Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/bw5D9GjySOBbc4C13RE9rtFyEkI.roa
File: bw5D9GjySOBbc4C13RE9rtFyEkI.roa (raw, json)
Hash identifier: SmOn3kojPfSOAlQbPwjx/jS7uc2gPwCcNqx1IHX9LCo=
Subject key identifier: 6F:0E:43:F4:68:F2:48:E0:5B:73:80:B5:DD:11:3D:AE:D1:72:12:42
Certificate issuer: /CN=869569a2526687da91a7ecd4f567f5409cdffe79
Certificate serial: 018CC64B07FA4E7BB9FD81B2CBCD7DF4EF42
Authority key identifier: 86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/bw5D9GjySOBbc4C13RE9rtFyEkI.roa
Signing time: Mon 01 Jan 2024 18:30:55 +0000
ROA not before: Mon 01 Jan 2024 18:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49360
IP address blocks: 45.90.232.0/22 maxlen: 22
31.7.144.0/20 maxlen: 20
91.214.72.0/22 maxlen: 22
185.29.248.0/22 maxlen: 22
2a0a:d3c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.mft
rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:07:fa:4e:7b:b9:fd:81:b2:cb:cd:7d:f4:ef:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=869569a2526687da91a7ecd4f567f5409cdffe79
Validity
Not Before: Jan 1 18:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f0e43f468f248e05b7380b5dd113daed1721242
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e4:03:9a:f4:96:71:ca:28:c0:01:3d:a6:d4:
8a:84:7c:98:90:f1:21:59:43:9f:b3:04:b1:32:25:
fb:79:3e:d6:ab:7a:0d:b0:9f:56:f8:22:e4:5e:4e:
46:04:45:e1:1c:9d:70:32:06:10:74:c6:8f:46:f3:
f3:1b:22:52:4f:cf:05:05:25:ed:40:6e:27:98:36:
21:5e:81:61:3f:f0:a2:d6:45:dc:c9:9d:50:38:11:
bd:6e:17:64:df:2b:53:8d:d4:2f:34:c4:7c:e9:2a:
f6:9b:1f:c0:16:2b:ca:8f:ac:65:dd:34:db:f6:03:
71:e4:dd:c7:f7:84:5e:70:5a:5b:53:91:e3:aa:e7:
69:16:57:dd:7c:b7:7c:04:3e:e1:2c:11:2e:b5:8c:
a2:fd:33:50:4a:c1:41:68:3e:44:b6:93:a0:21:7e:
e6:f1:e9:52:a9:45:61:1f:17:2d:39:42:c6:06:c3:
47:ad:cf:19:45:b8:a4:6c:3c:05:73:0b:39:34:ed:
01:72:b3:e9:ad:72:b9:03:b7:8c:70:cb:be:ff:36:
7e:0a:ab:30:51:12:ee:16:2d:48:80:d3:82:e3:7d:
54:57:a4:a7:99:41:ae:0b:f0:14:f2:40:16:9e:a6:
a9:f6:7d:ea:76:66:c7:9c:b3:99:0c:29:ab:6a:78:
b7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:0E:43:F4:68:F2:48:E0:5B:73:80:B5:DD:11:3D:AE:D1:72:12:42
X509v3 Authority Key Identifier:
keyid:86:95:69:A2:52:66:87:DA:91:A7:EC:D4:F5:67:F5:40:9C:DF:FE:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hpVpolJmh9qRp-zU9Wf1QJzf_nk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/bw5D9GjySOBbc4C13RE9rtFyEkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/740dec-059f-45c0-999a-1eaa591b6771/1/hpVpolJmh9qRp-zU9Wf1QJzf_nk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.144.0/20
45.90.232.0/22
