Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/D5-hmjtrtgYQMHDgihgdUuEuRjo.roa
File: D5-hmjtrtgYQMHDgihgdUuEuRjo.roa (raw, json)
Hash identifier: Jwv84Th6U1n31wPB3ObfBoeY7r3rAoG+rh2JlZ0MdEA=
Subject key identifier: 0F:9F:A1:9A:3B:6B:B6:06:10:30:70:E0:8A:18:1D:52:E1:2E:46:3A
Certificate issuer: /CN=2f6f0ea0127a6e392195696380be5bb0474b01df
Certificate serial: 018CC4251E1927B2C79AF9D07AA4F97F16A4
Authority key identifier: 2F:6F:0E:A0:12:7A:6E:39:21:95:69:63:80:BE:5B:B0:47:4B:01:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/D5-hmjtrtgYQMHDgihgdUuEuRjo.roa
Signing time: Mon 01 Jan 2024 08:30:16 +0000
ROA not before: Mon 01 Jan 2024 08:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 553
IP address blocks: 45.90.132.0/22 maxlen: 22
185.134.84.0/22 maxlen: 22
2a0e:3c0::/29 maxlen: 29
2a06:ec00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/L28OoBJ6bjkhlWljgL5bsEdLAd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/L28OoBJ6bjkhlWljgL5bsEdLAd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:1e:19:27:b2:c7:9a:f9:d0:7a:a4:f9:7f:16:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f6f0ea0127a6e392195696380be5bb0474b01df
Validity
Not Before: Jan 1 08:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0f9fa19a3b6bb606103070e08a181d52e12e463a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:66:cb:96:46:ce:0b:56:ff:41:00:76:6f:b8:
17:7a:b0:29:8b:a4:6e:41:5c:7f:f7:0a:bf:80:8e:
5d:5d:07:68:20:72:15:47:4a:b0:19:de:3b:a4:8d:
aa:e5:30:df:28:65:7c:78:0f:50:05:0f:a9:51:eb:
0e:1d:16:76:db:37:9b:e1:23:e7:94:cb:c6:28:e0:
ab:0d:70:40:b7:b9:f2:1f:11:14:f7:8a:27:30:8d:
da:f2:a6:16:7b:a1:d9:22:b9:79:9a:d6:bb:6c:82:
ce:cd:39:b0:19:3e:e7:3b:44:21:cf:2a:58:61:c7:
05:2a:77:f4:79:55:02:88:25:cf:45:0c:47:4b:aa:
56:b4:09:c2:6b:74:30:e6:80:8e:2b:26:57:f8:54:
c7:ec:77:d0:e8:9c:f2:87:ba:6a:8c:cc:bc:e0:63:
35:40:58:b5:c5:c9:cc:29:f6:8d:bc:d6:c0:b3:47:
b0:2e:37:e5:1b:63:fe:78:c2:72:3d:9d:a3:f8:f3:
0b:41:c4:1a:ab:50:10:16:bb:ed:b2:6d:ca:3c:cf:
da:1b:cd:da:8b:40:60:12:85:e5:53:40:fe:be:a5:
e8:87:5f:3a:ac:02:a4:52:41:48:7b:79:15:53:1e:
35:24:d8:1e:35:c7:e4:c9:a3:b5:d6:e7:fa:c1:88:
20:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:9F:A1:9A:3B:6B:B6:06:10:30:70:E0:8A:18:1D:52:E1:2E:46:3A
X509v3 Authority Key Identifier:
keyid:2F:6F:0E:A0:12:7A:6E:39:21:95:69:63:80:BE:5B:B0:47:4B:01:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L28OoBJ6bjkhlWljgL5bsEdLAd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/D5-hmjtrtgYQMHDgihgdUuEuRjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/62641f-cf99-4514-b7d7-b2a23246e614/1/L28OoBJ6bjkhlWljgL5bsEdLAd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.132.0/22
