Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/OkABPny7_SXsY6DDa4NCobZ8c6A.roa
File: OkABPny7_SXsY6DDa4NCobZ8c6A.roa (raw, json)
Hash identifier: BO9NhVwz69BaaeNN6hpOeh867H3gug3XdOUDM9RiKfc=
Subject key identifier: 3A:40:01:3E:7C:BB:FD:25:EC:63:A0:C3:6B:83:42:A1:B6:7C:73:A0
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 0191DD3870BDC42BB09C7448A43823F56FE3
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/OkABPny7_SXsY6DDa4NCobZ8c6A.roa
Signing time: Tue 10 Sep 2024 18:35:49 +0000
ROA not before: Tue 10 Sep 2024 18:35:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3360
IP address blocks: 195.203.156.0/22 maxlen: 22
217.27.4.0/24 maxlen: 24
217.27.6.0/24 maxlen: 24
217.27.7.0/24 maxlen: 24
2a03:5000:1::/48 maxlen: 48
2a03:5000:2::/48 maxlen: 48
2a03:5000:11::/48 maxlen: 48
2a03:5000:12::/48 maxlen: 48
2a03:5000:20::/48 maxlen: 48
2a03:5000:21::/48 maxlen: 48
2a03:5000:22::/48 maxlen: 48
2a03:5000:30::/48 maxlen: 48
2a03:5000:31::/48 maxlen: 48
2a03:5000:32::/48 maxlen: 48
2a03:5000:41::/48 maxlen: 48
2a03:5000:42::/48 maxlen: 48
2a03:5000:51::/48 maxlen: 48
2a03:5000:52::/48 maxlen: 48
2a03:5000:61::/48 maxlen: 48
2a03:5000:62::/48 maxlen: 48
2a03:5000:71::/48 maxlen: 48
2a03:5000:72::/48 maxlen: 48
2a03:5000:81::/48 maxlen: 48
2a03:5000:82::/48 maxlen: 48
2a03:5000:91::/48 maxlen: 48
2a03:5000:92::/48 maxlen: 48
2a03:5000:101::/48 maxlen: 48
2a03:5000:102::/48 maxlen: 48
2a03:5000:111::/48 maxlen: 48
2a03:5000:112::/48 maxlen: 48
2a03:5000:121::/48 maxlen: 48
2a03:5000:122::/48 maxlen: 48
2a03:5000:131::/48 maxlen: 48
2a03:5000:132::/48 maxlen: 48
2a03:5000:141::/48 maxlen: 48
2a03:5000:142::/48 maxlen: 48
2a03:5000:151::/48 maxlen: 48
2a03:5000:152::/48 maxlen: 48
2a03:5000:161::/48 maxlen: 48
2a03:5000:162::/48 maxlen: 48
2a03:5000:171::/48 maxlen: 48
2a03:5000:172::/48 maxlen: 48
2a03:5000:181::/48 maxlen: 48
2a03:5000:182::/48 maxlen: 48
2a03:5000:191::/48 maxlen: 48
2a03:5000:192::/48 maxlen: 48
2a03:5000:201::/48 maxlen: 48
2a03:5000:202::/48 maxlen: 48
2a03:5000:211::/48 maxlen: 48
2a03:5000:212::/48 maxlen: 48
2a03:5000:221::/48 maxlen: 48
2a03:5000:222::/48 maxlen: 48
2a03:5000:231::/48 maxlen: 48
2a03:5000:232::/48 maxlen: 48
2a03:5000:241::/48 maxlen: 48
2a03:5000:242::/48 maxlen: 48
2a03:5000:251::/48 maxlen: 48
2a03:5000:252::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.mft
rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:dd:38:70:bd:c4:2b:b0:9c:74:48:a4:38:23:f5:6f:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Sep 10 18:35:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a40013e7cbbfd25ec63a0c36b8342a1b67c73a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:f2:79:eb:f5:2d:5d:6f:13:a8:76:75:08:7f:
25:eb:d6:2b:f6:0b:81:24:1e:29:ac:ec:89:fb:80:
1b:b7:0b:20:6f:2c:b0:98:e4:28:3d:5b:bf:0d:e0:
c5:4e:8f:ee:e8:80:5b:8e:c5:ec:2a:f2:44:c5:9d:
ec:40:0c:24:3a:2f:0d:02:24:3c:2b:a8:a7:ea:61:
9a:0d:b6:79:32:d8:ca:c4:70:f4:12:da:7a:38:03:
86:fc:0f:fe:20:39:d4:17:7f:02:4e:ab:02:9f:1f:
82:34:6f:82:6f:20:2b:b0:c3:32:92:44:90:62:cc:
31:6a:6e:db:64:de:be:94:0f:32:a5:b7:10:90:55:
27:9e:92:1f:6d:c2:62:83:47:04:44:2c:24:06:a8:
23:dc:96:c8:f2:b2:e2:1a:8b:e0:2d:ab:ca:ad:5e:
ac:5a:8d:6e:01:2d:b0:c2:41:06:6e:ca:08:09:fe:
a1:51:f3:1a:3b:07:25:f7:65:5d:92:7e:20:3e:c8:
34:a0:d6:be:76:f6:f9:40:ec:75:46:67:f3:23:21:
ee:9e:79:8a:c9:e4:51:89:64:ac:7a:f0:4d:06:37:
3b:cd:36:51:67:51:ac:f7:c0:f3:27:bb:34:5c:1f:
0c:39:de:32:21:be:7a:9e:59:19:38:e6:85:b5:56:
db:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:40:01:3E:7C:BB:FD:25:EC:63:A0:C3:6B:83:42:A1:B6:7C:73:A0
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/OkABPny7_SXsY6DDa4NCobZ8c6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.203.156.0/22
217.27.4.0/24
217.27.6.0/23
IPv6:
2a03:5000:1::-2a03:5000:2:ffff:ffff:ffff:ffff:ffff
2a03:5000:11::-2a03:5000:12:ffff:ffff:ffff:ffff:ffff
2a03:5000:20::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
2a03:5000:30::-2a03:5000:32:ffff:ffff:ffff:ffff:ffff
2a03:5000:41::-2a03:5000:42:ffff:ffff:ffff:ffff:ffff
2a03:5000:51::-2a03:5000:52:ffff:ffff:ffff:ffff:ffff
2a03:5000:61::-2a03:5000:62:ffff:ffff:ffff:ffff:ffff
2a03:5000:71::-2a03:5000:72:ffff:ffff:ffff:ffff:ffff
2a03:5000:81::-2a03:5000:82:ffff:ffff:ffff:ffff:ffff
2a03:5000:91::-2a03:5000:92:ffff:ffff:ffff:ffff:ffff
2a03:5000:101::-2a03:5000:102:ffff:ffff:ffff:ffff:ffff
2a03:5000:111::-2a03:5000:112:ffff:ffff:ffff:ffff:ffff
2a03:5000:121::-2a03:5000:122:ffff:ffff:ffff:ffff:ffff
2a03:5000:131::-2a03:5000:132:ffff:ffff:ffff:ffff:ffff
2a03:5000:141::-2a03:5000:142:ffff:ffff:ffff:ffff:ffff
2a03:5000:151::-2a03:5000:152:ffff:ffff:ffff:ffff:ffff
2a03:5000:161::-2a03:5000:162:ffff:ffff:ffff:ffff:ffff
2a03:5000:171::-2a03:5000:172:ffff:ffff:ffff:ffff:ffff
2a03:5000:181::-2a03:5000:182:ffff:ffff:ffff:ffff:ffff
2a03:5000:191::-2a03:5000:192:ffff:ffff:ffff:ffff:ffff
2a03:5000:201::-2a03:5000:202:ffff:ffff:ffff:ffff:ffff
2a03:5000:211::-2a03:5000:212:ffff:ffff:ffff:ffff:ffff
2a03:5000:221::-2a03:5000:222:ffff:ffff:ffff:ffff:ffff
2a03:5000:231::-2a03:5000:232:ffff:ffff:ffff:ffff:ffff
2a03:5000:241::-2a03:5000:242:ffff:ffff:ffff:ffff:ffff
2a03:5000:251::-2a03:5000:252:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
da:9e:7d:8f:1d:97:6a:ea:26:0b:f1:d8:6e:8e:31:f7:2b:45:
b3:39:df:a8:ee:87:46:2f:c3:fa:e3:c3:f8:ac:8b:e7:ca:1f:
a6:ab:02:14:7c:e8:3a:b2:26:21:26:91:b9:39:0e:6e:c0:d2:
7a:36:b0:72:80:7d:7d:02:cc:3b:ca:18:e3:62:03:f0:ed:ee:
87:b0:2d:98:72:24:1c:af:ed:d4:ce:23:0f:70:7c:d2:97:bc:
60:82:9b:88:24:b7:85:f9:83:c0:6a:ff:89:89:db:fe:45:d8:
7e:ca:38:4e:5c:72:c7:bb:51:c4:48:61:b3:5c:ce:ea:02:3e:
c3:40:ec:56:13:08:0f:e2:7d:30:60:12:ab:bb:59:0d:1d:a2:
b9:98:2b:30:7f:7d:c2:cc:60:57:f6:89:79:49:fa:ce:d1:9c:
e8:4c:e4:3e:d5:24:19:95:43:82:ad:70:62:a8:77:36:53:8a:
55:20:ff:83:7f:3d:f7:f8:f7:18:b4:bf:ee:60:28:e6:61:aa:
7e:18:a9:e5:11:78:cc:d6:0c:26:4f:fc:c5:d8:83:8b:ee:89:
4b:89:59:f3:43:62:0e:8e:c9:13:64:6a:17:17:28:c8:66:c9:
76:81:7e:b4:fd:a0:65:1c:ee:66:81:ac:2a:cc:cb:8e:20:9c:
59:94:94:ec
-----BEGIN CERTIFICATE-----
MIIHIzCCBgugAwIBAgISAZHdOHC9xCuwnHRIpDgj9W/jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjQwOTEwMTgzNTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTQwMDEzZTdjYmJmZDI1ZWM2M2EwYzM2YjgzNDJhMWI2N2M3M2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3fJ56/UtXW8TqHZ1CH8l69Yr9guB
JB4prOyJ+4AbtwsgbyywmOQoPVu/DeDFTo/u6IBbjsXsKvJExZ3sQAwkOi8NAiQ8
K6in6mGaDbZ5MtjKxHD0Etp6OAOG/A/+IDnUF38CTqsCnx+CNG+CbyArsMMykkSQ
Yswxam7bZN6+lA8ypbcQkFUnnpIfbcJig0cERCwkBqgj3JbI8rLiGovgLavKrV6s
Wo1uAS2wwkEGbsoICf6hUfMaOwcl92Vdkn4gPsg0oNa+dvb5QOx1RmfzIyHunnmK
yeRRiWSsevBNBjc7zTZRZ1Gs98DzJ7s0XB8MOd4yIb56nlkZOOaFtVbbwwIDAQAB
o4IELzCCBCswHQYDVR0OBBYEFDpAAT58u/0l7GOgw2uDQqG2fHOgMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvT2tBQlBueTdfU1hzWTZERGE0TkNvYlo4YzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICQwYIKwYBBQUHAQcBAf8EggIyMIICLjAYBAIAATASAwQC
w8ucAwQA2RsEAwQB2RsGMIICEAQCAAIwggIIMBIDBwAqA1AAAAEDBwAqA1AAAAIw
EgMHACoDUAAAEQMHACoDUAAAEjASAwcFKgNQAAAgAwcAKgNQAAAiMBIDBwQqA1AA
ADADBwAqA1AAADIwEgMHACoDUAAAQQMHACoDUAAAQjASAwcAKgNQAABRAwcAKgNQ
AABSMBIDBwAqA1AAAGEDBwAqA1AAAGIwEgMHACoDUAAAcQMHACoDUAAAcjASAwcA
KgNQAACBAwcAKgNQAACCMBIDBwAqA1AAAJEDBwAqA1AAAJIwEgMHACoDUAABAQMH
ACoDUAABAjASAwcAKgNQAAERAwcAKgNQAAESMBIDBwAqA1AAASEDBwAqA1AAASIw
EgMHACoDUAABMQMHACoDUAABMjASAwcAKgNQAAFBAwcAKgNQAAFCMBIDBwAqA1AA
AVEDBwAqA1AAAVIwEgMHACoDUAABYQMHACoDUAABYjASAwcAKgNQAAFxAwcAKgNQ
AAFyMBIDBwAqA1AAAYEDBwAqA1AAAYIwEgMHACoDUAABkQMHACoDUAABkjASAwcA
KgNQAAIBAwcAKgNQAAICMBIDBwAqA1AAAhEDBwAqA1AAAhIwEgMHACoDUAACIQMH
ACoDUAACIjASAwcAKgNQAAIxAwcAKgNQAAIyMBIDBwAqA1AAAkEDBwAqA1AAAkIw
EgMHACoDUAACUQMHACoDUAACUjANBgkqhkiG9w0BAQsFAAOCAQEA2p59jx2Xauom
C/HYbo4x9ytFsznfqO6HRi/D+uPD+KyL58ofpqsCFHzoOrImISaRuTkObsDSejaw
coB9fQLMO8oY42ID8O3uh7AtmHIkHK/t1M4jD3B80pe8YIKbiCS3hfmDwGr/iYnb
/kXYfso4Tlxyx7tRxEhhs1zO6gI+w0DsVhMID+J9MGASq7tZDR2iuZgrMH99wsxg
V/aJeUn6ztGc6EzkPtUkGZVDgq1wYqh3NlOKVSD/g3899/j3GLS/7mAo5mGqfhip
5RF4zNYMJk/8xdiDi+6JS4lZ80NiDo7JE2RqFxcoyGbJdoF+tP2gZRzuZoGsKszL
jiCcWZSU7A==
-----END CERTIFICATE-----
Generated at Sat Sep 28 19:49:29 2024 by rpki-client on console-fra.rpki-client.org