Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/_olbKP-MdCxFRB08HRObXTvXPcY.roa
File: _olbKP-MdCxFRB08HRObXTvXPcY.roa (raw, json)
Hash identifier: DARiqR1P4z0Bq9IVIjr6lJ0uMgQ5brVxrifRM36rCWk=
Subject key identifier: FE:89:5B:28:FF:8C:74:2C:45:44:1D:3C:1D:13:9B:5D:3B:D7:3D:C6
Certificate issuer: /CN=0759f6ac173f75ed9e585ec7d872a5865cef2835
Certificate serial: 018FAA0801FBDDF6A25B67227A9377A891AD
Authority key identifier: 07:59:F6:AC:17:3F:75:ED:9E:58:5E:C7:D8:72:A5:86:5C:EF:28:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/_olbKP-MdCxFRB08HRObXTvXPcY.roa
Signing time: Fri 24 May 2024 09:56:42 +0000
ROA not before: Fri 24 May 2024 09:56:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25459
IP address blocks: 37.247.32.0/20 maxlen: 24
77.243.224.0/20 maxlen: 24
94.103.144.0/20 maxlen: 24
178.18.128.0/20 maxlen: 24
2a02:990::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/B1n2rBc_de2eWF7H2HKlhlzvKDU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/B1n2rBc_de2eWF7H2HKlhlzvKDU.mft
rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 21:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:aa:08:01:fb:dd:f6:a2:5b:67:22:7a:93:77:a8:91:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0759f6ac173f75ed9e585ec7d872a5865cef2835
Validity
Not Before: May 24 09:56:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe895b28ff8c742c45441d3c1d139b5d3bd73dc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:46:9d:ca:3b:bd:24:14:a8:0e:f5:40:b8:14:
17:b7:95:b4:5e:5f:9b:fc:59:59:9b:0f:62:2f:97:
50:88:94:3f:88:6c:5a:72:a1:c4:bb:99:9c:ad:f4:
34:8c:c2:55:2b:84:62:6f:65:53:1e:d2:7d:8d:c0:
1c:c0:f2:09:df:64:64:6e:50:ad:81:ac:bf:83:ae:
3a:b4:f0:a3:0b:f3:f0:e9:d6:f0:61:e5:58:f6:4b:
f9:9a:de:02:ef:34:22:b0:44:1a:15:9a:f4:dc:71:
3e:2f:7e:28:02:9e:9e:70:c2:e5:f6:8e:35:91:6c:
24:92:89:e7:75:77:b2:6b:d7:c0:38:b4:20:0f:34:
55:1f:5e:33:ce:c9:64:1d:c5:b1:56:8b:65:d7:5d:
c5:4b:59:33:a4:fe:ab:28:2e:56:92:c9:d2:dd:e1:
cf:d1:77:42:46:45:42:8c:00:52:ba:83:ff:94:f9:
9d:4a:b0:18:5f:4f:6b:7f:fe:3a:05:20:d0:2b:f9:
ea:e1:41:e3:e6:46:c5:63:35:bd:5d:b4:a3:cb:a7:
1b:d0:e8:10:02:fa:94:bb:f4:ce:31:ae:4c:b5:9b:
00:b7:ff:99:c0:ae:ea:1c:48:72:bd:d7:6a:44:e0:
50:84:8f:87:c5:ec:04:bb:50:a3:03:3b:4e:47:68:
a9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:89:5B:28:FF:8C:74:2C:45:44:1D:3C:1D:13:9B:5D:3B:D7:3D:C6
X509v3 Authority Key Identifier:
keyid:07:59:F6:AC:17:3F:75:ED:9E:58:5E:C7:D8:72:A5:86:5C:EF:28:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B1n2rBc_de2eWF7H2HKlhlzvKDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/_olbKP-MdCxFRB08HRObXTvXPcY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/d2cd1c-04b5-44d0-81d5-7be3bda05927/1/B1n2rBc_de2eWF7H2HKlhlzvKDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.247.32.0/20
