Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/OlQeRgkRXe0iWfDK0olC6lVJ_3g.roa
File: OlQeRgkRXe0iWfDK0olC6lVJ_3g.roa (raw, json)
Hash identifier: KlDreL/xXUnliCHg1YiTxGsv6gVtQxSHShZ/8zLgjPA=
Subject key identifier: 3A:54:1E:46:09:11:5D:ED:22:59:F0:CA:D2:89:42:EA:55:49:FF:78
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 018FAA5FE628BB688E356BFB2C0F377C20D6
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/OlQeRgkRXe0iWfDK0olC6lVJ_3g.roa
Signing time: Fri 24 May 2024 11:32:42 +0000
ROA not before: Fri 24 May 2024 11:32:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 136787
IP address blocks: 36.255.188.0/24 maxlen: 24
36.255.189.0/24 maxlen: 24
36.255.190.0/24 maxlen: 24
36.255.191.0/24 maxlen: 24
45.143.68.0/24 maxlen: 24
45.143.69.0/24 maxlen: 24
45.143.70.0/24 maxlen: 24
45.143.71.0/24 maxlen: 24
83.150.240.0/24 maxlen: 24
83.150.241.0/24 maxlen: 24
83.150.242.0/24 maxlen: 24
83.150.243.0/24 maxlen: 24
87.239.254.0/24 maxlen: 24
95.181.216.0/24 maxlen: 24
95.181.217.0/24 maxlen: 24
95.181.218.0/24 maxlen: 24
95.181.219.0/24 maxlen: 24
103.225.200.0/24 maxlen: 24
103.225.201.0/24 maxlen: 24
103.225.202.0/24 maxlen: 24
103.225.203.0/24 maxlen: 24
171.22.252.0/24 maxlen: 24
185.46.116.0/24 maxlen: 24
185.46.117.0/24 maxlen: 24
185.46.240.0/24 maxlen: 24
185.46.241.0/24 maxlen: 24
185.46.242.0/24 maxlen: 24
185.46.243.0/24 maxlen: 24
185.75.208.0/24 maxlen: 24
185.75.209.0/24 maxlen: 24
185.75.210.0/24 maxlen: 24
185.75.211.0/24 maxlen: 24
185.201.190.0/24 maxlen: 24
185.253.68.0/24 maxlen: 24
185.253.69.0/24 maxlen: 24
185.253.70.0/24 maxlen: 24
185.253.71.0/24 maxlen: 24
193.108.242.0/24 maxlen: 24
193.108.243.0/24 maxlen: 24
193.201.248.0/24 maxlen: 24
193.201.249.0/24 maxlen: 24
193.201.250.0/24 maxlen: 24
193.201.251.0/24 maxlen: 24
194.36.96.0/24 maxlen: 24
194.36.97.0/24 maxlen: 24
194.36.98.0/24 maxlen: 24
194.36.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:aa:5f:e6:28:bb:68:8e:35:6b:fb:2c:0f:37:7c:20:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: May 24 11:32:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a541e4609115ded2259f0cad28942ea5549ff78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:ad:fd:d3:d0:b6:87:f9:4c:b4:47:71:a6:d9:
94:2a:c2:20:37:9d:df:d7:ff:1e:21:c6:26:8a:ea:
3f:b8:d2:21:f4:d3:ea:a4:0c:b3:57:ac:70:e4:97:
2f:58:3b:40:00:bf:a6:2c:9e:7c:e8:36:fd:db:50:
66:ec:ec:af:27:0e:cb:a9:f8:df:99:98:ad:e8:fc:
55:3b:c2:46:e9:e8:29:c3:11:d5:98:ee:ae:91:34:
3e:a0:06:52:c1:10:34:15:29:f2:fc:3c:ed:f5:d7:
2e:9c:00:ce:e5:ec:a3:cd:41:a7:63:87:dc:45:77:
6e:e3:f5:28:d2:0c:e4:32:1e:e5:18:83:f5:aa:b4:
16:76:2a:dd:8f:dd:0e:33:92:12:1d:21:40:9c:69:
4b:7c:dd:cb:de:79:87:12:ae:a6:1d:42:83:46:d8:
7d:d0:a2:44:51:be:48:08:37:32:65:b7:8a:4d:7b:
6d:b7:ac:a3:fa:b1:d4:e6:0e:2c:96:3f:cd:93:cb:
07:35:e0:c7:5b:95:a8:a4:6c:8b:bb:83:60:06:ed:
2a:f0:a9:89:37:f6:73:71:44:7a:84:46:36:1b:a8:
