Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/bsRLm6ishuGZZLj5rwlAxXyDNwE.roa
File: bsRLm6ishuGZZLj5rwlAxXyDNwE.roa (raw, json)
Hash identifier: F/a3bpJIbymN+L760hZ7eBsLKowBc4bgezkZlmHGkWo=
Subject key identifier: 6E:C4:4B:9B:A8:AC:86:E1:99:64:B8:F9:AF:09:40:C5:7C:83:37:01
Certificate issuer: /CN=9af9d0d4befda09e999eabd0c8724e217364de10
Certificate serial: 018CC3488FE7C0FDEEFB8FFC878CB3FEECD1
Authority key identifier: 9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/bsRLm6ishuGZZLj5rwlAxXyDNwE.roa
Signing time: Mon 01 Jan 2024 04:29:21 +0000
ROA not before: Mon 01 Jan 2024 04:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208722
IP address blocks: 100.43.64.0/19 maxlen: 19
199.36.240.0/22 maxlen: 22
45.87.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 17:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:8f:e7:c0:fd:ee:fb:8f:fc:87:8c:b3:fe:ec:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9af9d0d4befda09e999eabd0c8724e217364de10
Validity
Not Before: Jan 1 04:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ec44b9ba8ac86e19964b8f9af0940c57c833701
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:bc:ae:f5:b0:b4:9d:a0:f2:57:18:70:62:0b:
96:b6:03:54:85:42:e3:45:ff:82:8a:a3:e9:27:85:
64:0e:32:5b:9c:8a:7a:65:13:f3:2e:0f:d8:6c:64:
83:e1:ce:cf:be:e2:fd:44:62:9c:2e:b6:c7:df:21:
3b:b3:09:e7:0d:a1:e3:56:39:c0:08:52:ec:d1:0a:
c1:8a:5c:3a:52:c2:71:4c:7e:0f:d8:84:af:2b:73:
0e:23:8b:f6:36:fb:6e:25:86:e8:3b:94:c8:58:88:
66:2a:7f:55:82:10:83:9c:38:dd:d1:fd:20:9a:90:
17:f4:1b:ee:8b:65:84:ac:39:df:3b:65:c1:86:16:
77:10:e0:e3:bc:b3:9e:d7:54:60:d2:fe:56:64:9a:
c7:9d:1f:db:1e:67:f4:c8:94:62:a4:60:37:9e:fc:
69:e9:0e:88:1f:4c:95:0b:4c:60:0e:35:1d:a1:d5:
c9:0d:f4:2e:15:23:72:2d:6b:bc:5d:96:0c:78:df:
90:8a:a2:bd:d7:67:35:af:56:6b:c0:82:e5:aa:8c:
9a:36:1f:3a:63:18:73:2b:60:ec:1e:d9:5f:f0:dd:
63:30:fa:c5:20:04:89:2d:50:ac:88:5d:41:91:ba:
08:a4:21:a0:60:65:92:17:78:79:4c:1f:98:96:c2:
40:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C4:4B:9B:A8:AC:86:E1:99:64:B8:F9:AF:09:40:C5:7C:83:37:01
X509v3 Authority Key Identifier:
keyid:9A:F9:D0:D4:BE:FD:A0:9E:99:9E:AB:D0:C8:72:4E:21:73:64:DE:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/bsRLm6ishuGZZLj5rwlAxXyDNwE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/01d9fe-e14a-40a4-8458-26701b162fc3/1/mvnQ1L79oJ6ZnqvQyHJOIXNk3hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.132.0/22
100.43.64.0/19
199.36.240.0/22
