Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/5-ww4QhAnpWMLFKDS113aJ7tDts.roa
File: 5-ww4QhAnpWMLFKDS113aJ7tDts.roa (raw, json)
Hash identifier: naMxMM0wK1HwWVarJ+KbUfx3fa8ZHUpjvaPyqHxS6e8=
Subject key identifier: E7:EC:30:E1:08:40:9E:95:8C:2C:52:83:4B:5D:77:68:9E:ED:0E:DB
Certificate issuer: /CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6
Certificate serial: 018CCA2BAFC0B09520C4168E4C220200640B
Authority key identifier: D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/5-ww4QhAnpWMLFKDS113aJ7tDts.roa
Signing time: Tue 02 Jan 2024 12:35:09 +0000
ROA not before: Tue 02 Jan 2024 12:35:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42669
IP address blocks: 185.128.76.0/22 maxlen: 24
77.242.176.0/20 maxlen: 20
2a0b:aa80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:af:c0:b0:95:20:c4:16:8e:4c:22:02:00:64:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d04687a3ee6322b757de81e7f53c5d32eebe33a6
Validity
Not Before: Jan 2 12:35:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e7ec30e108409e958c2c52834b5d77689eed0edb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:5d:64:e1:67:01:a8:73:93:9d:e4:b4:74:81:
8b:82:70:31:eb:2c:aa:c6:13:db:ee:cc:11:0e:0c:
73:91:b9:7e:a1:c4:7a:24:f9:6f:6d:ad:1a:eb:a4:
31:fd:59:2c:47:09:14:3a:bd:45:d3:72:59:91:7c:
e2:ee:ea:99:a6:28:62:17:a7:93:22:d6:9d:23:a5:
d5:99:89:01:99:7b:fb:d5:07:b6:44:cc:77:a1:5f:
11:9f:66:78:11:55:4b:e8:50:6f:15:1b:bc:e8:36:
d3:b7:66:77:d7:c1:60:62:7a:ab:e9:92:82:be:12:
f9:b7:a6:39:c5:1c:8c:60:fa:fb:ab:53:f9:27:0f:
f4:25:22:d4:97:b5:62:f7:8f:dd:54:90:a3:17:37:
1e:ce:61:e5:84:a9:66:b2:c1:7b:4c:a9:5c:77:01:
11:80:e6:b2:c1:c2:8b:26:c3:f2:d8:ca:13:28:89:
de:80:01:6d:44:e6:73:b3:b6:be:2e:03:68:9e:39:
84:1d:67:40:95:80:d9:d0:16:eb:13:01:be:d2:2b:
b6:8c:af:9d:78:ca:33:67:c5:cf:fc:ef:a0:94:e6:
30:85:9f:5d:a2:38:ec:bf:8f:ee:9e:dc:7e:e4:31:
09:ae:83:43:c2:44:1a:b0:3f:28:14:35:14:bd:28:
c2:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:EC:30:E1:08:40:9E:95:8C:2C:52:83:4B:5D:77:68:9E:ED:0E:DB
X509v3 Authority Key Identifier:
keyid:D0:46:87:A3:EE:63:22:B7:57:DE:81:E7:F5:3C:5D:32:EE:BE:33:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/5-ww4QhAnpWMLFKDS113aJ7tDts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/bfdd19-6bba-4dc9-afc6-97be426a2334/1/0EaHo-5jIrdX3oHn9TxdMu6-M6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.242.176.0/20
185.128.76.0/22
IPv6:
2a0b:aa80::/29
Signature Algorithm: sha256WithRSAEncryption
07:7c:6a:63:7a:97:5f:be:62:4a:a3:51:f2:72:16:b0:52:68:
0e:03:e6:3d:24:5b:ee:65:01:5a:32:a9:77:db:b4:48:ca:ca:
73:9f:d6:91:ba:3c:a7:c7:bd:a1:67:65:81:6a:16:15:b0:25:
10:33:ad:ec:eb:8a:8d:bb:64:e0:5c:8a:96:c6:7a:63:28:db:
cb:a7:75:38:39:66:c6:3c:ae:d6:c2:3b:4a:94:70:bd:de:c9:
56:6e:39:66:8c:ca:75:58:40:78:17:b0:9b:92:b8:55:62:f7:
7e:39:e7:49:6f:85:3f:ba:a8:d8:e9:d0:14:ba:d5:52:dd:d2:
45:c0:35:be:66:5a:d3:b4:ef:ac:c6:ba:67:75:7b:a9:77:65:
c1:61:9e:be:a5:9a:6b:26:d8:05:da:4a:52:98:04:8a:87:62:
09:ad:25:b0:22:ac:c3:4c:9d:b8:5c:be:21:18:3e:bb:db:be:
d6:43:15:1a:2d:c6:45:c4:07:e1:b5:5a:10:b3:60:83:b3:43:
5c:7e:5b:84:4c:ba:10:3d:e1:54:27:db:00:5b:ec:4e:7f:cf:
dd:bc:33:90:e6:4e:23:73:b3:39:15:35:5a:93:55:b5:a3:3d:
b6:e5:62:2d:5c:cd:50:21:b0:6f:33:80:ca:e7:be:2b:4d:79:
84:b3:4d:16
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKK6/AsJUgxBaOTCICAGQLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwNDY4N2EzZWU2MzIyYjc1N2RlODFlN2Y1M2M1ZDMyZWVi
ZTMzYTYwHhcNMjQwMTAyMTIzNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2VjMzBlMTA4NDA5ZTk1OGMyYzUyODM0YjVkNzc2ODllZWQwZWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi11k4WcBqHOTneS0dIGLgnAx6yyq
xhPb7swRDgxzkbl+ocR6JPlvba0a66Qx/VksRwkUOr1F03JZkXzi7uqZpihiF6eT
ItadI6XVmYkBmXv71Qe2RMx3oV8Rn2Z4EVVL6FBvFRu86DbTt2Z318FgYnqr6ZKC
vhL5t6Y5xRyMYPr7q1P5Jw/0JSLUl7Vi94/dVJCjFzcezmHlhKlmssF7TKlcdwER
gOaywcKLJsPy2MoTKInegAFtROZzs7a+LgNonjmEHWdAlYDZ0BbrEwG+0iu2jK+d
eMozZ8XP/O+glOYwhZ9dojjsv4/untx+5DEJroNDwkQasD8oFDUUvSjCtwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFOfsMOEIQJ6VjCxSg0tdd2ie7Q7bMB8GA1UdIwQY
MBaAFNBGh6PuYyK3V96B5/U8XTLuvjOmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEVhSG8tNWpJcmRYM29IbjlUeGRNdTYtTTZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9iZmRkMTktNmJiYS00ZGM5LWFmYzYt
OTdiZTQyNmEyMzM0LzEvNS13dzRRaEFucFdNTEZLRFMxMTNhSjd0RHRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9iZmRkMTktNmJiYS00ZGM5LWFmYzYtOTdiZTQyNmEyMzM0
LzEvMEVhSG8tNWpJcmRYM29IbjlUeGRNdTYtTTZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQETfKwAwQC
uYBMMA0EAgACMAcDBQMqC6qAMA0GCSqGSIb3DQEBCwUAA4IBAQAHfGpjepdfvmJK
o1HychawUmgOA+Y9JFvuZQFaMql327RIyspzn9aRujynx72hZ2WBahYVsCUQM63s
64qNu2TgXIqWxnpjKNvLp3U4OWbGPK7WwjtKlHC93slWbjlmjMp1WEB4F7CbkrhV
Yvd+OedJb4U/uqjY6dAUutVS3dJFwDW+ZlrTtO+sxrpndXupd2XBYZ6+pZprJtgF
2kpSmASKh2IJrSWwIqzDTJ24XL4hGD67277WQxUaLcZFxAfhtVoQs2CDs0NcfluE
TLoQPeFUJ9sAW+xOf8/dvDOQ5k4jc7M5FTVak1W1oz225WItXM1QIbBvM4DK574r
TXmEs00W
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:50:20 2024 by rpki-client on console-fra.rpki-client.org