Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/OL-8O7wBJfCOyBQwEWnHoZnAub0.roa
File: OL-8O7wBJfCOyBQwEWnHoZnAub0.roa (raw, json)
Hash identifier: dbGnquqE7wlbUOXsaRgCiqCsbsbOy3bwwtK2kGwTdJ8=
Subject key identifier: 38:BF:BC:3B:BC:01:25:F0:8E:C8:14:30:11:69:C7:A1:99:C0:B9:BD
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01928ED9CFC6A6B51B0595C922A1F99791D2
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/OL-8O7wBJfCOyBQwEWnHoZnAub0.roa
Signing time: Tue 15 Oct 2024 06:24:52 +0000
ROA not before: Tue 15 Oct 2024 06:24:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42532
IP address blocks: 5.34.208.0/21 maxlen: 24
82.115.4.0/22 maxlen: 24
188.253.16.0/21 maxlen: 24
188.253.24.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8e:d9:cf:c6:a6:b5:1b:05:95:c9:22:a1:f9:97:91:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Oct 15 06:24:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38bfbc3bbc0125f08ec814301169c7a199c0b9bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:95:e1:a8:6b:cb:57:cc:16:c6:33:9e:5e:79:
f4:ea:94:0f:da:3b:88:36:f2:5f:5e:12:90:c0:7c:
4c:e7:18:e7:11:b4:6e:af:84:f7:24:4d:17:17:9c:
0a:bb:3e:a9:69:85:e4:92:23:34:2f:c6:1b:f0:6c:
1f:2d:04:97:43:ed:e9:ef:4c:de:8b:2a:d2:29:6b:
72:a3:52:51:92:03:ef:c5:63:7f:4b:e1:6d:18:fa:
ee:bf:7d:f0:aa:ed:fb:75:52:6b:7a:89:52:98:4c:
71:f7:82:e0:ae:f6:6e:08:fd:f8:1e:9a:6e:3c:8c:
cc:97:87:87:3a:a2:bc:67:d0:cd:08:db:49:40:60:
69:28:9e:69:0b:5a:e1:14:56:d1:c2:d3:bc:7e:43:
96:de:20:da:6d:7a:1e:f8:0b:43:df:c2:06:6f:85:
c9:a4:de:ab:a7:43:4e:dc:54:b8:ce:95:c1:82:c7:
57:30:c1:32:ef:25:10:66:9b:2d:65:d7:ee:ca:ed:
cd:09:79:05:1e:96:7a:4d:49:ff:73:60:f3:78:0f:
3a:54:0f:00:13:b6:39:33:e1:10:3d:b4:f0:fd:c6:
e3:b9:77:f1:df:cc:86:ef:11:f0:a1:87:55:58:3c:
c2:ac:85:72:90:47:9a:7c:f8:d2:fc:6a:43:4b:7f:
1f:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:BF:BC:3B:BC:01:25:F0:8E:C8:14:30:11:69:C7:A1:99:C0:B9:BD
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/OL-8O7wBJfCOyBQwEWnHoZnAub0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.208.0/21
82.115.4.0/22
188.253.16.0-188.253.27.255
Signature Algorithm: sha256WithRSAEncryption
bb:20:59:5c:f1:9b:0f:49:12:53:df:a3:dc:f1:6e:45:8a:51:
fe:82:ca:af:5c:6d:58:15:4e:69:01:a4:e7:90:e8:7b:82:d9:
80:e9:45:63:bd:31:3f:d3:12:b0:1a:0c:9d:91:cd:f7:43:80:
78:d5:e6:5b:d6:ee:2f:7a:bf:f7:6d:3f:55:09:01:a5:2d:f1:
1e:13:f1:2e:26:c3:ef:15:bf:6c:68:d0:b3:a2:e6:58:74:0c:
75:86:5a:be:46:4b:db:bf:cd:33:42:00:3f:fa:b2:10:e8:34:
3f:73:6d:e4:14:5d:16:07:37:cc:cf:da:bb:d7:1d:65:c4:c0:
5e:bf:f4:f6:e1:ba:47:ec:2c:84:12:7d:cc:18:2b:23:91:05:
47:1c:ad:20:01:17:36:d7:81:ed:38:b5:6f:4d:df:28:cc:c6:
39:d4:aa:96:e0:30:08:f6:05:2c:b8:64:9f:91:c4:18:c9:01:
4d:11:f1:fb:69:50:14:2c:59:82:11:89:16:5a:7b:a1:17:d7:
20:be:9e:51:10:42:0c:74:45:4b:8f:19:75:4a:71:37:f7:f4:
7d:e2:77:e1:86:bc:02:a2:38:ae:ab:68:15:8e:7e:ff:b4:0f:
5b:d3:7d:71:0c:26:69:bb:46:eb:86:42:cf:57:6d:38:68:fc:
54:18:8a:65
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZKO2c/GprUbBZXJIqH5l5HSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQxMDE1MDYyNDUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGJmYmMzYmJjMDEyNWYwOGVjODE0MzAxMTY5YzdhMTk5YzBiOWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2pXhqGvLV8wWxjOeXnn06pQP2juI
NvJfXhKQwHxM5xjnEbRur4T3JE0XF5wKuz6paYXkkiM0L8Yb8GwfLQSXQ+3p70ze
iyrSKWtyo1JRkgPvxWN/S+FtGPruv33wqu37dVJreolSmExx94LgrvZuCP34Hppu
PIzMl4eHOqK8Z9DNCNtJQGBpKJ5pC1rhFFbRwtO8fkOW3iDabXoe+AtD38IGb4XJ
pN6rp0NO3FS4zpXBgsdXMMEy7yUQZpstZdfuyu3NCXkFHpZ6TUn/c2DzeA86VA8A
E7Y5M+EQPbTw/cbjuXfx38yG7xHwoYdVWDzCrIVykEeafPjS/GpDS38fpwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDi/vDu8ASXwjsgUMBFpx6GZwLm9MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvT0wtOE83d0JKZkNPeUJRd0VXbkhvWm5BdWIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDBSLQAwQC
UnMEMAwDBAS8/RADBAK8/RgwDQYJKoZIhvcNAQELBQADggEBALsgWVzxmw9JElPf
o9zxbkWKUf6Cyq9cbVgVTmkBpOeQ6HuC2YDpRWO9MT/TErAaDJ2RzfdDgHjV5lvW
7i96v/dtP1UJAaUt8R4T8S4mw+8Vv2xo0LOi5lh0DHWGWr5GS9u/zTNCAD/6shDo
ND9zbeQUXRYHN8zP2rvXHWXEwF6/9PbhukfsLIQSfcwYKyORBUccrSABFzbXge04
tW9N3yjMxjnUqpbgMAj2BSy4ZJ+RxBjJAU0R8ftpUBQsWYIRiRZae6EX1yC+nlEQ
Qgx0RUuPGXVKcTf39H3id+GGvAKiOK6raBWOfv+0D1vTfXEMJmm7RuuGQs9XbTho
/FQYimU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:15:29 2024 by rpki-client on console-fra.rpki-client.org