Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/BHl6R7BMWq26DHQO3MIbnXvW_CY.roa
File: BHl6R7BMWq26DHQO3MIbnXvW_CY.roa (raw, json)
Hash identifier: SRpkztK1HCNTFMImMxWaBTrWpB2PDazdB9S/jbOoL8c=
Subject key identifier: 04:79:7A:47:B0:4C:5A:AD:BA:0C:74:0E:DC:C2:1B:9D:7B:D6:FC:26
Certificate issuer: /CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Certificate serial: 018F0C43006450AF5FAC988D0E3EF1A553DC
Authority key identifier: 2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/BHl6R7BMWq26DHQO3MIbnXvW_CY.roa
Signing time: Tue 23 Apr 2024 18:41:08 +0000
ROA not before: Tue 23 Apr 2024 18:41:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213220
IP address blocks: 2a13:5200::/32 maxlen: 32
2a13:5201::/32 maxlen: 32
2a13:5202::/32 maxlen: 32
2a13:5203::/32 maxlen: 32
2a13:5204::/32 maxlen: 32
2a13:5205::/32 maxlen: 32
2a13:5206::/32 maxlen: 32
2a13:5207::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.mft
rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 11:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0c:43:00:64:50:af:5f:ac:98:8d:0e:3e:f1:a5:53:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e1164a9b5013d62f051344f6df91f13bc7ecb0f
Validity
Not Before: Apr 23 18:41:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04797a47b04c5aadba0c740edcc21b9d7bd6fc26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:65:9f:bf:4d:06:9b:89:a4:16:4b:3f:dc:94:
d6:4f:ce:8e:f0:09:62:1c:a0:a2:95:8a:db:de:e9:
4f:a2:97:2b:0e:ad:90:74:fa:c0:57:f4:f9:b6:ea:
94:5f:16:8d:de:ac:c1:19:41:e7:50:39:e1:e6:9c:
5d:8d:99:89:e6:fd:38:7b:4e:54:bf:b3:9a:91:6c:
dc:01:13:4d:20:10:b5:44:bc:e1:ce:36:60:18:4d:
03:68:a8:07:3b:78:35:66:7e:9b:7f:d0:00:06:20:
71:67:4b:b6:4a:9d:ab:dc:dd:7d:b4:89:3a:b2:c3:
7b:0b:48:ab:c5:d0:ab:39:e0:8e:30:0f:26:ce:e4:
2a:28:c4:b8:5a:ae:cf:9b:30:91:15:a8:09:13:f7:
c7:6c:ce:e8:a7:49:cd:83:ac:0e:fe:b0:ce:e7:55:
47:90:4c:7e:c9:8b:1f:f6:72:bc:29:5c:4f:70:b8:
3b:6d:af:22:c9:0e:c1:c5:74:e6:98:30:57:36:29:
21:a0:d1:38:19:b9:87:33:d0:13:ce:58:b4:7e:55:
4d:f8:3c:9f:61:05:fb:8a:29:7c:c6:5a:cb:b1:c4:
3d:8f:ad:4e:a5:65:64:e9:16:82:2c:9e:e5:b4:75:
a5:c7:76:8a:bd:40:70:d2:f6:d5:fd:47:2b:11:f2:
33:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:79:7A:47:B0:4C:5A:AD:BA:0C:74:0E:DC:C2:1B:9D:7B:D6:FC:26
X509v3 Authority Key Identifier:
keyid:2E:11:64:A9:B5:01:3D:62:F0:51:34:4F:6D:F9:1F:13:BC:7E:CB:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhFkqbUBPWLwUTRPbfkfE7x-yw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/BHl6R7BMWq26DHQO3MIbnXvW_CY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/fb4696-678f-4d45-a091-fd7f17bb1a5c/1/LhFkqbUBPWLwUTRPbfkfE7x-yw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:5200::/29
