Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/Bcd64sXxsrhhoBGEsLgOed4DrGo.roa
File: Bcd64sXxsrhhoBGEsLgOed4DrGo.roa (raw, json)
Hash identifier: AHFj3hAMhkjs3fnWLa2ezZKFTiKwQR7g8qqlIskh2f4=
Subject key identifier: 05:C7:7A:E2:C5:F1:B2:B8:61:A0:11:84:B0:B8:0E:79:DE:03:AC:6A
Certificate issuer: /CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Certificate serial: 018CC72704AA4A4AC8E8FC677D381A2CF511
Authority key identifier: 92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/Bcd64sXxsrhhoBGEsLgOed4DrGo.roa
Signing time: Mon 01 Jan 2024 22:31:12 +0000
ROA not before: Mon 01 Jan 2024 22:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 147.161.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:04:aa:4a:4a:c8:e8:fc:67:7d:38:1a:2c:f5:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92e720465c5cd0da9c6a13b44fa0d86f649e5055
Validity
Not Before: Jan 1 22:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05c77ae2c5f1b2b861a01184b0b80e79de03ac6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:7e:7a:ba:dc:b0:dd:7d:5e:c3:a8:ea:74:ae:
a4:03:ff:13:08:b2:bc:00:6d:4b:a2:13:ff:e0:89:
70:ee:6e:e0:b3:02:be:01:95:b7:3c:04:b6:6f:56:
a4:4d:a1:95:c3:4f:32:20:66:ce:60:21:6c:b4:40:
60:50:32:f9:b7:6d:5a:73:6d:80:96:cf:f9:cc:0e:
b9:ea:99:94:44:53:e3:52:cb:51:1c:80:d9:2d:73:
ad:a9:ad:05:f3:0e:ab:0c:64:0d:87:56:f7:07:8e:
b3:26:df:f7:e7:c1:f5:3f:e0:95:8e:c6:03:7e:b6:
0f:30:bf:1a:07:f3:89:e5:b2:d7:58:ec:10:ac:91:
db:35:b9:1b:bc:14:62:ca:69:c3:7a:d6:e9:08:c9:
96:30:55:55:2c:50:08:97:e7:70:20:a7:67:6b:35:
6b:92:bb:73:cb:38:6d:a4:ed:7a:a0:4e:25:60:dd:
fd:9d:63:be:9a:12:0f:e0:b7:d9:c7:d8:88:9f:ab:
e4:0b:38:36:de:49:df:cd:16:2c:ac:9e:de:40:7d:
1b:75:18:74:11:cc:b0:2d:86:37:49:9e:1c:f0:69:
b1:a3:8e:fb:79:d8:12:01:6c:13:ac:89:a3:7e:61:
f0:be:2b:c0:78:bf:64:1e:5a:8d:51:5d:36:7b:9b:
24:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C7:7A:E2:C5:F1:B2:B8:61:A0:11:84:B0:B8:0E:79:DE:03:AC:6A
X509v3 Authority Key Identifier:
keyid:92:E7:20:46:5C:5C:D0:DA:9C:6A:13:B4:4F:A0:D8:6F:64:9E:50:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kucgRlxc0NqcahO0T6DYb2SeUFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/Bcd64sXxsrhhoBGEsLgOed4DrGo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/f8a9eb-7f8d-4bf7-83d9-9096e1674e22/1/kucgRlxc0NqcahO0T6DYb2SeUFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.161.2.0/24
Signature Algorithm: sha256WithRSAEncryption
