Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/OLgCHEw2EOO61IoUQJ1vYAtAvjk.roa
File: OLgCHEw2EOO61IoUQJ1vYAtAvjk.roa (raw, json)
Hash identifier: SG0CnjikiEd6KjjHbyrfPGIdV2yOL5aW/FuUL0mXgEc=
Subject key identifier: 38:B8:02:1C:4C:36:10:E3:BA:D4:8A:14:40:9D:6F:60:0B:40:BE:39
Certificate issuer: /CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Certificate serial: 018CC5DC7C7B9BC772B3A8300D194ADCCC40
Authority key identifier: 92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/OLgCHEw2EOO61IoUQJ1vYAtAvjk.roa
Signing time: Mon 01 Jan 2024 16:30:10 +0000
ROA not before: Mon 01 Jan 2024 16:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48176
IP address blocks: 81.177.228.0/22 maxlen: 22
81.177.240.0/21 maxlen: 21
81.177.248.0/22 maxlen: 22
81.177.252.0/23 maxlen: 23
81.177.184.0/24 maxlen: 24
81.177.188.0/22 maxlen: 22
81.177.187.0/24 maxlen: 24
81.177.198.0/23 maxlen: 23
81.177.195.0/24 maxlen: 24
81.177.200.0/22 maxlen: 22
81.177.200.0/21 maxlen: 21
81.177.226.0/23 maxlen: 23
81.177.224.0/20 maxlen: 20
81.177.224.0/23 maxlen: 23
185.8.20.0/22 maxlen: 22
178.237.176.0/20 maxlen: 20
178.237.176.0/21 maxlen: 21
178.237.176.0/22 maxlen: 22
178.237.184.0/21 maxlen: 21
178.237.180.0/22 maxlen: 22
178.237.190.0/23 maxlen: 23
178.237.188.0/23 maxlen: 23
81.177.56.0/21 maxlen: 21
91.207.136.0/23 maxlen: 23
62.122.240.0/21 maxlen: 21
37.18.152.0/21 maxlen: 21
37.18.156.0/22 maxlen: 22
213.222.240.0/21 maxlen: 21
213.222.240.0/20 maxlen: 20
213.59.150.0/24 maxlen: 24
213.59.148.0/23 maxlen: 23
213.59.146.0/24 maxlen: 24
213.59.154.0/24 maxlen: 24
213.222.248.0/21 maxlen: 21
213.59.186.0/23 maxlen: 23
213.59.186.0/24 maxlen: 24
149.255.24.0/21 maxlen: 21
213.59.190.0/23 maxlen: 23
213.59.188.0/22 maxlen: 22
213.222.224.0/22 maxlen: 22
213.222.224.0/21 maxlen: 21
213.222.232.0/22 maxlen: 22
213.222.232.0/21 maxlen: 21
213.222.236.0/22 maxlen: 22
213.59.144.0/22 maxlen: 22
2a03:aa00::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/kvSxwL-61GuBHu5Wihj7qhSp1oc.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/kvSxwL-61GuBHu5Wihj7qhSp1oc.mft
rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:7c:7b:9b:c7:72:b3:a8:30:0d:19:4a:dc:cc:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92f4b1c0bfbad46b811eee568a18fbaa14a9d687
Validity
Not Before: Jan 1 16:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38b8021c4c3610e3bad48a14409d6f600b40be39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:2a:dd:e4:4c:42:26:af:0c:e8:8f:be:21:4d:
86:4e:bc:98:c1:94:99:d6:95:e3:48:0b:59:41:e2:
7c:ef:26:7e:d9:35:bd:fe:06:c7:10:9d:59:3d:5a:
16:36:81:79:0a:fc:d6:13:05:61:19:5d:f8:56:ed:
a8:2b:37:65:2e:92:e5:6a:90:ca:2e:b7:d9:9d:c1:
34:19:fa:2f:a9:4f:20:e1:37:35:9e:b6:1b:54:1e:
54:d4:e1:84:b7:69:49:83:c9:ea:0e:05:89:65:34:
3a:a4:a4:71:15:5b:86:00:10:16:d2:d8:49:50:5d:
de:ae:f2:08:2b:82:9d:76:9f:c3:dc:ab:93:dd:26:
ed:a0:30:57:80:66:af:31:48:86:fc:81:48:07:89:
72:a7:62:7b:75:5e:cb:81:58:7f:20:3a:72:bf:48:
46:5e:3e:3c:52:23:a9:47:72:82:7d:c5:e2:58:f2:
01:9f:97:db:b0:e3:35:20:ba:1f:22:8b:12:85:a6:
77:42:16:97:dd:c9:6e:bf:e0:3c:f5:50:ab:17:b4:
87:c1:93:80:7a:fd:84:f6:ac:29:6a:3f:f5:11:52:
b8:7b:3d:eb:66:43:84:f0:85:06:a3:f4:2f:82:b4:
18:21:a3:50:2b:0f:71:38:29:13:6f:ac:5c:20:aa:
3f:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:B8:02:1C:4C:36:10:E3:BA:D4:8A:14:40:9D:6F:60:0B:40:BE:39
X509v3 Authority Key Identifier:
