Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/OlC2H8k-k1VXgKG6_wIh8Cpx7aQ.roa
File: OlC2H8k-k1VXgKG6_wIh8Cpx7aQ.roa (raw, json)
Hash identifier: XMhQk38nu3KaowMIwVI6XRU6bYW+sTNwmpT56OzJMM0=
Subject key identifier: 3A:50:B6:1F:C9:3E:93:55:57:80:A1:BA:FF:02:21:F0:2A:71:ED:A4
Certificate issuer: /CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Certificate serial: 018CC492DB0DFAAE3CB92B24DC5F797C5EAA
Authority key identifier: 81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/OlC2H8k-k1VXgKG6_wIh8Cpx7aQ.roa
Signing time: Mon 01 Jan 2024 10:30:07 +0000
ROA not before: Mon 01 Jan 2024 10:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51469
IP address blocks: 5.160.116.0/22 maxlen: 22
5.160.132.0/22 maxlen: 22
5.160.144.0/23 maxlen: 23
5.160.142.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.mft
rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:db:0d:fa:ae:3c:b9:2b:24:dc:5f:79:7c:5e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81cca9f15e1921953a628c8ad2ac4be977b6c303
Validity
Not Before: Jan 1 10:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a50b61fc93e93555780a1baff0221f02a71eda4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:2c:40:4e:a0:a1:28:b9:bb:32:7f:4a:6f:87:
cd:6a:71:a3:cf:29:cf:e6:c0:45:8e:55:5b:d6:b0:
a0:f3:f3:67:a5:f4:3e:1e:be:41:54:f2:7c:c1:4a:
7b:9c:68:41:22:29:d1:7c:31:86:c5:38:7d:31:60:
0b:8f:79:a1:40:67:72:3c:02:19:98:ed:ac:e3:4f:
da:67:4c:a1:08:d1:cf:6b:dd:38:29:43:12:d8:5e:
b4:a4:d8:ba:14:21:7d:34:8f:84:2b:32:15:62:2e:
d4:f2:0e:90:41:fb:a9:24:c3:05:53:25:b5:cf:69:
55:0d:ae:e6:34:3c:2a:af:ec:06:9f:f8:c6:70:c8:
5f:7b:74:39:4d:30:af:c6:de:97:f7:28:10:9c:8c:
ad:99:cb:f8:3f:6c:a9:04:44:e8:d8:38:30:5b:33:
26:c7:65:f1:d7:15:39:df:1c:67:f4:1e:8a:f6:db:
54:47:cc:13:6a:7c:ee:72:53:5b:18:d3:e3:56:9e:
64:19:66:f6:83:ae:0c:23:b8:19:bf:a5:7e:4f:7f:
68:6e:cd:73:7f:d1:d7:9b:84:c8:90:c3:7c:84:68:
5e:98:a1:6f:f8:98:1a:3f:8e:ec:9e:24:ad:29:82:
d1:df:af:fa:8a:c4:88:4a:78:7b:83:94:7c:26:13:
c9:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:50:B6:1F:C9:3E:93:55:57:80:A1:BA:FF:02:21:F0:2A:71:ED:A4
X509v3 Authority Key Identifier:
keyid:81:CC:A9:F1:5E:19:21:95:3A:62:8C:8A:D2:AC:4B:E9:77:B6:C3:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/OlC2H8k-k1VXgKG6_wIh8Cpx7aQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/1ea2b0-6b9a-44d7-a2e5-2206cc2e691c/1/gcyp8V4ZIZU6YoyK0qxL6Xe2wwM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.160.116.0/22
5.160.132.0/22
5.160.142.0-5.160.145.255
