Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/AOL9cOQlSfW6c5OHCjPX1DDXpEU.roa
File: AOL9cOQlSfW6c5OHCjPX1DDXpEU.roa (raw, json)
Hash identifier: 2TLKr9BkvlxzJIrO9GP4hYEQ2PXY8LtjL++WhJx5p4g=
Subject key identifier: 00:E2:FD:70:E4:25:49:F5:BA:73:93:87:0A:33:D7:D4:30:D7:A4:45
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 0192926259DD239CFC397422CE977E18D6E4
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/AOL9cOQlSfW6c5OHCjPX1DDXpEU.roa
Signing time: Tue 15 Oct 2024 22:52:51 +0000
ROA not before: Tue 15 Oct 2024 22:52:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21859
IP address blocks: 45.156.131.0/24 maxlen: 24
185.180.141.0/24 maxlen: 24
185.226.196.0/24 maxlen: 24
185.226.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:92:62:59:dd:23:9c:fc:39:74:22:ce:97:7e:18:d6:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: Oct 15 22:52:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=00e2fd70e42549f5ba7393870a33d7d430d7a445
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a6:f5:fd:e6:00:62:93:41:77:0c:1c:62:05:
e1:3b:43:fb:57:ce:94:b6:49:e3:e2:48:09:a8:2a:
97:f3:33:5c:ed:71:64:93:66:6a:68:98:b2:88:f5:
e6:41:72:9b:be:c1:b9:76:79:6d:54:76:db:83:a9:
86:05:2c:94:2b:8c:30:4b:45:fa:bd:cd:17:40:6d:
bd:6d:c6:31:9f:d6:4b:77:61:36:d8:3d:52:f3:00:
03:75:b2:2f:4e:46:e0:82:09:11:54:f1:39:42:8b:
9a:ac:62:88:ce:65:77:9c:c7:d3:db:91:9c:28:df:
9a:3a:ab:70:59:23:9a:ab:27:bf:1c:8c:3c:6f:86:
81:4c:03:5b:08:ec:33:18:8b:b3:1c:90:d8:b0:ef:
8c:bf:f2:a2:9a:f5:c4:cb:17:2e:8b:2e:7a:f1:5c:
6d:69:49:f3:ed:3c:dc:7b:a9:55:0b:b4:d0:05:f5:
77:a3:25:dd:46:7d:30:05:ad:67:53:b8:47:f0:fd:
88:15:e2:8d:b4:08:63:bf:f0:3b:b3:47:8f:ea:24:
36:9a:42:6e:f5:a7:0b:a4:ab:2a:a9:88:00:d3:a3:
a0:fc:24:52:f2:02:3d:df:e3:6b:eb:83:fc:7a:b1:
83:2e:a2:3d:64:c5:c2:f7:33:4a:95:96:65:0a:6c:
a3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:E2:FD:70:E4:25:49:F5:BA:73:93:87:0A:33:D7:D4:30:D7:A4:45
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/AOL9cOQlSfW6c5OHCjPX1DDXpEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.131.0/24
185.180.141.0/24
185.226.196.0/23
Signature Algorithm: sha256WithRSAEncryption
41:e3:f7:5c:de:1e:e9:5d:17:fc:82:d0:1a:03:44:d6:5b:07:
f3:cd:59:3a:14:9d:ff:e8:39:b2:d9:0d:18:c9:f4:bf:f7:bc:
9d:90:9b:c0:a8:18:34:43:c0:20:9b:55:ef:44:f4:4e:59:fb:
2b:30:13:a6:fc:2b:3f:49:a4:78:30:01:7d:99:cd:31:2c:79:
af:fd:4a:f0:19:11:4d:3f:e0:07:2a:73:0c:82:c1:7e:6c:bc:
d1:ae:32:8f:56:35:82:42:a2:62:ea:ca:7c:af:e1:69:0c:77:
5b:83:e7:cb:b3:37:a6:62:84:6d:24:f7:81:57:a0:d3:d6:41:
f6:55:d1:2f:d5:1f:f0:ba:b6:4c:9f:6f:6c:d9:71:ee:41:f9:
b8:69:7e:2e:66:a6:26:df:34:43:a4:a0:4f:48:a8:07:f4:7a:
4d:69:a2:d7:8d:c3:08:88:7c:9b:df:d2:8c:a8:0d:28:f2:9c:
ff:fd:fb:1a:17:3f:d8:f8:96:c5:9c:b6:ec:cb:e4:67:81:eb:
f4:00:26:c5:e9:44:2a:93:94:fc:8d:66:ec:81:6c:ee:a5:36:
7a:a8:e9:5c:7b:34:8a:0f:0a:28:3d:57:87:ad:d8:4a:52:71:
ef:87:44:c7:10:b9:16:e0:46:97:ea:97:4f:5f:28:ae:3d:c5:
44:60:9d:92
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZKSYlndI5z8OXQizpd+GNbkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjQxMDE1MjI1MjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGUyZmQ3MGU0MjU0OWY1YmE3MzkzODcwYTMzZDdkNDMwZDdhNDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqb1/eYAYpNBdwwcYgXhO0P7V86U
tknj4kgJqCqX8zNc7XFkk2ZqaJiyiPXmQXKbvsG5dnltVHbbg6mGBSyUK4wwS0X6
vc0XQG29bcYxn9ZLd2E22D1S8wADdbIvTkbgggkRVPE5QouarGKIzmV3nMfT25Gc
KN+aOqtwWSOaqye/HIw8b4aBTANbCOwzGIuzHJDYsO+Mv/KimvXEyxcuiy568Vxt
aUnz7Tzce6lVC7TQBfV3oyXdRn0wBa1nU7hH8P2IFeKNtAhjv/A7s0eP6iQ2mkJu
9acLpKsqqYgA06Og/CRS8gI93+Nr64P8erGDLqI9ZMXC9zNKlZZlCmyjOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFADi/XDkJUn1unOThwoz19Qw16RFMB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvQU9MOWNPUWxTZlc2YzVPSENqUFgxRERYcEVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZyDAwQA
ubSNAwQBueLEMA0GCSqGSIb3DQEBCwUAA4IBAQBB4/dc3h7pXRf8gtAaA0TWWwfz
zVk6FJ3/6Dmy2Q0YyfS/97ydkJvAqBg0Q8Agm1XvRPROWfsrMBOm/Cs/SaR4MAF9
mc0xLHmv/UrwGRFNP+AHKnMMgsF+bLzRrjKPVjWCQqJi6sp8r+FpDHdbg+fLszem
YoRtJPeBV6DT1kH2VdEv1R/wurZMn29s2XHuQfm4aX4uZqYm3zRDpKBPSKgH9HpN
aaLXjcMIiHyb39KMqA0o8pz//fsaFz/Y+JbFnLbsy+Rngev0ACbF6UQqk5T8jWbs
gWzupTZ6qOlcezSKDwooPVeHrdhKUnHvh0THELkW4EaX6pdPXyiuPcVEYJ2S
-----END CERTIFICATE-----
Generated at Sun Nov 24 18:38:22 2024 by rpki-client on console-ams.rpki-client.org