Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/bwWK7STk8JGeZNNeiu45q2N8QGc.roa
File: bwWK7STk8JGeZNNeiu45q2N8QGc.roa (raw, json)
Hash identifier: IHej2lyZuUlDH3fMmYrRdwCcTBeweBqee1xUvWcQAO4=
Subject key identifier: 6F:05:8A:ED:24:E4:F0:91:9E:64:D3:5E:8A:EE:39:AB:63:7C:40:67
Certificate issuer: /CN=22d54df89b8fd921dada3f0daa29efff5cce0a79
Certificate serial: 019425FDCEE0DA042A6303C1CB514DCB45DD
Authority key identifier: 22:D5:4D:F8:9B:8F:D9:21:DA:DA:3F:0D:AA:29:EF:FF:5C:CE:0A:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ItVN-JuP2SHa2j8Nqinv_1zOCnk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/bwWK7STk8JGeZNNeiu45q2N8QGc.roa
Signing time: Thu 02 Jan 2025 07:49:38 +0000
ROA not before: Thu 02 Jan 2025 07:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51333
IP address blocks: 185.58.4.0/22 maxlen: 24
188.65.80.0/21 maxlen: 24
194.36.72.0/22 maxlen: 24
2a02:6120::/29 maxlen: 29
2a0c:bdc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/ItVN-JuP2SHa2j8Nqinv_1zOCnk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/ItVN-JuP2SHa2j8Nqinv_1zOCnk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ItVN-JuP2SHa2j8Nqinv_1zOCnk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:ce:e0:da:04:2a:63:03:c1:cb:51:4d:cb:45:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22d54df89b8fd921dada3f0daa29efff5cce0a79
Validity
Not Before: Jan 2 07:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f058aed24e4f0919e64d35e8aee39ab637c4067
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:0f:75:33:17:c9:10:bf:c3:de:fd:91:12:ba:
bc:cd:b2:20:98:71:4e:68:77:40:33:77:1a:dc:22:
b4:27:02:ad:01:e0:2d:9c:1e:74:4a:8e:44:53:18:
dd:27:0c:2f:d1:74:da:af:9a:7e:4a:4f:bb:60:3d:
fa:13:63:6f:a9:98:7f:26:26:7a:77:46:04:e4:ab:
cf:dc:a2:d2:55:93:78:f1:30:12:67:12:27:bd:8c:
41:b4:43:5f:2f:b2:56:31:de:0d:ed:ad:aa:6a:ab:
61:94:03:98:0e:1f:eb:aa:65:0c:92:b1:69:aa:4c:
e8:8b:af:df:1a:f1:07:f3:c7:0c:0f:bc:e7:75:c1:
9b:bd:7a:bd:c8:14:be:b3:58:14:5a:5b:ac:08:66:
78:78:c4:46:3d:d3:d4:ac:67:c8:fa:3a:73:82:12:
65:a1:64:50:4b:2f:de:46:9f:d4:0b:ae:e2:59:ca:
bd:04:ba:c5:d5:29:ca:26:1b:60:31:de:da:d3:d5:
18:9b:11:f6:81:41:50:9d:fe:db:e0:d2:70:b1:99:
4a:cf:17:0b:b2:81:c2:32:3b:ad:89:d4:8a:59:f0:
09:e6:99:66:a4:1f:bb:45:48:cb:ec:62:b1:28:c8:
a4:a5:0a:94:b3:1c:ed:a4:85:51:9b:a7:c4:41:eb:
f4:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:05:8A:ED:24:E4:F0:91:9E:64:D3:5E:8A:EE:39:AB:63:7C:40:67
X509v3 Authority Key Identifier:
keyid:22:D5:4D:F8:9B:8F:D9:21:DA:DA:3F:0D:AA:29:EF:FF:5C:CE:0A:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ItVN-JuP2SHa2j8Nqinv_1zOCnk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/bwWK7STk8JGeZNNeiu45q2N8QGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/b5cf0b-ec31-4705-8f68-6f1fece87c89/1/ItVN-JuP2SHa2j8Nqinv_1zOCnk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.58.4.0/22
