Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/ogliIW3uJqaM5LS-fzkMZKt_cLk.roa
File: ogliIW3uJqaM5LS-fzkMZKt_cLk.roa (raw, json)
Hash identifier: LLZA+4CzPtqrtq7hIsuRZwdNW4zECVbIb6kWURR2Rw4=
Subject key identifier: A2:09:62:21:6D:EE:26:A6:8C:E4:B4:BE:7F:39:0C:64:AB:7F:70:B9
Certificate issuer: /CN=1be36fcfb047b8c653ffa327fc2ca51169e947a4
Certificate serial: 019423D6E28CE40A3EA87991A796CBBCE192
Authority key identifier: 1B:E3:6F:CF:B0:47:B8:C6:53:FF:A3:27:FC:2C:A5:11:69:E9:47:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/ogliIW3uJqaM5LS-fzkMZKt_cLk.roa
Signing time: Wed 01 Jan 2025 21:47:52 +0000
ROA not before: Wed 01 Jan 2025 21:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201579
IP address blocks: 62.169.151.0/24 maxlen: 24
91.237.124.0/24 maxlen: 24
185.91.69.0/24 maxlen: 24
193.138.195.0/24 maxlen: 24
2a13:2480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:e2:8c:e4:0a:3e:a8:79:91:a7:96:cb:bc:e1:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1be36fcfb047b8c653ffa327fc2ca51169e947a4
Validity
Not Before: Jan 1 21:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a20962216dee26a68ce4b4be7f390c64ab7f70b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c8:05:5a:9a:bc:5e:d3:f9:37:07:ec:92:af:
8b:3d:90:55:da:1c:13:ac:c9:75:db:9c:6f:3a:3c:
9b:3e:ab:2f:68:b5:a2:cb:d2:35:53:45:94:ed:6f:
30:46:3e:0a:ae:ef:a3:f2:87:f3:43:60:60:8c:99:
96:b7:61:80:ac:e7:7f:cf:3c:89:cd:63:e2:8c:91:
80:7a:18:8c:13:ea:c7:fa:1d:d2:12:59:69:41:14:
8c:01:1e:e1:66:e3:b5:81:3a:ca:5b:64:7e:e0:5a:
cd:93:b5:b2:8b:30:bb:f1:29:a1:39:26:b0:a1:0b:
2d:f8:b6:3e:14:95:2c:6d:49:b7:5e:0f:d0:00:d7:
37:71:3a:f7:6a:9c:13:92:ff:c9:e5:53:8f:ec:fc:
87:d3:68:72:d3:6e:74:0b:af:5a:e6:bd:3f:32:4a:
72:b4:64:e7:43:81:af:31:e5:08:f6:fb:d7:51:92:
8a:7d:9a:ea:86:36:23:6d:2a:b9:f9:b2:11:be:eb:
b4:9f:04:99:95:82:50:27:e8:c3:c1:30:25:3c:c1:
b7:f3:62:71:22:e2:64:56:07:e6:a8:9f:28:6c:bd:
46:17:00:80:ff:9b:32:a9:bc:03:28:78:e1:5e:10:
30:e0:4f:02:d4:c3:47:81:6d:0c:37:07:c0:ef:8f:
d2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:09:62:21:6D:EE:26:A6:8C:E4:B4:BE:7F:39:0C:64:AB:7F:70:B9
X509v3 Authority Key Identifier:
keyid:1B:E3:6F:CF:B0:47:B8:C6:53:FF:A3:27:FC:2C:A5:11:69:E9:47:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/ogliIW3uJqaM5LS-fzkMZKt_cLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/5ddd92-41d6-469f-896c-e0c966c15d5f/1/G-Nvz7BHuMZT_6Mn_CylEWnpR6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.169.151.0/24
91.237.124.0/24
185.91.69.0/24
193.138.195.0/24
IPv6:
2a13:2480::/29
