Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/bPmN4QLDXWuiaRKrUSWLmjHo6_Y.roa
File: bPmN4QLDXWuiaRKrUSWLmjHo6_Y.roa (raw, json)
Hash identifier: azVjh9sYT/ZH3NTR6bgXFHYU0nq8FbLu8b/TGj52814=
Subject key identifier: 6C:F9:8D:E1:02:C3:5D:6B:A2:69:12:AB:51:25:8B:9A:31:E8:EB:F6
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018CC56DF6759F50056297CF1FB9B8313C63
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/bPmN4QLDXWuiaRKrUSWLmjHo6_Y.roa
Signing time: Mon 01 Jan 2024 14:29:27 +0000
ROA not before: Mon 01 Jan 2024 14:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48763
IP address blocks: 217.171.147.0/24 maxlen: 24
5.44.41.0/24 maxlen: 24
5.44.40.0/24 maxlen: 24
194.28.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f6:75:9f:50:05:62:97:cf:1f:b9:b8:31:3c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 1 14:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cf98de102c35d6ba26912ab51258b9a31e8ebf6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:5a:9b:66:13:46:d1:62:56:7b:23:77:3d:45:
2f:38:bf:69:39:59:41:a7:22:93:e5:db:85:6a:ba:
c5:07:14:88:04:2d:67:72:be:5c:25:80:85:80:a2:
ec:a2:8e:83:88:b0:67:c6:21:44:e9:3a:8b:de:7b:
94:37:1d:c5:69:ed:f5:26:33:5b:41:6e:9a:53:4c:
10:b3:77:f2:26:8a:db:f6:04:d6:f8:9d:60:b1:45:
1e:e4:87:80:d2:d8:72:e2:0e:de:b5:4b:7c:56:8e:
5a:fb:a3:b4:4a:61:0c:26:4f:60:8e:e2:6c:54:ab:
26:fb:ed:7c:e0:14:1f:ce:ca:7a:9f:6d:c7:db:87:
44:70:f0:48:b4:4c:a0:15:76:c5:7e:cb:ff:be:14:
b5:b8:ba:87:3f:9a:22:c2:9e:3a:db:f9:50:b4:63:
ce:90:26:f8:a1:f4:10:cf:62:b1:41:92:25:55:95:
6a:68:7d:2d:e8:27:2d:c3:91:98:3c:48:b3:c0:d1:
21:4a:a2:6f:e6:95:31:e8:8b:6f:f6:08:10:54:5d:
5e:72:66:01:8f:bb:23:4a:72:1b:17:ba:34:77:a0:
af:81:64:5e:98:13:d5:dc:d0:a3:4d:0c:26:99:fa:
b4:45:cb:f1:ee:fc:a5:1d:21:49:9d:db:27:04:a6:
0c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F9:8D:E1:02:C3:5D:6B:A2:69:12:AB:51:25:8B:9A:31:E8:EB:F6
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/bPmN4QLDXWuiaRKrUSWLmjHo6_Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.40.0/23
194.28.193.0/24
217.171.147.0/24
Signature Algorithm: sha256WithRSAEncryption
20:d1:58:79:8e:f0:6e:a0:54:8e:30:82:ea:3e:07:bc:5c:42:
49:cb:02:1f:de:7f:3f:c0:85:00:4a:2d:c9:15:0e:a4:37:a6:
56:36:54:f6:52:31:24:ec:df:7a:55:79:3f:f7:ac:41:af:d4:
dd:5b:75:68:ca:ec:66:1f:13:31:e5:a0:a6:c8:00:bf:5e:5b:
8d:e3:52:95:9b:10:57:ff:af:32:8d:36:fa:f8:57:1f:5a:86:
9f:0c:06:86:06:e0:ac:70:25:ba:72:11:31:3a:60:7e:37:b0:
70:08:49:d1:2b:a5:51:16:64:0a:77:cb:4d:44:d8:38:68:4e:
e6:23:09:89:85:f8:66:39:45:b8:ae:34:d0:f9:4f:5a:88:b1:
13:bc:9e:4b:c4:0d:1d:96:b0:2a:b9:f9:c6:e1:46:b0:ea:46:
64:9c:68:bc:fd:8a:90:ad:5b:4c:73:48:36:81:8a:77:cc:aa:
22:b6:6a:98:e1:d8:2a:4f:75:5c:f6:bf:7b:5d:1d:92:a6:1a:
19:38:9f:b8:3d:93:3b:85:a2:a9:34:2a:91:b7:17:cd:06:5e:
45:c6:b0:4f:36:6e:bc:68:5f:5f:ff:56:5e:bb:ec:47:4e:4f:
f4:23:ba:54:48:1b:f9:82:8c:d4:f8:fe:08:cd:49:a6:1a:61:
a0:1b:10:50
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbfZ1n1AFYpfPH7m4MTxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwMTAxMTQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Y5OGRlMTAyYzM1ZDZiYTI2OTEyYWI1MTI1OGI5YTMxZThlYmY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr1qbZhNG0WJWeyN3PUUvOL9pOVlB
pyKT5duFarrFBxSIBC1ncr5cJYCFgKLsoo6DiLBnxiFE6TqL3nuUNx3Fae31JjNb
QW6aU0wQs3fyJorb9gTW+J1gsUUe5IeA0thy4g7etUt8Vo5a+6O0SmEMJk9gjuJs
VKsm++184BQfzsp6n23H24dEcPBItEygFXbFfsv/vhS1uLqHP5oiwp462/lQtGPO
kCb4ofQQz2KxQZIlVZVqaH0t6Cctw5GYPEizwNEhSqJv5pUx6Itv9ggQVF1ecmYB
j7sjSnIbF7o0d6CvgWRemBPV3NCjTQwmmfq0Rcvx7vylHSFJndsnBKYM2QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGz5jeECw11romkSq1Eli5ox6Ov2MB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvYlBtTjRRTERYV3VpYVJLclVTV0xtakhvNl9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBBSwoAwQA
whzBAwQA2auTMA0GCSqGSIb3DQEBCwUAA4IBAQAg0Vh5jvBuoFSOMILqPge8XEJJ
ywIf3n8/wIUASi3JFQ6kN6ZWNlT2UjEk7N96VXk/96xBr9TdW3VoyuxmHxMx5aCm
yAC/XluN41KVmxBX/68yjTb6+FcfWoafDAaGBuCscCW6chExOmB+N7BwCEnRK6VR
FmQKd8tNRNg4aE7mIwmJhfhmOUW4rjTQ+U9aiLETvJ5LxA0dlrAqufnG4Uaw6kZk
nGi8/YqQrVtMc0g2gYp3zKoitmqY4dgqT3Vc9r97XR2SphoZOJ+4PZM7haKpNCqR
txfNBl5FxrBPNm68aF9f/1Zeu+xHTk/0I7pUSBv5gozU+P4IzUmmGmGgGxBQ
-----END CERTIFICATE-----
Generated at Sat May 18 18:47:19 2024 by rpki-client on console-fra.rpki-client.org