Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Ol_GFqKTkMnsUFVPC9k4PNPayvw.roa
File: Ol_GFqKTkMnsUFVPC9k4PNPayvw.roa (raw, json)
Hash identifier: laCDpslmaqGPTu1ZWL/lmY1Axz8Dnn6gyb0qMqRYMec=
Subject key identifier: 3A:5F:C6:16:A2:93:90:C9:EC:50:55:4F:0B:D9:38:3C:D3:DA:CA:FC
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3A806A761D5A1CC719037184FFA69
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Ol_GFqKTkMnsUFVPC9k4PNPayvw.roa
Signing time: Thu 02 Jan 2025 15:47:52 +0000
ROA not before: Thu 02 Jan 2025 15:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200023
IP address blocks: 45.83.206.0/24 maxlen: 24
45.92.248.0/22 maxlen: 24
45.95.176.0/22 maxlen: 24
45.139.160.0/23 maxlen: 24
45.139.164.0/22 maxlen: 24
45.139.172.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:a8:06:a7:61:d5:a1:cc:71:90:37:18:4f:fa:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a5fc616a29390c9ec50554f0bd9383cd3dacafc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:0d:8f:3a:dc:e5:5c:ca:e2:d5:e0:71:31:69:
78:4b:7b:35:24:31:7f:d0:d7:c0:5b:3f:3d:45:2a:
2d:9a:0c:04:6a:e5:7d:7d:bb:16:31:42:df:af:69:
10:1c:9b:6b:bc:a4:83:89:d6:bb:3f:86:a5:8a:af:
da:b9:b9:e6:c4:5d:69:99:4f:f2:10:14:23:e8:e5:
3e:ec:0c:4b:8a:cd:98:84:28:c3:a6:46:e5:d8:1e:
6a:58:28:d9:e7:d1:df:04:f1:f0:61:84:78:f1:4f:
83:36:23:a6:2c:ef:94:73:bc:2a:da:b2:06:de:95:
66:0a:b2:9d:ce:bc:8f:89:34:df:d5:ab:08:15:8b:
7c:5c:df:d0:f8:79:85:60:91:72:7f:22:3d:ca:37:
37:52:bf:59:01:ea:b1:ec:95:9d:a1:19:d4:8a:d1:
2f:8b:e7:31:c1:14:5c:5f:a5:3b:66:40:54:cb:8d:
83:b5:70:c0:93:37:77:1e:73:f5:79:38:b6:f1:25:
ef:4e:74:87:54:c1:5e:c8:71:4c:f8:3f:3c:dd:80:
8b:72:5f:37:b2:1e:55:ea:a4:77:4d:23:81:2e:f9:
24:42:58:22:d6:43:ec:56:93:98:20:ac:95:32:46:
d7:b3:de:d4:4d:02:b6:a1:76:b3:9b:ec:eb:88:0d:
91:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5F:C6:16:A2:93:90:C9:EC:50:55:4F:0B:D9:38:3C:D3:DA:CA:FC
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Ol_GFqKTkMnsUFVPC9k4PNPayvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.206.0/24
45.92.248.0/22
45.95.176.0/22
45.139.160.0/23
45.139.164.0/22
45.139.172.0/22
Signature Algorithm: sha256WithRSAEncryption
5b:43:cc:66:7c:b9:50:a5:b0:38:51:d3:01:c1:ff:ac:21:cb:
60:a1:cd:70:3f:b5:75:f8:24:4e:89:0a:4e:14:97:92:c1:ce:
f9:2a:16:f6:b8:26:1b:dc:5e:ac:56:17:9a:a6:01:6e:66:04:
87:85:34:f2:d7:09:81:f3:4f:e4:a9:ae:7d:42:12:f9:e0:ee:
24:12:03:09:ac:ab:5e:96:62:69:13:5b:f8:1f:b9:b6:36:eb:
b4:23:25:00:a6:03:1e:90:c1:22:58:23:10:12:d1:06:6d:93:
ce:f3:d9:94:e0:b0:41:63:03:58:c4:86:4e:1e:03:5a:99:b8:
48:f3:0d:62:19:79:9d:4e:93:30:0f:39:a8:ea:1f:5b:52:e5:
cc:86:54:7f:89:29:8e:c0:8a:77:de:9f:a7:1c:9d:70:d1:45:
6c:d8:e9:4b:91:fd:ec:09:d9:97:3c:66:17:5a:9d:56:ff:14:
61:43:c6:0f:63:ca:06:42:ab:28:89:2d:42:02:4d:52:6a:3b:
01:08:cb:22:95:25:69:4a:6b:e0:03:4e:d4:f2:8d:3c:0e:31:
8d:9b:8f:47:6f:04:2c:e5:e6:0e:cf:16:0e:28:9f:d0:3e:ed:
45:3f:66:54:80:73:06:d9:d5:4a:d7:63:2e:c2:6b:61:30:ce:
4b:32:88:cb
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQns6gGp2HVocxxkDcYT/ppMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTVmYzYxNmEyOTM5MGM5ZWM1MDU1NGYwYmQ5MzgzY2QzZGFjYWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnw2POtzlXMri1eBxMWl4S3s1JDF/
0NfAWz89RSotmgwEauV9fbsWMULfr2kQHJtrvKSDida7P4aliq/aubnmxF1pmU/y
EBQj6OU+7AxLis2YhCjDpkbl2B5qWCjZ59HfBPHwYYR48U+DNiOmLO+Uc7wq2rIG
3pVmCrKdzryPiTTf1asIFYt8XN/Q+HmFYJFyfyI9yjc3Ur9ZAeqx7JWdoRnUitEv
i+cxwRRcX6U7ZkBUy42DtXDAkzd3HnP1eTi28SXvTnSHVMFeyHFM+D883YCLcl83
sh5V6qR3TSOBLvkkQlgi1kPsVpOYIKyVMkbXs97UTQK2oXazm+zriA2RAwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFDpfxhaik5DJ7FBVTwvZODzT2sr8MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvT2xfR0ZxS1RrTW5zVUZWUEM5azRQTlBheXZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALVPOAwQC
LVz4AwQCLV+wAwQBLYugAwQCLYukAwQCLYusMA0GCSqGSIb3DQEBCwUAA4IBAQBb
Q8xmfLlQpbA4UdMBwf+sIctgoc1wP7V1+CROiQpOFJeSwc75Khb2uCYb3F6sVhea
pgFuZgSHhTTy1wmB80/kqa59QhL54O4kEgMJrKtelmJpE1v4H7m2Nuu0IyUApgMe
kMEiWCMQEtEGbZPO89mU4LBBYwNYxIZOHgNambhI8w1iGXmdTpMwDzmo6h9bUuXM
hlR/iSmOwIp33p+nHJ1w0UVs2OlLkf3sCdmXPGYXWp1W/xRhQ8YPY8oGQqsoiS1C
Ak1SajsBCMsilSVpSmvgA07U8o08DjGNm49HbwQs5eYOzxYOKJ/QPu1FP2ZUgHMG
2dVK12MuwmthMM5LMojL
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:51:00 2025 by rpki-client