Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/oLLrOREu5kuekV7PI7fsUOSwp_0.roa
File: oLLrOREu5kuekV7PI7fsUOSwp_0.roa (raw, json)
Hash identifier: gFrOqR2sj0eZxzzb+9bug3RB4GuzukRqYdyYqCDZlbI=
Subject key identifier: A0:B2:EB:39:11:2E:E6:4B:9E:91:5E:CF:23:B7:EC:50:E4:B0:A7:FD
Certificate issuer: /CN=6eab53640b0931924b73f760925845150a6ccca5
Certificate serial: 0192B93C1B6CDE42F147CE0D1EA01981CA93
Authority key identifier: 6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/oLLrOREu5kuekV7PI7fsUOSwp_0.roa
Signing time: Wed 23 Oct 2024 11:56:16 +0000
ROA not before: Wed 23 Oct 2024 11:56:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57794
IP address blocks: 37.98.192.0/21 maxlen: 21
37.98.192.0/22 maxlen: 22
37.98.196.0/22 maxlen: 22
82.192.2.0/23 maxlen: 23
82.192.2.0/24 maxlen: 24
82.192.3.0/24 maxlen: 24
185.92.164.0/22 maxlen: 24
188.117.192.0/21 maxlen: 21
188.117.192.0/22 maxlen: 22
188.117.196.0/22 maxlen: 22
188.117.216.0/22 maxlen: 22
188.117.216.0/23 maxlen: 23
188.117.218.0/23 maxlen: 23
188.117.224.0/21 maxlen: 22
188.117.232.0/21 maxlen: 22
188.117.240.0/22 maxlen: 22
188.117.240.0/23 maxlen: 23
188.117.242.0/23 maxlen: 23
188.117.248.0/22 maxlen: 22
188.117.248.0/23 maxlen: 23
188.117.250.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:3c:1b:6c:de:42:f1:47:ce:0d:1e:a0:19:81:ca:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6eab53640b0931924b73f760925845150a6ccca5
Validity
Not Before: Oct 23 11:56:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0b2eb39112ee64b9e915ecf23b7ec50e4b0a7fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:f3:5f:ae:18:de:02:97:0e:bc:00:44:82:87:
cb:13:d4:4f:85:ea:c8:f0:97:c7:e0:21:e5:30:96:
91:fa:3f:c0:c2:27:ef:42:68:34:e9:63:97:5f:15:
fb:01:3e:44:ea:a8:2e:c1:86:a4:3c:e0:aa:b3:79:
b6:0a:29:5b:fb:35:9f:9f:72:df:1a:20:c4:92:b0:
6d:14:2c:45:d6:52:3a:f1:d6:d1:64:a3:3b:55:7f:
e5:a2:08:0a:8b:9b:2e:3c:44:22:8f:ce:6b:69:62:
e8:61:17:11:4b:bd:fc:72:ab:f4:70:f9:90:e2:f1:
17:91:84:77:3c:08:7d:ca:51:94:9a:40:5b:98:47:
07:c6:7f:cc:75:a7:53:77:b5:86:3f:74:45:b8:7f:
45:c7:1d:a3:0b:27:f1:1d:04:74:6b:e0:dc:91:59:
a4:72:be:1e:d4:71:67:bc:78:0b:16:ac:71:51:6d:
fe:58:05:5b:60:1b:b1:74:87:95:aa:d5:64:54:f7:
62:d3:4c:bd:e8:7f:6b:87:b5:fa:f2:c0:75:c3:ac:
d1:8f:98:4b:bf:d1:27:d5:8b:93:e3:13:da:63:bd:
e3:8b:c6:1b:f4:05:6a:50:5e:98:46:12:c7:7a:61:
1e:94:89:41:92:5f:f9:89:57:0a:d0:e0:61:79:87:
64:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B2:EB:39:11:2E:E6:4B:9E:91:5E:CF:23:B7:EC:50:E4:B0:A7:FD
X509v3 Authority Key Identifier:
keyid:6E:AB:53:64:0B:09:31:92:4B:73:F7:60:92:58:45:15:0A:6C:CC:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bqtTZAsJMZJLc_dgklhFFQpszKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/oLLrOREu5kuekV7PI7fsUOSwp_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/2a38e6-294e-4fa3-a5a0-53046323951f/1/bqtTZAsJMZJLc_dgklhFFQpszKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.98.192.0/21
