Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BzJ4qSJDGIdjlev2_kfyudbsnEs.roa
File: BzJ4qSJDGIdjlev2_kfyudbsnEs.roa (raw, json)
Hash identifier: p9T1MtUo27IB1iEU/v7kTGckIckAlHNBbN8lfUBpctY=
Subject key identifier: 07:32:78:A9:22:43:18:87:63:95:EB:F6:FE:47:F2:B9:D6:EC:9C:4B
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A8C404D91D6DE6D4320EB518A90B9
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BzJ4qSJDGIdjlev2_kfyudbsnEs.roa
Signing time: Tue 02 Jan 2024 12:33:55 +0000
ROA not before: Tue 02 Jan 2024 12:33:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210546
IP address blocks: 194.87.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 22:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:8c:40:4d:91:d6:de:6d:43:20:eb:51:8a:90:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=073278a9224318876395ebf6fe47f2b9d6ec9c4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:2c:f8:d0:29:13:15:46:e5:e1:c8:ed:31:ad:
43:6d:c9:de:7b:83:52:6e:d3:50:38:ee:d5:2b:cf:
fb:b5:eb:0f:cf:8a:50:ff:ba:c3:e9:5d:4f:a9:b6:
72:48:c3:b6:40:5b:7e:a3:3e:8b:0d:d1:21:e1:f2:
25:14:69:70:00:e9:a9:59:4b:c5:f7:08:63:9d:ba:
3b:39:fd:12:49:b3:b3:fc:3e:86:29:82:e4:ee:e1:
85:ac:58:0e:b3:b7:de:42:b9:38:cb:1c:46:4a:20:
de:03:a5:89:3e:d7:9f:54:2b:f7:70:b2:6b:0f:30:
85:ce:1b:7b:51:72:de:2d:3c:87:ea:28:ff:b2:69:
58:de:e4:a2:8d:b7:5e:c0:fb:6b:58:43:b6:7e:13:
3f:4e:d3:b8:50:bc:0e:7b:93:8f:4b:eb:76:ce:55:
61:2d:d6:d3:fc:6f:26:6a:36:4d:1a:fd:8d:b4:f5:
1b:e8:03:28:bb:7b:e7:c0:4d:8a:4c:d6:43:cc:ba:
bf:d2:aa:09:22:69:77:20:bc:e5:34:5a:87:b9:1f:
88:1b:97:ef:cb:e6:b0:e5:e6:aa:ca:0b:91:e7:96:
81:1e:c9:04:d3:8f:90:fd:b7:85:8e:67:d7:5e:f6:
40:cd:16:20:5b:4a:35:c1:1b:4b:37:76:f9:f9:93:
be:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:32:78:A9:22:43:18:87:63:95:EB:F6:FE:47:F2:B9:D6:EC:9C:4B
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/BzJ4qSJDGIdjlev2_kfyudbsnEs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.87.199.0/24
Signature Algorithm: sha256WithRSAEncryption
34:4a:41:71:18:f7:a8:16:84:c0:f6:4f:aa:c0:f7:b2:cd:03:
54:6c:65:46:60:a1:f6:d9:a5:b2:6e:b8:2e:42:6d:fd:c2:b0:
9b:19:70:12:b1:4f:9d:14:4c:4e:f2:8c:3c:94:ec:0c:78:51:
e6:39:58:d0:b7:11:df:d0:6f:a4:17:8d:ae:60:9e:d5:5c:76:
cd:f7:b5:41:7b:21:72:f6:a4:2f:43:75:32:1d:1b:ae:0f:fb:
36:82:72:ac:ce:dd:83:85:bf:84:a2:75:83:d6:36:86:9c:f0:
62:08:94:9e:93:35:3e:17:2f:bd:e6:49:94:63:22:ba:ca:f6:
76:53:54:c0:f1:2e:31:fa:54:2f:e8:c5:42:37:86:0c:d3:0b:
88:bc:be:ca:92:1b:bd:6e:cc:31:c6:ea:47:c4:c3:fa:5f:10:
98:91:c2:64:e3:f3:a5:a9:f0:61:c2:e4:09:18:c7:2f:f7:b4:
6c:89:cd:6f:ca:61:50:e7:3d:47:ac:96:1a:5f:b3:ee:99:d0:
70:55:37:de:f6:3a:0d:88:0a:7d:8b:30:ae:ca:b1:66:af:57:
18:92:76:a0:d5:d2:17:9d:54:c8:2b:01:5a:8e:81:f8:9d:d7:
d0:b4:08:ec:29:4d:80:7f:ad:70:72:b0:87:8a:57:96:10:08:
8b:b8:81:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKoxATZHW3m1DIOtRipC5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzMyNzhhOTIyNDMxODg3NjM5NWViZjZmZTQ3ZjJiOWQ2ZWM5YzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhyz40CkTFUbl4cjtMa1Dbcnee4NS
btNQOO7VK8/7tesPz4pQ/7rD6V1PqbZySMO2QFt+oz6LDdEh4fIlFGlwAOmpWUvF
9whjnbo7Of0SSbOz/D6GKYLk7uGFrFgOs7feQrk4yxxGSiDeA6WJPtefVCv3cLJr
DzCFzht7UXLeLTyH6ij/smlY3uSijbdewPtrWEO2fhM/TtO4ULwOe5OPS+t2zlVh
LdbT/G8majZNGv2NtPUb6AMou3vnwE2KTNZDzLq/0qoJIml3ILzlNFqHuR+IG5fv
y+aw5eaqyguR55aBHskE04+Q/beFjmfXXvZAzRYgW0o1wRtLN3b5+ZO+RwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAcyeKkiQxiHY5Xr9v5H8rnW7JxLMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQnpKNHFTSkRHSWRqbGV2Ml9rZnl1ZGJzbkVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwlfHMA0G
CSqGSIb3DQEBCwUAA4IBAQA0SkFxGPeoFoTA9k+qwPeyzQNUbGVGYKH22aWybrgu
Qm39wrCbGXASsU+dFExO8ow8lOwMeFHmOVjQtxHf0G+kF42uYJ7VXHbN97VBeyFy
9qQvQ3UyHRuuD/s2gnKszt2Dhb+EonWD1jaGnPBiCJSekzU+Fy+95kmUYyK6yvZ2
U1TA8S4x+lQv6MVCN4YM0wuIvL7Kkhu9bswxxupHxMP6XxCYkcJk4/OlqfBhwuQJ
GMcv97Rsic1vymFQ5z1HrJYaX7PumdBwVTfe9joNiAp9izCuyrFmr1cYknag1dIX
nVTIKwFajoH4ndfQtAjsKU2Af61wcrCHileWEAiLuIGa
-----END CERTIFICATE-----
Generated at Tue Oct 15 03:26:42 2024 by rpki-client on console-fra.rpki-client.org