Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/Ol87CMQDMlC3NLJahwmAsw17_88.roa
File: Ol87CMQDMlC3NLJahwmAsw17_88.roa (raw, json)
Hash identifier: rHmBoC04u+JatL510+lgR0qhC8WPHujugTppw+pgSXE=
Subject key identifier: 3A:5F:3B:08:C4:03:32:50:B7:34:B2:5A:87:09:80:B3:0D:7B:FF:CF
Certificate issuer: /CN=24cacceee35ff87cd678ef6a92262cefce8492df
Certificate serial: 018F5BA3DD2349D75C58D4EE40F5104C791D
Authority key identifier: 24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/Ol87CMQDMlC3NLJahwmAsw17_88.roa
Signing time: Thu 09 May 2024 04:36:56 +0000
ROA not before: Thu 09 May 2024 04:36:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48944
IP address blocks: 5.23.112.0/21 maxlen: 21
95.130.56.0/21 maxlen: 21
95.130.56.0/24 maxlen: 24
95.130.57.0/24 maxlen: 24
95.130.58.0/24 maxlen: 24
95.130.59.0/24 maxlen: 24
95.130.60.0/24 maxlen: 24
95.130.61.0/24 maxlen: 24
95.130.62.0/24 maxlen: 24
95.130.63.0/24 maxlen: 24
109.72.192.0/20 maxlen: 20
109.72.192.0/21 maxlen: 21
109.72.192.0/24 maxlen: 24
109.72.193.0/24 maxlen: 24
109.72.194.0/24 maxlen: 24
109.72.195.0/24 maxlen: 24
109.72.196.0/24 maxlen: 24
109.72.197.0/24 maxlen: 24
109.72.198.0/24 maxlen: 24
109.72.199.0/24 maxlen: 24
109.72.200.0/21 maxlen: 21
109.72.200.0/24 maxlen: 24
109.72.201.0/24 maxlen: 24
109.72.202.0/24 maxlen: 24
109.72.203.0/24 maxlen: 24
109.72.204.0/24 maxlen: 24
109.72.205.0/24 maxlen: 24
109.72.206.0/24 maxlen: 24
109.72.207.0/24 maxlen: 24
109.238.176.0/20 maxlen: 20
109.238.176.0/21 maxlen: 21
109.238.184.0/21 maxlen: 21
109.238.184.0/24 maxlen: 24
176.67.64.0/20 maxlen: 20
185.11.176.0/22 maxlen: 22
185.246.4.0/22 maxlen: 22
2a02:d2c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/JMrM7uNf-HzWeO9qkiYs786Ekt8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/JMrM7uNf-HzWeO9qkiYs786Ekt8.mft
rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 10:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:5b:a3:dd:23:49:d7:5c:58:d4:ee:40:f5:10:4c:79:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cacceee35ff87cd678ef6a92262cefce8492df
Validity
Not Before: May 9 04:36:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a5f3b08c4033250b734b25a870980b30d7bffcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:67:8d:54:04:06:4f:86:7e:8c:10:61:1a:1e:
13:80:ea:47:e9:21:17:e3:91:eb:43:92:76:1c:42:
d7:a9:62:81:ed:02:84:91:79:e7:ae:2d:55:9b:c1:
ba:c5:0c:73:14:8d:a3:f5:5f:d0:ee:9a:6f:64:9a:
b4:0a:2f:18:d9:1d:f6:de:13:07:34:cf:1e:89:bd:
00:d0:60:d3:a1:ec:da:61:df:35:1f:f5:dd:f8:0f:
46:d5:f1:7c:6e:a6:5c:8a:f5:34:2e:1c:be:30:eb:
8d:eb:97:a9:3c:21:c4:b3:54:de:4b:4a:2f:30:96:
e6:d8:1b:6b:67:15:bf:00:92:e7:ac:a2:2e:bc:e0:
04:95:0e:c4:a9:46:4b:12:2d:21:86:be:40:52:d3:
5c:d1:17:2a:60:6a:57:03:e8:99:29:d1:08:c6:a6:
bb:46:fd:5d:bf:ba:1d:30:99:52:1a:ec:55:dd:69:
30:2a:4d:62:96:6d:07:a1:1a:9f:3f:f9:30:7c:8f:
0d:f0:af:c6:9b:ae:83:9a:46:93:16:22:87:d7:41:
89:fd:d1:3e:bb:49:e1:df:25:91:3e:21:a5:24:e9:
f8:54:13:05:ca:75:23:77:04:e7:de:44:2c:5b:35:
18:2c:d2:da:fc:90:5e:6a:b0:ac:88:1c:b0:75:8a:
4a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5F:3B:08:C4:03:32:50:B7:34:B2:5A:87:09:80:B3:0D:7B:FF:CF
