Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/oLTA5uAbHaW-rqmfXdWGx41PKaI.roa
File: oLTA5uAbHaW-rqmfXdWGx41PKaI.roa (raw, json)
Hash identifier: wcKLT6IhwQFh331mMwQAM0DsxSLgz2VekfqZSEk2D2M=
Subject key identifier: A0:B4:C0:E6:E0:1B:1D:A5:BE:AE:A9:9F:5D:D5:86:C7:8D:4F:29:A2
Certificate issuer: /CN=ffca997d390cd6e46e0128e50d70b84e7ab6740f
Certificate serial: 0192C37A2D7D8B433BE48B31C1DCAF1FD051
Authority key identifier: FF:CA:99:7D:39:0C:D6:E4:6E:01:28:E5:0D:70:B8:4E:7A:B6:74:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_8qZfTkM1uRuASjlDXC4Tnq2dA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/oLTA5uAbHaW-rqmfXdWGx41PKaI.roa
Signing time: Fri 25 Oct 2024 11:40:17 +0000
ROA not before: Fri 25 Oct 2024 11:40:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9215
IP address blocks: 103.132.128.0/24 maxlen: 24
103.132.129.0/24 maxlen: 24
103.132.130.0/24 maxlen: 24
185.57.64.0/24 maxlen: 24
185.57.65.0/24 maxlen: 24
185.57.66.0/24 maxlen: 24
185.57.67.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/_8qZfTkM1uRuASjlDXC4Tnq2dA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/_8qZfTkM1uRuASjlDXC4Tnq2dA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/_8qZfTkM1uRuASjlDXC4Tnq2dA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:c3:7a:2d:7d:8b:43:3b:e4:8b:31:c1:dc:af:1f:d0:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffca997d390cd6e46e0128e50d70b84e7ab6740f
Validity
Not Before: Oct 25 11:40:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0b4c0e6e01b1da5beaea99f5dd586c78d4f29a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e4:ec:8b:7d:04:ae:30:c7:c8:63:0b:17:7f:
ab:0f:7a:1c:5d:d7:3e:16:68:3f:19:17:1f:cd:29:
69:38:c1:59:6f:99:ee:e1:52:61:74:27:d6:12:8b:
c7:06:e8:df:1f:e0:88:00:64:67:bb:89:f6:17:8e:
6d:a1:e5:19:0e:1d:8f:9f:90:f2:89:7d:1f:38:b1:
f5:04:ce:ca:2f:1e:b2:db:d3:7e:8c:d8:6a:7c:51:
04:b0:4d:b6:a8:57:ed:e2:a8:4f:b4:4f:3e:46:c2:
8d:62:3b:e6:5e:a9:e7:8e:f8:7b:21:85:02:48:71:
70:ae:0b:c0:e1:6e:9d:3d:31:80:0f:e9:c3:e8:3f:
dd:8c:97:2a:0d:c9:c2:2b:66:17:16:cf:85:ea:67:
25:e8:1e:a8:3e:8c:85:29:44:d8:cd:92:3b:de:50:
69:72:c0:02:3d:06:29:23:d6:b8:3d:fc:95:ec:f6:
35:c0:31:11:0c:96:cf:92:fb:c3:22:b3:9e:a9:e6:
52:8b:0d:86:15:83:b7:97:3a:54:32:9f:d1:2a:34:
dd:60:6b:b6:e0:75:be:26:09:8b:d1:1f:40:d6:1a:
be:b4:14:d6:b5:9b:c5:22:cd:10:a7:a5:ab:14:e8:
f2:01:8f:5d:0e:7d:2c:ed:9a:ae:5f:90:43:b9:0d:
cc:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B4:C0:E6:E0:1B:1D:A5:BE:AE:A9:9F:5D:D5:86:C7:8D:4F:29:A2
X509v3 Authority Key Identifier:
keyid:FF:CA:99:7D:39:0C:D6:E4:6E:01:28:E5:0D:70:B8:4E:7A:B6:74:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_8qZfTkM1uRuASjlDXC4Tnq2dA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/oLTA5uAbHaW-rqmfXdWGx41PKaI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/af0a2a-7ebf-4dc0-a319-819b7a7ec434/1/_8qZfTkM1uRuASjlDXC4Tnq2dA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.132.128.0-103.132.130.255