Signature Algorithm: sha256WithRSAEncryption
42:19:5a:63:bf:62:bf:10:09:cf:fc:30:01:a3:2c:fd:6d:c3:
7a:4c:eb:c2:0e:71:e8:c9:c6:9f:47:fb:32:c4:c4:82:c4:c4:
a7:88:be:79:3f:82:0d:cb:5f:dc:1f:63:26:f1:b4:e7:12:d7:
1a:b6:c2:82:05:6b:5c:6e:4e:4b:2c:07:90:e7:cf:e5:75:ff:
37:1c:6d:0d:43:fe:b9:7d:65:6e:9b:72:4c:00:3f:ab:9a:d2:
56:2b:a1:17:81:29:d5:fa:3e:bf:1f:fe:52:0a:40:f9:a1:1b:
cc:8c:67:e1:94:2d:f9:b8:03:9b:89:ca:3c:b0:83:fa:6b:bd:
5c:e5:96:db:4c:22:81:02:45:49:7a:45:87:c0:b1:ec:77:42:
a3:0e:54:47:9f:03:54:cf:da:1e:ef:9e:00:43:2b:74:6b:58:
8f:3d:a1:05:0e:ff:54:9f:87:fd:92:4b:57:49:be:a8:ab:4e:
99:ef:a6:e1:cb:a4:90:45:e9:1d:9d:4a:8d:45:8a:b8:6c:90:
25:6c:c4:4f:39:3d:04:25:09:e7:e5:b8:7a:a0:df:2f:77:18:
38:1b:76:45:f6:24:4b:00:0d:14:da:80:96:bd:7a:37:e7:73:
c5:f5:82:59:14:88:10:0e:5f:c0:05:ce:ae:d0:5c:10:a0:69:
9d:a0:dd:c2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDSI/nwP3u+4/8h4yz/uzRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZjlkMGQ0YmVmZGEwOWU5OTllYWJkMGM4NzI0ZTIxNzM2
NGRlMTAwHhcNMjQwMTAxMDQyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWM0NGI5YmE4YWM4NmUxOTk2NGI4ZjlhZjA5NDBjNTdjODMzNzAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAibyu9bC0naDyVxhwYguWtgNUhULj
Rf+CiqPpJ4VkDjJbnIp6ZRPzLg/YbGSD4c7PvuL9RGKcLrbH3yE7swnnDaHjVjnA
CFLs0QrBilw6UsJxTH4P2ISvK3MOI4v2NvtuJYboO5TIWIhmKn9VghCDnDjd0f0g
mpAX9Bvui2WErDnfO2XBhhZ3EODjvLOe11Rg0v5WZJrHnR/bHmf0yJRipGA3nvxp
6Q6IH0yVC0xgDjUdodXJDfQuFSNyLWu8XZYMeN+QiqK912c1r1ZrwILlqoyaNh86
YxhzK2DsHtlf8N1jMPrFIASJLVCsiF1BkboIpCGgYGWSF3h5TB+YlsJANQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG7ES5uorIbhmWS4+a8JQMV8gzcBMB8GA1UdIwQY
MBaAFJr50NS+/aCemZ6r0MhyTiFzZN4QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgt
MjY3MDFiMTYyZmMzLzEvYnNSTG02aXNodUdaWkxqNXJ3bEF4WHlETndFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8wMWQ5ZmUtZTE0YS00MGE0LTg0NTgtMjY3MDFiMTYyZmMz
LzEvbXZuUTFMNzlvSjZabnF2UXlISk9JWE5rM2hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVeEAwQF
ZCtAAwQCxyTwMA0GCSqGSIb3DQEBCwUAA4IBAQBCGVpjv2K/EAnP/DABoyz9bcN6
TOvCDnHoycafR/syxMSCxMSniL55P4INy1/cH2Mm8bTnEtcatsKCBWtcbk5LLAeQ
58/ldf83HG0NQ/65fWVum3JMAD+rmtJWK6EXgSnV+j6/H/5SCkD5oRvMjGfhlC35
uAObico8sIP6a71c5ZbbTCKBAkVJekWHwLHsd0KjDlRHnwNUz9oe754AQyt0a1iP
PaEFDv9Un4f9kktXSb6oq06Z76bhy6SQRekdnUqNRYq4bJAlbMRPOT0EJQnn5bh6
oN8vdxg4G3ZF9iRLAA0U2oCWvXo353PF9YJZFIgQDl/ABc6u0FwQoGmdoN3C
-----END CERTIFICATE-----
Generated at Mon Jun 17 00:02:26 2024 by rpki-client on console-ams.rpki-client.org