Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/BDvvL2ukIbk3mMW38BP8JOq8c5I.roa
File: BDvvL2ukIbk3mMW38BP8JOq8c5I.roa (raw, json)
Hash identifier: gRta/cBEZd9YqT3NmuxWqZZqrSrpVU3ZLtPajN9uQWE=
Subject key identifier: 04:3B:EF:2F:6B:A4:21:B9:37:98:C5:B7:F0:13:FC:24:EA:BC:73:92
Certificate issuer: /CN=592e7c1f2394c3e3aaa8ccb647fd83671d6098b7
Certificate serial: 019008807507B94EFFF94172B60243DD4D9B
Authority key identifier: 59:2E:7C:1F:23:94:C3:E3:AA:A8:CC:B6:47:FD:83:67:1D:60:98:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/BDvvL2ukIbk3mMW38BP8JOq8c5I.roa
Signing time: Tue 11 Jun 2024 18:12:34 +0000
ROA not before: Tue 11 Jun 2024 18:12:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199366
IP address blocks: 46.20.10.0/24 maxlen: 24
46.20.12.0/24 maxlen: 24
46.20.13.0/24 maxlen: 24
95.130.174.0/24 maxlen: 24
109.235.253.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/WS58HyOUw-OqqMy2R_2DZx1gmLc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/WS58HyOUw-OqqMy2R_2DZx1gmLc.mft
rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 29 Jun 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:08:80:75:07:b9:4e:ff:f9:41:72:b6:02:43:dd:4d:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=592e7c1f2394c3e3aaa8ccb647fd83671d6098b7
Validity
Not Before: Jun 11 18:12:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=043bef2f6ba421b93798c5b7f013fc24eabc7392
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a6:2d:77:6c:6e:50:78:44:22:1d:37:67:ca:
7c:1a:97:22:c8:ee:62:af:e2:73:91:4d:93:db:f6:
b9:08:31:8e:af:67:1e:71:91:d2:0e:58:a0:f5:a7:
4b:89:f2:fe:d9:7c:55:5a:4b:bf:17:f9:d4:17:ab:
0d:94:03:4c:a7:e1:0e:2c:c8:72:2d:89:b7:19:e1:
0c:06:11:36:a4:5c:f1:04:72:3a:c5:23:c7:c7:89:
76:fb:2d:39:45:70:5d:ee:b9:5a:a1:d0:31:24:2c:
cd:e7:3e:4d:52:aa:2c:65:83:70:20:e5:09:4d:7a:
6c:73:6e:ab:3e:28:af:4c:02:7f:84:1f:fc:2f:cb:
95:cb:bc:40:ee:6b:40:8d:df:56:7d:60:f7:6e:34:
9f:fc:9d:87:48:39:2b:6c:53:fd:3a:ed:75:78:65:
9b:72:55:29:68:70:09:c2:8a:7d:c6:8e:99:60:2b:
80:b2:19:0a:3a:1e:c4:75:b0:1b:09:af:18:58:84:
60:90:f8:2c:99:3e:e2:5a:44:51:3f:b4:6a:e5:e9:
fe:d8:76:ae:eb:06:e2:11:6d:84:19:3c:e8:80:56:
99:2c:71:03:09:2d:f3:bf:82:8d:e0:5f:e0:a3:a0:
6b:40:81:ae:2c:e6:24:db:fb:a1:c1:30:a5:26:18:
7f:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:3B:EF:2F:6B:A4:21:B9:37:98:C5:B7:F0:13:FC:24:EA:BC:73:92
X509v3 Authority Key Identifier:
keyid:59:2E:7C:1F:23:94:C3:E3:AA:A8:CC:B6:47:FD:83:67:1D:60:98:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WS58HyOUw-OqqMy2R_2DZx1gmLc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/BDvvL2ukIbk3mMW38BP8JOq8c5I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9571d6-974f-4327-b9e0-443be63fc123/1/WS58HyOUw-OqqMy2R_2DZx1gmLc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.20.10.0/24