185.57.64.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:07:41:ee:18:e3:46:90:51:83:7a:f9:94:ed:c3:82:64:d7:
aa:00:59:e5:79:9a:5b:c0:ae:c9:12:8a:a9:fc:57:8b:d2:7a:
48:b2:a8:1a:fc:2c:57:9d:08:3c:ea:c9:43:59:76:80:6b:d5:
36:77:48:54:ec:0a:e2:55:6a:fc:e3:38:6e:03:7d:33:67:8e:
49:25:51:ec:bc:58:96:eb:a7:7e:f4:88:cc:34:13:bc:4e:4d:
82:b5:b0:37:8b:27:47:0a:2d:f6:33:fb:ef:f0:01:11:6f:1f:
86:34:95:51:0b:78:50:c9:e5:34:85:50:a6:f8:c8:b8:72:e7:
20:24:03:8a:b8:4c:ef:82:d7:fc:94:39:69:2b:4d:c1:e0:c5:
55:24:0d:8e:db:da:df:bf:c7:e4:ad:65:38:cd:51:8e:52:b1:
4f:29:f1:33:73:a6:3c:4f:ae:01:70:70:99:64:70:03:5c:dc:
ae:b3:6f:09:86:42:aa:85:63:82:45:7f:dc:c2:a5:d6:4e:33:
b8:39:45:18:4c:16:e4:1f:dc:a3:98:09:1e:2b:83:8d:fc:fd:
42:2c:4a:5a:e5:fa:3b:04:a2:98:04:6a:f2:66:98:95:44:9f:
b9:eb:1c:8e:18:8c:ba:35:85:77:83:f3:e8:55:68:f3:37:37:
f0:50:fe:a4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZLDei19i0M75IsxwdyvH9BRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmY2E5OTdkMzkwY2Q2ZTQ2ZTAxMjhlNTBkNzBiODRlN2Fi
Njc0MGYwHhcNMjQxMDI1MTE0MDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGI0YzBlNmUwMWIxZGE1YmVhZWE5OWY1ZGQ1ODZjNzhkNGYyOWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+Tsi30ErjDHyGMLF3+rD3ocXdc+
Fmg/GRcfzSlpOMFZb5nu4VJhdCfWEovHBujfH+CIAGRnu4n2F45toeUZDh2Pn5Dy
iX0fOLH1BM7KLx6y29N+jNhqfFEEsE22qFft4qhPtE8+RsKNYjvmXqnnjvh7IYUC
SHFwrgvA4W6dPTGAD+nD6D/djJcqDcnCK2YXFs+F6mcl6B6oPoyFKUTYzZI73lBp
csACPQYpI9a4PfyV7PY1wDERDJbPkvvDIrOeqeZSiw2GFYO3lzpUMp/RKjTdYGu2
4HW+JgmL0R9A1hq+tBTWtZvFIs0Qp6WrFOjyAY9dDn0s7ZquX5BDuQ3M6wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKC0wObgGx2lvq6pn13VhseNTymiMB8GA1UdIwQY
MBaAFP/KmX05DNbkbgEo5Q1wuE56tnQPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzhxWmZUa00xdVJ1QVNqbERYQzRUbnEyZEE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9hZjBhMmEtN2ViZi00ZGMwLWEzMTkt
ODE5YjdhN2VjNDM0LzEvb0xUQTV1QWJIYVctcnFtZlhkV0d4NDFQS2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9hZjBhMmEtN2ViZi00ZGMwLWEzMTktODE5YjdhN2VjNDM0
LzEvXzhxWmZUa00xdVJ1QVNqbERYQzRUbnEyZEE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAdnhIAD
BABnhIIDBAK5OUAwDQYJKoZIhvcNAQELBQADggEBALIHQe4Y40aQUYN6+ZTtw4Jk
16oAWeV5mlvArskSiqn8V4vSekiyqBr8LFedCDzqyUNZdoBr1TZ3SFTsCuJVavzj
OG4DfTNnjkklUey8WJbrp370iMw0E7xOTYK1sDeLJ0cKLfYz++/wARFvH4Y0lVEL
eFDJ5TSFUKb4yLhy5yAkA4q4TO+C1/yUOWkrTcHgxVUkDY7b2t+/x+StZTjNUY5S
sU8p8TNzpjxPrgFwcJlkcANc3K6zbwmGQqqFY4JFf9zCpdZOM7g5RRhMFuQf3KOY
CR4rg438/UIsSlrl+jsEopgEavJmmJVEn7nrHI4YjLo1hXeD8+hVaPM3N/BQ/qQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:17:10 2024 by rpki-client on console-fra.rpki-client.org