Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/RTeAWkRgTJaDfA0GlmEljbTfJ_o.roa
File: RTeAWkRgTJaDfA0GlmEljbTfJ_o.roa (raw, json)
Hash identifier: va10SBySVKa0Lter6szdqMqWkj3SmHCyGJXvyqDPS7g=
Subject key identifier: 45:37:80:5A:44:60:4C:96:83:7C:0D:06:96:61:25:8D:B4:DF:27:FA
Certificate issuer: /CN=bfe3971a32c0692c4e342e911790662470cf31b2
Certificate serial: 018DF99C055EDDE93A5685D0A8C73B7815CB
Authority key identifier: BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/RTeAWkRgTJaDfA0GlmEljbTfJ_o.roa
Signing time: Fri 01 Mar 2024 10:42:48 +0000
ROA not before: Fri 01 Mar 2024 10:42:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207208
IP address blocks: 5.181.191.0/24 maxlen: 24
185.1.217.0/24 maxlen: 24
2001:67c:2498::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.mft
rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f9:9c:05:5e:dd:e9:3a:56:85:d0:a8:c7:3b:78:15:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfe3971a32c0692c4e342e911790662470cf31b2
Validity
Not Before: Mar 1 10:42:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4537805a44604c96837c0d069661258db4df27fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:1a:44:00:ab:ac:bc:fd:b4:f8:dd:06:f3:f6:
a8:36:05:87:8b:08:af:f9:bb:7c:61:e4:17:a3:2c:
1d:cd:04:92:df:b4:15:52:bc:bf:23:9c:0e:78:2a:
14:ae:e3:df:1a:73:36:2e:cc:4e:4e:7a:7a:c4:a8:
b5:b1:ff:ce:66:81:a4:86:39:dc:8b:14:ca:68:5d:
67:43:22:36:89:76:52:21:11:97:d1:fa:94:0d:23:
58:e4:94:eb:75:48:f1:e1:9f:87:d5:f8:ef:6b:b5:
d5:ad:36:51:08:a0:dd:aa:2e:b4:9f:52:13:7d:2f:
58:81:32:7b:c6:3e:ca:a0:e4:ca:4b:16:4f:a4:fb:
53:9a:0b:c6:05:a9:71:f0:c6:24:39:10:b5:af:a3:
2a:8c:29:40:08:d0:89:0d:1b:65:ec:19:12:99:78:
95:01:69:60:ad:e1:53:bb:f3:06:43:8a:2c:af:1e:
b8:93:b4:f3:50:a9:50:67:a8:f9:af:e0:5f:6e:82:
4a:e5:16:62:be:a9:86:76:8a:0a:77:40:ac:bd:cf:
e4:2a:a3:72:a1:93:c8:cb:2e:b4:00:f5:75:e4:b7:
df:8e:c0:18:7f:57:73:88:ce:b8:5e:e8:00:94:a5:
70:56:3a:de:4f:53:03:ed:b0:41:31:d8:25:0e:f8:
ea:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:37:80:5A:44:60:4C:96:83:7C:0D:06:96:61:25:8D:B4:DF:27:FA
X509v3 Authority Key Identifier:
keyid:BF:E3:97:1A:32:C0:69:2C:4E:34:2E:91:17:90:66:24:70:CF:31:B2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v-OXGjLAaSxONC6RF5BmJHDPMbI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/RTeAWkRgTJaDfA0GlmEljbTfJ_o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/d76bf8-541f-4efc-98c5-c4dcc7f6b7df/1/v-OXGjLAaSxONC6RF5BmJHDPMbI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.191.0/24
185.1.217.0/24
