Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ow-ENIervxIzrsulsIrCpn5bsMo.roa
File: ow-ENIervxIzrsulsIrCpn5bsMo.roa (raw, json)
Hash identifier: FhFrvyBL8vugXftDvzAMyYWvLFQ5v0jDdbN0FcUN8SY=
Subject key identifier: A3:0F:84:34:87:AB:BF:12:33:AE:CB:A5:B0:8A:C2:A6:7E:5B:B0:CA
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018ECC61D4749DA636770A550859244112B4
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ow-ENIervxIzrsulsIrCpn5bsMo.roa
Signing time: Thu 11 Apr 2024 08:59:07 +0000
ROA not before: Thu 11 Apr 2024 08:59:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12730
IP address blocks: 5.143.192.0/19 maxlen: 19
95.106.0.0/17 maxlen: 17
212.26.224.0/19 maxlen: 19
212.26.226.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cc:61:d4:74:9d:a6:36:77:0a:55:08:59:24:41:12:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 11 08:59:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a30f843487abbf1233aecba5b08ac2a67e5bb0ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:2d:fb:e9:b8:43:1d:64:cf:46:76:fa:a3:fe:
c4:d0:71:a2:39:30:da:1f:ae:14:4c:60:6d:d0:58:
d0:a5:18:64:fb:e1:1e:e4:76:e9:f2:e2:e0:00:a2:
e6:05:08:3d:63:83:51:10:d8:3b:ae:8e:d9:0e:4e:
44:db:6c:88:e8:da:61:51:fa:52:f9:ba:96:0c:19:
90:ba:43:5d:ac:88:4f:43:f1:84:b3:0c:7d:6f:e6:
5c:5d:09:ec:f1:d6:4f:45:ac:6f:a0:e8:92:aa:c9:
03:c1:f4:59:db:40:26:b9:a5:88:ce:01:32:10:f7:
2e:99:7f:9b:48:3a:ab:1f:e2:d4:c6:18:a9:48:de:
7e:c2:32:b1:9e:2d:45:76:93:67:b4:74:97:8e:d7:
17:b4:7e:5f:23:af:cf:0c:eb:3d:f3:46:8c:50:96:
87:4d:f5:df:f1:16:79:74:c6:7c:be:b1:21:e2:29:
18:05:ac:34:8d:6d:a2:2e:a4:86:bc:14:24:43:18:
24:d9:cd:59:b0:6b:f9:cc:91:e5:ff:2c:38:e2:a9:
b2:ce:47:2e:38:6c:7d:b4:f7:b4:d1:ea:19:e3:33:
d3:29:df:56:76:5e:24:75:a0:e6:37:a7:b4:df:b1:
54:eb:5f:39:1b:6c:4e:67:f6:a7:cd:00:39:3e:c3:
bd:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:0F:84:34:87:AB:BF:12:33:AE:CB:A5:B0:8A:C2:A6:7E:5B:B0:CA
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ow-ENIervxIzrsulsIrCpn5bsMo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.143.192.0/19
95.106.0.0/17
212.26.224.0/19
Signature Algorithm: sha256WithRSAEncryption
44:42:5a:c4:4f:b9:15:a6:44:39:79:09:f4:c8:49:a9:63:ab:
8c:aa:e1:9d:29:76:f6:2f:6a:53:23:dc:63:1e:e6:5b:de:c3:
6e:cf:c5:28:b7:89:06:d2:5e:de:e7:51:2c:99:8d:32:ce:5a:
ea:77:ec:1e:b3:33:8e:f0:36:24:bf:e2:a1:a3:5d:ab:4c:ba:
70:17:a9:92:99:ff:99:b6:e3:58:da:01:ff:1d:f6:a8:cd:14:
18:bb:df:28:77:c5:50:6e:e5:50:2d:45:11:f5:17:5e:61:57:
56:60:b2:a1:56:4e:f6:f0:8e:40:bb:12:f8:a9:b2:bb:34:61:
ad:19:dc:aa:5e:f0:58:3e:d8:e2:74:32:1b:75:9e:9a:57:8f:
0f:63:9f:68:06:2d:e3:4e:83:f0:71:2d:84:dc:95:b8:76:90:
bd:90:0b:fb:4c:ec:e8:7d:fc:7e:c3:40:c9:47:72:d4:64:41:
25:e5:71:77:0a:73:7c:ae:4d:50:a0:f3:1e:e7:89:4a:9f:2d:
2f:05:e8:9d:40:27:ee:4d:06:59:8e:a7:1d:41:6a:f4:c9:86:
3d:47:9c:99:3e:d2:c4:7f:81:49:cd:05:54:30:f0:13:59:9b:
18:31:28:77:da:d2:1c:a4:06:75:87:7a:ac:fd:b2:5e:06:1a:
28:84:70:0b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY7MYdR0naY2dwpVCFkkQRK0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDExMDg1OTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzBmODQzNDg3YWJiZjEyMzNhZWNiYTViMDhhYzJhNjdlNWJiMGNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2i376bhDHWTPRnb6o/7E0HGiOTDa
H64UTGBt0FjQpRhk++Ee5Hbp8uLgAKLmBQg9Y4NRENg7ro7ZDk5E22yI6NphUfpS
+bqWDBmQukNdrIhPQ/GEswx9b+ZcXQns8dZPRaxvoOiSqskDwfRZ20AmuaWIzgEy
EPcumX+bSDqrH+LUxhipSN5+wjKxni1FdpNntHSXjtcXtH5fI6/PDOs980aMUJaH
TfXf8RZ5dMZ8vrEh4ikYBaw0jW2iLqSGvBQkQxgk2c1ZsGv5zJHl/yw44qmyzkcu
OGx9tPe00eoZ4zPTKd9Wdl4kdaDmN6e037FU6185G2xOZ/anzQA5PsO98QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKMPhDSHq78SM67LpbCKwqZ+W7DKMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvb3ctRU5JZXJ2eEl6cnN1bHNJckNwbjVic01vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQFBY/AAwQH
X2oAAwQF1BrgMA0GCSqGSIb3DQEBCwUAA4IBAQBEQlrET7kVpkQ5eQn0yEmpY6uM
quGdKXb2L2pTI9xjHuZb3sNuz8Uot4kG0l7e51EsmY0yzlrqd+weszOO8DYkv+Kh
o12rTLpwF6mSmf+ZtuNY2gH/HfaozRQYu98od8VQbuVQLUUR9RdeYVdWYLKhVk72
8I5AuxL4qbK7NGGtGdyqXvBYPtjidDIbdZ6aV48PY59oBi3jToPwcS2E3JW4dpC9
kAv7TOzoffx+w0DJR3LUZEEl5XF3CnN8rk1QoPMe54lKny0vBeidQCfuTQZZjqcd
QWr0yYY9R5yZPtLEf4FJzQVUMPATWZsYMSh32tIcpAZ1h3qs/bJeBhoohHAL
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:36:26 2024 by rpki-client on console-fra.rpki-client.org