Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/OLNkJ0vbTphRCLVn-4MmOr2g1Tk.roa
File: OLNkJ0vbTphRCLVn-4MmOr2g1Tk.roa (raw, json)
Hash identifier: mNln9pcZjb+sVHHu31uLhEkLWTP2dGaNLAfF4iPVrxo=
Subject key identifier: 38:B3:64:27:4B:DB:4E:98:51:08:B5:67:FB:83:26:3A:BD:A0:D5:39
Certificate issuer: /CN=9ff1503210fe06ed35490b0231dbdb5967e12987
Certificate serial: 018CC9BC50750CEF754FE2D568CF05B2E557
Authority key identifier: 9F:F1:50:32:10:FE:06:ED:35:49:0B:02:31:DB:DB:59:67:E1:29:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n_FQMhD-Bu01SQsCMdvbWWfhKYc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/OLNkJ0vbTphRCLVn-4MmOr2g1Tk.roa
Signing time: Tue 02 Jan 2024 10:33:30 +0000
ROA not before: Tue 02 Jan 2024 10:33:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56465
IP address blocks: 195.140.224.0/24 maxlen: 24
195.140.225.0/24 maxlen: 24
195.140.226.0/24 maxlen: 24
195.140.227.0/24 maxlen: 24
31.128.182.0/24 maxlen: 24
94.124.162.0/24 maxlen: 24
94.124.163.0/24 maxlen: 24
94.124.167.0/24 maxlen: 24
2a0c:29c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/n_FQMhD-Bu01SQsCMdvbWWfhKYc.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/n_FQMhD-Bu01SQsCMdvbWWfhKYc.mft
rsync://rpki.ripe.net/repository/DEFAULT/n_FQMhD-Bu01SQsCMdvbWWfhKYc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 18:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:50:75:0c:ef:75:4f:e2:d5:68:cf:05:b2:e5:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ff1503210fe06ed35490b0231dbdb5967e12987
Validity
Not Before: Jan 2 10:33:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38b364274bdb4e985108b567fb83263abda0d539
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:e4:26:01:ba:a7:a0:10:13:b4:a4:15:ba:3e:
f1:81:45:a0:7a:9c:72:68:e1:59:cc:73:b0:45:d2:
5b:ca:0e:60:74:c0:d7:6f:ad:af:82:d7:3c:6e:dc:
a5:9b:2f:14:fd:b3:5d:ef:22:93:4e:d3:ba:84:92:
fd:4b:fe:51:b4:8d:1b:30:9f:aa:f9:1e:fd:6f:03:
bf:ec:0d:03:5d:d0:c9:ea:37:d3:05:3f:52:0a:b2:
15:c9:53:d3:05:39:3d:cd:b9:59:90:d3:9c:1d:b1:
fe:dc:02:fb:81:ad:5c:0b:3a:da:fd:d6:20:bb:c0:
29:cf:03:62:22:3c:14:f9:ea:c8:db:d1:07:a4:5a:
bc:c7:ac:f1:db:52:03:ac:9b:b1:7e:90:74:fd:21:
7c:51:19:7f:81:30:61:6a:df:52:c6:f7:2b:53:1c:
63:a2:5b:fa:eb:88:f5:1f:b1:7f:9c:4a:30:43:9e:
c4:90:05:d6:05:02:3e:f0:89:eb:73:cb:de:8c:17:
57:81:ce:1b:b3:e1:25:26:9b:c6:19:59:a7:96:31:
85:93:15:39:3a:81:0a:37:67:50:9f:02:0d:e6:31:
54:94:8b:21:c7:89:7f:07:95:6f:d5:17:e7:0a:71:
ec:ed:08:2d:8c:33:57:5e:93:99:00:e2:77:f2:ad:
a6:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B3:64:27:4B:DB:4E:98:51:08:B5:67:FB:83:26:3A:BD:A0:D5:39
X509v3 Authority Key Identifier:
keyid:9F:F1:50:32:10:FE:06:ED:35:49:0B:02:31:DB:DB:59:67:E1:29:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n_FQMhD-Bu01SQsCMdvbWWfhKYc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/OLNkJ0vbTphRCLVn-4MmOr2g1Tk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/8421d3-506a-4f0c-b9c0-46322e02f08d/1/n_FQMhD-Bu01SQsCMdvbWWfhKYc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.182.0/24