Signature Algorithm: sha256WithRSAEncryption
24:ad:8f:97:08:9c:83:47:8a:f1:3a:d6:83:e0:15:81:a1:04:
ee:e2:be:48:0d:83:55:7d:19:b3:e7:9a:0e:46:02:c7:df:c0:
28:3f:7c:4f:5d:13:9a:c0:c4:fe:ab:0f:ec:e1:a7:95:b2:7c:
8f:44:a1:6c:71:ee:c0:0c:c7:bb:ee:95:a2:ce:7d:62:51:20:
7f:4a:0a:ea:ef:41:02:d0:e9:7e:c1:c9:f2:b6:60:ac:b8:78:
9f:dc:aa:fe:e3:43:8d:6e:2c:c7:5a:f7:e9:25:51:d9:b0:56:
85:05:57:25:05:ec:64:2f:0c:30:54:8e:cc:08:9b:ed:72:ca:
2a:36:df:50:c2:fc:cf:16:a4:a3:ec:9b:b2:e7:5d:a2:84:63:
3c:ba:c2:0e:f3:78:b9:ed:b6:4c:34:62:a6:8c:61:f5:f7:9d:
db:59:6f:39:d5:be:55:83:7f:28:2a:e2:1f:ed:6f:91:c0:f9:
02:05:9a:b9:59:60:3a:8a:ef:04:99:70:bf:3e:36:42:42:5d:
38:f3:97:c8:fd:f5:f0:64:98:8c:5f:17:43:91:3e:21:3b:de:
21:eb:41:4c:87:e1:5e:4f:8a:68:e2:98:c7:b3:83:16:aa:76:
c7:52:ff:3d:3c:f4:24:25:ed:89:1a:9b:0b:52:fc:31:ea:28:
33:91:d2:cf
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzEktsN+q48uSsk3F95fF6qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxY2NhOWYxNWUxOTIxOTUzYTYyOGM4YWQyYWM0YmU5Nzdi
NmMzMDMwHhcNMjQwMTAxMTAzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTUwYjYxZmM5M2U5MzU1NTc4MGExYmFmZjAyMjFmMDJhNzFlZGE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgixATqChKLm7Mn9Kb4fNanGjzynP
5sBFjlVb1rCg8/NnpfQ+Hr5BVPJ8wUp7nGhBIinRfDGGxTh9MWALj3mhQGdyPAIZ
mO2s40/aZ0yhCNHPa904KUMS2F60pNi6FCF9NI+EKzIVYi7U8g6QQfupJMMFUyW1
z2lVDa7mNDwqr+wGn/jGcMhfe3Q5TTCvxt6X9ygQnIytmcv4P2ypBETo2DgwWzMm
x2Xx1xU53xxn9B6K9ttUR8wTanzuclNbGNPjVp5kGWb2g64MI7gZv6V+T39obs1z
f9HXm4TIkMN8hGhemKFv+JgaP47sniStKYLR36/6isSISnh7g5R8JhPJQQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDpQth/JPpNVV4Chuv8CIfAqce2kMB8GA1UdIwQY
MBaAFIHMqfFeGSGVOmKMitKsS+l3tsMDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUt
MjIwNmNjMmU2OTFjLzEvT2xDMkg4ay1rMVZYZ0tHNl93SWg4Q3B4N2FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8xZWEyYjAtNmI5YS00NGQ3LWEyZTUtMjIwNmNjMmU2OTFj
LzEvZ2N5cDhWNFpJWlU2WW95SzBxeEw2WGUyd3dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCBaB0AwQC
BaCEMAwDBAEFoI4DBAEFoJAwDQYJKoZIhvcNAQELBQADggEBACStj5cInINHivE6
1oPgFYGhBO7ivkgNg1V9GbPnmg5GAsffwCg/fE9dE5rAxP6rD+zhp5WyfI9EoWxx
7sAMx7vulaLOfWJRIH9KCurvQQLQ6X7ByfK2YKy4eJ/cqv7jQ41uLMda9+klUdmw
VoUFVyUF7GQvDDBUjswIm+1yyio231DC/M8WpKPsm7LnXaKEYzy6wg7zeLnttkw0
YqaMYfX3ndtZbznVvlWDfygq4h/tb5HA+QIFmrlZYDqK7wSZcL8+NkJCXTjzl8j9
9fBkmIxfF0ORPiE73iHrQUyH4V5PimjimMezgxaqdsdS/z089CQl7YkamwtS/DHq
KDOR0s8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:02:25 2024 by rpki-client on console-ams.rpki-client.org