91.214.72.0/22
185.29.248.0/22
IPv6:
2a0a:d3c0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:b2:25:6b:ec:ae:4d:41:9c:af:52:b0:c0:7c:ca:b5:84:ce:
e2:c5:99:85:d2:73:af:90:d6:a8:cc:77:25:71:d1:ab:c6:16:
4a:ee:72:7d:53:63:2c:e5:15:f8:bc:7b:75:cd:6e:54:3d:62:
1f:4d:9c:b4:d1:c2:bd:4c:bb:a1:23:72:2f:24:a7:a5:e9:79:
1c:0c:03:3b:6b:3d:de:99:f8:12:7d:c5:b7:1c:eb:ca:72:ac:
5f:64:15:df:e8:34:8d:00:de:4f:e5:6e:86:b0:8b:a8:46:c1:
2c:62:15:a5:51:0e:25:2a:79:5e:59:4b:c9:89:cb:7d:43:08:
d7:d2:fd:7b:53:4e:f8:7b:84:b6:c4:c5:82:cd:01:0b:8e:1c:
6e:3d:cc:5d:e3:0e:54:64:25:57:61:d0:e3:2b:19:85:f2:a1:
10:82:d2:30:e4:c3:1f:45:ff:64:22:9f:67:ad:96:ab:89:77:
f1:c0:9e:f4:93:37:cd:89:1a:fc:d1:15:07:5d:dc:16:3d:ae:
d6:30:22:4a:9d:12:60:0e:ee:cf:3e:fb:1b:48:c2:c7:f1:0f:
e7:53:55:4a:a3:6a:82:24:42:a0:51:8b:f7:e8:7a:98:be:c5:
b4:ca:79:04:3e:e6:1a:f5:3f:ac:45:82:0a:aa:5d:dc:d7:19:
a4:fb:05:47
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGSwf6Tnu5/YGyy8199O9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2OTU2OWEyNTI2Njg3ZGE5MWE3ZWNkNGY1NjdmNTQwOWNk
ZmZlNzkwHhcNMjQwMTAxMTgzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjBlNDNmNDY4ZjI0OGUwNWI3MzgwYjVkZDExM2RhZWQxNzIxMjQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkuQDmvSWccoowAE9ptSKhHyYkPEh
WUOfswSxMiX7eT7Wq3oNsJ9W+CLkXk5GBEXhHJ1wMgYQdMaPRvPzGyJST88FBSXt
QG4nmDYhXoFhP/Ci1kXcyZ1QOBG9bhdk3ytTjdQvNMR86Sr2mx/AFivKj6xl3TTb
9gNx5N3H94RecFpbU5HjqudpFlfdfLd8BD7hLBEutYyi/TNQSsFBaD5EtpOgIX7m
8elSqUVhHxctOULGBsNHrc8ZRbikbDwFcws5NO0BcrPprXK5A7eMcMu+/zZ+Cqsw
URLuFi1IgNOC431UV6SnmUGuC/AU8kAWnqap9n3qdmbHnLOZDCmrani3rQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFG8OQ/Ro8kjgW3OAtd0RPa7RchJCMB8GA1UdIwQY
MBaAFIaVaaJSZofakafs1PVn9UCc3/55MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEt
MWVhYTU5MWI2NzcxLzEvYnc1RDlHanlTT0JiYzRDMTNSRTlydEZ5RWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS83NDBkZWMtMDU5Zi00NWMwLTk5OWEtMWVhYTU5MWI2Nzcx
LzEvaHBWcG9sSm1oOXFScC16VTlXZjFRSnpmX25rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEHweQAwQC
LVroAwQCW9ZIAwQCuR34MA0EAgACMAcDBQMqCtPAMA0GCSqGSIb3DQEBCwUAA4IB
AQA/siVr7K5NQZyvUrDAfMq1hM7ixZmF0nOvkNaozHclcdGrxhZK7nJ9U2Ms5RX4
vHt1zW5UPWIfTZy00cK9TLuhI3IvJKel6XkcDAM7az3emfgSfcW3HOvKcqxfZBXf
6DSNAN5P5W6GsIuoRsEsYhWlUQ4lKnleWUvJict9QwjX0v17U074e4S2xMWCzQEL
jhxuPcxd4w5UZCVXYdDjKxmF8qEQgtIw5MMfRf9kIp9nrZariXfxwJ70kzfNiRr8
0RUHXdwWPa7WMCJKnRJgDu7PPvsbSMLH8Q/nU1VKo2qCJEKgUYv36HqYvsW0ynkE
PuYa9T+sRYIKql3c1xmk+wVH
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:22:59 2024 by rpki-client on console-fra.rpki-client.org