32:db:cf:6a:85:5e:88:d0:a2:be:75:66:9f:40:c1:5b:09:74:
45:14:25:d7:a5:3d:e5:2d:90:fb:21:99:f9:da:d0:91:2b:0b:
85:3a:ad:cc:b9:58:d3:0e:35:bc:6d:05:8e:fa:eb:95:ee:88:
a6:c6:ee:f3:3f:f1:6e:a8:8f:ab:8e:bb:11:40:48:e1:d0:ad:
fb:ee:88:cc:38:d0:a1:0e:84:dc:04:a8:34:01:a7:70:20:9a:
75:c7:a0:a0:68:e0:f0:b6:e6:a9:17:2d:79:2e:52:3b:09:cd:
4c:af:57:20:fb:a0:72:03:5e:62:76:9d:09:44:c3:bb:50:a0:
7d:20:26:9c:02:09:83:4a:7b:93:88:0a:ce:50:1e:88:f9:ec:
a8:14:35:19:dd:f0:36:3d:0d:f2:40:72:e5:a4:68:46:9c:eb:
3d:3c:67:5f:53:33:1b:6a:6c:6b:fe:24:ce:9d:48:4d:97:ab:
53:c1:d1:3f:43:af:0b:5a:a5:06:28:04:b0:0e:28:b3:e3:85:
f6:a5:85:77:1a:e1:66:3c:ef:a8:bb:37:ae:74:bf:5f:17:82:
9b:0d:37:89:ef:81:1e:63:88:a2:0b:05:2f:b1:85:67:34:f0:
76:e4:26:02:42:e6:e9:30:63:de:bf:17:dc:d3:5b:3a:52:12:
37:5d:c4:6e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJwSqSkrI6PxnfTgaLPURMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZTcyMDQ2NWM1Y2QwZGE5YzZhMTNiNDRmYTBkODZmNjQ5
ZTUwNTUwHhcNMjQwMTAxMjIzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWM3N2FlMmM1ZjFiMmI4NjFhMDExODRiMGI4MGU3OWRlMDNhYzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApH56utyw3X1ew6jqdK6kA/8TCLK8
AG1LohP/4Ilw7m7gswK+AZW3PAS2b1akTaGVw08yIGbOYCFstEBgUDL5t21ac22A
ls/5zA656pmURFPjUstRHIDZLXOtqa0F8w6rDGQNh1b3B46zJt/358H1P+CVjsYD
frYPML8aB/OJ5bLXWOwQrJHbNbkbvBRiymnDetbpCMmWMFVVLFAIl+dwIKdnazVr
krtzyzhtpO16oE4lYN39nWO+mhIP4LfZx9iIn6vkCzg23knfzRYsrJ7eQH0bdRh0
EcywLYY3SZ4c8Gmxo477edgSAWwTrImjfmHwvivAeL9kHlqNUV02e5skSwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXHeuLF8bK4YaARhLC4DnneA6xqMB8GA1UdIwQY
MBaAFJLnIEZcXNDanGoTtE+g2G9knlBVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDkt
OTA5NmUxNjc0ZTIyLzEvQmNkNjRzWHhzcmhob0JHRXNMZ09lZDREckdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS9mOGE5ZWItN2Y4ZC00YmY3LTgzZDktOTA5NmUxNjc0ZTIy
LzEva3VjZ1JseGMwTnFjYWhPMFQ2RFliMlNlVUZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAk6ECMA0G
CSqGSIb3DQEBCwUAA4IBAQAy289qhV6I0KK+dWafQMFbCXRFFCXXpT3lLZD7IZn5
2tCRKwuFOq3MuVjTDjW8bQWO+uuV7oimxu7zP/FuqI+rjrsRQEjh0K377ojMONCh
DoTcBKg0AadwIJp1x6CgaODwtuapFy15LlI7Cc1Mr1cg+6ByA15idp0JRMO7UKB9
ICacAgmDSnuTiArOUB6I+eyoFDUZ3fA2PQ3yQHLlpGhGnOs9PGdfUzMbamxr/iTO
nUhNl6tTwdE/Q68LWqUGKASwDiiz44X2pYV3GuFmPO+ouzeudL9fF4KbDTeJ74Ee
Y4iiCwUvsYVnNPB25CYCQubpMGPevxfc01s6UhI3XcRu
-----END CERTIFICATE-----
Generated at Thu May 2 11:13:25 2024 by rpki-client on console-ams.rpki-client.org