Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/bHMvOd0kv-EW1nQPXdf-TKmYQCY.roa
File: bHMvOd0kv-EW1nQPXdf-TKmYQCY.roa (raw, json)
Hash identifier: u2RmA3qeHStjamBIxHmVrkZlU3EEOGD9cp19pWi5NZU=
Subject key identifier: 6C:73:2F:39:DD:24:BF:E1:16:D6:74:0F:5D:D7:FE:4C:A9:98:40:26
Certificate issuer: /CN=131881732a3e245a959bc679e0458c39f893e46b
Certificate serial: 0192A6AD6FA18FBC82BEFE58094A8444D97E
Authority key identifier: 13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/bHMvOd0kv-EW1nQPXdf-TKmYQCY.roa
Signing time: Sat 19 Oct 2024 21:27:16 +0000
ROA not before: Sat 19 Oct 2024 21:27:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30938
IP address blocks: 5.39.248.0/24 maxlen: 24
5.178.97.0/24 maxlen: 24
5.178.99.0/24 maxlen: 24
31.192.240.0/21 maxlen: 21
45.12.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a6:ad:6f:a1:8f:bc:82:be:fe:58:09:4a:84:44:d9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=131881732a3e245a959bc679e0458c39f893e46b
Validity
Not Before: Oct 19 21:27:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c732f39dd24bfe116d6740f5dd7fe4ca9984026
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ca:92:28:61:a6:f8:fd:c1:46:90:21:d8:87:
96:86:93:2c:21:cf:f2:6c:67:91:6c:a2:a9:f5:e6:
63:24:ad:56:14:d6:8c:ea:4e:b6:44:66:1a:3f:92:
48:92:e9:c2:f9:12:18:3e:b0:84:73:81:53:98:f3:
34:1c:03:90:13:96:88:2b:43:d7:5c:10:ab:ca:70:
c3:51:ed:68:92:32:4b:ff:96:69:8c:35:e5:e2:dc:
bb:4f:c7:ef:28:ab:98:0b:22:68:ce:08:dd:81:ab:
8a:af:e8:84:5f:b0:da:a3:2f:e5:60:28:6c:dc:94:
a8:3b:e3:34:6b:d7:bd:fd:bb:a8:92:9a:9d:22:44:
ea:9d:70:25:09:45:43:aa:c2:cd:be:f4:0e:f8:b8:
57:11:e3:a5:29:54:4c:16:0e:ac:ed:8e:ef:98:39:
ee:c9:ba:35:52:03:80:e8:ee:15:a5:72:d4:0f:34:
57:a4:36:d3:09:33:3b:d4:5f:7c:a5:28:8b:44:8c:
22:65:5d:ea:e7:b6:88:43:67:ce:f7:98:09:d0:16:
0b:b7:41:a0:80:12:87:a9:90:61:ea:50:3e:be:fa:
91:f2:bf:ed:15:4b:41:55:95:c3:6a:5c:24:92:ff:
44:ad:25:5c:8c:fb:0c:ee:b6:f2:a6:cd:9a:83:e8:
98:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:73:2F:39:DD:24:BF:E1:16:D6:74:0F:5D:D7:FE:4C:A9:98:40:26
X509v3 Authority Key Identifier:
keyid:13:18:81:73:2A:3E:24:5A:95:9B:C6:79:E0:45:8C:39:F8:93:E4:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/bHMvOd0kv-EW1nQPXdf-TKmYQCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/89f071-5631-45db-a7e5-cd6152261c6f/1/ExiBcyo-JFqVm8Z54EWMOfiT5Gs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.39.248.0/24
5.178.97.0/24
5.178.99.0/24
31.192.240.0/21
45.12.216.0/24
