Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/btux7feZhJ1BqBuWh4_v4sk8smQ.roa
File: btux7feZhJ1BqBuWh4_v4sk8smQ.roa (raw, json)
Hash identifier: CPqz+M1T47JJLNXi32iORwbH6OKUcww7HUT0G/bccUI=
Subject key identifier: 6E:DB:B1:ED:F7:99:84:9D:41:A8:1B:96:87:8F:EF:E2:C9:3C:B2:64
Certificate issuer: /CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Certificate serial: 0192676952F33ADD5DC1DC39D2EDF63362B1
Authority key identifier: 90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/btux7feZhJ1BqBuWh4_v4sk8smQ.roa
Signing time: Mon 07 Oct 2024 14:36:48 +0000
ROA not before: Mon 07 Oct 2024 14:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205544
IP address blocks: 23.106.32.0/21 maxlen: 21
23.106.56.0/21 maxlen: 21
23.106.232.0/21 maxlen: 21
173.208.48.0/21 maxlen: 21
173.234.72.0/21 maxlen: 21
173.234.136.0/21 maxlen: 21
185.222.24.0/22 maxlen: 24
185.222.24.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:67:69:52:f3:3a:dd:5d:c1:dc:39:d2:ed:f6:33:62:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=90dff31d1b0444d4204de1584d00ddf968d0b012
Validity
Not Before: Oct 7 14:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6edbb1edf799849d41a81b96878fefe2c93cb264
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:5d:09:92:8f:82:32:66:a6:d1:d3:79:5a:53:
93:bd:4f:a3:dd:41:66:a7:de:bd:e3:c7:24:0c:af:
da:21:02:85:8b:46:37:12:18:dd:53:f7:01:51:20:
05:3c:66:b6:f6:8e:10:61:98:e3:1c:41:c2:f3:18:
6b:09:0e:f9:eb:17:7f:27:7c:dd:16:eb:3a:41:70:
07:b2:b0:0a:2c:96:8c:e9:31:0e:34:fb:65:c4:fe:
51:81:ac:4b:3a:d0:63:d5:e5:ba:0d:ed:8d:c9:a7:
da:c2:da:fb:74:d1:30:ec:8a:ed:54:e1:54:a1:f4:
da:5a:61:e6:9b:89:5e:88:ce:48:f0:c0:8a:2f:b8:
0c:8e:e0:79:ac:b4:c1:b2:fe:73:0b:64:83:ee:80:
9f:7e:06:c1:91:9a:d1:8c:11:d1:2b:f5:e4:5d:2f:
6d:f1:70:38:28:20:ff:de:db:33:93:68:16:8a:09:
70:35:84:95:49:8e:99:89:12:4d:49:2b:17:f5:41:
9f:21:1a:02:75:e9:0d:06:eb:9e:36:e5:51:07:0b:
3f:dc:2d:0d:4a:fd:7f:e6:34:ce:ab:53:82:bb:44:
ea:db:05:13:b5:9f:d4:43:6b:52:2b:fb:09:ad:0a:
e1:3c:12:b4:be:b7:a6:6d:d3:89:f1:a9:e8:48:1f:
5f:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:DB:B1:ED:F7:99:84:9D:41:A8:1B:96:87:8F:EF:E2:C9:3C:B2:64
X509v3 Authority Key Identifier:
keyid:90:DF:F3:1D:1B:04:44:D4:20:4D:E1:58:4D:00:DD:F9:68:D0:B0:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kN_zHRsERNQgTeFYTQDd-WjQsBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/btux7feZhJ1BqBuWh4_v4sk8smQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/99a3ca-7e5c-48d4-b975-9f214d1ba934/1/kN_zHRsERNQgTeFYTQDd-WjQsBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.106.32.0/21
