Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/e22ef8-50b7-4046-9208-a475aebb08d5/1/oLW-609I3Khtnvap7_JOvzS8Dh8.roa
File: oLW-609I3Khtnvap7_JOvzS8Dh8.roa (raw, json)
Hash identifier: GI/K2R5uwKu2CJW1QernmTXeDLBsXY3zPyYVecZRek0=
Subject key identifier: A0:B5:BE:EB:4F:48:DC:A8:6D:9E:F6:A9:EF:F2:4E:BF:34:BC:0E:1F
Certificate issuer: /CN=037b3df6d78399f031828556fcd90ebfdf4d0d2d
Certificate serial: 018CC2DAFE4C7116070C5A3AC140B181BC9F
Authority key identifier: 03:7B:3D:F6:D7:83:99:F0:31:82:85:56:FC:D9:0E:BF:DF:4D:0D:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A3s99teDmfAxgoVW_NkOv99NDS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/e22ef8-50b7-4046-9208-a475aebb08d5/1/oLW-609I3Khtnvap7_JOvzS8Dh8.roa
Signing time: Mon 01 Jan 2024 02:29:40 +0000
ROA not before: Mon 01 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12732
IP address blocks: 193.34.122.0/24 maxlen: 24
193.34.120.0/22 maxlen: 24
193.34.120.0/24 maxlen: 24
193.34.123.0/24 maxlen: 24
193.34.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/e22ef8-50b7-4046-9208-a475aebb08d5/1/A3s99teDmfAxgoVW_NkOv99NDS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/e22ef8-50b7-4046-9208-a475aebb08d5/1/A3s99teDmfAxgoVW_NkOv99NDS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/A3s99teDmfAxgoVW_NkOv99NDS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:fe:4c:71:16:07:0c:5a:3a:c1:40:b1:81:bc:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=037b3df6d78399f031828556fcd90ebfdf4d0d2d
Validity
Not Before: Jan 1 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0b5beeb4f48dca86d9ef6a9eff24ebf34bc0e1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e3:df:d5:03:a7:51:7a:85:bb:14:4f:10:4e:
7a:0d:6f:a1:bc:a3:33:c4:6e:19:0c:d8:c7:6b:12:
50:cc:10:14:21:4f:37:e9:24:47:3b:20:ae:04:f3:
f4:91:6c:95:ff:0f:f5:45:ad:9b:89:70:4b:04:cb:
02:9c:26:be:8a:5f:58:3b:55:d1:94:63:9e:e4:00:
90:cb:31:25:f6:d9:33:37:25:38:00:e9:fa:ff:4a:
a5:27:3b:43:e8:84:3d:37:e9:1e:bf:da:03:c6:01:
70:58:f7:67:a8:be:c4:a2:37:d6:eb:84:35:04:40:
fb:15:b7:e9:48:89:4a:31:22:73:d4:1b:f0:c4:30:
68:fb:a3:f6:cc:7a:10:d3:6c:77:71:0f:6c:15:cc:
76:47:24:fa:44:2b:a4:1f:55:98:be:0f:85:e6:a8:
4b:33:9f:6a:77:2e:e0:50:e7:7e:09:2f:13:94:d8:
21:92:a6:75:98:79:38:e0:5e:66:f5:50:dc:31:24:
f4:b3:1b:18:ba:95:6d:89:e1:f3:65:05:86:e7:d0:
6a:c9:c8:e7:ef:3f:48:ca:45:ff:90:d3:35:0c:fa:
21:f9:a2:b4:8d:b5:a1:db:69:90:cd:87:3d:90:c1:
77:0f:6d:e2:f6:d0:ec:e7:3b:41:2e:e1:67:d0:7e:
09:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:B5:BE:EB:4F:48:DC:A8:6D:9E:F6:A9:EF:F2:4E:BF:34:BC:0E:1F
X509v3 Authority Key Identifier:
keyid:03:7B:3D:F6:D7:83:99:F0:31:82:85:56:FC:D9:0E:BF:DF:4D:0D:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A3s99teDmfAxgoVW_NkOv99NDS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e22ef8-50b7-4046-9208-a475aebb08d5/1/oLW-609I3Khtnvap7_JOvzS8Dh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/e22ef8-50b7-4046-9208-a475aebb08d5/1/A3s99teDmfAxgoVW_NkOv99NDS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.34.120.0/22
Signature Algorithm: sha256WithRSAEncryption
00:fc:cd:12:f2:29:19:3a:f4:ea:86:00:e8:6f:3a:0c:99:1c:
9b:42:57:b0:6c:80:f0:33:17:eb:5b:34:3f:3f:d0:3a:68:df:
e3:56:2f:6a:b8:dc:c0:01:83:c0:14:88:7d:a7:ea:ab:14:e6:
44:77:fd:aa:33:c7:a3:bc:e2:7a:e2:ec:77:a0:27:81:15:e7:
7b:4a:1d:8d:4c:27:a3:fd:de:51:c2:88:5a:88:d6:17:21:d5:
ff:fd:bd:71:09:28:a0:0f:c9:e4:b2:b4:b8:53:71:ed:19:2f:
77:b3:be:e5:69:a5:84:a3:87:8a:be:32:a8:5d:bb:9c:82:76:
b7:66:10:8b:3b:14:b1:46:25:78:b2:78:8a:4c:af:04:32:22:
78:8c:03:40:da:7c:44:ad:56:ce:a5:95:76:f3:52:b1:71:40:
2c:a9:3d:06:d7:b8:40:d5:49:4e:0a:97:51:0d:54:ae:c7:73:
ea:86:5d:26:ba:4c:c1:ae:3e:cf:8b:2c:64:30:5f:b9:d5:47:
71:00:11:13:36:e1:84:ea:bf:46:7c:80:57:fe:e6:4a:b1:a5:
92:4f:d9:bf:e8:6b:5f:4a:8f:56:c5:70:21:14:7b:ae:d4:68:
83:17:c0:b7:b0:b3:1a:49:55:cf:e6:2f:dc:95:8b:01:cd:66:
a6:80:9a:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2v5McRYHDFo6wUCxgbyfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzN2IzZGY2ZDc4Mzk5ZjAzMTgyODU1NmZjZDkwZWJmZGY0
ZDBkMmQwHhcNMjQwMTAxMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGI1YmVlYjRmNDhkY2E4NmQ5ZWY2YTllZmYyNGViZjM0YmMwZTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuePf1QOnUXqFuxRPEE56DW+hvKMz
xG4ZDNjHaxJQzBAUIU836SRHOyCuBPP0kWyV/w/1Ra2biXBLBMsCnCa+il9YO1XR
lGOe5ACQyzEl9tkzNyU4AOn6/0qlJztD6IQ9N+kev9oDxgFwWPdnqL7EojfW64Q1
BED7FbfpSIlKMSJz1BvwxDBo+6P2zHoQ02x3cQ9sFcx2RyT6RCukH1WYvg+F5qhL
M59qdy7gUOd+CS8TlNghkqZ1mHk44F5m9VDcMST0sxsYupVtieHzZQWG59Bqycjn
7z9IykX/kNM1DPoh+aK0jbWh22mQzYc9kMF3D23i9tDs5ztBLuFn0H4JywIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKC1vutPSNyobZ72qe/yTr80vA4fMB8GA1UdIwQY
MBaAFAN7PfbXg5nwMYKFVvzZDr/fTQ0tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTNzOTl0ZURtZkF4Z29WV19Oa092OTlORFMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS9lMjJlZjgtNTBiNy00MDQ2LTkyMDgt
YTQ3NWFlYmIwOGQ1LzEvb0xXLTYwOUkzS2h0bnZhcDdfSk92elM4RGg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS9lMjJlZjgtNTBiNy00MDQ2LTkyMDgtYTQ3NWFlYmIwOGQ1
LzEvQTNzOTl0ZURtZkF4Z29WV19Oa092OTlORFMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwSJ4MA0G
CSqGSIb3DQEBCwUAA4IBAQAA/M0S8ikZOvTqhgDobzoMmRybQlewbIDwMxfrWzQ/
P9A6aN/jVi9quNzAAYPAFIh9p+qrFOZEd/2qM8ejvOJ64ux3oCeBFed7Sh2NTCej
/d5RwohaiNYXIdX//b1xCSigD8nksrS4U3HtGS93s77laaWEo4eKvjKoXbucgna3
ZhCLOxSxRiV4sniKTK8EMiJ4jANA2nxErVbOpZV281KxcUAsqT0G17hA1UlOCpdR
DVSux3Pqhl0mukzBrj7PiyxkMF+51UdxABETNuGE6r9GfIBX/uZKsaWST9m/6Gtf
So9WxXAhFHuu1GiDF8C3sLMaSVXP5i/clYsBzWamgJqD
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:46 2024 by rpki-client on console-fra.rpki-client.org