Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/BwxNdb_Ys_zLxGY7D4jB0R9p_Ms.roa
File: BwxNdb_Ys_zLxGY7D4jB0R9p_Ms.roa (raw, json)
Hash identifier: lUCucCJUsMQaNA8A17vhH5NLl1wjeRBXJRH/ujJgUtg=
Subject key identifier: 07:0C:4D:75:BF:D8:B3:FC:CB:C4:66:3B:0F:88:C1:D1:1F:69:FC:CB
Certificate issuer: /CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Certificate serial: 018FC9D7655045C9DE4739E0C77608CC0651
Authority key identifier: 74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/BwxNdb_Ys_zLxGY7D4jB0R9p_Ms.roa
Signing time: Thu 30 May 2024 14:11:27 +0000
ROA not before: Thu 30 May 2024 14:11:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34984
IP address blocks: 31.169.68.0/24 maxlen: 24
31.169.68.0/26 maxlen: 26
31.169.68.64/28 maxlen: 28
31.169.68.80/28 maxlen: 28
31.169.68.96/28 maxlen: 28
31.169.68.112/28 maxlen: 28
31.169.68.128/28 maxlen: 28
31.169.68.144/28 maxlen: 28
31.169.68.160/28 maxlen: 28
31.169.68.176/28 maxlen: 28
31.169.68.192/28 maxlen: 28
31.169.68.208/28 maxlen: 28
31.169.68.224/28 maxlen: 28
31.169.68.240/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 15 Nov 2024 00:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c9:d7:65:50:45:c9:de:47:39:e0:c7:76:08:cc:06:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74e133ea1e40fc13e074e327710a5344a960b5c0
Validity
Not Before: May 30 14:11:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=070c4d75bfd8b3fccbc4663b0f88c1d11f69fccb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:6a:e0:67:d6:c5:d5:30:8f:d1:00:f7:c0:49:
c7:6a:de:78:3d:b9:ec:3d:3a:9e:04:24:d1:f9:b7:
5e:f1:34:12:db:1e:b4:ec:f9:ec:d2:56:64:cf:b1:
b6:de:38:23:7f:f7:c0:9f:a5:ef:8e:9d:4e:50:d2:
72:c0:d6:20:a1:a3:93:7d:60:55:1a:d1:fd:57:c5:
58:d0:75:51:c6:85:4b:8b:ba:13:31:fa:03:6c:99:
5c:9b:81:0f:86:1b:74:5c:03:cb:bd:b1:78:18:10:
55:40:00:54:48:35:89:a2:43:17:f2:db:81:aa:ee:
5e:dd:72:73:33:f1:7f:34:19:d5:f9:10:72:40:15:
83:12:11:3a:57:18:02:a7:30:1a:94:42:e0:7c:15:
59:d5:b4:7c:0c:66:dd:d7:a6:82:3f:f4:df:ab:1b:
11:4e:2a:9d:70:ec:8e:04:3e:c3:1d:bd:85:e3:95:
05:13:cd:4f:ad:87:2d:69:f8:30:2f:c5:de:08:ff:
f6:e2:df:96:31:17:c0:f1:cd:2f:9f:c8:ed:2e:b8:
e9:d1:78:c9:d9:58:7b:01:63:b7:2c:5f:f8:43:4b:
d1:f4:c8:a5:86:39:8f:e2:12:04:f6:a2:fc:b6:ee:
4e:3f:78:59:17:d5:4c:48:d1:e0:5d:8b:99:75:7f:
b8:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:0C:4D:75:BF:D8:B3:FC:CB:C4:66:3B:0F:88:C1:D1:1F:69:FC:CB
X509v3 Authority Key Identifier:
keyid:74:E1:33:EA:1E:40:FC:13:E0:74:E3:27:71:0A:53:44:A9:60:B5:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dOEz6h5A_BPgdOMncQpTRKlgtcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/BwxNdb_Ys_zLxGY7D4jB0R9p_Ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/1f5587-cb92-4917-8cf3-2cb9e2172f97/1/dOEz6h5A_BPgdOMncQpTRKlgtcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.169.68.0/24
