Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/OHA5ylsS6BG_SoZjaURVWzc4iVk.roa
File: OHA5ylsS6BG_SoZjaURVWzc4iVk.roa (raw, json)
Hash identifier: YabYlbd6IaxLJAB5YuXjVookqxOf5Gx7iTkEFMDokc0=
Subject key identifier: 38:70:39:CA:5B:12:E8:11:BF:4A:86:63:69:44:55:5B:37:38:89:59
Certificate issuer: /CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Certificate serial: 018F70A203F1FEC7B11762988C14D10E2C3E
Authority key identifier: C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/OHA5ylsS6BG_SoZjaURVWzc4iVk.roa
Signing time: Mon 13 May 2024 06:26:57 +0000
ROA not before: Mon 13 May 2024 06:26:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210402
IP address blocks: 91.106.36.0/22 maxlen: 22
91.106.36.0/23 maxlen: 23
91.106.36.0/24 maxlen: 24
91.106.37.0/24 maxlen: 24
91.106.38.0/23 maxlen: 23
91.106.38.0/24 maxlen: 24
91.106.39.0/24 maxlen: 24
91.106.44.0/22 maxlen: 22
91.106.44.0/23 maxlen: 23
91.106.44.0/24 maxlen: 24
91.106.45.0/24 maxlen: 24
91.106.46.0/23 maxlen: 23
91.106.46.0/24 maxlen: 24
91.106.47.0/24 maxlen: 24
91.106.48.0/22 maxlen: 22
91.106.48.0/23 maxlen: 23
91.106.48.0/24 maxlen: 24
91.106.49.0/24 maxlen: 24
91.106.50.0/23 maxlen: 23
91.106.50.0/24 maxlen: 24
91.106.51.0/24 maxlen: 24
91.106.52.0/22 maxlen: 22
91.106.52.0/23 maxlen: 23
91.106.52.0/24 maxlen: 24
91.106.53.0/24 maxlen: 24
91.106.54.0/23 maxlen: 23
91.106.54.0/24 maxlen: 24
91.106.55.0/24 maxlen: 24
91.106.56.0/22 maxlen: 22
91.106.56.0/23 maxlen: 23
91.106.56.0/24 maxlen: 24
91.106.57.0/24 maxlen: 24
91.106.58.0/23 maxlen: 23
91.106.58.0/24 maxlen: 24
91.106.59.0/24 maxlen: 24
91.106.60.0/22 maxlen: 22
91.106.60.0/23 maxlen: 23
91.106.60.0/24 maxlen: 24
91.106.61.0/24 maxlen: 24
91.106.62.0/23 maxlen: 23
91.106.62.0/24 maxlen: 24
91.106.63.0/24 maxlen: 24
109.61.4.0/22 maxlen: 22
109.61.4.0/23 maxlen: 23
109.61.4.0/24 maxlen: 24
109.61.5.0/24 maxlen: 24
109.61.6.0/23 maxlen: 23
109.61.6.0/24 maxlen: 24
109.61.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.mft
rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 10:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:70:a2:03:f1:fe:c7:b1:17:62:98:8c:14:d1:0e:2c:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c092d8d5511b19ece456960f23bfa886ee1d570b
Validity
Not Before: May 13 06:26:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=387039ca5b12e811bf4a86636944555b37388959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f8:30:6f:1f:f4:21:1f:50:f2:94:2d:f3:cc:
1d:e5:4a:a8:e6:4d:b5:f8:04:f5:43:af:94:42:72:
ba:03:df:37:81:1c:b3:12:7d:f4:76:4e:1c:0d:49:
45:bb:12:9a:29:89:25:e2:ee:20:ad:02:64:a5:90:
49:d5:01:3a:c3:f5:eb:17:ff:0c:e4:37:0a:cb:c1:
99:93:91:2e:61:39:a3:7a:b5:87:08:cf:50:45:60:
c3:4f:75:ed:a3:f6:5d:94:a6:5d:5b:6b:8a:75:c7:
b3:2b:48:db:44:0f:c3:fd:a3:99:78:cf:f3:03:04:
91:e5:e4:09:da:b4:90:8c:4c:57:a6:8f:ef:3f:23:
e8:e5:5a:df:06:7f:fd:99:aa:81:01:76:12:83:1c:
7b:9d:f8:3c:dd:37:97:74:87:78:95:23:91:06:60:
28:e6:c0:a8:d3:c4:5b:54:c8:cd:f4:1a:fe:ca:c1:
65:b1:fc:3c:91:8d:d3:ae:a5:69:cc:86:92:0c:c6:
e5:f0:84:04:54:93:17:1a:1f:75:ab:12:d3:b9:c5:
2b:b2:dd:05:73:6b:70:34:03:ab:cf:f8:3d:20:8a:
aa:f4:78:a0:d2:7b:31:7a:cd:63:62:af:57:87:16:
85:23:66:e8:95:c8:96:37:e7:27:9f:f3:80:ed:a6:
83:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:70:39:CA:5B:12:E8:11:BF:4A:86:63:69:44:55:5B:37:38:89:59
X509v3 Authority Key Identifier:
keyid:C0:92:D8:D5:51:1B:19:EC:E4:56:96:0F:23:BF:A8:86:EE:1D:57:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wJLY1VEbGezkVpYPI7-ohu4dVws.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/OHA5ylsS6BG_SoZjaURVWzc4iVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/d430d9-d214-41c0-8e51-267a16b4629f/1/wJLY1VEbGezkVpYPI7-ohu4dVws.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.106.36.0/22
91.106.44.0-91.106.63.255
109.61.4.0/22
Signature Algorithm: sha256WithRSAEncryption
a5:9e:c5:c2:68:8e:05:6d:1e:4e:6e:76:41:83:2b:42:05:51:
83:6b:8b:56:f5:56:ca:e1:22:bc:49:09:44:89:46:36:68:86:
a8:58:20:24:57:3c:aa:d4:88:4a:87:38:1a:b2:7b:7d:99:87:
61:6b:ed:cf:c6:ca:5d:1d:6c:6f:ee:09:33:4e:df:4b:5b:5d:
1a:89:eb:61:ba:9e:63:87:a0:8b:24:1b:d2:e6:c9:5a:b3:bc:
fc:77:0a:75:5a:6b:43:6c:aa:56:a9:ba:6d:c1:92:6c:f6:32:
4b:0c:fe:d4:89:dd:61:7a:c7:de:6f:e9:38:3c:a1:55:24:84:
81:aa:66:8f:b3:00:6a:59:f2:6b:47:97:3b:98:91:2b:4e:a8:
2c:38:2d:aa:7f:9e:45:11:b4:ee:db:4c:a0:2b:d4:20:18:74:
89:ed:aa:6c:65:5b:80:cd:d5:4f:e6:2b:69:af:99:8b:3d:ab:
35:5a:1b:ec:61:29:01:ba:16:b2:49:44:5a:41:d8:4a:c0:65:
54:44:66:44:58:ae:ff:90:b9:ac:01:c2:6c:b3:e8:2c:b4:bf:
1b:ab:12:c6:21:85:ca:be:6c:0a:6d:6d:86:c5:5e:ff:9e:df:
f4:04:a1:fe:19:36:94:16:7f:81:86:f7:52:e1:ed:d3:62:02:
ac:fa:55:67
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY9wogPx/sexF2KYjBTRDiw+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwOTJkOGQ1NTExYjE5ZWNlNDU2OTYwZjIzYmZhODg2ZWUx
ZDU3MGIwHhcNMjQwNTEzMDYyNjU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODcwMzljYTViMTJlODExYmY0YTg2NjM2OTQ0NTU1YjM3Mzg4OTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPgwbx/0IR9Q8pQt88wd5Uqo5k21
+AT1Q6+UQnK6A983gRyzEn30dk4cDUlFuxKaKYkl4u4grQJkpZBJ1QE6w/XrF/8M
5DcKy8GZk5EuYTmjerWHCM9QRWDDT3Xto/ZdlKZdW2uKdcezK0jbRA/D/aOZeM/z
AwSR5eQJ2rSQjExXpo/vPyPo5VrfBn/9maqBAXYSgxx7nfg83TeXdId4lSORBmAo
5sCo08RbVMjN9Br+ysFlsfw8kY3TrqVpzIaSDMbl8IQEVJMXGh91qxLTucUrst0F
c2twNAOrz/g9IIqq9Hig0nsxes1jYq9XhxaFI2bolciWN+cnn/OA7aaDswIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFDhwOcpbEugRv0qGY2lEVVs3OIlZMB8GA1UdIwQY
MBaAFMCS2NVRGxns5FaWDyO/qIbuHVcLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEt
MjY3YTE2YjQ2MjlmLzEvT0hBNXlsc1M2QkdfU29aamFVUlZXemM0aVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9kNDMwZDktZDIxNC00MWMwLThlNTEtMjY3YTE2YjQ2Mjlm
LzEvd0pMWTFWRWJHZXprVnBZUEk3LW9odTRkVndzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCW2okMAwD
BAJbaiwDBAZbagADBAJtPQQwDQYJKoZIhvcNAQELBQADggEBAKWexcJojgVtHk5u
dkGDK0IFUYNri1b1VsrhIrxJCUSJRjZohqhYICRXPKrUiEqHOBqye32Zh2Fr7c/G
yl0dbG/uCTNO30tbXRqJ62G6nmOHoIskG9LmyVqzvPx3CnVaa0Nsqlapum3Bkmz2
MksM/tSJ3WF6x95v6Tg8oVUkhIGqZo+zAGpZ8mtHlzuYkStOqCw4Lap/nkURtO7b
TKAr1CAYdIntqmxlW4DN1U/mK2mvmYs9qzVaG+xhKQG6FrJJRFpB2ErAZVREZkRY
rv+QuawBwmyz6Cy0vxurEsYhhcq+bAptbYbFXv+e3/QEof4ZNpQWf4GG91Lh7dNi
Aqz6VWc=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:32:28 2024 by rpki-client on console-ams.rpki-client.org