Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/Ols4Gg1RztyrddbkwX9BkktT6a4.roa
File: Ols4Gg1RztyrddbkwX9BkktT6a4.roa (raw, json)
Hash identifier: 3O+Z5Gjkb3OT71akSI1FzUSPNTuACJRcwqB/wz8lmaw=
Subject key identifier: 3A:5B:38:1A:0D:51:CE:DC:AB:75:D6:E4:C1:7F:41:92:4B:53:E9:AE
Certificate issuer: /CN=cc5911433ba206f450ac9bd065c86c96608401c1
Certificate serial: 0192EC6AE6CD4D015B0B55CC261A8A2E2F38
Authority key identifier: CC:59:11:43:3B:A2:06:F4:50:AC:9B:D0:65:C8:6C:96:60:84:01:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zFkRQzuiBvRQrJvQZchslmCEAcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/Ols4Gg1RztyrddbkwX9BkktT6a4.roa
Signing time: Sat 02 Nov 2024 10:28:01 +0000
ROA not before: Sat 02 Nov 2024 10:28:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13002
IP address blocks: 194.0.104.0/24 maxlen: 24
194.0.107.0/24 maxlen: 24
213.159.96.0/19 maxlen: 19
213.159.113.0/24 maxlen: 24
213.159.118.0/24 maxlen: 24
213.159.119.0/24 maxlen: 24
213.159.122.0/24 maxlen: 24
213.159.124.0/24 maxlen: 24
213.159.125.0/24 maxlen: 24
213.159.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/zFkRQzuiBvRQrJvQZchslmCEAcE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/zFkRQzuiBvRQrJvQZchslmCEAcE.mft
rsync://rpki.ripe.net/repository/DEFAULT/zFkRQzuiBvRQrJvQZchslmCEAcE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ec:6a:e6:cd:4d:01:5b:0b:55:cc:26:1a:8a:2e:2f:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc5911433ba206f450ac9bd065c86c96608401c1
Validity
Not Before: Nov 2 10:28:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a5b381a0d51cedcab75d6e4c17f41924b53e9ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:5c:da:43:81:11:dc:0e:ed:91:c0:cb:5d:bc:
e6:97:d4:0e:af:cc:f1:ce:9b:dd:75:fb:a3:6a:d5:
87:21:79:ab:60:5c:87:3d:3f:cc:cd:d6:34:53:08:
0e:46:76:ae:80:58:6d:5d:d9:7b:5f:a5:1f:05:2f:
51:a2:c6:f0:4d:70:86:69:5c:d4:54:d0:4e:15:73:
50:15:94:89:db:9e:8e:ee:6d:53:33:bc:25:bb:66:
14:38:d9:49:2f:f7:f9:0f:45:50:a0:35:6a:8c:08:
da:4d:91:70:80:34:56:a2:44:21:1f:0a:27:86:71:
25:d3:2a:32:5f:72:f7:9a:5c:d1:0a:e5:d4:e8:71:
4f:79:71:87:d6:12:a2:7e:0b:99:9c:44:4a:a9:7f:
7c:32:ad:9a:a8:8f:f9:e0:e9:14:f9:f2:bd:e1:bd:
32:d4:73:58:10:e2:1b:89:b3:73:91:c7:dc:da:41:
62:89:66:87:5e:0b:df:d4:49:da:90:1f:13:40:e3:
d5:8c:0c:ca:32:56:5e:c9:5c:64:b4:d5:a5:92:2a:
b4:ec:d8:2c:b0:ba:5c:f0:4a:70:bc:e8:01:3f:6d:
d5:ae:40:f7:bb:37:e8:30:50:83:88:39:a2:a5:8b:
f7:dd:12:0a:56:52:bc:f2:06:c1:44:65:d1:bc:c8:
fb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5B:38:1A:0D:51:CE:DC:AB:75:D6:E4:C1:7F:41:92:4B:53:E9:AE
X509v3 Authority Key Identifier:
keyid:CC:59:11:43:3B:A2:06:F4:50:AC:9B:D0:65:C8:6C:96:60:84:01:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zFkRQzuiBvRQrJvQZchslmCEAcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/Ols4Gg1RztyrddbkwX9BkktT6a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/zFkRQzuiBvRQrJvQZchslmCEAcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.104.0/24