keyid:92:F4:B1:C0:BF:BA:D4:6B:81:1E:EE:56:8A:18:FB:AA:14:A9:D6:87
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kvSxwL-61GuBHu5Wihj7qhSp1oc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/OLgCHEw2EOO61IoUQJ1vYAtAvjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/4f8514-2e20-4935-995c-a084f76c8e2b/1/kvSxwL-61GuBHu5Wihj7qhSp1oc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.18.152.0/21
62.122.240.0/21
81.177.56.0/21
81.177.184.0/24
81.177.187.0-81.177.191.255
81.177.195.0/24
81.177.198.0-81.177.207.255
81.177.224.0-81.177.253.255
91.207.136.0/23
149.255.24.0/21
178.237.176.0/20
185.8.20.0/22
213.59.144.0-213.59.150.255
213.59.154.0/24
213.59.186.0-213.59.191.255
213.222.224.0/19
IPv6:
2a03:aa00::/36
Signature Algorithm: sha256WithRSAEncryption
2a:0c:0e:84:14:da:64:bb:e4:fb:a5:cf:cb:5f:ef:17:55:b4:
75:95:0a:35:37:d9:03:ac:cf:74:f4:03:f1:af:8d:57:3c:13:
55:94:8b:2c:69:99:07:15:a4:6b:65:28:80:33:19:08:d6:e1:
71:9b:70:f7:54:13:77:92:b2:44:3f:cb:2f:a5:e4:a8:6c:d0:
76:37:d3:a2:8e:8d:c6:7e:53:eb:95:3b:7d:45:57:4d:f7:41:
d0:47:1d:29:1e:3c:26:50:74:ee:01:0a:89:d8:5f:08:82:6a:
90:bc:7b:b2:58:7b:6f:03:bb:5d:f1:ac:34:99:92:c9:29:16:
70:28:e7:09:26:91:9d:b2:e1:64:06:fd:22:53:34:16:82:4f:
2f:88:ee:58:1c:f0:4a:ba:cd:3f:b9:35:ba:9d:56:b5:0b:3e:
67:2f:57:5b:c8:05:c3:45:6d:fb:29:45:f2:92:e5:0a:46:41:
89:3c:17:34:5a:f6:51:6e:93:36:b0:36:33:a2:fd:c6:30:45:
2a:cc:b7:c6:d2:5d:22:51:39:34:db:ae:21:ea:d9:c6:ea:67:
92:05:cd:43:b4:61:cf:fd:80:59:5f:19:3c:51:8b:26:fc:25:
90:fc:2d:ae:ec:fa:0e:13:95:21:00:20:be:02:91:0a:18:5e:
57:15:16:2e
-----BEGIN CERTIFICATE-----
MIIFlDCCBHygAwIBAgISAYzF3Hx7m8dys6gwDRlK3MxAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZjRiMWMwYmZiYWQ0NmI4MTFlZWU1NjhhMThmYmFhMTRh
OWQ2ODcwHhcNMjQwMTAxMTYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGI4MDIxYzRjMzYxMGUzYmFkNDhhMTQ0MDlkNmY2MDBiNDBiZTM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiyrd5ExCJq8M6I++IU2GTryYwZSZ
1pXjSAtZQeJ87yZ+2TW9/gbHEJ1ZPVoWNoF5CvzWEwVhGV34Vu2oKzdlLpLlapDK
LrfZncE0GfovqU8g4Tc1nrYbVB5U1OGEt2lJg8nqDgWJZTQ6pKRxFVuGABAW0thJ
UF3ervIIK4Kddp/D3KuT3SbtoDBXgGavMUiG/IFIB4lyp2J7dV7LgVh/IDpyv0hG
Xj48UiOpR3KCfcXiWPIBn5fbsOM1ILofIosShaZ3QhaX3cluv+A89VCrF7SHwZOA
ev2E9qwpaj/1EVK4ez3rZkOE8IUGo/QvgrQYIaNQKw9xOCkTb6xcIKo/8QIDAQAB
o4ICoDCCApwwHQYDVR0OBBYEFDi4AhxMNhDjutSKFECdb2ALQL45MB8GA1UdIwQY
MBaAFJL0scC/utRrgR7uVooY+6oUqdaHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMt
YTA4NGY3NmM4ZTJiLzEvT0xnQ0hFdzJFT082MUlvVVFKMXZZQXRBdmprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi80Zjg1MTQtMmUyMC00OTM1LTk5NWMtYTA4NGY3NmM4ZTJi
LzEva3ZTeHdMLTYxR3VCSHU1V2loajdxaFNwMW9jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG1BggrBgEFBQcBBwEB/wSBpTCBojCBjwQCAAEwgYgDBAMl
EpgDBAM+evADBANRsTgDBABRsbgwDAMEAFGxuwMEBlGxgAMEAFGxwzAMAwQBUbHG
AwQEUbHAMAwDBAVRseADBAFRsfwDBAFbz4gDBAOV/xgDBASy7bADBAK5CBQwDAME
BNU7kAMEANU7lgMEANU7mjAMAwQB1Tu6AwQG1TuAAwQF1d7gMA4EAgACMAgDBgQq
A6oAADANBgkqhkiG9w0BAQsFAAOCAQEAKgwOhBTaZLvk+6XPy1/vF1W0dZUKNTfZ
A6zPdPQD8a+NVzwTVZSLLGmZBxWka2UogDMZCNbhcZtw91QTd5KyRD/LL6XkqGzQ
djfToo6Nxn5T65U7fUVXTfdB0EcdKR48JlB07gEKidhfCIJqkLx7slh7bwO7XfGs
NJmSySkWcCjnCSaRnbLhZAb9IlM0FoJPL4juWBzwSrrNP7k1up1WtQs+Zy9XW8gF
w0Vt+ylF8pLlCkZBiTwXNFr2UW6TNrA2M6L9xjBFKsy3xtJdIlE5NNuuIerZxupn
kgXNQ7Rhz/2AWV8ZPFGLJvwlkPwtruz6DhOVIQAgvgKRChheVxUWLg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:03 2024 by rpki-client on console-ams.rpki-client.org