Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/OlYubq6aJSP9blCUyl00FxqmK98.roa
File: OlYubq6aJSP9blCUyl00FxqmK98.roa (raw, json)
Hash identifier: cLpKRkmjdQ5O1lodK2BVOOBnfoI5iaIG58Z5YhBTDOk=
Subject key identifier: 3A:56:2E:6E:AE:9A:25:23:FD:6E:50:94:CA:5D:34:17:1A:A6:2B:DF
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 01931A0B31A15C20E0D48D397222C54187A5
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/OlYubq6aJSP9blCUyl00FxqmK98.roa
Signing time: Mon 11 Nov 2024 07:06:01 +0000
ROA not before: Mon 11 Nov 2024 07:06:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25160
IP address blocks: 195.114.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:58:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:0b:31:a1:5c:20:e0:d4:8d:39:72:22:c5:41:87:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Nov 11 07:06:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3a562e6eae9a2523fd6e5094ca5d34171aa62bdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:6c:c3:80:11:b9:31:68:cf:74:37:a3:1a:bc:
8a:58:eb:ef:5a:b2:11:f7:8b:f1:97:7b:bb:f3:7f:
b0:6e:df:1b:1c:68:d8:fd:a8:e1:27:79:8f:c4:a5:
8a:97:3f:7d:24:99:eb:4f:b0:c3:09:9e:29:e7:28:
3c:07:96:48:e2:76:e8:32:07:50:9d:d4:17:69:58:
08:29:26:e9:ff:b6:1c:16:29:df:60:c9:29:87:12:
94:47:a2:f3:fe:cd:b8:23:76:ea:23:3f:5c:45:c6:
b0:05:2f:00:0e:4a:d0:18:7a:39:4d:e1:a7:ec:45:
25:df:fd:d4:3c:bf:5c:ab:dd:0e:53:52:ca:f5:60:
c5:04:89:4c:dc:e5:3d:b3:00:92:35:2a:02:1e:1d:
13:ee:1e:4c:cb:ba:19:52:89:16:2d:28:e2:c1:8e:
3d:27:5a:75:4e:47:e0:d4:77:b2:aa:3b:73:de:67:
03:5b:ac:ff:56:f3:b8:dd:09:de:15:e1:a9:66:5a:
69:9d:4d:21:d5:e6:47:d4:11:13:d6:d6:02:cc:d3:
a6:e4:2f:cf:93:9a:b2:9b:5b:e9:9f:96:34:3d:04:
60:cf:35:db:49:87:73:9c:c8:29:15:f5:22:97:f3:
69:b3:ce:ba:f8:53:03:03:6b:2b:f8:d3:87:52:2f:
10:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:56:2E:6E:AE:9A:25:23:FD:6E:50:94:CA:5D:34:17:1A:A6:2B:DF
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/OlYubq6aJSP9blCUyl00FxqmK98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.114.197.0/24
Signature Algorithm: sha256WithRSAEncryption
4b:99:23:fc:9b:14:b1:fb:31:a8:af:cd:9e:57:c1:67:46:42:
11:ca:6f:5b:4d:43:57:bc:40:99:b5:14:81:ab:cf:b3:f4:aa:
16:57:ba:5a:86:64:07:09:59:50:6c:c8:ac:11:e5:7e:58:e2:
23:17:04:65:dc:9c:a9:65:23:c2:16:df:bf:7a:47:90:f6:e9:
80:fd:76:2e:00:56:a8:11:b7:c8:16:7e:9e:e9:07:23:51:00:
10:ed:3a:18:92:c5:d6:b3:61:d1:bc:7c:77:ac:85:ce:39:1b:
f2:9a:ea:e7:50:df:6f:cd:c9:12:19:93:28:1f:7a:9f:2e:88:
52:2d:d2:da:7f:b3:a4:5a:2b:15:7d:26:66:ef:bf:32:79:e7:
03:6e:71:de:b3:03:75:a4:d9:2a:62:7f:1a:d3:ce:56:7b:ba:
5e:37:bd:91:97:75:c3:a1:3c:dd:1e:09:b8:ee:75:f6:99:0e:
51:a3:65:79:62:f5:7f:f9:80:be:4c:21:63:24:4c:84:c8:e5:
e0:4f:ef:4b:ab:37:1f:03:91:32:23:9c:4c:4c:c4:89:0f:f5:
40:c4:2d:cc:59:a9:d7:e0:7e:54:50:77:07:a2:fc:c9:1a:10:
44:5f:a6:a4:08:92:60:ed:94:b5:71:b9:dd:46:8e:a0:c7:a5:
7e:45:41:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZMaCzGhXCDg1I05ciLFQYelMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjQxMTExMDcwNjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTU2MmU2ZWFlOWEyNTIzZmQ2ZTUwOTRjYTVkMzQxNzFhYTYyYmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlWzDgBG5MWjPdDejGryKWOvvWrIR
94vxl3u783+wbt8bHGjY/ajhJ3mPxKWKlz99JJnrT7DDCZ4p5yg8B5ZI4nboMgdQ
ndQXaVgIKSbp/7YcFinfYMkphxKUR6Lz/s24I3bqIz9cRcawBS8ADkrQGHo5TeGn
7EUl3/3UPL9cq90OU1LK9WDFBIlM3OU9swCSNSoCHh0T7h5My7oZUokWLSjiwY49
J1p1Tkfg1Heyqjtz3mcDW6z/VvO43QneFeGpZlppnU0h1eZH1BET1tYCzNOm5C/P
k5qym1vpn5Y0PQRgzzXbSYdznMgpFfUil/Nps866+FMDA2sr+NOHUi8QkQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDpWLm6umiUj/W5QlMpdNBcapivfMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvT2xZdWJxNmFKU1A5YmxDVXlsMDBGeHFtSzk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw3LFMA0G
CSqGSIb3DQEBCwUAA4IBAQBLmSP8mxSx+zGor82eV8FnRkIRym9bTUNXvECZtRSB
q8+z9KoWV7pahmQHCVlQbMisEeV+WOIjFwRl3JypZSPCFt+/ekeQ9umA/XYuAFao
EbfIFn6e6QcjUQAQ7ToYksXWs2HRvHx3rIXOORvymurnUN9vzckSGZMoH3qfLohS
LdLaf7OkWisVfSZm778yeecDbnHeswN1pNkqYn8a085We7peN72Rl3XDoTzdHgm4
7nX2mQ5Ro2V5YvV/+YC+TCFjJEyEyOXgT+9LqzcfA5EyI5xMTMSJD/VAxC3MWanX
4H5UUHcHovzJGhBEX6akCJJg7ZS1cbndRo6gx6V+RUEl
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:05:49 2024 by rpki-client on console-fra.rpki-client.org