Signature Algorithm: sha256WithRSAEncryption
e0:c0:a8:11:c4:11:1d:9a:4c:68:86:b2:e1:86:8a:b8:dd:83:
4a:cd:ff:e4:67:d4:0c:bb:f5:86:a3:04:47:45:5b:90:28:0b:
a3:eb:53:da:8b:fd:aa:de:30:f9:b3:35:bb:ef:97:93:20:f6:
b3:e2:75:71:8d:4d:3a:a2:68:5e:50:d6:4c:02:3e:88:16:19:
89:73:83:89:d8:3d:3d:62:b0:8a:1f:28:f0:31:2b:6f:92:d8:
08:14:39:64:4d:67:7f:7c:33:5b:2b:62:3d:a6:83:2a:94:42:
7f:f3:db:8c:96:95:ba:5a:2f:04:d7:1c:e9:b8:52:3a:d9:33:
8c:ae:c7:ef:de:23:86:b2:46:f8:09:14:f6:31:5a:40:f8:af:
13:04:cc:90:96:17:0c:5c:85:38:8a:53:73:c6:e8:81:28:62:
0a:4b:2a:01:f2:d1:97:65:8e:2d:b8:76:20:77:96:04:97:f8:
66:95:18:0e:9f:60:f3:3d:82:fe:da:39:72:81:d8:df:e7:d7:
c9:2e:52:b7:09:f5:12:3e:85:44:e8:5e:61:0d:13:e9:28:db:
d8:c8:2e:b5:3e:dd:25:34:bb:b3:6b:bc:59:bc:62:c6:1a:b3:
db:f6:63:97:29:43:7d:bb:fd:29:e0:8b:57:ee:9b:94:65:fd:
63:8a:61:ef
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZKmrW+hj7yCvv5YCUqERNl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzMTg4MTczMmEzZTI0NWE5NTliYzY3OWUwNDU4YzM5Zjg5
M2U0NmIwHhcNMjQxMDE5MjEyNzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzczMmYzOWRkMjRiZmUxMTZkNjc0MGY1ZGQ3ZmU0Y2E5OTg0MDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsqSKGGm+P3BRpAh2IeWhpMsIc/y
bGeRbKKp9eZjJK1WFNaM6k62RGYaP5JIkunC+RIYPrCEc4FTmPM0HAOQE5aIK0PX
XBCrynDDUe1okjJL/5ZpjDXl4ty7T8fvKKuYCyJozgjdgauKr+iEX7Daoy/lYChs
3JSoO+M0a9e9/buokpqdIkTqnXAlCUVDqsLNvvQO+LhXEeOlKVRMFg6s7Y7vmDnu
ybo1UgOA6O4VpXLUDzRXpDbTCTM71F98pSiLRIwiZV3q57aIQ2fO95gJ0BYLt0Gg
gBKHqZBh6lA+vvqR8r/tFUtBVZXDalwkkv9ErSVcjPsM7rbyps2ag+iYMwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGxzLzndJL/hFtZ0D13X/kypmEAmMB8GA1UdIwQY
MBaAFBMYgXMqPiRalZvGeeBFjDn4k+RrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUt
Y2Q2MTUyMjYxYzZmLzEvYkhNdk9kMGt2LUVXMW5RUFhkZi1US21ZUUNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS84OWYwNzEtNTYzMS00NWRiLWE3ZTUtY2Q2MTUyMjYxYzZm
LzEvRXhpQmN5by1KRnFWbThaNTRFV01PZmlUNUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABSf4AwQA
BbJhAwQABbJjAwQDH8DwAwQALQzYMA0GCSqGSIb3DQEBCwUAA4IBAQDgwKgRxBEd
mkxohrLhhoq43YNKzf/kZ9QMu/WGowRHRVuQKAuj61Pai/2q3jD5szW775eTIPaz
4nVxjU06omheUNZMAj6IFhmJc4OJ2D09YrCKHyjwMStvktgIFDlkTWd/fDNbK2I9
poMqlEJ/89uMlpW6Wi8E1xzpuFI62TOMrsfv3iOGskb4CRT2MVpA+K8TBMyQlhcM
XIU4ilNzxuiBKGIKSyoB8tGXZY4tuHYgd5YEl/hmlRgOn2DzPYL+2jlygdjf59fJ
LlK3CfUSPoVE6F5hDRPpKNvYyC61Pt0lNLuza7xZvGLGGrPb9mOXKUN9u/0p4ItX
7puUZf1jimHv
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:10:00 2024 by rpki-client on console-fra.rpki-client.org