185.134.84.0/22
IPv6:
2a06:ec00::/29
2a0e:3c0::/29
Signature Algorithm: sha256WithRSAEncryption
6c:c7:45:12:3c:2b:67:49:99:69:6c:a3:35:fe:ca:9e:ec:75:
54:03:22:c2:d7:63:e8:a6:2d:58:d9:6f:62:16:2a:c0:f3:06:
2d:6c:d3:79:c5:e3:9a:09:36:af:2e:91:d0:43:59:f4:1e:49:
d0:1a:78:02:0b:86:f1:09:81:ed:72:18:c5:4b:90:21:59:ea:
fa:40:56:2e:66:64:7d:ee:d8:71:1e:fa:18:e3:88:75:c9:bc:
55:a4:1a:f0:a4:e5:dc:b8:1d:66:46:5a:a2:3b:a2:db:55:c3:
d7:7b:f5:49:d0:9b:af:c7:5d:b6:00:08:15:16:2b:42:58:a3:
cd:b7:cc:a4:fe:bb:26:ee:cf:3d:81:e7:7d:d4:d7:a1:da:33:
a0:66:b4:60:c2:b1:24:ef:ce:e3:c1:d1:2c:c0:60:be:36:c3:
60:60:ef:9b:92:f5:92:8b:a6:3c:81:1f:62:57:02:3b:07:13:
7b:d8:52:5e:ed:0b:44:a5:c0:48:82:0a:7f:b8:3b:46:36:c3:
7d:46:0c:7a:e2:96:d6:37:19:55:66:ae:6b:4e:28:ee:c3:89:
f1:68:3c:7f:74:29:85:3d:47:04:f0:94:d3:25:92:5d:69:65:
13:f7:1a:24:15:84:c2:79:f4:22:8d:f7:31:fb:d6:21:9a:77:
ec:0d:41:1f
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzEJR4ZJ7LHmvnQeqT5fxakMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNmYwZWEwMTI3YTZlMzkyMTk1Njk2MzgwYmU1YmIwNDc0
YjAxZGYwHhcNMjQwMTAxMDgzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjlmYTE5YTNiNmJiNjA2MTAzMDcwZTA4YTE4MWQ1MmUxMmU0NjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2bLlkbOC1b/QQB2b7gXerApi6Ru
QVx/9wq/gI5dXQdoIHIVR0qwGd47pI2q5TDfKGV8eA9QBQ+pUesOHRZ22zeb4SPn
lMvGKOCrDXBAt7nyHxEU94onMI3a8qYWe6HZIrl5mta7bILOzTmwGT7nO0QhzypY
YccFKnf0eVUCiCXPRQxHS6pWtAnCa3Qw5oCOKyZX+FTH7HfQ6Jzyh7pqjMy84GM1
QFi1xcnMKfaNvNbAs0ewLjflG2P+eMJyPZ2j+PMLQcQaq1AQFrvtsm3KPM/aG83a
i0BgEoXlU0D+vqXoh186rAKkUkFIe3kVUx41JNgeNcfkyaO11uf6wYggswIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFA+foZo7a7YGEDBw4IoYHVLhLkY6MB8GA1UdIwQY
MBaAFC9vDqASem45IZVpY4C+W7BHSwHfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDI4T29CSjZiamtobFdsamdMNWJzRWRMQWQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS82MjY0MWYtY2Y5OS00NTE0LWI3ZDct
YjJhMjMyNDZlNjE0LzEvRDUtaG1qdHJ0Z1lRTUhEZ2loZ2RVdUV1UmpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS82MjY0MWYtY2Y5OS00NTE0LWI3ZDctYjJhMjMyNDZlNjE0
LzEvTDI4T29CSjZiamtobFdsamdMNWJzRWRMQWQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLVqEAwQC
uYZUMBQEAgACMA4DBQMqBuwAAwUDKg4DwDANBgkqhkiG9w0BAQsFAAOCAQEAbMdF
EjwrZ0mZaWyjNf7Knux1VAMiwtdj6KYtWNlvYhYqwPMGLWzTecXjmgk2ry6R0ENZ
9B5J0Bp4AguG8QmB7XIYxUuQIVnq+kBWLmZkfe7YcR76GOOIdcm8VaQa8KTl3Lgd
ZkZaojui21XD13v1SdCbr8ddtgAIFRYrQlijzbfMpP67Ju7PPYHnfdTXodozoGa0
YMKxJO/O48HRLMBgvjbDYGDvm5L1koumPIEfYlcCOwcTe9hSXu0LRKXASIIKf7g7
RjbDfUYMeuKW1jcZVWaua04o7sOJ8Wg8f3QphT1HBPCU0yWSXWllE/caJBWEwnn0
Io33MfvWIZp37A1BHw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:19:12 2024 by rpki-client on console-fra.rpki-client.org