194.0.107.0/24
213.159.96.0/19
Signature Algorithm: sha256WithRSAEncryption
4d:49:b3:cf:ce:9a:e4:68:f1:38:29:2d:58:77:24:69:96:b4:
35:4e:90:b3:f4:0b:09:e6:84:37:b6:ff:63:1d:95:b5:5b:e8:
01:2d:14:83:49:a5:ca:10:2d:af:ce:2f:2b:d7:b4:a2:c9:93:
fa:e2:85:f8:de:07:1b:2c:ad:f8:ae:9a:79:5d:a5:9e:0e:57:
4e:62:24:eb:85:4b:1d:bb:af:9c:24:62:80:0b:93:32:21:e4:
57:05:06:1b:8c:db:cc:ad:de:36:1c:94:c3:68:ab:25:0a:8f:
ef:3b:3f:2b:64:f7:e8:af:39:45:a7:6f:b3:cc:22:bf:68:a8:
12:b5:b0:27:0b:7a:0a:aa:3b:d1:e4:14:47:43:7c:94:9f:48:
ac:eb:d0:c4:17:fc:90:7a:f2:33:25:1e:26:a7:0a:c2:d2:cd:
4d:b3:18:5f:ff:7a:da:74:76:ed:07:51:f1:d1:70:44:f3:d7:
7e:92:33:b0:0d:59:44:c3:a2:8f:62:f2:a6:60:aa:11:22:ea:
0d:10:e8:e4:4f:ee:ec:e4:26:90:75:e6:3e:bd:c6:f2:a6:8a:
13:94:26:0a:61:fa:7a:80:43:b8:dd:2e:12:0f:62:e1:7c:02:
51:70:7e:ba:df:c0:76:d7:0b:d8:8d:d5:b5:53:84:e5:76:e4:
0c:e3:5a:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZLsaubNTQFbC1XMJhqKLi84MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNTkxMTQzM2JhMjA2ZjQ1MGFjOWJkMDY1Yzg2Yzk2NjA4
NDAxYzEwHhcNMjQxMTAyMTAyODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTViMzgxYTBkNTFjZWRjYWI3NWQ2ZTRjMTdmNDE5MjRiNTNlOWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01zaQ4ER3A7tkcDLXbzml9QOr8zx
zpvddfujatWHIXmrYFyHPT/MzdY0UwgORnaugFhtXdl7X6UfBS9RosbwTXCGaVzU
VNBOFXNQFZSJ256O7m1TM7wlu2YUONlJL/f5D0VQoDVqjAjaTZFwgDRWokQhHwon
hnEl0yoyX3L3mlzRCuXU6HFPeXGH1hKifguZnERKqX98Mq2aqI/54OkU+fK94b0y
1HNYEOIbibNzkcfc2kFiiWaHXgvf1EnakB8TQOPVjAzKMlZeyVxktNWlkiq07Ngs
sLpc8EpwvOgBP23VrkD3uzfoMFCDiDmipYv33RIKVlK88gbBRGXRvMj7zwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFDpbOBoNUc7cq3XW5MF/QZJLU+muMB8GA1UdIwQY
MBaAFMxZEUM7ogb0UKyb0GXIbJZghAHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekZrUlF6dWlCdlJRckp2UVpjaHNsbUNFQWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zNjBmZGQtNzZhZS00MWYxLTk4YzAt
MmIyNzUwNDM3MTlmLzEvT2xzNEdnMVJ6dHlyZGRia3dYOUJra3RUNmE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zNjBmZGQtNzZhZS00MWYxLTk4YzAtMmIyNzUwNDM3MTlm
LzEvekZrUlF6dWlCdlJRckp2UVpjaHNsbUNFQWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwgBoAwQA
wgBrAwQF1Z9gMA0GCSqGSIb3DQEBCwUAA4IBAQBNSbPPzprkaPE4KS1YdyRplrQ1
TpCz9AsJ5oQ3tv9jHZW1W+gBLRSDSaXKEC2vzi8r17SiyZP64oX43gcbLK34rpp5
XaWeDldOYiTrhUsdu6+cJGKAC5MyIeRXBQYbjNvMrd42HJTDaKslCo/vOz8rZPfo
rzlFp2+zzCK/aKgStbAnC3oKqjvR5BRHQ3yUn0is69DEF/yQevIzJR4mpwrC0s1N
sxhf/3radHbtB1Hx0XBE89d+kjOwDVlEw6KPYvKmYKoRIuoNEOjkT+7s5CaQdeY+
vcbypooTlCYKYfp6gEO43S4SD2LhfAJRcH6638B21wvYjdW1U4TlduQM41oH
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:55 2024 by rpki-client on console-fra.rpki-client.org