Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ol6ImTcx37iS-nb0PKWV68QoljI.roa
File: Ol6ImTcx37iS-nb0PKWV68QoljI.roa (raw, json)
Hash identifier: YWiR0ZuL63jhl5K0OKT6CdGTvLpEs9YGj0IAXUM//nE=
Subject key identifier: 3A:5E:88:99:37:31:DF:B8:92:FA:76:F4:3C:A5:95:EB:C4:28:96:32
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01942824916F9D1668613EC5C10840D408BF
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ol6ImTcx37iS-nb0PKWV68QoljI.roa
Signing time: Thu 02 Jan 2025 17:51:12 +0000
ROA not before: Thu 02 Jan 2025 17:51:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60230
IP address blocks: 31.13.244.0/24 maxlen: 24
31.13.244.99/32 maxlen: 32
87.120.236.0/24 maxlen: 24
2a00:1728:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:91:6f:9d:16:68:61:3e:c5:c1:08:40:d4:08:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a5e88993731dfb892fa76f43ca595ebc4289632
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:a0:f1:ec:dd:7d:11:5c:9f:07:8f:b1:63:9c:
6d:34:95:b6:6b:95:19:cd:1a:09:a4:d1:3b:6f:b2:
41:3f:7d:5d:cd:ac:d8:0d:ee:61:87:74:b7:9f:18:
90:b7:5a:c8:10:df:9e:0a:8f:71:5e:04:d9:c0:33:
d1:57:7f:4c:c5:91:81:6d:2b:80:15:d8:4b:68:0b:
19:67:cd:1e:f6:29:4b:f9:2b:a7:8d:80:7a:91:22:
5b:8b:9c:07:ae:2f:56:6a:b1:9c:ef:8b:dc:69:b2:
b0:26:27:bd:07:d7:45:74:b5:52:d0:7b:19:e9:31:
b4:6a:ce:27:5d:1d:d5:48:c5:67:ae:93:e1:0c:e9:
8c:9d:e6:9a:73:19:1c:b2:a1:a3:87:26:5b:d0:c3:
59:5d:bd:d0:f7:f3:77:61:c5:b9:fc:d5:3b:44:18:
1b:14:99:05:ff:ad:c6:95:6c:7f:bd:db:62:70:18:
0b:8c:25:26:64:41:aa:02:a7:51:00:88:37:90:6a:
3a:5f:a3:fa:f1:68:ab:e5:da:ad:b1:64:23:1a:26:
8c:92:5b:65:97:80:d6:37:66:7c:b3:48:b4:cb:b2:
a8:1b:e9:51:c3:0f:cb:4e:8f:f0:f1:69:bc:72:91:
82:c2:86:75:5a:d2:63:93:e0:c9:3e:3c:59:d3:a2:
42:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5E:88:99:37:31:DF:B8:92:FA:76:F4:3C:A5:95:EB:C4:28:96:32
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ol6ImTcx37iS-nb0PKWV68QoljI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.244.0/24
87.120.236.0/24
IPv6:
2a00:1728:a::/48
Signature Algorithm: sha256WithRSAEncryption
38:e7:30:8a:8d:2f:d0:3d:3b:b6:27:e8:c4:cf:01:7d:40:f2:
2f:8d:96:73:ef:79:08:39:e0:72:6c:5b:cb:8c:8d:36:f2:00:
03:9c:33:6c:dc:24:91:0d:91:f4:a5:51:63:0f:de:67:8f:f6:
f1:40:4b:06:e5:d8:3b:bc:2a:ef:24:50:84:fe:bf:dc:66:79:
54:98:10:34:1d:b0:c4:6d:af:f5:70:37:b8:59:2e:ab:5b:1f:
b2:86:95:46:e1:15:fc:ee:2e:b4:42:18:ec:f2:7a:7c:6f:85:
ae:22:51:22:f4:5c:c7:1b:58:7b:7a:fa:6c:6d:42:9e:1e:19:
a9:70:96:65:ea:56:fd:7d:1a:dc:ed:21:ca:3f:a9:57:f8:a2:
57:93:8f:0f:bc:fb:37:7e:0f:c0:0b:bc:a0:0a:22:34:29:ba:
29:b5:31:d3:7a:92:c2:28:9c:fc:f4:04:16:df:a3:60:e8:2e:
aa:16:1c:7a:d1:dd:28:b2:bf:03:14:6a:e1:2e:d1:40:5c:aa:
2d:87:9a:59:d9:da:cd:dd:c8:e0:13:27:2f:21:8a:8b:6a:c0:
5a:73:9b:f4:10:0c:32:3d:48:52:a5:18:af:77:fa:e3:49:e8:
b3:63:c6:13:f0:c4:17:bc:86:86:c1:c3:28:37:25:d9:62:14:
f5:c0:3c:45
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZQoJJFvnRZoYT7FwQhA1Ai/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTVlODg5OTM3MzFkZmI4OTJmYTc2ZjQzY2E1OTVlYmM0Mjg5NjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4aDx7N19EVyfB4+xY5xtNJW2a5UZ
zRoJpNE7b7JBP31dzazYDe5hh3S3nxiQt1rIEN+eCo9xXgTZwDPRV39MxZGBbSuA
FdhLaAsZZ80e9ilL+SunjYB6kSJbi5wHri9WarGc74vcabKwJie9B9dFdLVS0HsZ
6TG0as4nXR3VSMVnrpPhDOmMneaacxkcsqGjhyZb0MNZXb3Q9/N3YcW5/NU7RBgb
FJkF/63GlWx/vdticBgLjCUmZEGqAqdRAIg3kGo6X6P68Wir5dqtsWQjGiaMkltl
l4DWN2Z8s0i0y7KoG+lRww/LTo/w8Wm8cpGCwoZ1WtJjk+DJPjxZ06JCDQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFDpeiJk3Md+4kvp29DyllevEKJYyMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvT2w2SW1UY3gzN2lTLW5iMFBLV1Y2OFFvbGpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAHw30AwQA
V3jsMA8EAgACMAkDBwAqABcoAAowDQYJKoZIhvcNAQELBQADggEBADjnMIqNL9A9
O7Yn6MTPAX1A8i+NlnPveQg54HJsW8uMjTbyAAOcM2zcJJENkfSlUWMP3meP9vFA
Swbl2Du8Ku8kUIT+v9xmeVSYEDQdsMRtr/VwN7hZLqtbH7KGlUbhFfzuLrRCGOzy
enxvha4iUSL0XMcbWHt6+mxtQp4eGalwlmXqVv19GtztIco/qVf4oleTjw+8+zd+
D8ALvKAKIjQpuim1MdN6ksIonPz0BBbfo2DoLqoWHHrR3SiyvwMUauEu0UBcqi2H
mlnZ2s3dyOATJy8hiotqwFpzm/QQDDI9SFKlGK93+uNJ6LNjxhPwxBe8hobBwyg3
JdliFPXAPEU=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:06:19 2025 by rpki-client