Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/bZix6LYxoUSvVKqyLHF36U3-2cE.roa
File: bZix6LYxoUSvVKqyLHF36U3-2cE.roa (raw, json)
Hash identifier: goAmBZEpOAOU7jg7c8mYx8L9lDGpWD8BLnNZFyjfr7U=
Subject key identifier: 6D:98:B1:E8:B6:31:A1:44:AF:54:AA:B2:2C:71:77:E9:4D:FE:D9:C1
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 018CC94AACAB7188058EBF23E14BF1317CD0
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/bZix6LYxoUSvVKqyLHF36U3-2cE.roa
Signing time: Tue 02 Jan 2024 08:29:23 +0000
ROA not before: Tue 02 Jan 2024 08:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5089
IP address blocks: 79.139.52.0/22 maxlen: 24
93.119.184.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:ac:ab:71:88:05:8e:bf:23:e1:4b:f1:31:7c:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 2 08:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d98b1e8b631a144af54aab22c7177e94dfed9c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d3:bf:4d:f0:df:8e:72:96:18:05:0a:63:7f:
1f:d0:e5:d5:1d:bf:da:5e:3a:c5:47:52:20:a1:69:
31:f5:38:38:ac:f5:d5:f0:10:10:e8:22:dc:2b:88:
3e:b0:e3:5b:98:6c:1f:5e:d0:59:0d:5e:ce:51:a3:
0d:b0:c1:c9:88:f6:99:97:e9:d1:2f:a9:37:e9:0b:
f2:80:14:be:67:f1:0a:93:26:10:8c:af:96:5d:ad:
92:35:b4:ab:31:d5:f8:b5:5c:f9:84:0c:de:9f:ae:
00:e7:17:29:05:de:9a:d2:4a:40:0d:11:af:fe:b6:
4f:37:c8:e8:bf:9f:5f:49:8e:9d:2e:32:55:82:c5:
c7:29:ea:d5:8c:d0:8a:32:fc:e2:e5:ae:6d:8d:25:
a1:6d:bb:f9:ac:ae:15:83:e8:92:5b:b2:71:72:ec:
ef:ae:20:c9:06:69:50:aa:3c:2c:c2:b0:01:66:0d:
96:da:68:2b:c9:07:62:cb:08:69:90:ac:94:49:8c:
69:cd:ba:b1:38:55:fd:4a:b4:c4:34:8a:9a:17:25:
ea:dd:cc:30:e4:29:74:2f:ab:a8:d7:a6:bf:57:8a:
b8:ea:dd:0b:c6:97:52:f7:f9:ba:7c:42:0c:30:25:
a6:fd:76:03:df:69:2a:0e:39:59:b4:bb:6e:72:2f:
1f:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:98:B1:E8:B6:31:A1:44:AF:54:AA:B2:2C:71:77:E9:4D:FE:D9:C1
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/bZix6LYxoUSvVKqyLHF36U3-2cE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.139.52.0/22
93.119.184.0/21
Signature Algorithm: sha256WithRSAEncryption
0d:fa:7e:a1:b4:75:14:6f:cf:8d:a3:a5:2d:29:a8:83:63:3e:
02:c0:5b:ef:82:6b:4f:19:4b:47:f9:fc:d6:ef:df:bb:01:dc:
3a:d4:3e:a3:a0:fc:64:06:d7:e1:05:f7:08:ec:35:ce:44:90:
66:e1:b8:99:26:9b:f7:07:23:a8:ad:3e:aa:0c:ac:cc:2e:10:
18:69:1a:63:b3:b7:cf:f8:28:71:ad:f1:b3:2d:dc:ea:23:c9:
72:50:ef:c2:f3:90:40:88:78:01:c5:ad:b8:b9:cc:83:81:23:
12:ff:ed:cb:6b:cf:b1:b7:f0:05:97:f1:24:e7:b0:0a:d9:05:
c0:e3:8c:65:d2:fc:c9:e2:e8:77:1e:fd:35:73:ec:e8:c2:c2:
30:7d:ae:4e:90:cb:44:9d:8a:c7:10:6f:90:4e:88:5b:f8:f7:
4a:63:3a:39:57:a5:59:70:64:59:9f:40:3d:bb:f3:aa:47:75:
d9:bc:5f:66:ce:62:c5:a5:72:c0:be:ef:82:ed:3b:5d:14:15:
0a:06:14:7d:3b:f8:2a:01:12:68:c4:52:1f:c5:c5:18:26:62:
4a:93:8c:85:0e:33:80:75:34:1b:81:3b:0d:b1:db:3d:5e:f7:
78:13:d7:94:86:ba:19:74:ad:40:3e:57:93:08:5b:ca:f9:eb:
24:ea:12:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJSqyrcYgFjr8j4UvxMXzQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwMTAyMDgyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDk4YjFlOGI2MzFhMTQ0YWY1NGFhYjIyYzcxNzdlOTRkZmVkOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9O/TfDfjnKWGAUKY38f0OXVHb/a
XjrFR1IgoWkx9Tg4rPXV8BAQ6CLcK4g+sONbmGwfXtBZDV7OUaMNsMHJiPaZl+nR
L6k36QvygBS+Z/EKkyYQjK+WXa2SNbSrMdX4tVz5hAzen64A5xcpBd6a0kpADRGv
/rZPN8jov59fSY6dLjJVgsXHKerVjNCKMvzi5a5tjSWhbbv5rK4Vg+iSW7Jxcuzv
riDJBmlQqjwswrABZg2W2mgryQdiywhpkKyUSYxpzbqxOFX9SrTENIqaFyXq3cww
5Cl0L6uo16a/V4q46t0LxpdS9/m6fEIMMCWm/XYD32kqDjlZtLtuci8fLQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG2Ysei2MaFEr1Sqsixxd+lN/tnBMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvYlppeDZMWXhvVVN2VktxeUxIRjM2VTMtMmNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCT4s0AwQD
XXe4MA0GCSqGSIb3DQEBCwUAA4IBAQAN+n6htHUUb8+No6UtKaiDYz4CwFvvgmtP
GUtH+fzW79+7Adw61D6joPxkBtfhBfcI7DXORJBm4biZJpv3ByOorT6qDKzMLhAY
aRpjs7fP+ChxrfGzLdzqI8lyUO/C85BAiHgBxa24ucyDgSMS/+3La8+xt/AFl/Ek
57AK2QXA44xl0vzJ4uh3Hv01c+zowsIwfa5OkMtEnYrHEG+QTohb+PdKYzo5V6VZ
cGRZn0A9u/OqR3XZvF9mzmLFpXLAvu+C7TtdFBUKBhR9O/gqARJoxFIfxcUYJmJK
k4yFDjOAdTQbgTsNsds9Xvd4E9eUhroZdK1APleTCFvK+esk6hKC
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:40:51 2024 by rpki-client on console-ams.rpki-client.org