Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/OLvNTFgwrP0V-f497z9QcSZ7J9E.roa
File: OLvNTFgwrP0V-f497z9QcSZ7J9E.roa (raw, json)
Hash identifier: aY6bfFgo6QwX7aHfPcJ+6mkAfRzcLQ3A6Hx/FzRy5H8=
Subject key identifier: 38:BB:CD:4C:58:30:AC:FD:15:F9:FE:3D:EF:3F:50:71:26:7B:27:D1
Certificate issuer: /CN=0467a56211b21e9ac7cdc8fb639f310a92c2104c
Certificate serial: 018CC801AC2199D8BB0CA553ADC4691D323B
Authority key identifier: 04:67:A5:62:11:B2:1E:9A:C7:CD:C8:FB:63:9F:31:0A:92:C2:10:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/OLvNTFgwrP0V-f497z9QcSZ7J9E.roa
Signing time: Tue 02 Jan 2024 02:30:01 +0000
ROA not before: Tue 02 Jan 2024 02:30:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49535
IP address blocks: 185.151.125.0/24 maxlen: 24
185.151.124.0/24 maxlen: 24
185.151.124.0/22 maxlen: 22
188.94.192.0/21 maxlen: 21
188.94.192.0/24 maxlen: 24
188.94.195.0/24 maxlen: 24
188.94.198.0/24 maxlen: 24
188.94.194.0/24 maxlen: 24
188.94.197.0/24 maxlen: 24
188.94.193.0/24 maxlen: 24
188.94.196.0/24 maxlen: 24
188.94.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:ac:21:99:d8:bb:0c:a5:53:ad:c4:69:1d:32:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0467a56211b21e9ac7cdc8fb639f310a92c2104c
Validity
Not Before: Jan 2 02:30:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=38bbcd4c5830acfd15f9fe3def3f5071267b27d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:0d:a3:8b:53:fb:7f:3a:b5:70:5c:a2:36:05:
e7:a3:99:74:1d:04:76:77:9b:bc:ed:05:d2:22:02:
03:21:18:58:b6:57:c6:7a:c6:f3:e6:7a:10:4b:91:
ac:75:10:77:28:46:d4:28:25:6a:47:41:7c:0a:73:
0c:9d:e6:cf:78:8c:f6:87:e3:af:10:bc:7f:7e:48:
ae:15:d7:7a:37:6d:20:08:ba:82:7d:e2:8b:ef:e6:
71:b2:44:bb:da:f0:7f:86:65:7b:35:98:16:b4:e4:
56:6a:02:d8:14:54:a1:4b:75:19:9d:db:f9:62:a7:
dd:ca:43:4f:69:1e:08:d5:a7:80:65:ff:16:4a:dd:
e1:4c:82:90:5e:a2:c1:43:d8:bd:e6:c5:7f:2f:fc:
32:ea:36:d8:09:c1:d1:e3:ad:4f:0d:90:9f:3f:cf:
89:88:70:f3:cf:3e:3b:b8:de:20:85:67:b1:80:12:
d0:de:0e:0b:c4:0e:48:5f:e0:ca:76:89:b1:c6:31:
4e:43:46:1c:6c:52:41:79:90:b1:38:76:61:55:d6:
0d:b4:f6:ac:b9:bf:c0:00:a3:3a:60:b7:39:84:8e:
3e:0b:5b:89:35:c5:43:7c:ce:63:9b:fa:14:c1:73:
45:b0:bf:60:9d:84:1f:ee:a3:10:e2:9f:2a:0a:e0:
f2:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:BB:CD:4C:58:30:AC:FD:15:F9:FE:3D:EF:3F:50:71:26:7B:27:D1
X509v3 Authority Key Identifier:
keyid:04:67:A5:62:11:B2:1E:9A:C7:CD:C8:FB:63:9F:31:0A:92:C2:10:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BGelYhGyHprHzcj7Y58xCpLCEEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/OLvNTFgwrP0V-f497z9QcSZ7J9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/045c4b-c0d7-4778-9f44-823ad2c2f5f1/1/BGelYhGyHprHzcj7Y58xCpLCEEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.151.124.0/22
