Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/bBSZmapKkbi5zgNkzdMfFpxC0aI.roa
File: bBSZmapKkbi5zgNkzdMfFpxC0aI.roa (raw, json)
Hash identifier: wEFuTiXDYL5yUdg9cuNZPoO4C7Y0cpCrQn+KG3/Ynzg=
Subject key identifier: 6C:14:99:99:AA:4A:91:B8:B9:CE:03:64:CD:D3:1F:16:9C:42:D1:A2
Certificate issuer: /CN=a6aa9cade93be6ba7c8abb3238318076317d607d
Certificate serial: 018CC56E2911679901D4035B4F3BF3A544ED
Authority key identifier: A6:AA:9C:AD:E9:3B:E6:BA:7C:8A:BB:32:38:31:80:76:31:7D:60:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pqqcrek75rp8irsyODGAdjF9YH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/bBSZmapKkbi5zgNkzdMfFpxC0aI.roa
Signing time: Mon 01 Jan 2024 14:29:40 +0000
ROA not before: Mon 01 Jan 2024 14:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207668
IP address blocks: 194.53.192.0/24 maxlen: 24
194.53.193.0/24 maxlen: 24
194.53.194.0/23 maxlen: 23
45.66.20.0/23 maxlen: 23
45.66.22.0/23 maxlen: 23
45.144.120.0/22 maxlen: 22
2a09:60c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/pqqcrek75rp8irsyODGAdjF9YH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/pqqcrek75rp8irsyODGAdjF9YH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/pqqcrek75rp8irsyODGAdjF9YH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:29:11:67:99:01:d4:03:5b:4f:3b:f3:a5:44:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6aa9cade93be6ba7c8abb3238318076317d607d
Validity
Not Before: Jan 1 14:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c149999aa4a91b8b9ce0364cdd31f169c42d1a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:d7:e0:2f:9e:94:7e:e7:aa:24:d2:34:c8:a2:
fc:48:97:61:94:4d:2a:4a:23:6d:c0:d3:94:52:91:
9e:99:46:f0:30:f9:78:7e:d5:53:93:80:1a:d8:26:
60:ca:dc:c5:e1:0d:c4:f7:a5:b5:0d:c6:6e:f0:2d:
c1:e4:22:21:52:f9:de:7d:cf:a6:18:2f:08:cf:40:
f7:4d:62:37:d8:f7:2c:0b:46:94:e3:9d:49:31:6e:
b7:50:65:30:55:18:44:89:8b:5c:30:bb:b4:35:84:
5b:2b:2c:a3:a0:fc:66:e8:7a:e6:f6:fb:c6:d7:90:
b9:d5:ab:0f:fa:cd:52:ee:62:59:bd:81:74:fa:d7:
a8:35:3e:0d:99:5f:01:9f:47:03:94:d0:39:80:58:
08:ba:7d:3f:6f:b6:4a:28:2a:6d:c6:c2:a0:7d:8a:
89:ce:96:7a:14:a2:ff:0c:36:df:39:82:c2:54:4b:
d5:93:2d:e8:73:42:17:20:3f:66:eb:aa:61:12:63:
98:f8:ab:bf:9a:4f:e0:9b:85:35:94:09:09:1d:99:
33:5d:a9:8c:d7:34:bc:48:29:d0:e7:b5:b9:8b:51:
bc:31:52:23:dc:e1:e3:13:78:fb:cd:2a:04:cc:37:
19:a4:cf:39:84:81:58:89:2b:02:a6:cd:5b:7f:e5:
a6:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:14:99:99:AA:4A:91:B8:B9:CE:03:64:CD:D3:1F:16:9C:42:D1:A2
X509v3 Authority Key Identifier:
keyid:A6:AA:9C:AD:E9:3B:E6:BA:7C:8A:BB:32:38:31:80:76:31:7D:60:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pqqcrek75rp8irsyODGAdjF9YH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/bBSZmapKkbi5zgNkzdMfFpxC0aI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/a970c6-c118-452e-a56f-ec467fa8636e/1/pqqcrek75rp8irsyODGAdjF9YH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.20.0/22
