Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/olq0_cIS-m7zuo-VAkrplS3Ra0g.roa
File: olq0_cIS-m7zuo-VAkrplS3Ra0g.roa (raw, json)
Hash identifier: bFaZYtLTUCR13PL4ZOOEUIl7O+RwknqaKaF8Dv3I1BQ=
Subject key identifier: A2:5A:B4:FD:C2:12:FA:6E:F3:BA:8F:95:02:4A:E9:95:2D:D1:6B:48
Certificate issuer: /CN=5cbe9e43024ecc692c335398bb2d967116aac2d9
Certificate serial: 018CC3B72C1AF38F4EE313D0021250C248D6
Authority key identifier: 5C:BE:9E:43:02:4E:CC:69:2C:33:53:98:BB:2D:96:71:16:AA:C2:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XL6eQwJOzGksM1OYuy2WcRaqwtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/olq0_cIS-m7zuo-VAkrplS3Ra0g.roa
Signing time: Mon 01 Jan 2024 06:30:10 +0000
ROA not before: Mon 01 Jan 2024 06:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29588
IP address blocks: 91.247.248.0/22 maxlen: 22
91.247.248.0/24 maxlen: 24
91.247.249.0/24 maxlen: 24
91.247.250.0/24 maxlen: 24
91.247.251.0/24 maxlen: 24
213.108.136.0/24 maxlen: 24
213.108.137.0/24 maxlen: 24
213.108.136.0/21 maxlen: 21
213.108.138.0/24 maxlen: 24
213.108.139.0/24 maxlen: 24
213.108.142.0/24 maxlen: 24
213.108.143.0/24 maxlen: 24
213.108.140.0/24 maxlen: 24
213.108.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/XL6eQwJOzGksM1OYuy2WcRaqwtk.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/XL6eQwJOzGksM1OYuy2WcRaqwtk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XL6eQwJOzGksM1OYuy2WcRaqwtk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:2c:1a:f3:8f:4e:e3:13:d0:02:12:50:c2:48:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cbe9e43024ecc692c335398bb2d967116aac2d9
Validity
Not Before: Jan 1 06:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a25ab4fdc212fa6ef3ba8f95024ae9952dd16b48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:b1:72:15:e6:a3:42:ea:a5:b6:5b:6e:26:17:
e4:cb:8a:77:1b:f2:c2:41:1a:d8:82:49:65:c2:6e:
b9:f7:92:0e:fb:d0:e3:39:73:6b:e7:03:c0:c7:cc:
80:2d:2c:d4:ef:29:07:c1:e7:f3:1b:61:1f:79:91:
2c:c7:e2:d7:c6:14:fe:e1:f2:39:fd:d0:b3:5e:d6:
96:1f:e7:c8:4c:29:21:27:ff:95:9e:41:a7:ca:e7:
66:1d:fe:ad:f0:6a:e2:47:1a:1a:ec:e3:b6:5f:99:
b6:24:f6:0b:05:59:2a:36:1a:24:fe:ef:69:bd:5f:
45:ec:b0:31:20:11:79:2f:7e:7b:97:79:e3:60:71:
5c:e1:09:2a:4d:09:a0:41:be:75:af:f6:2b:e6:74:
fe:d1:37:af:11:4f:cf:7d:1d:f0:c9:a5:86:bc:f2:
a6:d6:b9:d0:0c:34:1e:26:30:5f:fd:a3:29:0c:c4:
f5:56:46:4b:c5:5f:d7:5d:6c:1b:61:5d:92:76:48:
9f:ed:c5:51:c8:7d:fb:04:d0:0c:19:91:ab:a8:23:
82:04:26:0c:5e:f0:07:00:b9:ec:a8:4b:98:01:a6:
a2:aa:bb:6b:2e:02:57:db:0a:3d:0a:ff:f8:61:93:
40:33:2c:3f:b8:90:1a:0a:6b:4a:be:c3:66:a8:3c:
4e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:5A:B4:FD:C2:12:FA:6E:F3:BA:8F:95:02:4A:E9:95:2D:D1:6B:48
X509v3 Authority Key Identifier:
keyid:5C:BE:9E:43:02:4E:CC:69:2C:33:53:98:BB:2D:96:71:16:AA:C2:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XL6eQwJOzGksM1OYuy2WcRaqwtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/olq0_cIS-m7zuo-VAkrplS3Ra0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/1b089c-d74b-49a7-89f7-28a56ea5cf0b/1/XL6eQwJOzGksM1OYuy2WcRaqwtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.247.248.0/22
213.108.136.0/21
Signature Algorithm: sha256WithRSAEncryption
1d:ba:41:dc:e8:5b:31:99:35:45:67:a7:4c:5f:d5:40:61:5f:
4e:c8:3b:af:bd:06:37:5d:63:83:a3:0f:5e:3f:cd:05:31:4b:
9b:3a:3e:03:99:0a:02:f9:31:18:6a:9d:ae:b8:be:c7:52:27:
aa:56:25:56:60:ae:c7:2c:7f:e7:02:8f:4b:5f:9f:40:e1:09:
fa:e4:5f:9f:26:c4:e9:8b:e7:5b:2e:2d:72:20:c4:28:73:28:
ba:13:e2:2e:36:36:ee:70:07:f0:fb:69:d9:48:3d:43:cf:b3:
e0:9c:c8:b3:ec:2c:a6:24:68:6c:2f:d9:a8:95:98:06:f9:41:
64:3b:59:54:5e:ff:7f:4c:d3:79:44:5f:f7:09:31:77:f8:4d:
87:b6:21:6f:ea:7f:8a:18:6e:af:6d:83:b1:59:e0:61:fc:36:
be:d1:b8:02:06:59:c4:99:60:f3:31:c0:be:81:ee:2a:f4:06:
c4:d9:de:f7:c3:19:5d:69:eb:b6:06:02:aa:cf:38:9e:9a:91:
6b:2c:f8:3a:55:a7:30:47:16:cc:43:29:11:3d:74:d4:51:d7:
eb:37:b0:48:ec:e7:9c:c3:3c:62:d9:13:ae:4f:8f:ee:3e:66:
b2:75:51:b1:86:f5:3e:9b:98:38:29:dc:a1:96:76:ef:dd:9d:
d1:5b:08:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDtywa849O4xPQAhJQwkjWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjYmU5ZTQzMDI0ZWNjNjkyYzMzNTM5OGJiMmQ5NjcxMTZh
YWMyZDkwHhcNMjQwMTAxMDYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjVhYjRmZGMyMTJmYTZlZjNiYThmOTUwMjRhZTk5NTJkZDE2YjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibFyFeajQuqltltuJhfky4p3G/LC
QRrYgkllwm6595IO+9DjOXNr5wPAx8yALSzU7ykHwefzG2EfeZEsx+LXxhT+4fI5
/dCzXtaWH+fITCkhJ/+VnkGnyudmHf6t8GriRxoa7OO2X5m2JPYLBVkqNhok/u9p
vV9F7LAxIBF5L357l3njYHFc4QkqTQmgQb51r/Yr5nT+0TevEU/PfR3wyaWGvPKm
1rnQDDQeJjBf/aMpDMT1VkZLxV/XXWwbYV2Sdkif7cVRyH37BNAMGZGrqCOCBCYM
XvAHALnsqEuYAaaiqrtrLgJX2wo9Cv/4YZNAMyw/uJAaCmtKvsNmqDxOXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKJatP3CEvpu87qPlQJK6ZUt0WtIMB8GA1UdIwQY
MBaAFFy+nkMCTsxpLDNTmLstlnEWqsLZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEw2ZVF3Sk96R2tzTTFPWXV5MldjUmFxd3RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xYjA4OWMtZDc0Yi00OWE3LTg5Zjct
MjhhNTZlYTVjZjBiLzEvb2xxMF9jSVMtbTd6dW8tVkFrcnBsUzNSYTBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8xYjA4OWMtZDc0Yi00OWE3LTg5ZjctMjhhNTZlYTVjZjBi
LzEvWEw2ZVF3Sk96R2tzTTFPWXV5MldjUmFxd3RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW/f4AwQD
1WyIMA0GCSqGSIb3DQEBCwUAA4IBAQAdukHc6FsxmTVFZ6dMX9VAYV9OyDuvvQY3
XWODow9eP80FMUubOj4DmQoC+TEYap2uuL7HUieqViVWYK7HLH/nAo9LX59A4Qn6
5F+fJsTpi+dbLi1yIMQocyi6E+IuNjbucAfw+2nZSD1Dz7PgnMiz7CymJGhsL9mo
lZgG+UFkO1lUXv9/TNN5RF/3CTF3+E2HtiFv6n+KGG6vbYOxWeBh/Da+0bgCBlnE
mWDzMcC+ge4q9AbE2d73wxldaeu2BgKqzziempFrLPg6VacwRxbMQykRPXTUUdfr
N7BI7Oecwzxi2ROuT4/uPmaydVGxhvU+m5g4Kdyhlnbv3Z3RWwip
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:44:43 2024 by rpki-client on console-fra.rpki-client.org