Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/BFh_auVT9bSgnE0mu71_SVcMOLo.roa
File: BFh_auVT9bSgnE0mu71_SVcMOLo.roa (raw, json)
Hash identifier: q/R9ToUA7wHmB6v0y31d37HerOcDdxZxGywJLSQJIRw=
Subject key identifier: 04:58:7F:6A:E5:53:F5:B4:A0:9C:4D:26:BB:BD:7F:49:57:0C:38:BA
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802F53D6BFA3423B244A3C3496B667E
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/BFh_auVT9bSgnE0mu71_SVcMOLo.roa
Signing time: Tue 02 Jan 2024 02:31:26 +0000
ROA not before: Tue 02 Jan 2024 02:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57169
IP address blocks: 192.71.233.0/24 maxlen: 24
192.121.163.0/24 maxlen: 24
192.71.26.0/24 maxlen: 24
192.71.247.0/24 maxlen: 24
192.121.171.0/24 maxlen: 24
192.121.170.0/24 maxlen: 24
192.36.56.0/24 maxlen: 24
192.36.61.0/24 maxlen: 24
192.121.16.0/24 maxlen: 24
192.121.17.0/24 maxlen: 24
193.235.147.0/24 maxlen: 24
194.68.225.0/24 maxlen: 24
194.71.107.0/24 maxlen: 24
192.36.38.0/24 maxlen: 24
192.36.39.0/24 maxlen: 24
192.36.41.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:f5:3d:6b:fa:34:23:b2:44:a3:c3:49:6b:66:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04587f6ae553f5b4a09c4d26bbbd7f49570c38ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:2b:d6:13:13:27:3d:f9:bc:3c:21:cc:1a:ba:
d6:47:43:08:5b:70:a3:89:e2:c0:78:b8:dd:c9:17:
c8:7b:88:30:03:9d:57:ee:31:e1:7e:1b:79:b6:67:
c5:b3:e0:c8:1b:e3:ab:ba:88:53:95:5e:bd:d1:fe:
e4:6e:34:fe:12:a4:cf:9a:c8:08:c1:13:2b:a3:b8:
bf:f7:8e:0c:75:ef:22:47:a9:25:14:4a:6a:af:2d:
4a:4a:2f:b4:bc:87:0b:02:c6:c6:d9:5a:1f:cb:60:
9d:0e:ef:8f:f5:a6:2f:e2:57:cd:bf:44:71:df:5d:
bc:f0:f0:45:94:40:55:9e:b3:08:82:54:11:0d:d3:
0c:f0:87:93:d5:67:3b:f6:b3:bf:7a:82:bb:64:06:
0f:0f:f7:54:af:4a:b7:45:6c:7e:da:5e:56:50:32:
25:14:63:49:21:ae:3f:8a:30:25:01:07:26:be:a2:
b8:6c:db:14:7b:e8:bf:a1:ad:1f:35:2e:88:37:1b:
d5:a8:2a:03:a7:ed:d1:f3:ff:b2:8e:bd:64:1e:3b:
0f:9f:f7:b2:03:3c:9b:90:be:dc:d8:1c:7b:e8:a9:
6f:92:f9:25:51:88:0f:cf:d5:c7:3f:53:a1:c0:ba:
14:fa:32:a9:3f:57:b2:34:55:3f:23:3d:9e:c4:97:
79:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:58:7F:6A:E5:53:F5:B4:A0:9C:4D:26:BB:BD:7F:49:57:0C:38:BA
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/BFh_auVT9bSgnE0mu71_SVcMOLo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.36.38.0/23
192.36.41.0/24
192.36.56.0/24
192.36.61.0/24
192.71.26.0/24