Signature Algorithm: sha256WithRSAEncryption
61:17:be:ac:16:20:92:3d:3a:45:77:76:8a:65:64:b2:96:fe:
e6:3f:cd:b9:38:7c:c7:35:0c:ad:26:5d:c5:f8:16:10:74:34:
4d:ef:43:2f:0d:ed:68:73:cc:5d:ab:9c:12:56:d1:5d:7a:eb:
ee:a4:79:db:17:d8:a5:87:48:1c:c8:bc:59:9b:6e:e0:b1:d5:
2e:d0:84:8c:4a:7d:22:9e:86:6f:9a:31:87:e9:d4:13:f7:00:
69:76:8c:43:9e:da:09:d3:89:3d:4f:63:1d:79:3f:f7:9f:1f:
d9:1e:c1:7e:ef:95:56:4e:c1:0c:07:e1:06:c1:94:f3:78:07:
d1:7a:96:6a:27:f0:c1:11:62:15:b8:b5:c1:da:77:29:6a:91:
f3:fa:c0:5b:a6:99:9f:d4:b4:c7:e9:5f:e7:c2:a7:02:6a:82:
ee:e8:2d:5b:97:e3:63:be:d0:da:ba:8b:20:23:40:1c:26:f0:
f9:71:54:c9:cb:6e:93:ef:10:91:9b:d8:2c:6a:4b:7b:73:cf:
bc:1d:48:2f:51:6d:46:02:fb:59:41:e5:54:56:3e:94:57:92:
36:e2:94:b7:08:b1:e6:a9:3a:02:d8:79:08:9f:06:4f:38:2f:
9a:f5:f1:28:89:7b:8f:1a:18:ee:e5:48:38:f4:57:50:7e:38:
9f:b3:2b:2c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/J12VQRcneRzngx3YIzAZRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ZTEzM2VhMWU0MGZjMTNlMDc0ZTMyNzcxMGE1MzQ0YTk2
MGI1YzAwHhcNMjQwNTMwMTQxMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzBjNGQ3NWJmZDhiM2ZjY2JjNDY2M2IwZjg4YzFkMTFmNjlmY2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArWrgZ9bF1TCP0QD3wEnHat54Pbns
PTqeBCTR+bde8TQS2x607Pns0lZkz7G23jgjf/fAn6Xvjp1OUNJywNYgoaOTfWBV
GtH9V8VY0HVRxoVLi7oTMfoDbJlcm4EPhht0XAPLvbF4GBBVQABUSDWJokMX8tuB
qu5e3XJzM/F/NBnV+RByQBWDEhE6VxgCpzAalELgfBVZ1bR8DGbd16aCP/TfqxsR
TiqdcOyOBD7DHb2F45UFE81PrYctafgwL8XeCP/24t+WMRfA8c0vn8jtLrjp0XjJ
2Vh7AWO3LF/4Q0vR9MilhjmP4hIE9qL8tu5OP3hZF9VMSNHgXYuZdX+4CwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAcMTXW/2LP8y8RmOw+IwdEfafzLMB8GA1UdIwQY
MBaAFHThM+oeQPwT4HTjJ3EKU0SpYLXAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMt
MmNiOWUyMTcyZjk3LzEvQnd4TmRiX1lzX3pMeEdZN0Q0akIwUjlwX01zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8xZjU1ODctY2I5Mi00OTE3LThjZjMtMmNiOWUyMTcyZjk3
LzEvZE9FejZoNUFfQlBnZE9NbmNRcFRSS2xndGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAH6lEMA0G
CSqGSIb3DQEBCwUAA4IBAQBhF76sFiCSPTpFd3aKZWSylv7mP825OHzHNQytJl3F
+BYQdDRN70MvDe1oc8xdq5wSVtFdeuvupHnbF9ilh0gcyLxZm27gsdUu0ISMSn0i
noZvmjGH6dQT9wBpdoxDntoJ04k9T2MdeT/3nx/ZHsF+75VWTsEMB+EGwZTzeAfR
epZqJ/DBEWIVuLXB2ncpapHz+sBbppmf1LTH6V/nwqcCaoLu6C1bl+NjvtDauosg
I0AcJvD5cVTJy26T7xCRm9gsakt7c8+8HUgvUW1GAvtZQeVUVj6UV5I24pS3CLHm
qToC2HkInwZPOC+a9fEoiXuPGhju5Ug49FdQfjifsyss
-----END CERTIFICATE-----
Generated at Thu Nov 14 04:58:23 2024 by rpki-client on console-fra.rpki-client.org