Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4MdetjxhyoUoN5RiKoSgbzrui5g.roa
File: 4MdetjxhyoUoN5RiKoSgbzrui5g.roa (raw, json)
Hash identifier: xWQKXK0dcFq8HQ+rWCa2Pthg4LTU2/+dZ0nxurpzdVs=
Subject key identifier: E0:C7:5E:B6:3C:61:CA:85:28:37:94:62:2A:84:A0:6F:3A:EE:8B:98
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0192DCF1A5A51C58C0F8890A5C26C41AD10D
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4MdetjxhyoUoN5RiKoSgbzrui5g.roa
Signing time: Wed 30 Oct 2024 10:21:17 +0000
ROA not before: Wed 30 Oct 2024 10:21:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39838
IP address blocks: 77.247.120.0/22 maxlen: 22
89.42.112.0/23 maxlen: 23
89.45.208.0/23 maxlen: 23
217.26.188.0/22 maxlen: 22
217.76.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:dc:f1:a5:a5:1c:58:c0:f8:89:0a:5c:26:c4:1a:d1:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Oct 30 10:21:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0c75eb63c61ca85283794622a84a06f3aee8b98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:52:01:2a:c0:f5:40:5b:4b:2c:bf:8f:9b:ae:
98:45:cd:2c:24:6d:4d:14:a6:0e:24:94:bf:98:02:
13:31:80:e4:f6:0f:78:a1:8c:a0:1a:1f:89:b2:d7:
7a:e2:68:1f:fc:a9:9d:89:be:3b:bd:a3:00:da:5d:
c1:ae:cd:6a:90:bb:3c:57:0b:ba:ad:b2:b0:69:90:
53:21:5e:28:48:01:f3:dd:e3:bd:7c:2b:fe:35:fa:
bd:63:2e:f5:a2:f7:6a:b4:66:7e:de:79:c1:03:56:
05:03:cd:16:3a:b7:f7:76:3b:c4:73:03:9c:53:88:
48:3d:a6:45:29:d6:e9:cd:10:e7:2c:86:fc:80:e6:
26:6e:fd:cf:58:4c:44:63:98:63:58:c0:4a:a4:67:
d5:b1:58:ad:fe:6a:96:bf:0b:d5:53:b7:7f:17:d8:
0e:7c:9b:8a:6f:cd:10:51:5b:8d:b8:81:63:f5:01:
9c:e0:ee:8f:95:f8:59:c9:49:76:1a:b9:ee:22:eb:
be:e7:f3:a3:f6:69:33:99:65:8f:0c:2a:df:cf:d3:
93:f3:2a:b4:cb:d2:78:c7:ae:ac:cf:85:d3:09:89:
80:2e:89:38:08:e0:f6:3e:a5:74:39:79:73:19:f5:
92:b8:51:0b:1e:5d:54:a5:2c:42:50:34:d2:32:10:
b2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:C7:5E:B6:3C:61:CA:85:28:37:94:62:2A:84:A0:6F:3A:EE:8B:98
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/4MdetjxhyoUoN5RiKoSgbzrui5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.247.120.0/22
89.42.112.0/23
89.45.208.0/23
217.26.188.0/22
217.76.247.0/24
Signature Algorithm: sha256WithRSAEncryption
bf:fe:14:85:f5:f9:89:b5:91:44:5b:48:62:08:17:21:e0:73:
00:86:58:a3:c9:87:8f:98:da:06:11:50:fd:af:c5:4c:cb:b2:
d6:e5:8e:07:49:37:de:82:37:3f:cf:45:02:2e:d1:bb:11:82:
4d:99:32:ff:1d:ac:5a:5c:90:26:73:10:5b:68:7f:d6:98:cc:
94:95:c6:fc:67:08:e2:93:08:f8:13:22:bd:24:4d:00:9e:90:
ba:20:27:d7:e0:85:55:34:34:27:12:4d:a0:44:e0:2d:da:5f:
96:58:34:b0:b3:4a:92:12:dc:4e:0a:56:dd:aa:81:6b:a6:cc:
a4:c7:0b:87:04:bd:66:77:96:f3:49:22:c3:32:4a:d8:d5:fd:
14:c8:e6:fb:e5:95:72:65:9e:bb:66:c4:4b:83:f7:07:74:b7:
88:73:30:dd:cc:a9:21:74:72:cc:4a:16:03:b5:68:d4:14:b7:
c1:71:ab:99:79:43:39:9e:63:a9:a7:6e:ce:e5:5e:33:05:4c:
ab:43:8c:c2:84:03:3b:3d:ae:57:46:e0:73:92:ed:0d:6f:6d:
68:61:85:14:ba:9e:04:02:20:49:bd:04:8e:01:f9:d7:7b:3e:
49:e6:53:5a:ce:2e:57:ba:a4:23:bf:eb:76:ee:c2:94:3a:47:
3a:79:b7:62
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZLc8aWlHFjA+IkKXCbEGtENMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQxMDMwMTAyMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGM3NWViNjNjNjFjYTg1MjgzNzk0NjIyYTg0YTA2ZjNhZWU4Yjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1IBKsD1QFtLLL+Pm66YRc0sJG1N
FKYOJJS/mAITMYDk9g94oYygGh+Jstd64mgf/Kmdib47vaMA2l3Brs1qkLs8Vwu6
rbKwaZBTIV4oSAHz3eO9fCv+Nfq9Yy71ovdqtGZ+3nnBA1YFA80WOrf3djvEcwOc
U4hIPaZFKdbpzRDnLIb8gOYmbv3PWExEY5hjWMBKpGfVsVit/mqWvwvVU7d/F9gO
fJuKb80QUVuNuIFj9QGc4O6PlfhZyUl2GrnuIuu+5/Oj9mkzmWWPDCrfz9OT8yq0
y9J4x66sz4XTCYmALok4COD2PqV0OXlzGfWSuFELHl1UpSxCUDTSMhCyvwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFODHXrY8YcqFKDeUYiqEoG867ouYMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvNE1kZXRqeGh5b1VvTjVSaUtvU2dienJ1aTVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCTfd4AwQB
WSpwAwQBWS3QAwQC2Rq8AwQA2Uz3MA0GCSqGSIb3DQEBCwUAA4IBAQC//hSF9fmJ
tZFEW0hiCBch4HMAhlijyYePmNoGEVD9r8VMy7LW5Y4HSTfegjc/z0UCLtG7EYJN
mTL/HaxaXJAmcxBbaH/WmMyUlcb8Zwjikwj4EyK9JE0AnpC6ICfX4IVVNDQnEk2g
ROAt2l+WWDSws0qSEtxOClbdqoFrpsykxwuHBL1md5bzSSLDMkrY1f0UyOb75ZVy
ZZ67ZsRLg/cHdLeIczDdzKkhdHLMShYDtWjUFLfBcauZeUM5nmOpp27O5V4zBUyr
Q4zChAM7Pa5XRuBzku0Nb21oYYUUup4EAiBJvQSOAfnXez5J5lNazi5XuqQjv+t2
7sKUOkc6ebdi
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:25:56 2024 by rpki-client on console-ams.rpki-client.org