Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/bHVOMthf0lO4uN9jv8qG-V0HHHE.roa
File: bHVOMthf0lO4uN9jv8qG-V0HHHE.roa (raw, json)
Hash identifier: owW35FMdmv87KhZK0wuGoTiuBQrNvwHmPnj4lJfz2ds=
Subject key identifier: 6C:75:4E:32:D8:5F:D2:53:B8:B8:DF:63:BF:CA:86:F9:5D:07:1C:71
Certificate issuer: /CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Certificate serial: 0190EF7DE94E754AD142A437A63937A347D3
Authority key identifier: 22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/bHVOMthf0lO4uN9jv8qG-V0HHHE.roa
Signing time: Fri 26 Jul 2024 14:42:04 +0000
ROA not before: Fri 26 Jul 2024 14:42:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50437
IP address blocks: 31.131.164.0/22 maxlen: 22
46.151.224.0/22 maxlen: 22
46.151.228.0/22 maxlen: 22
85.255.116.0/22 maxlen: 22
91.228.145.0/24 maxlen: 24
176.116.128.0/24 maxlen: 24
176.116.129.0/24 maxlen: 24
176.116.130.0/24 maxlen: 24
176.116.131.0/24 maxlen: 24
176.116.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:ef:7d:e9:4e:75:4a:d1:42:a4:37:a6:39:37:a3:47:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22f2c2e7bc1da54d919ca5b5941d378892b2ccb2
Validity
Not Before: Jul 26 14:42:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c754e32d85fd253b8b8df63bfca86f95d071c71
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:bd:a0:08:c3:e8:e8:86:24:db:63:ae:7b:34:
06:3d:95:da:4e:54:bc:53:a9:d3:49:e8:41:fd:07:
f1:1b:5c:bb:36:79:a7:87:34:22:14:54:d0:ec:1d:
ab:ba:78:b9:c3:a0:d8:45:31:e2:1e:00:00:d0:0f:
39:ea:85:08:8c:38:5f:27:43:40:e5:45:00:1b:c5:
f7:09:7f:a4:3e:32:b2:bc:e5:65:79:b1:68:6f:e0:
f0:a4:38:7d:10:e5:51:6b:61:10:e0:12:5b:93:41:
3d:b4:00:54:c1:58:34:84:ae:2c:5b:e1:90:60:9c:
72:b4:47:25:d8:ed:23:27:0e:98:43:b3:d2:da:01:
ec:86:3b:9a:e0:02:43:e3:37:8e:48:79:0e:cd:1b:
76:40:f6:1a:49:01:9b:d9:1b:41:c1:fa:bd:27:e8:
5e:e8:d1:e1:1c:28:85:56:90:cb:45:8d:f0:df:ff:
cf:d4:85:6b:85:89:10:98:7a:b7:5e:9f:a7:ff:e1:
f3:25:28:bb:b0:ca:3f:f7:0f:68:24:28:51:d4:31:
92:f7:41:58:3d:0d:fa:ee:a0:01:2b:f3:1d:6c:e5:
f5:5c:88:49:79:fa:d9:9c:fd:98:c8:90:5a:5a:5d:
50:f5:be:63:9e:a6:86:f3:a3:56:d5:d6:72:bb:44:
fa:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:75:4E:32:D8:5F:D2:53:B8:B8:DF:63:BF:CA:86:F9:5D:07:1C:71
X509v3 Authority Key Identifier:
keyid:22:F2:C2:E7:BC:1D:A5:4D:91:9C:A5:B5:94:1D:37:88:92:B2:CC:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IvLC57wdpU2RnKW1lB03iJKyzLI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/bHVOMthf0lO4uN9jv8qG-V0HHHE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/602530-6d22-46f1-8e05-02def6e84c91/1/IvLC57wdpU2RnKW1lB03iJKyzLI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.164.0/22