192.71.233.0/24
192.71.247.0/24
192.121.16.0/23
192.121.163.0/24
192.121.170.0/23
193.235.147.0/24
194.68.225.0/24
194.71.107.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:25:c9:e5:a7:55:a0:64:00:cd:40:38:2b:eb:34:df:45:aa:
ca:6d:03:85:f3:bd:1f:1d:b8:86:33:76:36:7b:3e:71:5b:82:
9b:ba:1d:93:e7:9c:bc:12:94:4a:a7:0c:60:88:b2:c9:3d:fc:
63:fd:0a:7c:b4:e1:ee:c7:ce:fc:3a:58:73:1a:9f:67:00:b9:
27:c5:5b:73:e9:c6:4b:5e:12:06:ef:04:19:21:c3:4d:e4:e7:
89:87:88:e4:ec:0a:1d:89:93:10:a7:03:ad:bb:e3:1c:78:c2:
1c:f5:ef:4d:72:70:2e:b8:c5:53:7c:78:f3:1a:83:00:08:bc:
cb:5f:3c:dd:aa:0a:4a:78:9f:fe:12:24:27:a3:8a:9c:c2:9e:
2b:0c:ad:f2:49:23:0b:21:70:15:fc:c9:9c:ce:31:30:0c:98:
ee:93:4c:72:9a:b6:37:4a:d6:cb:e6:b4:1e:12:e6:02:a5:8e:
e1:99:77:e3:fc:70:07:6a:e1:d4:e1:66:58:30:63:ee:42:fb:
fa:12:17:43:67:e0:9a:a8:b8:76:09:07:b8:47:8f:82:42:d0:
6b:ca:c2:85:23:cb:06:15:ec:43:05:3c:63:ed:fe:0a:53:a3:
fa:fe:89:ae:0a:8e:39:dd:70:d6:70:1f:a4:00:71:40:9b:a2:
31:ec:98:21
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAYzIAvU9a/o0I7JEo8NJa2Z+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDU4N2Y2YWU1NTNmNWI0YTA5YzRkMjZiYmJkN2Y0OTU3MGMzOGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyvWExMnPfm8PCHMGrrWR0MIW3Cj
ieLAeLjdyRfIe4gwA51X7jHhfht5tmfFs+DIG+OruohTlV690f7kbjT+EqTPmsgI
wRMro7i/944Mde8iR6klFEpqry1KSi+0vIcLAsbG2Vofy2CdDu+P9aYv4lfNv0Rx
31288PBFlEBVnrMIglQRDdMM8IeT1Wc79rO/eoK7ZAYPD/dUr0q3RWx+2l5WUDIl
FGNJIa4/ijAlAQcmvqK4bNsUe+i/oa0fNS6INxvVqCoDp+3R8/+yjr1kHjsPn/ey
AzybkL7c2Bx76KlvkvklUYgPz9XHP1OhwLoU+jKpP1eyNFU/Iz2exJd5nwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFARYf2rlU/W0oJxNJru9f0lXDDi6MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQkZoX2F1VlQ5YlNnbkUwbXU3MV9TVmNNT0xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQBwCQmAwQA
wCQpAwQAwCQ4AwQAwCQ9AwQAwEcaAwQAwEfpAwQAwEf3AwQBwHkQAwQAwHmjAwQB
wHmqAwQAweuTAwQAwkThAwQAwkdrMA0GCSqGSIb3DQEBCwUAA4IBAQAeJcnlp1Wg
ZADNQDgr6zTfRarKbQOF870fHbiGM3Y2ez5xW4Kbuh2T55y8EpRKpwxgiLLJPfxj
/Qp8tOHux878OlhzGp9nALknxVtz6cZLXhIG7wQZIcNN5OeJh4jk7AodiZMQpwOt
u+MceMIc9e9NcnAuuMVTfHjzGoMACLzLXzzdqgpKeJ/+EiQno4qcwp4rDK3ySSML
IXAV/MmczjEwDJjuk0xymrY3StbL5rQeEuYCpY7hmXfj/HAHauHU4WZYMGPuQvv6
EhdDZ+CaqLh2CQe4R4+CQtBrysKFI8sGFexDBTxj7f4KU6P6/omuCo453XDWcB+k
AHFAm6Ix7Jgh
-----END CERTIFICATE-----
Generated at Thu May 23 01:56:11 2024 by rpki-client on console-fra.rpki-client.org