77.243.224.0/20
94.103.144.0/20
178.18.128.0/20
IPv6:
2a02:990::/32
Signature Algorithm: sha256WithRSAEncryption
4b:12:bd:3e:07:fb:53:74:1f:0a:7d:b6:a8:7f:7b:d3:b0:53:
58:eb:fb:01:01:d6:5f:4e:29:e4:b6:a6:42:fb:4b:37:54:5d:
7c:98:c9:82:72:1e:01:45:79:c2:31:e8:5d:06:61:0e:78:ca:
02:49:83:4e:ca:a6:73:dd:7c:22:9e:11:e1:39:36:2e:36:d5:
b5:5e:38:54:b6:55:de:94:a0:fc:09:ad:fe:4c:d9:05:d3:41:
78:a8:07:ae:d6:21:d1:a9:f6:5f:76:e3:c8:04:71:f2:4d:79:
21:b2:98:e1:de:21:f8:ea:3f:a0:ac:35:af:81:91:a4:a8:02:
c2:e8:e3:48:cc:02:a6:0d:ef:fa:33:84:97:19:97:36:43:e3:
fe:9c:9d:97:59:c2:f3:23:72:65:e2:3b:aa:f2:fd:c9:35:50:
14:ed:ac:7f:ba:ba:45:da:d4:50:dc:80:85:13:ce:b6:23:0f:
ed:e0:b8:bd:57:8c:1e:80:4f:e6:12:65:ff:73:05:6f:ed:90:
9a:67:e3:bc:df:9d:65:0b:f1:dd:ac:1f:93:0f:cc:73:1a:27:
1f:13:42:17:72:0d:79:e4:0c:c0:31:d5:d5:2e:40:8f:04:30:
8a:b2:5d:5d:4c:2f:90:12:e8:16:a5:3b:1a:77:43:30:66:4d:
bb:8a:a8:4c
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY+qCAH73faiW2ciepN3qJGtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3NTlmNmFjMTczZjc1ZWQ5ZTU4NWVjN2Q4NzJhNTg2NWNl
ZjI4MzUwHhcNMjQwNTI0MDk1NjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTg5NWIyOGZmOGM3NDJjNDU0NDFkM2MxZDEzOWI1ZDNiZDczZGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Uadyju9JBSoDvVAuBQXt5W0Xl+b
/FlZmw9iL5dQiJQ/iGxacqHEu5mcrfQ0jMJVK4Rib2VTHtJ9jcAcwPIJ32RkblCt
gay/g646tPCjC/Pw6dbwYeVY9kv5mt4C7zQisEQaFZr03HE+L34oAp6ecMLl9o41
kWwkkonndXeya9fAOLQgDzRVH14zzslkHcWxVotl113FS1kzpP6rKC5WksnS3eHP
0XdCRkVCjABSuoP/lPmdSrAYX09rf/46BSDQK/nq4UHj5kbFYzW9XbSjy6cb0OgQ
AvqUu/TOMa5MtZsAt/+ZwK7qHEhyvddqROBQhI+HxewEu1CjAztOR2ipawIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFP6JWyj/jHQsRUQdPB0Tm1071z3GMB8GA1UdIwQY
MBaAFAdZ9qwXP3Xtnlhex9hypYZc7yg1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjFuMnJCY19kZTJlV0Y3SDJIS2xobHp2S0RVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9kMmNkMWMtMDRiNS00NGQwLTgxZDUt
N2JlM2JkYTA1OTI3LzEvX29sYktQLU1kQ3hGUkIwOEhST2JYVHZYUGNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9kMmNkMWMtMDRiNS00NGQwLTgxZDUtN2JlM2JkYTA1OTI3
LzEvQjFuMnJCY19kZTJlV0Y3SDJIS2xobHp2S0RVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEJfcgAwQE
TfPgAwQEXmeQAwQEshKAMA0EAgACMAcDBQAqAgmQMA0GCSqGSIb3DQEBCwUAA4IB
AQBLEr0+B/tTdB8Kfbaof3vTsFNY6/sBAdZfTinktqZC+0s3VF18mMmCch4BRXnC
MehdBmEOeMoCSYNOyqZz3XwinhHhOTYuNtW1XjhUtlXelKD8Ca3+TNkF00F4qAeu
1iHRqfZfduPIBHHyTXkhspjh3iH46j+grDWvgZGkqALC6ONIzAKmDe/6M4SXGZc2
Q+P+nJ2XWcLzI3Jl4juq8v3JNVAU7ax/urpF2tRQ3ICFE862Iw/t4Li9V4wegE/m
EmX/cwVv7ZCaZ+O8351lC/HdrB+TD8xzGicfE0IXcg155AzAMdXVLkCPBDCKsl1d
TC+QEugWpTsad0MwZk27iqhM
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:02:17 2024 by rpki-client on console-fra.rpki-client.org