Signature Algorithm: sha256WithRSAEncryption
1b:56:42:fb:5e:9b:79:43:f7:03:72:cc:fb:51:8d:64:44:59:
c8:36:04:47:74:f0:f1:37:27:79:ad:e8:18:e3:1b:88:1e:b5:
03:0b:31:53:8a:3b:d8:2a:4d:13:48:97:b6:ac:e5:ed:23:01:
f6:05:8d:be:22:89:63:a9:28:15:e4:50:0d:ab:a6:6f:47:37:
c9:73:5a:dd:f1:24:a6:a4:0a:06:2b:d6:d3:51:6c:1e:a1:9c:
9b:4f:34:da:31:c5:5b:17:89:a7:c9:fc:8f:94:9d:02:e2:ab:
e7:91:6e:ce:97:44:9a:79:6b:e9:6c:80:51:59:e7:bf:4d:26:
29:55:11:12:51:68:0d:2d:aa:d6:d2:32:72:e5:05:c0:59:f7:
67:61:a6:76:df:65:dd:fd:a8:d8:29:93:fc:21:e7:ad:b6:33:
70:13:92:85:d8:50:0d:ff:ce:e7:e9:02:e9:cb:fd:76:b6:af:
c7:4a:6e:de:12:ea:82:72:e1:e8:ac:da:32:41:db:c3:56:a6:
d9:4f:f7:82:48:0e:57:76:62:cc:51:1d:0a:f1:60:88:26:36:
e0:42:ad:ff:26:0d:18:55:ec:92:9b:92:c5:7d:9c:be:b2:8c:
65:90:2a:bc:f0:4b:aa:76:5d:e6:d8:61:15:d9:36:b4:e6:cc:
d8:16:27:1e
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAY8MQwBkUK9frJiNDj7xpVPcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTE2NGE5YjUwMTNkNjJmMDUxMzQ0ZjZkZjkxZjEzYmM3
ZWNiMGYwHhcNMjQwNDIzMTg0MTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDc5N2E0N2IwNGM1YWFkYmEwYzc0MGVkY2MyMWI5ZDdiZDZmYzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWWfv00Gm4mkFks/3JTWT86O8Ali
HKCilYrb3ulPopcrDq2QdPrAV/T5tuqUXxaN3qzBGUHnUDnh5pxdjZmJ5v04e05U
v7OakWzcARNNIBC1RLzhzjZgGE0DaKgHO3g1Zn6bf9AABiBxZ0u2Sp2r3N19tIk6
ssN7C0irxdCrOeCOMA8mzuQqKMS4Wq7PmzCRFagJE/fHbM7op0nNg6wO/rDO51VH
kEx+yYsf9nK8KVxPcLg7ba8iyQ7BxXTmmDBXNikhoNE4GbmHM9ATzli0flVN+Dyf
YQX7iil8xlrLscQ9j61OpWVk6RaCLJ7ltHWlx3aKvUBw0vbV/UcrEfIzHQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAR5ekewTFqtugx0DtzCG5171vwmMB8GA1UdIwQY
MBaAFC4RZKm1AT1i8FE0T235HxO8fssPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEt
ZmQ3ZjE3YmIxYTVjLzEvQkhsNlI3Qk1XcTI2REhRTzNNSWJuWHZXX0NZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9mYjQ2OTYtNjc4Zi00ZDQ1LWEwOTEtZmQ3ZjE3YmIxYTVj
LzEvTGhGa3FiVUJQV0x3VVRSUGJma2ZFN3gteXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKhNSADAN
BgkqhkiG9w0BAQsFAAOCAQEAG1ZC+16beUP3A3LM+1GNZERZyDYER3Tw8Tcnea3o
GOMbiB61AwsxU4o72CpNE0iXtqzl7SMB9gWNviKJY6koFeRQDaumb0c3yXNa3fEk
pqQKBivW01FsHqGcm0802jHFWxeJp8n8j5SdAuKr55FuzpdEmnlr6WyAUVnnv00m
KVURElFoDS2q1tIycuUFwFn3Z2Gmdt9l3f2o2CmT/CHnrbYzcBOShdhQDf/O5+kC
6cv9dravx0pu3hLqgnLh6KzaMkHbw1am2U/3gkgOV3ZizFEdCvFgiCY24EKt/yYN
GFXskpuSxX2cvrKMZZAqvPBLqnZd5thhFdk2tObM2BYnHg==
-----END CERTIFICATE-----
Generated at Tue Jun 25 20:20:51 2024 by rpki-client on console-fra.rpki-client.org