Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/66676a-3bac-4b6d-a638-96cd42f0f95b/1/OVS3CVGKxhTYvnLzLXWcFEXrMVM.roa
File: OVS3CVGKxhTYvnLzLXWcFEXrMVM.roa (raw, json)
Hash identifier: e8woTxmZISvLJ5aU1AwV0NfG7mylHMfT9mpmQiKMl6Q=
Subject key identifier: 39:54:B7:09:51:8A:C6:14:D8:BE:72:F3:2D:75:9C:14:45:EB:31:53
Certificate issuer: /CN=52eb03d211996e99a49e3c3f9ce4b3f2a15723c5
Certificate serial: 018CC6B936F2495A85F06E467C0502F69632
Authority key identifier: 52:EB:03:D2:11:99:6E:99:A4:9E:3C:3F:9C:E4:B3:F2:A1:57:23:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UusD0hGZbpmknjw_nOSz8qFXI8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/66676a-3bac-4b6d-a638-96cd42f0f95b/1/OVS3CVGKxhTYvnLzLXWcFEXrMVM.roa
Signing time: Mon 01 Jan 2024 20:31:16 +0000
ROA not before: Mon 01 Jan 2024 20:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47267
IP address blocks: 91.199.17.0/24 maxlen: 24
185.182.160.0/22 maxlen: 22
185.182.160.0/24 maxlen: 24
185.182.161.0/24 maxlen: 24
185.182.162.0/24 maxlen: 24
185.182.163.0/24 maxlen: 24
2a0f:eb80:1::/48 maxlen: 48
2001:67c:69c::/48 maxlen: 48
2a0f:eb80:a::/48 maxlen: 48
2a0f:eb80::/32 maxlen: 32
2a0f:eb80::/48 maxlen: 48
2a0f:eb80:f::/48 maxlen: 48
2a0f:eb80::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/66676a-3bac-4b6d-a638-96cd42f0f95b/1/UusD0hGZbpmknjw_nOSz8qFXI8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/66676a-3bac-4b6d-a638-96cd42f0f95b/1/UusD0hGZbpmknjw_nOSz8qFXI8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/UusD0hGZbpmknjw_nOSz8qFXI8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:36:f2:49:5a:85:f0:6e:46:7c:05:02:f6:96:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52eb03d211996e99a49e3c3f9ce4b3f2a15723c5
Validity
Not Before: Jan 1 20:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3954b709518ac614d8be72f32d759c1445eb3153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f2:73:e8:59:db:c5:59:03:28:eb:be:e4:6e:
b6:09:6f:5a:6b:c6:aa:f6:25:b5:83:dc:9f:61:b6:
0c:84:9c:4c:fb:03:f9:41:15:64:cc:be:e2:1b:f1:
e4:0b:68:92:1c:1a:b9:8b:6e:3c:36:f6:3e:bf:18:
d1:fd:9f:c3:ae:d6:17:a9:8a:96:39:01:de:dc:82:
d2:f9:58:5d:30:5b:c5:c8:db:06:0a:6c:21:0c:56:
8c:ea:06:97:f8:22:d8:c4:dd:93:73:e4:43:e1:e2:
5a:dd:29:0f:71:d3:db:ce:c6:7e:af:ec:77:49:99:
59:79:0b:53:c8:ea:9e:3e:f0:38:15:f9:80:df:a8:
00:01:4d:5a:b7:4c:76:85:de:97:38:ab:e2:e3:36:
89:7d:20:f3:d6:b5:10:2b:e3:e6:a7:0c:0d:aa:10:
30:8d:b4:f1:ff:98:03:30:ac:3a:19:f1:b4:83:30:
8a:51:a3:49:7a:8f:57:2f:75:5e:6c:63:c9:c9:2c:
ea:55:ea:ad:9c:1b:02:a3:98:a0:c3:11:3d:db:0d:
63:62:35:90:2c:d3:3e:d6:3e:39:22:66:b2:84:7b:
eb:9b:4d:0f:05:a1:c5:42:b9:13:1c:35:ec:bb:3e:
29:1c:9c:78:2d:38:36:24:67:5a:2a:63:71:3c:4d:
91:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:54:B7:09:51:8A:C6:14:D8:BE:72:F3:2D:75:9C:14:45:EB:31:53
X509v3 Authority Key Identifier:
