Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/x-FVmCvgSuWq-6dQrKgxH0DYPTw.roa
File: x-FVmCvgSuWq-6dQrKgxH0DYPTw.roa (raw, json)
Hash identifier: 85UsWjUS/ArYMQXIbGnd6m1N664LHYJbmqTamqrgSIk=
Subject key identifier: C7:E1:55:98:2B:E0:4A:E5:AA:FB:A7:50:AC:A8:31:1F:40:D8:3D:3C
Certificate issuer: /CN=68383ffa9f20bf021c090262994212d71667ed02
Certificate serial: 018CC7934BCF0DE3260B7863F93B07D3E000
Authority key identifier: 68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/x-FVmCvgSuWq-6dQrKgxH0DYPTw.roa
Signing time: Tue 02 Jan 2024 00:29:28 +0000
ROA not before: Tue 02 Jan 2024 00:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48901
IP address blocks: 81.90.128.0/20 maxlen: 24
81.90.131.0/28 maxlen: 28
81.90.134.0/24 maxlen: 24
81.90.136.0/23 maxlen: 24
2a00:e27::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:4b:cf:0d:e3:26:0b:78:63:f9:3b:07:d3:e0:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68383ffa9f20bf021c090262994212d71667ed02
Validity
Not Before: Jan 2 00:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c7e155982be04ae5aafba750aca8311f40d83d3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:2d:22:f9:54:d0:7e:fe:ad:52:41:d8:1c:15:
83:52:6e:75:3a:2a:c9:c0:4d:c0:c6:2a:c0:72:d2:
85:69:a2:49:67:e3:33:90:f5:c2:80:67:95:da:9e:
89:79:65:3f:eb:01:37:1f:93:dc:b2:3d:51:9f:3d:
30:a2:46:5a:fb:3b:92:bf:08:c1:9d:29:41:72:3a:
5d:de:91:81:62:f2:b8:ff:b0:b9:e9:d2:01:59:14:
da:6b:7e:31:9f:bc:cd:8e:85:20:cc:22:e5:eb:fb:
b4:ed:3f:0e:74:04:3a:7c:1e:69:0f:18:d5:c9:6c:
37:4d:1c:9b:f8:ef:0b:0c:39:3a:26:37:f2:8d:63:
6f:b7:2c:11:05:cd:18:65:6f:1b:26:fa:93:c1:74:
ea:29:98:bb:5c:30:43:e6:bf:05:41:55:fa:e9:9b:
5c:38:fe:ce:ec:11:ed:d0:c3:56:19:47:a4:46:a2:
16:76:f5:db:08:45:7e:ce:9e:7a:9a:63:f7:f2:41:
ae:f6:ee:3a:24:ce:b4:27:00:d2:57:e8:d9:a9:ec:
f5:52:36:d3:90:cc:0c:02:e2:05:af:95:ad:10:4d:
05:67:d0:fe:c3:b9:9b:e5:8a:03:d1:8c:0e:a7:60:
79:9a:1c:88:e7:57:e0:a4:56:3e:56:de:23:3b:49:
89:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:E1:55:98:2B:E0:4A:E5:AA:FB:A7:50:AC:A8:31:1F:40:D8:3D:3C
X509v3 Authority Key Identifier:
keyid:68:38:3F:FA:9F:20:BF:02:1C:09:02:62:99:42:12:D7:16:67:ED:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aDg_-p8gvwIcCQJimUIS1xZn7QI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/x-FVmCvgSuWq-6dQrKgxH0DYPTw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/b8e940-2201-406e-8aaf-4060e9eeeb9e/1/aDg_-p8gvwIcCQJimUIS1xZn7QI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.128.0/20
