Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/Ol6cakySox8hAM1UTPadAKzEir0.roa
File: Ol6cakySox8hAM1UTPadAKzEir0.roa (raw, json)
Hash identifier: lTSqqQlvMmfJ0PFsajUlICgmTmejaL+5zgVSVupMTUY=
Subject key identifier: 3A:5E:9C:6A:4C:92:A3:1F:21:00:CD:54:4C:F6:9D:00:AC:C4:8A:BD
Certificate issuer: /CN=d2fa2a70003880d7561612a3c0a12602ce3541a4
Certificate serial: 01941FFA601639026549CB397F244359B257
Authority key identifier: D2:FA:2A:70:00:38:80:D7:56:16:12:A3:C0:A1:26:02:CE:35:41:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0voqcAA4gNdWFhKjwKEmAs41QaQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/Ol6cakySox8hAM1UTPadAKzEir0.roa
Signing time: Wed 01 Jan 2025 03:48:09 +0000
ROA not before: Wed 01 Jan 2025 03:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213192
IP address blocks: 46.235.40.0/21 maxlen: 21
83.150.232.0/22 maxlen: 22
83.150.235.0/24 maxlen: 24
2a00:d640::/32 maxlen: 32
2a00:d641::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/0voqcAA4gNdWFhKjwKEmAs41QaQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/0voqcAA4gNdWFhKjwKEmAs41QaQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/0voqcAA4gNdWFhKjwKEmAs41QaQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:60:16:39:02:65:49:cb:39:7f:24:43:59:b2:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2fa2a70003880d7561612a3c0a12602ce3541a4
Validity
Not Before: Jan 1 03:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a5e9c6a4c92a31f2100cd544cf69d00acc48abd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:ba:33:07:f0:b2:31:e4:72:72:7a:96:04:21:
41:ef:d4:99:09:c0:e2:38:4d:cf:17:35:29:7c:24:
25:d2:3a:cc:de:53:56:39:e9:4f:11:db:d0:fb:93:
3a:ad:4c:9b:c8:5a:66:eb:49:08:19:87:f2:52:d1:
f1:31:8c:85:55:e5:0c:7b:ca:c6:a8:12:e0:d6:65:
98:5f:5d:94:81:89:f9:cf:72:9f:13:ff:38:ef:17:
46:5f:34:f5:6a:b0:64:ce:cc:2a:1d:f0:ed:48:ff:
68:bb:d4:ea:6d:fd:99:a3:bb:d9:46:7a:30:5a:e5:
92:dd:24:64:ab:58:78:5e:ef:d4:c5:7c:6f:b5:33:
ee:e7:2f:2f:93:b9:d3:12:1c:16:2e:0a:10:ef:f9:
da:10:fe:0e:af:88:eb:44:9f:81:7f:bd:e9:95:0e:
b4:c6:3a:e1:56:a6:94:a2:f2:9f:8e:e7:f5:eb:4b:
5f:da:99:8c:7e:7c:ec:3d:e1:2f:2f:9e:eb:52:f8:
aa:6c:07:41:e9:84:1d:5a:8c:6c:c7:4e:ba:0d:0d:
63:49:20:71:a3:ca:df:dd:67:d2:df:bf:00:99:5b:
70:62:f7:66:b4:a7:46:00:34:87:0b:c3:bc:d7:ba:
cc:fc:48:cc:11:11:d6:4a:82:34:fd:f4:e1:95:d2:
0d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:5E:9C:6A:4C:92:A3:1F:21:00:CD:54:4C:F6:9D:00:AC:C4:8A:BD
X509v3 Authority Key Identifier:
keyid:D2:FA:2A:70:00:38:80:D7:56:16:12:A3:C0:A1:26:02:CE:35:41:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0voqcAA4gNdWFhKjwKEmAs41QaQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/Ol6cakySox8hAM1UTPadAKzEir0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a9/b207d1-8b7b-4e27-8370-a796501e77a1/1/0voqcAA4gNdWFhKjwKEmAs41QaQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.40.0/21