keyid:52:EB:03:D2:11:99:6E:99:A4:9E:3C:3F:9C:E4:B3:F2:A1:57:23:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UusD0hGZbpmknjw_nOSz8qFXI8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/66676a-3bac-4b6d-a638-96cd42f0f95b/1/OVS3CVGKxhTYvnLzLXWcFEXrMVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/66676a-3bac-4b6d-a638-96cd42f0f95b/1/UusD0hGZbpmknjw_nOSz8qFXI8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.199.17.0/24
185.182.160.0/22
IPv6:
2001:67c:69c::/48
2a0f:eb80::/32
Signature Algorithm: sha256WithRSAEncryption
4b:88:94:64:c1:f8:6b:cc:5c:c3:af:47:0d:f9:e2:e5:6e:25:
eb:33:15:8d:57:5e:7e:58:00:41:62:de:b9:b8:39:08:bd:ec:
9b:3d:ee:74:c4:83:47:a2:06:71:c8:12:bb:a7:f1:a7:46:1b:
b3:05:c2:7b:af:77:02:8b:7f:f6:cc:b1:55:cb:52:c0:0c:7f:
d7:84:7f:1d:2b:f3:6e:da:53:44:ff:2a:75:1f:7f:93:d5:63:
cd:74:69:63:a9:9d:9c:46:a2:c2:6a:90:bf:be:ce:c4:52:2c:
3b:a8:13:65:6b:53:53:b0:ea:8c:6a:c9:be:cf:45:01:57:03:
d1:5e:42:46:95:66:45:75:86:16:81:0c:69:e3:4e:8c:a6:5c:
cc:b2:bf:31:89:68:27:8b:97:bd:6b:55:dc:6e:b9:45:7b:ab:
2d:70:85:ba:ef:84:2f:56:63:64:9d:59:5f:3f:88:f1:b6:71:
b7:c1:96:42:e8:f1:30:55:31:d2:93:06:26:3f:ac:bf:22:99:
b5:12:8f:29:65:3b:44:c8:fc:1d:71:57:88:ee:86:43:54:4f:
92:4d:fe:c9:67:e7:d6:aa:c7:58:66:71:ca:f2:1d:0f:37:fa:
f5:11:55:8e:fd:20:c8:96:8a:0f:81:96:98:a3:a3:9c:99:88:
74:ae:ba:c9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzGuTbySVqF8G5GfAUC9pYyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyZWIwM2QyMTE5OTZlOTlhNDllM2MzZjljZTRiM2YyYTE1
NzIzYzUwHhcNMjQwMTAxMjAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTU0YjcwOTUxOGFjNjE0ZDhiZTcyZjMyZDc1OWMxNDQ1ZWIzMTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfJz6FnbxVkDKOu+5G62CW9aa8aq
9iW1g9yfYbYMhJxM+wP5QRVkzL7iG/HkC2iSHBq5i248NvY+vxjR/Z/DrtYXqYqW
OQHe3ILS+VhdMFvFyNsGCmwhDFaM6gaX+CLYxN2Tc+RD4eJa3SkPcdPbzsZ+r+x3
SZlZeQtTyOqePvA4FfmA36gAAU1at0x2hd6XOKvi4zaJfSDz1rUQK+PmpwwNqhAw
jbTx/5gDMKw6GfG0gzCKUaNJeo9XL3VebGPJySzqVeqtnBsCo5igwxE92w1jYjWQ
LNM+1j45ImayhHvrm00PBaHFQrkTHDXsuz4pHJx4LTg2JGdaKmNxPE2RpwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDlUtwlRisYU2L5y8y11nBRF6zFTMB8GA1UdIwQY
MBaAFFLrA9IRmW6ZpJ48P5zks/KhVyPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXVzRDBoR1picG1rbmp3X25PU3o4cUZYSThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC82NjY3NmEtM2JhYy00YjZkLWE2Mzgt
OTZjZDQyZjBmOTViLzEvT1ZTM0NWR0t4aFRZdm5MekxYV2NGRVhyTVZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC82NjY3NmEtM2JhYy00YjZkLWE2MzgtOTZjZDQyZjBmOTVi
LzEvVXVzRDBoR1picG1rbmp3X25PU3o4cUZYSThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAW8cRAwQC
ubagMBYEAgACMBADBwAgAQZ8BpwDBQAqD+uAMA0GCSqGSIb3DQEBCwUAA4IBAQBL
iJRkwfhrzFzDr0cN+eLlbiXrMxWNV15+WABBYt65uDkIveybPe50xINHogZxyBK7
p/GnRhuzBcJ7r3cCi3/2zLFVy1LADH/XhH8dK/Nu2lNE/yp1H3+T1WPNdGljqZ2c
RqLCapC/vs7EUiw7qBNla1NTsOqMasm+z0UBVwPRXkJGlWZFdYYWgQxp406MplzM
sr8xiWgni5e9a1XcbrlFe6stcIW674QvVmNknVlfP4jxtnG3wZZC6PEwVTHSkwYm
P6y/Ipm1Eo8pZTtEyPwdcVeI7oZDVE+STf7JZ+fWqsdYZnHK8h0PN/r1EVWO/SDI
looPgZaYo6OcmYh0rrrJ
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:35:16 2024 by rpki-client on console-fra.rpki-client.org