IPv6:
2a00:e27::/32
Signature Algorithm: sha256WithRSAEncryption
58:34:9d:d5:09:32:f7:08:45:46:e5:5d:f1:a7:61:ca:0e:e7:
31:d9:9e:e8:aa:e3:41:94:34:91:2d:91:c4:e1:25:4a:c2:7c:
8a:5e:08:fe:27:df:c9:a8:8b:46:7f:31:91:27:fd:34:b8:8f:
05:59:a4:5c:50:3e:3f:3a:54:f8:e2:ab:7d:b5:c9:c3:53:f2:
94:84:0d:87:f2:c5:a3:1b:61:31:ec:01:fd:41:2a:4e:ed:d7:
23:ff:0f:17:f3:0d:d3:8a:35:7c:77:2f:59:d5:12:69:25:2a:
6e:fb:f7:66:dd:fe:f8:9f:5c:8b:00:44:b9:e7:fe:b7:b4:f5:
92:b9:10:37:a0:90:99:e3:79:66:e6:47:5d:21:cd:fd:ca:5b:
a6:6f:a0:61:58:41:49:0e:a5:91:39:bc:9e:87:89:34:96:5b:
02:1b:ac:93:4e:e0:50:73:af:69:f6:0e:e4:55:32:94:cf:15:
ee:07:04:93:38:49:0e:e2:1f:44:16:30:0e:09:e9:a6:7a:9e:
9c:c6:7f:a2:06:33:cc:4a:da:58:5f:c3:04:76:16:c2:33:36:
c3:0d:87:67:ad:5b:55:14:cd:07:59:e6:3a:0d:ff:e0:11:0b:
5d:4f:0c:94:05:ec:42:b7:9e:b9:45:dc:13:8a:99:a8:ce:7c:
09:9d:d0:9a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHk0vPDeMmC3hj+TsH0+AAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4MzgzZmZhOWYyMGJmMDIxYzA5MDI2Mjk5NDIxMmQ3MTY2
N2VkMDIwHhcNMjQwMTAyMDAyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjN2UxNTU5ODJiZTA0YWU1YWFmYmE3NTBhY2E4MzExZjQwZDgzZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhC0i+VTQfv6tUkHYHBWDUm51OirJ
wE3AxirActKFaaJJZ+MzkPXCgGeV2p6JeWU/6wE3H5Pcsj1Rnz0wokZa+zuSvwjB
nSlBcjpd3pGBYvK4/7C56dIBWRTaa34xn7zNjoUgzCLl6/u07T8OdAQ6fB5pDxjV
yWw3TRyb+O8LDDk6JjfyjWNvtywRBc0YZW8bJvqTwXTqKZi7XDBD5r8FQVX66Ztc
OP7O7BHt0MNWGUekRqIWdvXbCEV+zp56mmP38kGu9u46JM60JwDSV+jZqez1UjbT
kMwMAuIFr5WtEE0FZ9D+w7mb5YoD0YwOp2B5mhyI51fgpFY+Vt4jO0mJcwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMfhVZgr4ErlqvunUKyoMR9A2D08MB8GA1UdIwQY
MBaAFGg4P/qfIL8CHAkCYplCEtcWZ+0CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYt
NDA2MGU5ZWVlYjllLzEveC1GVm1DdmdTdVdxLTZkUXJLZ3hIMERZUFR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9iOGU5NDAtMjIwMS00MDZlLThhYWYtNDA2MGU5ZWVlYjll
LzEvYURnXy1wOGd2d0ljQ1FKaW1VSVMxeFpuN1FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEUVqAMA0E
AgACMAcDBQAqAA4nMA0GCSqGSIb3DQEBCwUAA4IBAQBYNJ3VCTL3CEVG5V3xp2HK
Ducx2Z7oquNBlDSRLZHE4SVKwnyKXgj+J9/JqItGfzGRJ/00uI8FWaRcUD4/OlT4
4qt9tcnDU/KUhA2H8sWjG2Ex7AH9QSpO7dcj/w8X8w3TijV8dy9Z1RJpJSpu+/dm
3f74n1yLAES55/63tPWSuRA3oJCZ43lm5kddIc39ylumb6BhWEFJDqWRObyeh4k0
llsCG6yTTuBQc69p9g7kVTKUzxXuBwSTOEkO4h9EFjAOCemmep6cxn+iBjPMStpY
X8MEdhbCMzbDDYdnrVtVFM0HWeY6Df/gEQtdTwyUBexCt565RdwTipmoznwJndCa
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:45:23 2024 by rpki-client on console-fra.rpki-client.org