83.150.232.0/22
IPv6:
2a00:d640::/31
Signature Algorithm: sha256WithRSAEncryption
97:b8:af:b6:2b:d6:2f:f1:c1:80:91:95:ce:35:dd:5e:e8:0c:
6d:9c:61:8b:f3:dd:79:ea:92:fb:a2:fa:3e:30:31:e5:84:ab:
87:93:a2:7c:a3:e0:15:03:1e:bb:72:70:23:26:07:68:a7:55:
f9:ef:ad:17:58:df:16:8f:c0:04:06:15:ee:16:cd:bc:c9:38:
98:dd:df:b9:2c:21:7f:85:39:a8:40:2e:d3:3b:56:99:03:ad:
ef:d5:a3:dd:16:34:3d:f9:34:89:ce:d5:41:26:0f:07:ee:83:
f5:69:f1:33:7d:2a:36:b9:82:c4:11:00:9d:83:a6:41:98:0a:
e0:ea:9c:b2:84:fa:6a:a3:5e:fd:d4:28:6f:32:cc:f0:3b:65:
ef:ce:a9:46:12:69:93:4a:11:15:98:0a:dd:71:64:18:bc:c2:
5d:b4:a2:1d:b4:8e:19:60:fc:dd:14:c0:d4:ba:b0:b3:12:0f:
7b:f9:16:1a:0b:0e:c4:66:41:19:86:91:95:36:f6:44:03:53:
4d:78:f5:95:44:b1:10:85:bd:8f:ad:12:74:88:78:b8:1f:15:
c1:16:fc:1a:d0:5d:24:83:35:1c:52:21:0e:3a:72:97:1e:05:
2d:90:5f:6e:18:13:28:75:11:a4:9b:7f:30:a6:a9:5f:51:49:
94:f1:64:ca
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQf+mAWOQJlScs5fyRDWbJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZmEyYTcwMDAzODgwZDc1NjE2MTJhM2MwYTEyNjAyY2Uz
NTQxYTQwHhcNMjUwMTAxMDM0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTVlOWM2YTRjOTJhMzFmMjEwMGNkNTQ0Y2Y2OWQwMGFjYzQ4YWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx7ozB/CyMeRycnqWBCFB79SZCcDi
OE3PFzUpfCQl0jrM3lNWOelPEdvQ+5M6rUybyFpm60kIGYfyUtHxMYyFVeUMe8rG
qBLg1mWYX12UgYn5z3KfE/847xdGXzT1arBkzswqHfDtSP9ou9Tqbf2Zo7vZRnow
WuWS3SRkq1h4Xu/UxXxvtTPu5y8vk7nTEhwWLgoQ7/naEP4Or4jrRJ+Bf73plQ60
xjrhVqaUovKfjuf160tf2pmMfnzsPeEvL57rUviqbAdB6YQdWoxsx066DQ1jSSBx
o8rf3WfS378AmVtwYvdmtKdGADSHC8O817rM/EjMERHWSoI0/fThldIN3wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFDpenGpMkqMfIQDNVEz2nQCsxIq9MB8GA1UdIwQY
MBaAFNL6KnAAOIDXVhYSo8ChJgLONUGkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHZvcWNBQTRnTmRXRmhLandLRW1BczQxUWFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOS9iMjA3ZDEtOGI3Yi00ZTI3LTgzNzAt
YTc5NjUwMWU3N2ExLzEvT2w2Y2FreVNveDhoQU0xVVRQYWRBS3pFaXIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOS9iMjA3ZDEtOGI3Yi00ZTI3LTgzNzAtYTc5NjUwMWU3N2Ex
LzEvMHZvcWNBQTRnTmRXRmhLandLRW1BczQxUWFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLusoAwQC
U5boMA0EAgACMAcDBQEqANZAMA0GCSqGSIb3DQEBCwUAA4IBAQCXuK+2K9Yv8cGA
kZXONd1e6AxtnGGL89156pL7ovo+MDHlhKuHk6J8o+AVAx67cnAjJgdop1X5760X
WN8Wj8AEBhXuFs28yTiY3d+5LCF/hTmoQC7TO1aZA63v1aPdFjQ9+TSJztVBJg8H
7oP1afEzfSo2uYLEEQCdg6ZBmArg6pyyhPpqo1791ChvMszwO2XvzqlGEmmTShEV
mArdcWQYvMJdtKIdtI4ZYPzdFMDUurCzEg97+RYaCw7EZkEZhpGVNvZEA1NNePWV
RLEQhb2PrRJ0iHi4HxXBFvwa0F0kgzUcUiEOOnKXHgUtkF9uGBModRGkm38wpqlf
UUmU8WTK
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:16:51 2025 by rpki-client