5b:c6:47:1c:05:1a:fe:49:5d:49:c4:6b:49:22:bc:
b5:bb:ac:46:fd:46:7d:e0:e5:c7:86:f9:77:0a:e2:
fa:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:54:1E:46:09:11:5D:ED:22:59:F0:CA:D2:89:42:EA:55:49:FF:78
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/OlQeRgkRXe0iWfDK0olC6lVJ_3g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
36.255.188.0/22
45.143.68.0/22
83.150.240.0/22
87.239.254.0/24
95.181.216.0/22
103.225.200.0/22
171.22.252.0/24
185.46.116.0/23
185.46.240.0/22
185.75.208.0/22
185.201.190.0/24
185.253.68.0/22
193.108.242.0/23
193.201.248.0/22
194.36.96.0/22
Signature Algorithm: sha256WithRSAEncryption
1c:85:cf:83:14:89:6b:6b:49:d6:17:3d:ca:fd:24:ef:db:f9:
69:78:cb:9a:66:53:8c:7c:ca:bf:ca:89:9d:7e:4e:7e:dd:6c:
97:bf:b6:8f:70:70:87:1f:99:1c:9a:a9:75:df:78:14:d4:ae:
07:fd:8f:1a:be:4b:dd:66:af:a3:e3:77:7d:7f:dd:c1:cc:f9:
32:2e:5d:23:61:3a:ae:23:0d:5b:73:b0:b4:09:5b:2d:ce:0a:
84:e8:80:b9:3b:0a:e3:6f:54:8f:5c:87:7e:cc:db:93:39:5e:
74:f8:8e:2e:6a:3d:36:89:3e:d7:d5:af:49:62:f9:b2:4e:d0:
3f:6b:66:b4:0d:6e:66:b9:25:17:3e:10:0b:37:7b:7f:bd:54:
4e:ec:97:e8:7b:35:44:3d:e6:3b:42:46:5f:51:76:cb:b3:31:
58:54:fa:f0:58:b9:c6:c9:98:33:22:9e:83:ad:42:31:f5:0f:
cf:ad:48:2e:81:e8:1a:90:18:76:09:dd:db:12:c8:19:0c:47:
ad:0a:2c:bf:73:32:e0:e7:4f:34:36:c8:ee:3f:46:a8:48:15:
1c:79:5d:86:a0:cf:57:03:17:64:ea:9d:47:8c:98:d6:8b:de:
c7:9e:4b:13:3f:0d:aa:f4:90:32:bd:58:8d:06:7e:24:9c:f6:
75:c4:8b:82
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAY+qX+You2iONWv7LA83fCDWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjQwNTI0MTEzMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTU0MWU0NjA5MTE1ZGVkMjI1OWYwY2FkMjg5NDJlYTU1NDlmZjc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1K3909C2h/lMtEdxptmUKsIgN53f
1/8eIcYmiuo/uNIh9NPqpAyzV6xw5JcvWDtAAL+mLJ586Db921Bm7OyvJw7Lqfjf
mZit6PxVO8JG6egpwxHVmO6ukTQ+oAZSwRA0FSny/Dzt9dcunADO5eyjzUGnY4fc
RXdu4/Uo0gzkMh7lGIP1qrQWdirdj90OM5ISHSFAnGlLfN3L3nmHEq6mHUKDRth9
0KJEUb5ICDcyZbeKTXttt6yj+rHU5g4slj/Nk8sHNeDHW5WopGyLu4NgBu0q8KmJ
N/ZzcUR6hEY2G6hbxkccBRr+SV1JxGtJIry1u6xG/UZ94OXHhvl3CuL6kwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFDpUHkYJEV3tIlnwytKJQupVSf94MB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvT2xRZVJna1JYZTBpV2ZESzBvbEM2bFZKXzNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQCJP+8AwQC
LY9EAwQCU5bwAwQAV+/+AwQCX7XYAwQCZ+HIAwQAqxb8AwQBuS50AwQCuS7wAwQC
uUvQAwQAucm+AwQCuf1EAwQBwWzyAwQCwcn4AwQCwiRgMA0GCSqGSIb3DQEBCwUA
A4IBAQAchc+DFIlra0nWFz3K/STv2/lpeMuaZlOMfMq/yomdfk5+3WyXv7aPcHCH
H5kcmql133gU1K4H/Y8avkvdZq+j43d9f93BzPkyLl0jYTquIw1bc7C0CVstzgqE
6IC5Owrjb1SPXId+zNuTOV50+I4uaj02iT7X1a9JYvmyTtA/a2a0DW5muSUXPhAL
N3t/vVRO7JfoezVEPeY7QkZfUXbLszFYVPrwWLnGyZgzIp6DrUIx9Q/PrUgugega
kBh2Cd3bEsgZDEetCiy/czLg5080NsjuP0aoSBUceV2GoM9XAxdk6p1HjJjWi97H
nksTPw2q9JAyvViNBn4knPZ1xIuC
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:59:44 2024 by rpki-client on console-ams.rpki-client.org