Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/OSScol1-bP3VEn_SL6F8h6uqzO8.roa
File: OSScol1-bP3VEn_SL6F8h6uqzO8.roa (raw, json)
Hash identifier: vFFDlHjBl6SASDvYvWpFUUL4scasD3MeZcoiHhrzBmw=
Subject key identifier: 39:24:9C:A2:5D:7E:6C:FD:D5:12:7F:D2:2F:A1:7C:87:AB:AA:CC:EF
Certificate issuer: /CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Certificate serial: 019363FDAEAB75B76EBB788442D856D4157D
Authority key identifier: E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/OSScol1-bP3VEn_SL6F8h6uqzO8.roa
Signing time: Mon 25 Nov 2024 15:43:09 +0000
ROA not before: Mon 25 Nov 2024 15:43:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199724
IP address blocks: 45.10.56.0/24 maxlen: 24
2a0f:c780::/32 maxlen: 32
2a0f:c781::/32 maxlen: 32
2a0f:c782::/32 maxlen: 32
2a0f:c783::/32 maxlen: 32
2a0f:c784::/32 maxlen: 32
2a0f:c785::/32 maxlen: 32
2a0f:c786::/32 maxlen: 32
2a0f:c787::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.mft
rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:63:fd:ae:ab:75:b7:6e:bb:78:84:42:d8:56:d4:15:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0559ce889ae4241121fe0a1653e4b955f3edf4b
Validity
Not Before: Nov 25 15:43:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39249ca25d7e6cfdd5127fd22fa17c87abaaccef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:3d:ee:0e:3e:60:08:77:2e:ee:d1:89:c6:e0:
37:05:3e:0e:4d:01:88:b0:ef:cc:ad:7b:0c:e2:8f:
c5:68:cc:ff:e5:83:d2:c1:b4:b4:20:32:2e:ac:ad:
69:02:f9:16:18:6f:a5:a5:67:d4:44:1d:bd:99:5c:
39:21:38:33:9d:16:3d:c1:91:08:da:6a:2d:97:5d:
a3:4d:a3:53:1c:4d:50:dd:dc:49:c1:55:91:6a:1f:
20:32:ba:04:24:1a:40:ea:5b:1e:ec:e1:94:5e:82:
f8:23:b0:94:40:46:07:dd:5f:54:e3:be:db:7d:3a:
79:ee:83:4a:73:86:ac:d0:38:5c:e3:87:a1:bd:1b:
39:af:18:1d:0f:b0:af:6b:3c:29:ad:de:2a:63:2a:
da:a9:13:c3:ee:27:bd:63:77:88:39:0b:69:5e:0e:
88:13:a1:f3:04:6e:be:94:65:1c:01:e9:fb:e3:5e:
d8:4a:6f:93:15:ee:90:2a:73:17:e7:15:0e:9f:cc:
5e:27:19:64:80:ee:84:8d:e0:8e:3c:16:35:ab:47:
72:8e:7f:b5:56:b7:19:72:d1:6d:e5:af:6b:26:da:
61:e0:c3:e1:eb:0c:88:bc:71:f9:a3:5e:2d:f5:77:
a8:6e:44:40:6e:92:c1:ce:27:b6:30:c6:0d:7e:48:
2c:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:24:9C:A2:5D:7E:6C:FD:D5:12:7F:D2:2F:A1:7C:87:AB:AA:CC:EF
X509v3 Authority Key Identifier:
keyid:E0:55:9C:E8:89:AE:42:41:12:1F:E0:A1:65:3E:4B:95:5F:3E:DF:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4FWc6ImuQkESH-ChZT5LlV8-30s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/OSScol1-bP3VEn_SL6F8h6uqzO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/1fa4a1-9a1c-47de-aca6-9449957fd5a5/1/4FWc6ImuQkESH-ChZT5LlV8-30s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.10.56.0/24