82.192.2.0/23
185.92.164.0/22
188.117.192.0/21
188.117.216.0/22
188.117.224.0-188.117.243.255
188.117.248.0/22
Signature Algorithm: sha256WithRSAEncryption
85:2b:77:4a:c6:b3:e5:93:65:8b:fb:8c:34:39:8e:4b:ef:70:
dc:99:f5:34:37:0b:7e:05:28:d3:de:bd:36:1b:c5:c9:b5:5b:
cc:cb:1a:d5:2b:7b:08:d6:26:3f:47:70:e7:19:58:de:12:25:
2e:3f:13:35:6e:4f:fa:21:b1:3d:9b:77:b0:84:11:ce:8b:49:
66:94:e3:64:31:00:6f:78:d9:09:4c:44:58:96:a4:db:c3:f5:
e5:2e:f3:47:36:12:ba:a8:b9:c2:0f:19:af:85:e6:1d:13:36:
75:96:74:16:6e:c5:22:f0:ed:dd:fb:9a:43:6b:75:dc:24:9a:
4d:a8:1c:ec:c5:71:b1:01:a8:ba:01:60:eb:7b:82:34:9c:85:
87:89:49:04:9d:f1:f5:7f:d9:64:18:5e:4f:8a:14:df:81:01:
bb:45:1e:b1:2c:7f:07:b1:cd:fa:a7:e9:e8:f1:f3:6a:90:16:
9a:d6:12:4c:77:70:74:1a:26:6c:d9:b0:04:3c:22:b5:1e:d4:
0e:f7:b5:9b:12:d6:2c:e9:ce:c6:8f:f7:7b:00:1d:d9:d3:97:
76:6a:46:7b:fd:2f:8b:a8:2e:0d:45:1f:38:ab:0d:93:99:3a:
73:57:6e:25:88:35:d4:54:00:9e:52:b9:17:04:07:34:cb:c1:
db:29:ce:0e
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZK5PBts3kLxR84NHqAZgcqTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlYWI1MzY0MGIwOTMxOTI0YjczZjc2MDkyNTg0NTE1MGE2
Y2NjYTUwHhcNMjQxMDIzMTE1NjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGIyZWIzOTExMmVlNjRiOWU5MTVlY2YyM2I3ZWM1MGU0YjBhN2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0vNfrhjeApcOvABEgofLE9RPherI
8JfH4CHlMJaR+j/AwifvQmg06WOXXxX7AT5E6qguwYakPOCqs3m2Cilb+zWfn3Lf
GiDEkrBtFCxF1lI68dbRZKM7VX/loggKi5suPEQij85raWLoYRcRS738cqv0cPmQ
4vEXkYR3PAh9ylGUmkBbmEcHxn/MdadTd7WGP3RFuH9Fxx2jCyfxHQR0a+DckVmk
cr4e1HFnvHgLFqxxUW3+WAVbYBuxdIeVqtVkVPdi00y96H9rh7X68sB1w6zRj5hL
v9En1YuT4xPaY73ji8Yb9AVqUF6YRhLHemEelIlBkl/5iVcK0OBheYdk/wIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFKCy6zkRLuZLnpFezyO37FDksKf9MB8GA1UdIwQY
MBaAFG6rU2QLCTGSS3P3YJJYRRUKbMylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAt
NTMwNDYzMjM5NTFmLzEvb0xMck9SRXU1a3Vla1Y3UEk3ZnNVT1N3cF8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC8yYTM4ZTYtMjk0ZS00ZmEzLWE1YTAtNTMwNDYzMjM5NTFm
LzEvYnF0VFpBc0pNWkpMY19kZ2tsaEZGUXBzektVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQDJWLAAwQB
UsACAwQCuVykAwQDvHXAAwQCvHXYMAwDBAW8deADBAK8dfADBAK8dfgwDQYJKoZI
hvcNAQELBQADggEBAIUrd0rGs+WTZYv7jDQ5jkvvcNyZ9TQ3C34FKNPevTYbxcm1
W8zLGtUrewjWJj9HcOcZWN4SJS4/EzVuT/ohsT2bd7CEEc6LSWaU42QxAG942QlM
RFiWpNvD9eUu80c2ErqoucIPGa+F5h0TNnWWdBZuxSLw7d37mkNrddwkmk2oHOzF
cbEBqLoBYOt7gjSchYeJSQSd8fV/2WQYXk+KFN+BAbtFHrEsfwexzfqn6ejx82qQ
FprWEkx3cHQaJmzZsAQ8IrUe1A73tZsS1izpzsaP93sAHdnTl3ZqRnv9L4uoLg1F
HzirDZOZOnNXbiWINdRUAJ5SuRcEBzTLwdspzg4=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:16:49 2024 by rpki-client on console-fra.rpki-client.org