46.20.12.0/23
95.130.174.0/24
109.235.253.0/24
Signature Algorithm: sha256WithRSAEncryption
bc:be:74:f6:ac:ff:d2:29:26:1f:84:c8:de:5c:fc:6b:21:e4:
1b:dd:21:a5:f0:15:13:cd:83:b6:8b:99:47:e5:fb:45:a2:a2:
d0:be:97:8a:4e:46:b5:d1:40:b1:5f:d5:68:bb:27:52:61:6d:
7b:97:66:17:bc:ae:39:c5:31:63:b8:be:14:5b:ac:35:06:b0:
a6:ea:20:f4:fe:d2:18:6d:80:2f:48:2e:0f:93:4a:93:5d:3c:
1f:ce:1b:f3:f3:5e:dd:af:1e:5c:a9:46:50:1b:b8:4d:06:6c:
9f:44:a7:4e:cc:6c:ef:e2:91:a7:4a:e3:b4:d8:04:e0:49:9a:
74:30:de:14:75:26:7f:e6:3d:19:2e:b7:6d:d1:1f:8e:06:88:
2b:e1:87:b1:ff:de:35:b7:3a:52:d1:b9:69:d9:a2:0d:8d:62:
16:6b:f0:8d:0f:a9:22:81:c8:04:99:ff:d8:5d:e0:04:ab:4d:
72:4c:86:8c:ac:a0:5a:52:64:80:d4:5f:b8:71:8f:95:76:81:
3c:00:10:1f:4c:e1:9b:6b:d8:3c:3d:88:6a:5c:a0:dc:3f:28:
74:2c:4e:78:4b:97:4c:8f:51:8a:93:f6:b1:59:f9:2f:74:7a:
47:c5:dc:2a:6b:9d:23:84:e9:72:47:76:03:e1:ea:4c:26:5f:
0f:30:44:bf
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZAIgHUHuU7/+UFytgJD3U2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5MmU3YzFmMjM5NGMzZTNhYWE4Y2NiNjQ3ZmQ4MzY3MWQ2
MDk4YjcwHhcNMjQwNjExMTgxMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDNiZWYyZjZiYTQyMWI5Mzc5OGM1YjdmMDEzZmMyNGVhYmM3MzkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6Ytd2xuUHhEIh03Z8p8GpciyO5i
r+JzkU2T2/a5CDGOr2cecZHSDlig9adLifL+2XxVWku/F/nUF6sNlANMp+EOLMhy
LYm3GeEMBhE2pFzxBHI6xSPHx4l2+y05RXBd7rlaodAxJCzN5z5NUqosZYNwIOUJ
TXpsc26rPiivTAJ/hB/8L8uVy7xA7mtAjd9WfWD3bjSf/J2HSDkrbFP9Ou11eGWb
clUpaHAJwop9xo6ZYCuAshkKOh7EdbAbCa8YWIRgkPgsmT7iWkRRP7Rq5en+2Hau
6wbiEW2EGTzogFaZLHEDCS3zv4KN4F/go6BrQIGuLOYk2/uhwTClJhh/qQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAQ77y9rpCG5N5jFt/AT/CTqvHOSMB8GA1UdIwQY
MBaAFFkufB8jlMPjqqjMtkf9g2cdYJi3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1M1OEh5T1V3LU9xcU15MlJfMkRaeDFnbUxjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi85NTcxZDYtOTc0Zi00MzI3LWI5ZTAt
NDQzYmU2M2ZjMTIzLzEvQkR2dkwydWtJYmszbU1XMzhCUDhKT3E4YzVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi85NTcxZDYtOTc0Zi00MzI3LWI5ZTAtNDQzYmU2M2ZjMTIz
LzEvV1M1OEh5T1V3LU9xcU15MlJfMkRaeDFnbUxjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALhQKAwQB
LhQMAwQAX4KuAwQAbev9MA0GCSqGSIb3DQEBCwUAA4IBAQC8vnT2rP/SKSYfhMje
XPxrIeQb3SGl8BUTzYO2i5lH5ftFoqLQvpeKTka10UCxX9VouydSYW17l2YXvK45
xTFjuL4UW6w1BrCm6iD0/tIYbYAvSC4Pk0qTXTwfzhvz817drx5cqUZQG7hNBmyf
RKdOzGzv4pGnSuO02ATgSZp0MN4UdSZ/5j0ZLrdt0R+OBogr4Yex/941tzpS0blp
2aINjWIWa/CND6kigcgEmf/YXeAEq01yTIaMrKBaUmSA1F+4cY+VdoE8ABAfTOGb
a9g8PYhqXKDcPyh0LE54S5dMj1GKk/axWfkvdHpHxdwqa50jhOlyR3YD4epMJl8P
MES/
-----END CERTIFICATE-----
Generated at Fri Jun 28 18:10:06 2024 by rpki-client on console-ams.rpki-client.org