94.124.162.0/23
94.124.167.0/24
195.140.224.0/22
IPv6:
2a0c:29c1::/32
Signature Algorithm: sha256WithRSAEncryption
01:61:2f:5f:3b:1d:7d:28:34:8b:9e:c2:1d:69:88:e6:cc:92:
ae:c3:18:70:f2:b6:7a:18:29:38:5e:3d:ab:fe:21:d7:43:fe:
00:5f:01:68:8d:51:c6:5e:21:15:78:53:a8:f0:0d:5c:13:79:
f0:0f:05:5d:3f:28:e9:44:92:5e:c0:32:3a:a6:81:67:79:fb:
a6:de:a0:eb:60:18:ec:01:1c:1f:7f:1b:a3:02:c7:df:93:86:
69:b2:22:a8:80:56:28:79:54:38:35:d0:ea:33:30:48:49:00:
2f:16:c9:81:46:cf:b2:5c:f8:9e:2b:ab:f4:1f:24:06:6f:1f:
36:14:c8:5e:31:2a:ab:e4:82:c6:21:87:93:b6:45:2f:16:dd:
8e:ad:38:97:9e:9d:31:ad:aa:9d:52:b4:7d:18:7a:af:0d:2f:
75:b4:0f:33:fb:c2:0c:79:1e:3d:5b:18:87:39:e7:f1:5d:2c:
a1:aa:d5:62:70:91:38:69:4e:a1:8e:cd:12:1b:8d:48:96:81:
ad:e3:cc:90:81:e9:e6:08:8b:ae:95:16:75:86:d7:4c:14:42:
cb:25:27:07:7d:45:de:06:c9:8a:0a:50:4e:06:3c:c4:97:e0:
4e:96:d2:f0:d5:2a:68:ae:5b:78:e6:97:21:4e:8c:47:d3:18:
9f:f8:e9:ea
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJvFB1DO91T+LVaM8FsuVXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmZjE1MDMyMTBmZTA2ZWQzNTQ5MGIwMjMxZGJkYjU5Njdl
MTI5ODcwHhcNMjQwMTAyMTAzMzMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGIzNjQyNzRiZGI0ZTk4NTEwOGI1NjdmYjgzMjYzYWJkYTBkNTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiuQmAbqnoBATtKQVuj7xgUWgepxy
aOFZzHOwRdJbyg5gdMDXb62vgtc8btylmy8U/bNd7yKTTtO6hJL9S/5RtI0bMJ+q
+R79bwO/7A0DXdDJ6jfTBT9SCrIVyVPTBTk9zblZkNOcHbH+3AL7ga1cCzra/dYg
u8ApzwNiIjwU+erI29EHpFq8x6zx21IDrJuxfpB0/SF8URl/gTBhat9SxvcrUxxj
olv664j1H7F/nEowQ57EkAXWBQI+8Inrc8vejBdXgc4bs+ElJpvGGVmnljGFkxU5
OoEKN2dQnwIN5jFUlIshx4l/B5Vv1RfnCnHs7QgtjDNXXpOZAOJ38q2mQQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDizZCdL206YUQi1Z/uDJjq9oNU5MB8GA1UdIwQY
MBaAFJ/xUDIQ/gbtNUkLAjHb21ln4SmHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbl9GUU1oRC1CdTAxU1FzQ01kdmJXV2ZoS1ljLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC84NDIxZDMtNTA2YS00ZjBjLWI5YzAt
NDYzMjJlMDJmMDhkLzEvT0xOa0owdmJUcGhSQ0xWbi00TW1PcjJnMVRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC84NDIxZDMtNTA2YS00ZjBjLWI5YzAtNDYzMjJlMDJmMDhk
LzEvbl9GUU1oRC1CdTAxU1FzQ01kdmJXV2ZoS1ljLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAH4C2AwQB
XnyiAwQAXnynAwQCw4zgMA0EAgACMAcDBQAqDCnBMA0GCSqGSIb3DQEBCwUAA4IB
AQABYS9fOx19KDSLnsIdaYjmzJKuwxhw8rZ6GCk4Xj2r/iHXQ/4AXwFojVHGXiEV
eFOo8A1cE3nwDwVdPyjpRJJewDI6poFnefum3qDrYBjsARwffxujAsffk4ZpsiKo
gFYoeVQ4NdDqMzBISQAvFsmBRs+yXPieK6v0HyQGbx82FMheMSqr5ILGIYeTtkUv
Ft2OrTiXnp0xraqdUrR9GHqvDS91tA8z+8IMeR49WxiHOefxXSyhqtVicJE4aU6h
js0SG41IloGt48yQgenmCIuulRZ1htdMFELLJScHfUXeBsmKClBOBjzEl+BOltLw
1Sporlt45pchToxH0xif+Onq
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:04:40 2024 by rpki-client on console-ams.rpki-client.org