IPv6:
2001:67c:2498::/48
Signature Algorithm: sha256WithRSAEncryption
70:05:86:4c:7b:3b:d4:40:03:a8:ee:83:f5:38:3d:05:6c:6a:
16:e8:1b:f8:7d:38:40:90:f5:1f:18:e1:d8:7f:25:09:19:b8:
24:ea:ac:c4:1c:ce:e5:20:91:4b:ab:1e:05:16:16:9e:85:a6:
fc:4b:6f:63:30:95:79:0b:49:11:a7:80:db:55:21:38:de:05:
9f:3e:c5:e1:20:74:dc:41:db:1c:61:60:bf:41:b1:02:ee:88:
ab:e2:8a:b5:7e:80:a6:7e:5d:76:21:2d:3f:22:57:fd:9a:74:
fc:99:6d:8e:c3:1e:ea:2c:5d:e5:4b:92:8d:92:bd:ee:b2:4d:
8a:65:5a:76:88:9a:ba:37:40:07:9d:e9:41:95:21:bf:d6:5c:
db:65:5a:5f:42:99:f9:d0:bc:7e:38:b5:7a:a6:fc:e1:e2:af:
6a:a5:0f:70:f5:2c:ea:e6:0a:e8:9b:db:b6:f2:be:6a:78:58:
2a:81:73:4f:5e:f0:ce:60:5a:c3:00:c2:e0:dd:fc:c6:f9:cf:
dc:5f:62:94:ac:ee:93:f6:61:50:be:d8:d7:31:b8:c4:a0:67:
ba:c4:78:49:4b:98:69:03:c2:a7:d0:4a:a2:3e:46:b5:dc:0b:
6c:d7:3a:7f:96:ed:7c:a8:0f:e1:3f:a5:6d:ee:7a:8a:d8:2d:
ef:9b:c4:e5
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY35nAVe3ek6VoXQqMc7eBXLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmZTM5NzFhMzJjMDY5MmM0ZTM0MmU5MTE3OTA2NjI0NzBj
ZjMxYjIwHhcNMjQwMzAxMTA0MjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTM3ODA1YTQ0NjA0Yzk2ODM3YzBkMDY5NjYxMjU4ZGI0ZGYyN2ZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhRpEAKusvP20+N0G8/aoNgWHiwiv
+bt8YeQXoywdzQSS37QVUry/I5wOeCoUruPfGnM2LsxOTnp6xKi1sf/OZoGkhjnc
ixTKaF1nQyI2iXZSIRGX0fqUDSNY5JTrdUjx4Z+H1fjva7XVrTZRCKDdqi60n1IT
fS9YgTJ7xj7KoOTKSxZPpPtTmgvGBalx8MYkORC1r6MqjClACNCJDRtl7BkSmXiV
AWlgreFTu/MGQ4osrx64k7TzUKlQZ6j5r+BfboJK5RZivqmGdooKd0Csvc/kKqNy
oZPIyy60APV15LffjsAYf1dziM64XugAlKVwVjreT1MD7bBBMdglDvjqnQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFEU3gFpEYEyWg3wNBpZhJY203yf6MB8GA1UdIwQY
MBaAFL/jlxoywGksTjQukReQZiRwzzGyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUt
YzRkY2M3ZjZiN2RmLzEvUlRlQVdrUmdUSmFEZkEwR2xtRWxqYlRmSl9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9kNzZiZjgtNTQxZi00ZWZjLTk4YzUtYzRkY2M3ZjZiN2Rm
LzEvdi1PWEdqTEFhU3hPTkM2UkY1Qm1KSERQTWJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQABbW/AwQA
uQHZMA8EAgACMAkDBwAgAQZ8JJgwDQYJKoZIhvcNAQELBQADggEBAHAFhkx7O9RA
A6jug/U4PQVsahboG/h9OECQ9R8Y4dh/JQkZuCTqrMQczuUgkUurHgUWFp6FpvxL
b2MwlXkLSRGngNtVITjeBZ8+xeEgdNxB2xxhYL9BsQLuiKviirV+gKZ+XXYhLT8i
V/2adPyZbY7DHuosXeVLko2Sve6yTYplWnaImro3QAed6UGVIb/WXNtlWl9CmfnQ
vH44tXqm/OHir2qlD3D1LOrmCuib27byvmp4WCqBc09e8M5gWsMAwuDd/Mb5z9xf
YpSs7pP2YVC+2NcxuMSgZ7rEeElLmGkDwqfQSqI+RrXcC2zXOn+W7XyoD+E/pW3u
eorYLe+bxOU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:32:54 2024 by rpki-client on console-ams.rpki-client.org