhWyjWZl9
FGLxGaAua3KmsEctenDb1hOZerTXuUkv2Wyx42OdLVkBqtMJV4LUtgf0qDOaTVil
S2ZL5S6Rmkx9FSBx1DF9xX6JRl0UwGol2FivSNC9QT4y7JE+iIYxiq6Rb81sI9p9
be0upERY3ufrjA5vODWixVPI+rxafbJ8jqmaounaIVsnSHq82ErrSNEeOPrEKTWQ
R/bVdNCIDGK6
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:06:52 2025 by rpki-client