IPv6:
2a0f:c780::/29
Signature Algorithm: sha256WithRSAEncryption
26:bd:fe:e4:01:43:77:8b:4e:fd:20:a7:8e:0d:65:c3:d7:67:
85:93:2f:37:91:25:4a:86:7f:88:6d:a6:af:8f:42:77:3b:bd:
12:62:e2:58:e1:96:2f:94:bb:c6:14:63:dc:83:46:0f:cf:04:
bf:ae:18:36:1c:96:9f:a9:bd:3c:f9:e0:fa:de:5e:60:d1:13:
46:c1:72:34:54:07:8f:9d:ca:56:76:5d:67:93:0a:d4:26:b3:
60:8a:ef:dd:84:5e:10:27:2c:a1:59:5d:09:50:c0:d3:92:12:
b7:09:bc:ef:93:a9:39:2c:93:13:56:34:4f:20:52:3d:30:f0:
ca:07:30:68:09:b1:56:d5:d5:15:03:d8:a5:75:e7:f1:16:a5:
cb:19:31:d3:0e:0b:3c:a2:9d:45:d3:00:84:c8:a8:51:b4:6e:
e5:19:9b:5d:e0:2b:10:4c:f6:90:13:25:34:56:45:b1:10:09:
c2:2d:f8:b5:66:b3:b6:3f:4a:34:fc:9e:6c:32:4b:7a:7a:eb:
7e:4d:4e:e1:64:46:b5:15:7f:b2:83:ff:ad:59:18:17:5a:ec:
38:14:b0:57:dc:ff:e5:b0:28:4b:77:8b:a8:fa:57:6a:72:37:
75:4b:19:b1:75:10:52:ee:1c:f0:f5:5b:12:83:db:04:05:f9:
1e:26:b7:26
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZNj/a6rdbduu3iEQthW1BV9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwNTU5Y2U4ODlhZTQyNDExMjFmZTBhMTY1M2U0Yjk1NWYz
ZWRmNGIwHhcNMjQxMTI1MTU0MzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTI0OWNhMjVkN2U2Y2ZkZDUxMjdmZDIyZmExN2M4N2FiYWFjY2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoj3uDj5gCHcu7tGJxuA3BT4OTQGI
sO/MrXsM4o/FaMz/5YPSwbS0IDIurK1pAvkWGG+lpWfURB29mVw5ITgznRY9wZEI
2motl12jTaNTHE1Q3dxJwVWRah8gMroEJBpA6lse7OGUXoL4I7CUQEYH3V9U477b
fTp57oNKc4as0Dhc44ehvRs5rxgdD7Cvazwprd4qYyraqRPD7ie9Y3eIOQtpXg6I
E6HzBG6+lGUcAen7417YSm+TFe6QKnMX5xUOn8xeJxlkgO6EjeCOPBY1q0dyjn+1
VrcZctFt5a9rJtph4MPh6wyIvHH5o14t9XeobkRAbpLBzie2MMYNfkgs8QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDkknKJdfmz91RJ/0i+hfIerqszvMB8GA1UdIwQY
MBaAFOBVnOiJrkJBEh/goWU+S5VfPt9LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYt
OTQ0OTk1N2ZkNWE1LzEvT1NTY29sMS1iUDNWRW5fU0w2RjhoNnVxek84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi8xZmE0YTEtOWExYy00N2RlLWFjYTYtOTQ0OTk1N2ZkNWE1
LzEvNEZXYzZJbXVRa0VTSC1DaFpUNUxsVjgtMzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQALQo4MA0E
AgACMAcDBQMqD8eAMA0GCSqGSIb3DQEBCwUAA4IBAQAmvf7kAUN3i079IKeODWXD
12eFky83kSVKhn+Ibaavj0J3O70SYuJY4ZYvlLvGFGPcg0YPzwS/rhg2HJafqb08
+eD63l5g0RNGwXI0VAePncpWdl1nkwrUJrNgiu/dhF4QJyyhWV0JUMDTkhK3Cbzv
k6k5LJMTVjRPIFI9MPDKBzBoCbFW1dUVA9ildefxFqXLGTHTDgs8op1F0wCEyKhR
tG7lGZtd4CsQTPaQEyU0VkWxEAnCLfi1ZrO2P0o0/J5sMkt6eut+TU7hZEa1FX+y
g/+tWRgXWuw4FLBX3P/lsChLd4uo+ldqcjd1SxmxdRBS7hzw9VsSg9sEBfkeJrcm
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:11:50 2024 by rpki-client on console-ams.rpki-client.org