Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/bUmKW7p4bK6XxFLOOrpFj8N6yuk.roa
File: bUmKW7p4bK6XxFLOOrpFj8N6yuk.roa (raw, json)
Hash identifier: gDIaoQK40mDoTNj3GacRA0JrJBj/evFTJvE6t2s50kc=
Subject key identifier: 6D:49:8A:5B:BA:78:6C:AE:97:C4:52:CE:3A:BA:45:8F:C3:7A:CA:E9
Certificate issuer: /CN=331bce2ee806e93621112dbd618536f775f44fba
Certificate serial: 0192B346D6EE0E41249A37AAA1A806AD8D1E
Authority key identifier: 33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/bUmKW7p4bK6XxFLOOrpFj8N6yuk.roa
Signing time: Tue 22 Oct 2024 08:10:17 +0000
ROA not before: Tue 22 Oct 2024 08:10:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212301
IP address blocks: 5.252.206.0/24 maxlen: 24
45.67.232.0/24 maxlen: 24
45.67.233.0/24 maxlen: 24
45.67.234.0/24 maxlen: 24
91.230.149.0/24 maxlen: 24
185.130.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b3:46:d6:ee:0e:41:24:9a:37:aa:a1:a8:06:ad:8d:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=331bce2ee806e93621112dbd618536f775f44fba
Validity
Not Before: Oct 22 08:10:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d498a5bba786cae97c452ce3aba458fc37acae9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:c8:2f:f4:f2:4c:df:97:2e:75:70:53:8f:a5:
f5:a8:5b:ab:15:e8:3e:47:b1:e2:90:10:f4:e9:90:
58:06:d3:4e:08:1d:a1:04:a9:a4:e9:08:92:97:eb:
a2:96:1b:7f:ac:11:60:9c:91:d7:e4:b6:f5:42:fd:
6a:6b:87:af:38:ab:f8:6a:14:56:02:40:b0:7a:9d:
57:44:47:f6:61:9f:63:57:cd:a5:ec:98:59:d4:87:
9b:e1:7a:05:e0:4d:88:86:e1:5a:8f:83:d7:44:a7:
64:f8:d6:3b:d4:fe:8d:35:ff:4b:fe:af:de:7b:44:
17:ce:d9:44:47:a0:4d:e4:54:1b:d9:42:a1:16:cf:
6e:5b:aa:66:08:6e:19:55:a7:01:76:1c:35:e3:a5:
6b:fb:3c:be:7d:bb:b5:f2:75:c7:46:13:d9:39:0f:
f8:b1:67:18:f8:a1:8c:ac:d7:be:08:5a:1f:c6:cb:
a8:29:6c:f2:32:b9:ca:95:61:3d:05:e7:6d:6d:43:
63:98:2c:46:60:1b:7b:a1:0a:cd:20:06:40:54:aa:
8e:f5:0a:fe:bc:63:c3:2c:32:30:81:81:34:1d:4d:
e5:1d:3e:45:80:d9:58:07:30:f1:17:7c:9e:2f:e5:
60:e9:61:96:59:93:60:9d:b1:43:80:45:38:ac:f7:
1c:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:49:8A:5B:BA:78:6C:AE:97:C4:52:CE:3A:BA:45:8F:C3:7A:CA:E9
X509v3 Authority Key Identifier:
keyid:33:1B:CE:2E:E8:06:E9:36:21:11:2D:BD:61:85:36:F7:75:F4:4F:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MxvOLugG6TYhES29YYU293X0T7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/bUmKW7p4bK6XxFLOOrpFj8N6yuk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/4ba3ca-d6fd-4116-9146-aeac16227c25/1/MxvOLugG6TYhES29YYU293X0T7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.206.0/24
45.67.232.0-45.67.234.255
