Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/cc36f9-1669-4929-8e61-edfd3f83345b/1/BpFo87KZxo90pctP9I5wldbh_TU.roa
File: BpFo87KZxo90pctP9I5wldbh_TU.roa (raw, json)
Hash identifier: YFuU/Ga39PfltJp76koG5iRf0dwP8pnc0IKRf4TOTXU=
Subject key identifier: 06:91:68:F3:B2:99:C6:8F:74:A5:CB:4F:F4:8E:70:95:D6:E1:FD:35
Certificate issuer: /CN=8baa27f9c2ef7bf4809ad42ae589101b73e98927
Certificate serial: 018CC26D49DDAAD2761A70B1EA60DA7BBEA5
Authority key identifier: 8B:AA:27:F9:C2:EF:7B:F4:80:9A:D4:2A:E5:89:10:1B:73:E9:89:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6on-cLve_SAmtQq5YkQG3PpiSc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/cc36f9-1669-4929-8e61-edfd3f83345b/1/BpFo87KZxo90pctP9I5wldbh_TU.roa
Signing time: Mon 01 Jan 2024 00:29:51 +0000
ROA not before: Mon 01 Jan 2024 00:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44851
IP address blocks: 31.41.16.0/22 maxlen: 24
185.204.166.0/24 maxlen: 24
185.204.164.0/24 maxlen: 24
185.204.164.0/22 maxlen: 22
185.204.164.0/23 maxlen: 23
185.176.216.0/22 maxlen: 24
185.204.165.0/24 maxlen: 24
185.204.166.0/23 maxlen: 23
185.204.167.0/24 maxlen: 24
2a0a:fd40::/29 maxlen: 29
2a0a:2280::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/cc36f9-1669-4929-8e61-edfd3f83345b/1/i6on-cLve_SAmtQq5YkQG3PpiSc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/cc36f9-1669-4929-8e61-edfd3f83345b/1/i6on-cLve_SAmtQq5YkQG3PpiSc.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6on-cLve_SAmtQq5YkQG3PpiSc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:49:dd:aa:d2:76:1a:70:b1:ea:60:da:7b:be:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8baa27f9c2ef7bf4809ad42ae589101b73e98927
Validity
Not Before: Jan 1 00:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=069168f3b299c68f74a5cb4ff48e7095d6e1fd35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:42:9b:82:e3:3a:45:5e:f3:3f:11:64:c0:5b:
ae:e9:7f:64:9e:1d:da:b4:fa:ce:42:f8:76:31:4d:
26:11:5f:65:43:e8:91:81:d1:bb:eb:6e:c3:7e:b5:
51:84:1d:b7:b0:13:0f:3b:a1:ff:89:31:a4:94:bd:
de:88:df:c0:ec:80:85:ab:1e:2d:22:8c:d7:01:2d:
c8:62:94:d3:f6:72:74:bf:d7:f3:51:b8:d7:95:7b:
86:b9:ba:5d:40:27:89:b4:40:3f:08:2e:4d:08:d9:
0f:f3:b0:59:74:3b:f3:35:99:c7:48:47:a1:db:11:
4f:70:d2:20:d3:de:6e:dd:8e:24:84:98:3b:e1:a3:
83:a5:25:a6:e6:9e:f9:2b:b2:f8:3e:3b:f7:8e:f2:
3f:10:cc:9d:46:9e:20:c0:3f:41:78:41:90:8b:6e:
aa:c5:83:6e:57:36:39:e7:2d:c1:bf:a1:98:42:78:
fd:83:b4:98:53:85:5b:67:63:71:ae:8a:d4:a4:7d:
4c:ff:5c:79:29:b4:9a:40:7d:65:7f:1c:b0:20:f1:
c5:6b:7b:87:cc:5c:87:d9:5a:32:16:f1:0b:42:f2:
15:2e:fa:b6:f2:a5:a1:61:11:f7:cc:70:6b:c1:d3:
85:29:da:c2:a2:23:4a:c1:08:a9:f8:ea:81:16:89:
b7:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:91:68:F3:B2:99:C6:8F:74:A5:CB:4F:F4:8E:70:95:D6:E1:FD:35
X509v3 Authority Key Identifier:
keyid:8B:AA:27:F9:C2:EF:7B:F4:80:9A:D4:2A:E5:89:10:1B:73:E9:89:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6on-cLve_SAmtQq5YkQG3PpiSc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cc36f9-1669-4929-8e61-edfd3f83345b/1/BpFo87KZxo90pctP9I5wldbh_TU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cc36f9-1669-4929-8e61-edfd3f83345b/1/i6on-cLve_SAmtQq5YkQG3PpiSc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.16.0/22
185.176.216.0/22
185.204.164.0/22
IPv6:
2a0a:2280::/29
2a0a:fd40::/29
Signature Algorithm: sha256WithRSAEncryption
81:82:e5:d3:1f:7a:bb:d0:32:cd:2f:68:a9:95:c9:06:67:cb:
48:d3:c4:55:8b:f9:82:76:8d:43:66:32:9f:0e:15:b5:9d:ab:
ab:de:99:1e:b4:51:b7:e2:31:8c:10:e6:b1:0b:87:7b:27:00:
f7:97:c5:51:e1:7e:7f:97:fc:10:b8:ab:b6:c4:47:30:6c:f9:
66:1c:de:0b:b2:f9:31:c0:28:52:be:84:30:26:dc:fc:e6:43:
34:59:ef:54:90:e0:74:dc:17:25:f3:38:a1:4b:c5:2c:a0:76:
0d:f3:e5:05:40:92:8a:b3:43:96:34:e1:77:50:01:27:1f:a5:
3f:09:fc:9e:55:e1:dc:ea:38:68:80:f1:16:d7:2a:99:1e:fe:
db:6f:cc:fe:10:be:47:f6:57:9c:a8:f7:eb:1e:57:2f:34:72:
4b:04:4c:6b:4a:c5:b9:2f:49:68:37:6a:b9:d4:6b:42:9b:61:
ad:0c:23:05:b8:c9:14:53:b9:4b:f9:32:5c:70:01:91:96:23:
03:e7:19:f5:db:c9:e3:b5:d3:1e:0b:a4:6b:c3:af:24:8d:49:
53:47:1e:aa:0b:6e:37:ee:c6:aa:77:bf:38:21:c6:ab:40:31:
f1:92:f3:8b:a0:0c:0b:e7:65:9f:a5:09:b8:6e:24:de:47:80:
78:2e:58:16
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzCbUndqtJ2GnCx6mDae76lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWEyN2Y5YzJlZjdiZjQ4MDlhZDQyYWU1ODkxMDFiNzNl
OTg5MjcwHhcNMjQwMTAxMDAyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjkxNjhmM2IyOTljNjhmNzRhNWNiNGZmNDhlNzA5NWQ2ZTFmZDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhUKbguM6RV7zPxFkwFuu6X9knh3a
tPrOQvh2MU0mEV9lQ+iRgdG7627DfrVRhB23sBMPO6H/iTGklL3eiN/A7ICFqx4t
IozXAS3IYpTT9nJ0v9fzUbjXlXuGubpdQCeJtEA/CC5NCNkP87BZdDvzNZnHSEeh
2xFPcNIg095u3Y4khJg74aODpSWm5p75K7L4Pjv3jvI/EMydRp4gwD9BeEGQi26q
xYNuVzY55y3Bv6GYQnj9g7SYU4VbZ2NxrorUpH1M/1x5KbSaQH1lfxywIPHFa3uH
zFyH2VoyFvELQvIVLvq28qWhYRH3zHBrwdOFKdrCoiNKwQip+OqBFom3QwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFAaRaPOymcaPdKXLT/SOcJXW4f01MB8GA1UdIwQY
MBaAFIuqJ/nC73v0gJrUKuWJEBtz6YknMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZvbi1jTHZlX1NBbXRRcTVZa1FHM1BwaVNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jYzM2ZjktMTY2OS00OTI5LThlNjEt
ZWRmZDNmODMzNDViLzEvQnBGbzg3S1p4bzkwcGN0UDlJNXdsZGJoX1RVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jYzM2ZjktMTY2OS00OTI5LThlNjEtZWRmZDNmODMzNDVi
LzEvaTZvbi1jTHZlX1NBbXRRcTVZa1FHM1BwaVNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCHykQAwQC
ubDYAwQCucykMBQEAgACMA4DBQMqCiKAAwUDKgr9QDANBgkqhkiG9w0BAQsFAAOC
AQEAgYLl0x96u9AyzS9oqZXJBmfLSNPEVYv5gnaNQ2Yynw4VtZ2rq96ZHrRRt+Ix
jBDmsQuHeycA95fFUeF+f5f8ELirtsRHMGz5ZhzeC7L5McAoUr6EMCbc/OZDNFnv
VJDgdNwXJfM4oUvFLKB2DfPlBUCSirNDljThd1ABJx+lPwn8nlXh3Oo4aIDxFtcq
mR7+22/M/hC+R/ZXnKj36x5XLzRySwRMa0rFuS9JaDdqudRrQpthrQwjBbjJFFO5
S/kyXHABkZYjA+cZ9dvJ47XTHguka8OvJI1JU0ceqgtuN+7Gqne/OCHGq0Ax8ZLz
i6AMC+dln6UJuG4k3keAeC5YFg==
-----END CERTIFICATE-----
Generated at Sun May 19 06:14:53 2024 by rpki-client on console-ams.rpki-client.org