X509v3 Authority Key Identifier:
keyid:24:CA:CC:EE:E3:5F:F8:7C:D6:78:EF:6A:92:26:2C:EF:CE:84:92:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMrM7uNf-HzWeO9qkiYs786Ekt8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/Ol87CMQDMlC3NLJahwmAsw17_88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/6670f9-418e-4275-8000-a29eb139e79d/1/JMrM7uNf-HzWeO9qkiYs786Ekt8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.112.0/21
95.130.56.0/21
109.72.192.0/20
109.238.176.0/20
176.67.64.0/20
185.11.176.0/22
185.246.4.0/22
IPv6:
2a02:d2c0::/29
Signature Algorithm: sha256WithRSAEncryption
00:0a:cb:2a:ad:a3:96:28:f1:7a:9c:f3:66:1d:dc:7f:ff:33:
dd:aa:08:e7:fb:2f:b0:bc:1f:ad:67:68:dd:20:49:87:03:c5:
42:ae:84:d3:2e:aa:6c:5f:cc:bb:1e:68:c9:4a:02:83:af:e1:
b8:18:2e:80:fc:9a:87:68:1f:10:ec:1b:ba:fe:f5:3e:8f:d4:
4f:cf:e4:b3:bb:27:ce:c7:46:c6:af:c0:9d:67:47:41:3f:cb:
fe:95:fc:fa:1e:92:b0:af:d5:2e:e3:bd:8c:16:18:6b:b1:5b:
ff:4d:cb:86:71:5f:a6:68:6a:ce:38:d8:24:14:c2:98:b8:d6:
ba:f9:c3:ed:79:97:8a:d2:90:20:09:ae:6a:0e:73:c0:83:6f:
3a:ee:78:fe:07:7b:ba:af:cb:01:5a:55:91:38:38:3e:0d:3e:
a7:23:ab:ae:d1:c5:b8:f6:db:09:8c:3a:3f:63:3f:d7:b7:ac:
24:c2:3c:fd:5c:58:c3:37:ea:a5:a6:dd:3f:3c:a2:c5:70:c0:
01:0d:c0:b1:1b:9f:b5:9c:86:df:dd:92:b6:dd:6a:ae:3e:e9:
94:9a:c1:5d:29:b0:c2:46:56:ac:c1:5b:eb:95:33:82:ea:d6:
1f:22:1c:0f:2a:70:19:86:82:e4:7b:e6:82:76:6f:cc:29:61:
c9:3e:23:9c
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY9bo90jSddcWNTuQPUQTHkdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2FjY2VlZTM1ZmY4N2NkNjc4ZWY2YTkyMjYyY2VmY2U4
NDkyZGYwHhcNMjQwNTA5MDQzNjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTVmM2IwOGM0MDMzMjUwYjczNGIyNWE4NzA5ODBiMzBkN2JmZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmeNVAQGT4Z+jBBhGh4TgOpH6SEX
45HrQ5J2HELXqWKB7QKEkXnnri1Vm8G6xQxzFI2j9V/Q7ppvZJq0Ci8Y2R323hMH
NM8eib0A0GDToezaYd81H/Xd+A9G1fF8bqZcivU0Lhy+MOuN65epPCHEs1TeS0ov
MJbm2BtrZxW/AJLnrKIuvOAElQ7EqUZLEi0hhr5AUtNc0RcqYGpXA+iZKdEIxqa7
Rv1dv7odMJlSGuxV3WkwKk1ilm0HoRqfP/kwfI8N8K/Gm66DmkaTFiKH10GJ/dE+
u0nh3yWRPiGlJOn4VBMFynUjdwTn3kQsWzUYLNLa/JBearCsiBywdYpKBwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFDpfOwjEAzJQtzSyWocJgLMNe//PMB8GA1UdIwQY
MBaAFCTKzO7jX/h81njvapImLO/OhJLfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAt
YTI5ZWIxMzllNzlkLzEvT2w4N0NNUURNbEMzTkxKYWh3bUFzdzE3Xzg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy82NjcwZjktNDE4ZS00Mjc1LTgwMDAtYTI5ZWIxMzllNzlk
LzEvSk1yTTd1TmYtSHpXZU85cWtpWXM3ODZFa3Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDBRdwAwQD
X4I4AwQEbUjAAwQEbe6wAwQEsENAAwQCuQuwAwQCufYEMA0EAgACMAcDBQMqAtLA
MA0GCSqGSIb3DQEBCwUAA4IBAQAACssqraOWKPF6nPNmHdx//zPdqgjn+y+wvB+t
Z2jdIEmHA8VCroTTLqpsX8y7HmjJSgKDr+G4GC6A/JqHaB8Q7Bu6/vU+j9RPz+Sz
uyfOx0bGr8CdZ0dBP8v+lfz6HpKwr9Uu472MFhhrsVv/TcuGcV+maGrOONgkFMKY
uNa6+cPteZeK0pAgCa5qDnPAg2867nj+B3u6r8sBWlWRODg+DT6nI6uu0cW49tsJ
jDo/Yz/Xt6wkwjz9XFjDN+qlpt0/PKLFcMABDcCxG5+1nIbf3ZK23WquPumUmsFd
KbDCRlaswVvrlTOC6tYfIhwPKnAZhoLke+aCdm/MKWHJPiOc
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:25:28 2024 by rpki-client on console-ams.rpki-client.org