45.144.120.0/22
194.53.192.0/22
IPv6:
2a09:60c0::/29
Signature Algorithm: sha256WithRSAEncryption
64:c1:e4:d8:3c:10:bb:f4:d7:24:35:bb:4f:e8:f1:e1:cd:b1:
5e:c2:0a:d0:aa:2b:53:bf:a2:79:62:ab:8d:ae:ee:ef:a9:6b:
fa:fa:14:69:55:77:a0:d2:ae:35:14:38:83:80:b1:55:92:00:
d5:8b:ca:4f:5f:96:9b:ad:e0:35:e4:a8:76:7e:44:1a:4f:9c:
fe:4a:25:6a:d0:c3:92:6e:cc:0f:93:90:75:1b:ec:e0:80:e9:
1b:90:93:a7:27:98:bb:26:0b:11:9a:15:c3:c7:b9:d6:d6:59:
0e:bb:9b:3e:d4:6f:7c:e7:09:06:a3:d4:37:75:d7:84:56:be:
04:88:4c:81:85:35:3e:6d:9c:b4:51:30:a7:c5:ac:96:10:0d:
2d:af:fa:6f:5b:db:75:8e:e1:3c:c6:0d:be:09:5d:f7:15:00:
22:5e:2a:1b:fe:2c:56:a7:c4:e3:54:0b:cc:98:5e:2e:ed:47:
20:5a:34:df:d3:3b:73:fe:81:12:d2:22:b9:e3:13:51:19:80:
9f:b9:99:87:e4:56:d2:e9:4d:47:83:5f:24:2b:3e:04:d7:db:
ef:2d:4e:7e:12:0d:71:27:c9:63:8f:0f:ab:50:1d:23:29:a5:
d2:a1:f4:12:aa:8e:45:42:5b:50:86:6a:8d:1c:30:cd:c5:b7:
b1:43:25:d1
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFbikRZ5kB1ANbTzvzpUTtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2YWE5Y2FkZTkzYmU2YmE3YzhhYmIzMjM4MzE4MDc2MzE3
ZDYwN2QwHhcNMjQwMTAxMTQyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzE0OTk5OWFhNGE5MWI4YjljZTAzNjRjZGQzMWYxNjljNDJkMWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkNfgL56UfueqJNI0yKL8SJdhlE0q
SiNtwNOUUpGemUbwMPl4ftVTk4Aa2CZgytzF4Q3E96W1DcZu8C3B5CIhUvnefc+m
GC8Iz0D3TWI32PcsC0aU451JMW63UGUwVRhEiYtcMLu0NYRbKyyjoPxm6Hrm9vvG
15C51asP+s1S7mJZvYF0+teoNT4NmV8Bn0cDlNA5gFgIun0/b7ZKKCptxsKgfYqJ
zpZ6FKL/DDbfOYLCVEvVky3oc0IXID9m66phEmOY+Ku/mk/gm4U1lAkJHZkzXamM
1zS8SCnQ57W5i1G8MVIj3OHjE3j7zSoEzDcZpM85hIFYiSsCps1bf+WmGQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGwUmZmqSpG4uc4DZM3THxacQtGiMB8GA1UdIwQY
MBaAFKaqnK3pO+a6fIq7MjgxgHYxfWB9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHFxY3Jlazc1cnA4aXJzeU9ER0FkakY5WUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9hOTcwYzYtYzExOC00NTJlLWE1NmYt
ZWM0NjdmYTg2MzZlLzEvYkJTWm1hcEtrYmk1emdOa3pkTWZGcHhDMGFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9hOTcwYzYtYzExOC00NTJlLWE1NmYtZWM0NjdmYTg2MzZl
LzEvcHFxY3Jlazc1cnA4aXJzeU9ER0FkakY5WUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLUIUAwQC
LZB4AwQCwjXAMA0EAgACMAcDBQMqCWDAMA0GCSqGSIb3DQEBCwUAA4IBAQBkweTY
PBC79NckNbtP6PHhzbFewgrQqitTv6J5YquNru7vqWv6+hRpVXeg0q41FDiDgLFV
kgDVi8pPX5abreA15Kh2fkQaT5z+SiVq0MOSbswPk5B1G+zggOkbkJOnJ5i7JgsR
mhXDx7nW1lkOu5s+1G985wkGo9Q3ddeEVr4EiEyBhTU+bZy0UTCnxayWEA0tr/pv
W9t1juE8xg2+CV33FQAiXiob/ixWp8TjVAvMmF4u7UcgWjTf0ztz/oES0iK54xNR
GYCfuZmH5FbS6U1Hg18kKz4E19vvLU5+Eg1xJ8ljjw+rUB0jKaXSofQSqo5FQltQ
hmqNHDDNxbexQyXR
-----END CERTIFICATE-----
Generated at Sat Sep 28 16:18:45 2024 by rpki-client on console-fra.rpki-client.org