91.230.149.0/24
185.130.56.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:2f:d6:e3:18:de:10:4b:e8:cf:3b:c8:2c:12:7f:43:dc:d1:
7e:06:6d:6e:f7:2b:04:ee:e3:95:8f:37:f1:ea:00:46:e0:0d:
bc:bf:e9:89:5f:11:03:91:12:4a:58:c9:df:6e:d9:8e:27:af:
18:5f:af:2e:4f:68:17:af:9f:64:7d:62:12:85:6b:7e:74:8a:
0d:cf:5f:85:95:1a:47:69:68:1a:cc:fe:97:83:be:4d:a7:ce:
02:3d:40:63:fe:e6:37:be:1b:bf:c5:33:44:64:de:69:5b:04:
6b:f7:16:5e:91:17:04:2e:be:52:34:2b:9c:cd:32:84:d9:e3:
b8:ce:34:9f:07:2c:f0:bf:87:80:0d:cd:8d:47:7a:de:22:1a:
d8:a2:7a:f4:df:0a:e9:74:83:8f:22:84:3f:8a:e8:19:56:5e:
0f:b9:eb:d1:3a:aa:10:f7:a1:42:99:68:03:d8:c6:37:3f:fa:
24:fb:66:a1:a5:2d:f8:aa:d5:de:8e:ed:40:a5:4a:3c:0e:a9:
e8:db:e7:e9:59:23:25:9e:29:5b:07:8f:c3:4b:94:75:83:60:
dc:5e:a8:03:08:4e:22:db:d7:14:db:6f:1a:68:c5:2a:1f:ff:
fd:9f:ad:28:1b:0b:47:e3:bd:5e:2c:6a:5a:34:6a:6a:68:33:
2b:08:98:a8
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZKzRtbuDkEkmjeqoagGrY0eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzMWJjZTJlZTgwNmU5MzYyMTExMmRiZDYxODUzNmY3NzVm
NDRmYmEwHhcNMjQxMDIyMDgxMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDQ5OGE1YmJhNzg2Y2FlOTdjNDUyY2UzYWJhNDU4ZmMzN2FjYWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApsgv9PJM35cudXBTj6X1qFurFeg+
R7HikBD06ZBYBtNOCB2hBKmk6QiSl+uilht/rBFgnJHX5Lb1Qv1qa4evOKv4ahRW
AkCwep1XREf2YZ9jV82l7JhZ1Ieb4XoF4E2IhuFaj4PXRKdk+NY71P6NNf9L/q/e
e0QXztlER6BN5FQb2UKhFs9uW6pmCG4ZVacBdhw146Vr+zy+fbu18nXHRhPZOQ/4
sWcY+KGMrNe+CFofxsuoKWzyMrnKlWE9BedtbUNjmCxGYBt7oQrNIAZAVKqO9Qr+
vGPDLDIwgYE0HU3lHT5FgNlYBzDxF3yeL+Vg6WGWWZNgnbFDgEU4rPcczQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFG1Jilu6eGyul8RSzjq6RY/DesrpMB8GA1UdIwQY
MBaAFDMbzi7oBuk2IREtvWGFNvd19E+6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYt
YWVhYzE2MjI3YzI1LzEvYlVtS1c3cDRiSzZYeEZMT09ycEZqOE42eXVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS80YmEzY2EtZDZmZC00MTE2LTkxNDYtYWVhYzE2MjI3YzI1
LzEvTXh2T0x1Z0c2VFloRVMyOVlZVTI5M1gwVDdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQABfzOMAwD
BAMtQ+gDBAAtQ+oDBABb5pUDBAC5gjgwDQYJKoZIhvcNAQELBQADggEBAC8v1uMY
3hBL6M87yCwSf0Pc0X4GbW73KwTu45WPN/HqAEbgDby/6YlfEQOREkpYyd9u2Y4n
rxhfry5PaBevn2R9YhKFa350ig3PX4WVGkdpaBrM/peDvk2nzgI9QGP+5je+G7/F
M0Rk3mlbBGv3Fl6RFwQuvlI0K5zNMoTZ47jONJ8HLPC/h4ANzY1Het4iGtiievTf
Cul0g48ihD+K6BlWXg+569E6qhD3oUKZaAPYxjc/+iT7ZqGlLfiq1d6O7UClSjwO
qejb5+lZIyWeKVsHj8NLlHWDYNxeqAMITiLb1xTbbxpoxSof//2frSgbC0fjvV4s
alo0ampoMysImKg=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:30:30 2024 by rpki-client on console-ams.rpki-client.org