23.106.56.0/21
23.106.232.0/21
173.208.48.0/21
173.234.72.0/21
173.234.136.0/21
185.222.24.0/22
Signature Algorithm: sha256WithRSAEncryption
60:4a:19:09:10:9b:df:4a:f7:82:83:c7:cc:d8:31:5b:df:a9:
7d:ad:7c:2c:ae:e5:05:73:0a:7d:da:b5:15:1c:d9:e1:96:b1:
48:a3:40:aa:e5:07:a0:af:9e:03:80:ae:28:e9:e4:38:cb:27:
8d:12:90:a4:41:5d:c9:ef:bc:01:73:06:5d:c2:9f:17:ed:0b:
04:3a:07:c6:c2:36:b7:ad:30:d9:fe:45:16:a5:1a:06:c7:44:
05:aa:53:0b:5c:2d:f5:47:7f:02:84:65:33:c5:b8:8d:18:8e:
24:16:18:fe:be:5a:be:15:cb:24:dd:2d:5f:ab:a0:13:e0:21:
de:c7:f1:d6:73:5c:c4:3c:ea:7a:1b:a1:31:09:59:58:50:d3:
22:9a:e9:a8:07:8d:fc:93:90:60:00:e6:c8:08:d6:9d:33:2a:
e1:60:b6:9e:14:e9:8d:38:74:83:4d:00:ee:6c:de:ca:5e:a0:
a2:ce:c3:60:8e:68:92:3f:df:7c:5d:96:66:aa:fc:a3:15:af:
1e:f7:af:89:be:0c:f8:7d:8c:74:01:7c:b3:b4:72:6d:5b:09:
90:a7:5a:61:f9:24:93:c1:1a:ba:44:24:77:33:58:b4:f6:b1:
c7:80:85:9a:47:46:b9:1c:86:2b:03:6c:e0:59:20:d2:82:66:
fa:a2:55:7e
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZJnaVLzOt1dwdw50u32M2KxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkwZGZmMzFkMWIwNDQ0ZDQyMDRkZTE1ODRkMDBkZGY5Njhk
MGIwMTIwHhcNMjQxMDA3MTQzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWRiYjFlZGY3OTk4NDlkNDFhODFiOTY4NzhmZWZlMmM5M2NiMjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzV0Jko+CMmam0dN5WlOTvU+j3UFm
p96948ckDK/aIQKFi0Y3EhjdU/cBUSAFPGa29o4QYZjjHEHC8xhrCQ756xd/J3zd
Fus6QXAHsrAKLJaM6TEONPtlxP5RgaxLOtBj1eW6De2Nyafawtr7dNEw7IrtVOFU
ofTaWmHmm4leiM5I8MCKL7gMjuB5rLTBsv5zC2SD7oCffgbBkZrRjBHRK/XkXS9t
8XA4KCD/3tszk2gWiglwNYSVSY6ZiRJNSSsX9UGfIRoCdekNBuueNuVRBws/3C0N
Sv1/5jTOq1OCu0Tq2wUTtZ/UQ2tSK/sJrQrhPBK0vrembdOJ8anoSB9fiQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFG7bse33mYSdQagbloeP7+LJPLJkMB8GA1UdIwQY
MBaAFJDf8x0bBETUIE3hWE0A3flo0LASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUt
OWYyMTRkMWJhOTM0LzEvYnR1eDdmZVpoSjFCcUJ1V2g0X3Y0c2s4c21RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC85OWEzY2EtN2U1Yy00OGQ0LWI5NzUtOWYyMTRkMWJhOTM0
LzEva05fekhSc0VSTlFnVGVGWVRRRGQtV2pRc0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDF2ogAwQD
F2o4AwQDF2roAwQDrdAwAwQDrepIAwQDreqIAwQCud4YMA0GCSqGSIb3DQEBCwUA
A4IBAQBgShkJEJvfSveCg8fM2DFb36l9rXwsruUFcwp92rUVHNnhlrFIo0Cq5Qeg
r54DgK4o6eQ4yyeNEpCkQV3J77wBcwZdwp8X7QsEOgfGwja3rTDZ/kUWpRoGx0QF
qlMLXC31R38ChGUzxbiNGI4kFhj+vlq+Fcsk3S1fq6AT4CHex/HWc1zEPOp6G6Ex
CVlYUNMimumoB438k5BgAObICNadMyrhYLaeFOmNOHSDTQDubN7KXqCizsNgjmiS
P998XZZmqvyjFa8e96+Jvgz4fYx0AXyztHJtWwmQp1ph+SSTwRq6RCR3M1i09rHH
gIWaR0a5HIYrA2zgWSDSgmb6olV+
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:15:23 2024 by rpki-client on console-ams.rpki-client.org