Signature Algorithm: sha256WithRSAEncryption
13:e7:97:87:12:67:07:36:b3:2e:ab:e5:37:18:47:52:b2:b7:
1d:c2:37:c1:0a:80:4b:c3:b8:74:3a:0b:5b:a3:d3:95:1b:fd:
69:33:89:98:1d:86:93:76:09:75:02:33:99:6d:5d:d1:75:5d:
1f:e5:33:c4:58:5f:79:00:d3:70:2e:75:d9:be:5e:b3:0a:c7:
53:38:6d:f3:fc:89:4f:7a:92:0f:b2:2e:c6:6b:e0:a6:a2:d8:
99:35:fb:00:5e:aa:65:68:fe:cf:ab:ca:53:40:63:9a:06:fd:
84:f7:26:1b:7e:59:a6:41:1d:23:d7:f4:c0:80:bd:c7:08:bb:
ca:61:08:23:71:ec:44:ba:56:5c:8c:89:53:5c:b9:b0:93:4b:
23:db:39:8b:04:8d:c8:24:db:dc:bc:2e:b3:50:d3:15:b3:ec:
3d:d5:19:e4:d7:2d:da:44:f2:d3:7a:7c:cc:e3:1f:8d:62:8b:
6e:21:72:70:1c:fb:46:9e:67:a7:b1:0c:b4:19:36:0b:80:08:
3a:18:12:a5:99:44:7f:69:38:2e:86:a7:c4:47:cf:0a:b8:e0:
53:51:d3:b7:ed:41:86:1b:0e:08:fe:a4:60:73:ec:a0:d2:1f:
b9:91:bc:92:30:64:47:29:ac:b3:9b:de:9c:4b:43:8a:1c:f3:
8e:2a:c3:5f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQj1uKM5Ao+qHmRp5bLvOGSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZTM2ZmNmYjA0N2I4YzY1M2ZmYTMyN2ZjMmNhNTExNjll
OTQ3YTQwHhcNMjUwMTAxMjE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjA5NjIyMTZkZWUyNmE2OGNlNGI0YmU3ZjM5MGM2NGFiN2Y3MGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MgFWpq8XtP5Nwfskq+LPZBV2hwT
rMl125xvOjybPqsvaLWiy9I1U0WU7W8wRj4Kru+j8ofzQ2BgjJmWt2GArOd/zzyJ
zWPijJGAehiME+rH+h3SEllpQRSMAR7hZuO1gTrKW2R+4FrNk7WyizC78SmhOSaw
oQst+LY+FJUsbUm3Xg/QANc3cTr3apwTkv/J5VOP7PyH02hy0250C69a5r0/Mkpy
tGTnQ4GvMeUI9vvXUZKKfZrqhjYjbSq5+bIRvuu0nwSZlYJQJ+jDwTAlPMG382Jx
IuJkVgfmqJ8obL1GFwCA/5syqbwDKHjhXhAw4E8C1MNHgW0MNwfA74/SvwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFKIJYiFt7iamjOS0vn85DGSrf3C5MB8GA1UdIwQY
MBaAFBvjb8+wR7jGU/+jJ/wspRFp6UekMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRy1Odno3Qkh1TVpUXzZNbl9DeWxFV25wUjZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS81ZGRkOTItNDFkNi00NjlmLTg5NmMt
ZTBjOTY2YzE1ZDVmLzEvb2dsaUlXM3VKcWFNNUxTLWZ6a01aS3RfY0xrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS81ZGRkOTItNDFkNi00NjlmLTg5NmMtZTBjOTY2YzE1ZDVm
LzEvRy1Odno3Qkh1TVpUXzZNbl9DeWxFV25wUjZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAPqmXAwQA
W+18AwQAuVtFAwQAwYrDMA0EAgACMAcDBQMqEySAMA0GCSqGSIb3DQEBCwUAA4IB
AQAT55eHEmcHNrMuq+U3GEdSsrcdwjfBCoBLw7h0Ogtbo9OVG/1pM4mYHYaTdgl1
AjOZbV3RdV0f5TPEWF95ANNwLnXZvl6zCsdTOG3z/IlPepIPsi7Ga+CmotiZNfsA
XqplaP7Pq8pTQGOaBv2E9yYbflmmQR0j1/TAgL3HCLvKYQgjcexEulZcjIlTXLmw
k0sj2zmLBI3IJNvcvC6zUNMVs+w91Rnk1y3aRPLTenzM4x+NYotuIXJwHPtGnmen
sQy0GTYLgAg6GBKlmUR/aTguhqfER88KuOBTUdO37UGGGw4I/qRgc+yg0h+5kbyS
MGRHKayzm96cS0OKHPOOKsNf
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:27 2025 by rpki-client