46.151.224.0/21
85.255.116.0/22
91.228.145.0/24
176.116.128.0/21
Signature Algorithm: sha256WithRSAEncryption
81:17:6f:ad:f4:b1:da:ed:f2:0f:37:e4:df:83:bf:9f:cb:b6:
c2:62:79:16:2b:d8:9c:b3:4e:25:b2:0a:a5:1c:5b:f6:45:1a:
0a:b9:75:2c:ae:1a:c2:91:07:ad:b8:0f:b6:68:ef:b5:76:e6:
33:8a:bc:c3:2a:26:85:3c:4a:c2:c2:32:6b:10:2e:2f:23:7d:
0f:7e:c5:f1:91:a6:94:87:c1:60:66:d0:48:4f:ea:a1:bf:98:
03:fa:5c:ee:c9:68:a2:b7:68:24:6f:89:0f:ed:51:f3:ae:fd:
e8:1d:fe:5f:53:f5:c0:58:d4:39:fc:49:3f:77:86:46:3e:eb:
dc:18:2a:36:c9:f4:41:35:fb:1c:3c:d0:69:ef:aa:30:a4:92:
65:a0:61:f1:6a:79:cf:22:0f:06:ff:c4:3e:2e:36:53:81:40:
6a:2e:59:f8:4c:4d:c7:91:d7:eb:d3:d1:ab:bb:1d:7e:49:4f:
20:42:e7:ff:3b:d1:bf:3e:01:62:e8:4c:30:b5:8b:d9:87:30:
0e:78:9b:e4:02:2c:9a:c7:86:3b:f3:50:26:e3:2f:e5:9a:84:
98:dd:f1:8c:7f:e7:fa:dc:05:b5:40:1a:c1:88:41:5b:f9:f4:
36:49:7c:47:f7:64:99:56:44:46:b8:2a:bd:84:d1:63:fa:64:
65:8e:ef:80
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZDvfelOdUrRQqQ3pjk3o0fTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZjJjMmU3YmMxZGE1NGQ5MTljYTViNTk0MWQzNzg4OTJi
MmNjYjIwHhcNMjQwNzI2MTQ0MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzc1NGUzMmQ4NWZkMjUzYjhiOGRmNjNiZmNhODZmOTVkMDcxYzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3r2gCMPo6IYk22OuezQGPZXaTlS8
U6nTSehB/QfxG1y7NnmnhzQiFFTQ7B2runi5w6DYRTHiHgAA0A856oUIjDhfJ0NA
5UUAG8X3CX+kPjKyvOVlebFob+DwpDh9EOVRa2EQ4BJbk0E9tABUwVg0hK4sW+GQ
YJxytEcl2O0jJw6YQ7PS2gHshjua4AJD4zeOSHkOzRt2QPYaSQGb2RtBwfq9J+he
6NHhHCiFVpDLRY3w3//P1IVrhYkQmHq3Xp+n/+HzJSi7sMo/9w9oJChR1DGS90FY
PQ367qABK/MdbOX1XIhJefrZnP2YyJBaWl1Q9b5jnqaG86NW1dZyu0T6TQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGx1TjLYX9JTuLjfY7/KhvldBxxxMB8GA1UdIwQY
MBaAFCLywue8HaVNkZyltZQdN4iSssyyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUt
MDJkZWY2ZTg0YzkxLzEvYkhWT010aGYwbE80dU45anY4cUctVjBISEhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi82MDI1MzAtNmQyMi00NmYxLThlMDUtMDJkZWY2ZTg0Yzkx
LzEvSXZMQzU3d2RwVTJSbktXMWxCMDNpSkt5ekxJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCH4OkAwQD
LpfgAwQCVf90AwQAW+SRAwQDsHSAMA0GCSqGSIb3DQEBCwUAA4IBAQCBF2+t9LHa
7fIPN+Tfg7+fy7bCYnkWK9ics04lsgqlHFv2RRoKuXUsrhrCkQetuA+2aO+1duYz
irzDKiaFPErCwjJrEC4vI30PfsXxkaaUh8FgZtBIT+qhv5gD+lzuyWiit2gkb4kP
7VHzrv3oHf5fU/XAWNQ5/Ek/d4ZGPuvcGCo2yfRBNfscPNBp76owpJJloGHxannP
Ig8G/8Q+LjZTgUBqLln4TE3Hkdfr09Grux1+SU8gQuf/O9G/PgFi6EwwtYvZhzAO
eJvkAiyax4Y781Am4y/lmoSY3fGMf+f63AW1QBrBiEFb+fQ2SXxH92SZVkRGuCq9
hNFj+mRlju+A
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:55:59 2024 by rpki-client on console-fra.rpki-client.org