Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/loCmfsuerHPM2XlDrlLV7CW4PBg.roa
File: loCmfsuerHPM2XlDrlLV7CW4PBg.roa (raw, json)
Hash identifier: weuDT0UUWrT3GJw/v816wmL1qJD9CYZerpiXKnfcoVk=
Subject key identifier: 96:80:A6:7E:CB:9E:AC:73:CC:D9:79:43:AE:52:D5:EC:25:B8:3C:18
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018FBF1D0B4292C4535AF3D6766CA1C9BCA8
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/loCmfsuerHPM2XlDrlLV7CW4PBg.roa
Signing time: Tue 28 May 2024 12:11:42 +0000
ROA not before: Tue 28 May 2024 12:11:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52468
IP address blocks: 46.29.28.0/24 maxlen: 24
94.125.137.0/24 maxlen: 24
201.77.53.0/24 maxlen: 24
201.77.55.0/24 maxlen: 24
217.76.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 03:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bf:1d:0b:42:92:c4:53:5a:f3:d6:76:6c:a1:c9:bc:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: May 28 12:11:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9680a67ecb9eac73ccd97943ae52d5ec25b83c18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:db:7b:99:64:6f:6e:72:14:80:44:75:65:0f:
68:50:ad:27:d9:84:a5:0e:2a:07:b6:53:ff:c6:22:
8d:08:ae:b6:c1:a1:64:0f:50:25:93:cd:c6:8a:ca:
29:bb:33:80:d3:9d:d3:2e:07:d4:1a:5e:52:3a:29:
19:1a:c0:01:d5:67:58:f2:5a:b2:e0:52:5e:c5:7f:
29:ba:c5:9b:b5:7d:de:a9:64:88:14:81:10:37:c1:
a1:8c:18:00:d0:9a:a2:12:f2:1d:a8:c4:e1:60:8b:
de:8c:a2:da:0a:0a:d3:b8:21:a2:c0:7d:71:91:25:
d4:46:22:e1:50:70:54:75:f8:ec:08:79:e3:4b:35:
2a:49:1d:d2:82:eb:80:05:43:17:7d:9a:76:4f:db:
71:ad:16:ab:51:e5:fc:e1:01:16:ab:c9:01:59:76:
1a:59:7c:9b:31:6a:cf:14:08:28:9a:31:f1:b7:80:
6a:4a:19:32:1f:35:c8:f5:cf:84:4b:96:c1:ec:93:
b6:ea:66:11:fe:bc:30:9c:dc:80:05:2e:4f:43:b7:
91:f7:0f:f7:ad:f3:2c:9a:69:36:c2:ee:79:35:35:
4a:f8:fc:cc:bb:2c:12:40:ac:9c:45:6c:c7:a7:a8:
ad:07:e5:d1:3d:e2:08:74:57:ab:e6:22:fc:d0:cd:
3d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
96:80:A6:7E:CB:9E:AC:73:CC:D9:79:43:AE:52:D5:EC:25:B8:3C:18
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/loCmfsuerHPM2XlDrlLV7CW4PBg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.28.0/24
94.125.137.0/24
201.77.53.0/24
201.77.55.0/24
217.76.240.0/24
Signature Algorithm: sha256WithRSAEncryption
24:05:9e:e0:bd:cf:b5:4f:4e:4f:fd:dd:4f:e1:7c:1a:60:2f:
8f:18:e0:fe:14:c7:d6:62:58:3c:56:a8:e1:f3:a8:c8:83:d2:
06:1d:fd:1d:2a:39:4a:aa:b7:2b:6b:d6:a1:bf:4f:72:44:5c:
c0:bb:5c:7b:78:5a:e0:e8:18:a5:cd:fb:69:da:7d:02:dd:9d:
3d:3c:3d:97:23:8a:48:eb:8b:4f:50:49:ed:39:f1:71:3f:f3:
ae:a9:b9:43:29:33:0e:52:e4:62:bb:21:c0:e2:73:11:ec:e3:
40:57:2f:e7:05:4e:3c:7d:d4:76:fc:04:f6:12:b2:14:21:c1:
52:cc:29:a0:24:a9:98:c9:16:36:7d:78:3e:c1:cb:d1:49:c1:
7e:00:48:04:14:64:35:38:49:bb:3a:42:6e:47:86:eb:d3:d3:
33:23:e1:01:14:09:60:60:ed:9a:d4:96:6e:64:e1:1b:49:4f:
3c:a5:b1:69:7f:92:ea:45:a5:79:ef:d3:ed:38:39:bb:b3:f6:
81:d5:60:3e:b7:c7:25:f4:45:22:30:ea:57:8b:e9:13:17:a8:
18:d1:bb:7f:f1:9f:77:db:b9:a5:28:5f:9b:6b:a1:69:61:4b:
b7:4e:5d:f8:00:35:ca:50:fc:ba:75:1f:b0:85:0b:92:83:a2:
2b:45:d1:53
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY+/HQtCksRTWvPWdmyhybyoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwNTI4MTIxMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NjgwYTY3ZWNiOWVhYzczY2NkOTc5NDNhZTUyZDVlYzI1YjgzYzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAltt7mWRvbnIUgER1ZQ9oUK0n2YSl
DioHtlP/xiKNCK62waFkD1Alk83GisopuzOA053TLgfUGl5SOikZGsAB1WdY8lqy
4FJexX8pusWbtX3eqWSIFIEQN8GhjBgA0JqiEvIdqMThYIvejKLaCgrTuCGiwH1x
kSXURiLhUHBUdfjsCHnjSzUqSR3SguuABUMXfZp2T9txrRarUeX84QEWq8kBWXYa
WXybMWrPFAgomjHxt4BqShkyHzXI9c+ES5bB7JO26mYR/rwwnNyABS5PQ7eR9w/3
rfMsmmk2wu55NTVK+PzMuywSQKycRWzHp6itB+XRPeIIdFer5iL80M09hQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJaApn7LnqxzzNl5Q65S1ewluDwYMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvbG9DbWZzdWVySFBNMlhsRHJsTFY3Q1c0UEJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALh0cAwQA
Xn2JAwQAyU01AwQAyU03AwQA2UzwMA0GCSqGSIb3DQEBCwUAA4IBAQAkBZ7gvc+1
T05P/d1P4XwaYC+PGOD+FMfWYlg8Vqjh86jIg9IGHf0dKjlKqrcra9ahv09yRFzA
u1x7eFrg6Bilzftp2n0C3Z09PD2XI4pI64tPUEntOfFxP/OuqblDKTMOUuRiuyHA
4nMR7ONAVy/nBU48fdR2/AT2ErIUIcFSzCmgJKmYyRY2fXg+wcvRScF+AEgEFGQ1
OEm7OkJuR4br09MzI+EBFAlgYO2a1JZuZOEbSU88pbFpf5LqRaV579PtODm7s/aB
1WA+t8cl9EUiMOpXi+kTF6gY0bt/8Z9327mlKF+ba6FpYUu3Tl34ADXKUPy6dR+w
hQuSg6IrRdFT
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:24:28 2024 by rpki-client on console-ams.rpki-client.org