188.65.80.0/21
194.36.72.0/22
IPv6:
2a02:6120::/29
2a0c:bdc0::/29
Signature Algorithm: sha256WithRSAEncryption
1e:50:fe:9f:0f:e6:3c:cd:ac:ac:47:08:3b:b2:b4:6f:4b:11:
92:8d:8c:e3:2e:85:f6:9c:7e:e8:a1:93:2a:b4:8e:ac:b9:43:
79:82:08:0b:eb:63:d5:fb:57:0b:74:04:f1:bb:93:10:39:37:
0d:03:08:82:6a:14:44:95:db:65:74:93:68:9c:1c:be:25:dc:
79:19:e3:c2:0e:84:d7:9a:6b:a1:e2:3a:1b:51:01:d2:f3:b1:
2d:b2:7f:29:52:3c:b0:a9:36:6d:07:c4:60:59:df:77:63:7e:
02:50:05:88:af:44:d0:8e:38:23:00:61:9a:b4:94:e0:1a:4f:
1e:fe:e1:65:01:6b:c3:10:62:83:8d:8b:d4:79:31:86:bf:89:
cf:bd:e0:18:55:7a:0c:39:c7:60:85:8e:7c:df:d9:48:24:0d:
2b:32:65:19:f6:2c:e1:d3:46:2a:79:db:26:31:03:01:ff:4f:
df:ab:8d:01:c8:0e:65:64:88:20:dd:d8:64:3f:21:34:84:10:
c1:66:fc:a0:c1:b1:b9:d6:fc:18:60:a3:97:74:79:fa:31:4c:
a1:c5:b2:04:99:a1:8d:eb:67:b1:11:94:7c:fe:8c:d0:ea:07:
b8:18:9b:00:aa:88:6b:be:22:ea:b3:d0:d6:77:42:13:67:fb:
85:a3:dd:b0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQl/c7g2gQqYwPBy1FNy0XdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyZDU0ZGY4OWI4ZmQ5MjFkYWRhM2YwZGFhMjllZmZmNWNj
ZTBhNzkwHhcNMjUwMTAyMDc0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjA1OGFlZDI0ZTRmMDkxOWU2NGQzNWU4YWVlMzlhYjYzN2M0MDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAow91MxfJEL/D3v2RErq8zbIgmHFO
aHdAM3ca3CK0JwKtAeAtnB50So5EUxjdJwwv0XTar5p+Sk+7YD36E2NvqZh/JiZ6
d0YE5KvP3KLSVZN48TASZxInvYxBtENfL7JWMd4N7a2qaqthlAOYDh/rqmUMkrFp
qkzoi6/fGvEH88cMD7zndcGbvXq9yBS+s1gUWlusCGZ4eMRGPdPUrGfI+jpzghJl
oWRQSy/eRp/UC67iWcq9BLrF1SnKJhtgMd7a09UYmxH2gUFQnf7b4NJwsZlKzxcL
soHCMjutidSKWfAJ5plmpB+7RUjL7GKxKMikpQqUsxztpIVRm6fEQev0ZQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFG8Fiu0k5PCRnmTTXoruOatjfEBnMB8GA1UdIwQY
MBaAFCLVTfibj9kh2to/Daop7/9czgp5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXRWTi1KdVAyU0hhMmo4TnFpbnZfMXpPQ25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy9iNWNmMGItZWMzMS00NzA1LThmNjgt
NmYxZmVjZTg3Yzg5LzEvYndXSzdTVGs4SkdlWk5OZWl1NDVxMk44UUdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy9iNWNmMGItZWMzMS00NzA1LThmNjgtNmYxZmVjZTg3Yzg5
LzEvSXRWTi1KdVAyU0hhMmo4TnFpbnZfMXpPQ25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuToEAwQD
vEFQAwQCwiRIMBQEAgACMA4DBQMqAmEgAwUDKgy9wDANBgkqhkiG9w0BAQsFAAOC
AQEAHlD+nw/mPM2srEcIO7K0b0sRko2M4y6F9px+6KGTKrSOrLlDeYIIC+tj1ftX
C3QE8buTEDk3DQMIgmoURJXbZXSTaJwcviXceRnjwg6E15proeI6G1EB0vOxLbJ/
KVI8sKk2bQfEYFnfd2N+AlAFiK9E0I44IwBhmrSU4BpPHv7hZQFrwxBig42L1Hkx
hr+Jz73gGFV6DDnHYIWOfN/ZSCQNKzJlGfYs4dNGKnnbJjEDAf9P36uNAcgOZWSI
IN3YZD8hNIQQwWb8oMGxudb8GGCjl3R5+jFMocWyBJmhjetnsRGUfP6M0OoHuBib
AKqIa74i6rPQ1ndCE2f7haPdsA==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:41:13 2025 by rpki-client