188.94.192.0/21
Signature Algorithm: sha256WithRSAEncryption
44:1e:c1:99:16:47:6b:70:f9:f4:25:9f:3c:57:f3:f6:eb:ee:
73:ac:fe:6a:e0:e7:8c:2b:38:db:5a:07:8e:64:b5:00:b9:fb:
0e:82:87:f8:87:05:2b:0a:e0:37:48:38:cb:df:22:20:29:c5:
e7:da:83:dc:df:82:d2:02:70:d7:f4:8b:2a:42:17:d2:15:d5:
e3:d0:ca:c2:52:55:a8:e9:2f:6b:a0:19:06:66:4b:6f:bd:8f:
78:94:ff:0c:14:a4:85:bd:f2:c1:11:03:d8:fe:d2:0b:d0:6b:
24:f8:a1:ef:8c:91:68:21:48:dd:1a:78:a0:ef:1c:43:27:ce:
ef:3e:8d:01:96:76:33:4d:87:8e:7d:2c:8e:8f:42:6b:17:86:
d0:8b:b1:5f:e7:41:3f:9a:6a:80:f0:6b:53:cc:27:fe:7e:31:
02:04:29:c7:76:53:61:20:ae:45:aa:43:12:f2:36:ec:e0:6c:
72:8f:89:e6:4f:8e:61:3c:52:5e:81:9f:d3:27:07:d8:24:ec:
6a:52:3b:2c:5f:8e:da:c7:0b:d3:fc:f9:4c:8e:b9:f4:61:54:
e1:52:87:7c:b3:33:78:de:22:87:70:31:72:fb:7e:09:c7:9e:
15:6f:42:2c:77:28:57:47:c9:6e:24:a4:f6:c7:1b:2a:d7:54:
2d:6c:6f:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAawhmdi7DKVTrcRpHTI7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0NjdhNTYyMTFiMjFlOWFjN2NkYzhmYjYzOWYzMTBhOTJj
MjEwNGMwHhcNMjQwMTAyMDIzMDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGJiY2Q0YzU4MzBhY2ZkMTVmOWZlM2RlZjNmNTA3MTI2N2IyN2QxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkA2ji1P7fzq1cFyiNgXno5l0HQR2
d5u87QXSIgIDIRhYtlfGesbz5noQS5GsdRB3KEbUKCVqR0F8CnMMnebPeIz2h+Ov
ELx/fkiuFdd6N20gCLqCfeKL7+ZxskS72vB/hmV7NZgWtORWagLYFFShS3UZndv5
YqfdykNPaR4I1aeAZf8WSt3hTIKQXqLBQ9i95sV/L/wy6jbYCcHR461PDZCfP8+J
iHDzzz47uN4ghWexgBLQ3g4LxA5IX+DKdomxxjFOQ0YcbFJBeZCxOHZhVdYNtPas
ub/AAKM6YLc5hI4+C1uJNcVDfM5jm/oUwXNFsL9gnYQf7qMQ4p8qCuDytQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFDi7zUxYMKz9Ffn+Pe8/UHEmeyfRMB8GA1UdIwQY
MBaAFARnpWIRsh6ax83I+2OfMQqSwhBMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkdlbFloR3lIcHJIemNqN1k1OHhDcExDRUV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8wNDVjNGItYzBkNy00Nzc4LTlmNDQt
ODIzYWQyYzJmNWYxLzEvT0x2TlRGZ3dyUDBWLWY0OTd6OVFjU1o3SjlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8wNDVjNGItYzBkNy00Nzc4LTlmNDQtODIzYWQyYzJmNWYx
LzEvQkdlbFloR3lIcHJIemNqN1k1OHhDcExDRUV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuZd8AwQD
vF7AMA0GCSqGSIb3DQEBCwUAA4IBAQBEHsGZFkdrcPn0JZ88V/P26+5zrP5q4OeM
KzjbWgeOZLUAufsOgof4hwUrCuA3SDjL3yIgKcXn2oPc34LSAnDX9IsqQhfSFdXj
0MrCUlWo6S9roBkGZktvvY94lP8MFKSFvfLBEQPY/tIL0Gsk+KHvjJFoIUjdGnig
7xxDJ87vPo0BlnYzTYeOfSyOj0JrF4bQi7Ff50E/mmqA8GtTzCf+fjECBCnHdlNh
IK5FqkMS8jbs4Gxyj4nmT45hPFJegZ/TJwfYJOxqUjssX47axwvT/PlMjrn0YVTh
Uod8szN43iKHcDFy+34Jx54Vb0IsdyhXR8luJKT2xxsq11QtbG9G
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:17:01 2024 by rpki-client on console-ams.rpki-client.org