Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BXz1T_sjhyi4o98atPBhxTItkPY.roa
File: BXz1T_sjhyi4o98atPBhxTItkPY.roa (raw, json)
Hash identifier: x6LNUCiDBgK3FVNgXxOrp8XWu6M3Xf1yg3JNDvaAeps=
Subject key identifier: 05:7C:F5:4F:FB:23:87:28:B8:A3:DF:1A:B4:F0:61:C5:32:2D:90:F6
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DD1435DF397944C3462FA2FE59BD6E
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BXz1T_sjhyi4o98atPBhxTItkPY.roa
Signing time: Tue 02 Jan 2024 06:29:40 +0000
ROA not before: Tue 02 Jan 2024 06:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 394711
IP address blocks: 45.66.231.0/24 maxlen: 24
94.156.64.0/24 maxlen: 24
94.156.64.0/21 maxlen: 24
94.156.68.0/24 maxlen: 24
94.156.65.0/24 maxlen: 24
94.156.69.0/24 maxlen: 24
94.156.66.0/24 maxlen: 24
94.156.70.0/24 maxlen: 24
94.156.67.0/24 maxlen: 24
94.156.71.0/24 maxlen: 24
91.92.240.0/24 maxlen: 24
91.92.244.0/24 maxlen: 24
91.92.240.0/20 maxlen: 24
91.92.245.0/24 maxlen: 24
91.92.241.0/24 maxlen: 24
91.92.246.0/24 maxlen: 24
91.92.242.0/24 maxlen: 24
91.92.243.0/24 maxlen: 24
91.92.252.0/24 maxlen: 24
91.92.248.0/24 maxlen: 24
91.92.253.0/24 maxlen: 24
91.92.249.0/24 maxlen: 24
91.92.250.0/24 maxlen: 24
91.92.251.0/24 maxlen: 24
91.92.247.0/24 maxlen: 24
91.92.254.0/24 maxlen: 24
91.92.255.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dd:14:35:df:39:79:44:c3:46:2f:a2:fe:59:bd:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=057cf54ffb238728b8a3df1ab4f061c5322d90f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d6:7e:bf:51:00:0b:db:d9:92:c3:de:27:3f:
e7:e9:5c:db:2a:6b:34:bf:8b:48:ef:cd:de:a0:9c:
d7:07:7f:14:75:01:f7:09:fa:f4:6f:ad:42:93:56:
ac:da:6d:75:42:91:dc:f6:17:90:6e:32:1f:2d:5e:
a0:f8:77:5c:60:db:26:3d:a3:6f:51:f0:be:c2:25:
2d:61:75:46:cc:96:75:60:66:f2:a7:21:a2:40:f9:
2f:69:95:39:5c:99:9c:9d:0a:e4:b2:75:dc:cb:a3:
e0:cc:11:db:d5:22:a5:60:50:ab:e1:65:70:af:c0:
24:f2:5a:8a:4d:39:87:61:7b:c9:61:17:a9:d6:79:
f0:f6:8c:f4:05:c6:cb:3a:a5:f5:40:1d:7f:8d:79:
d6:64:f6:f4:6c:f0:0a:75:8d:86:2b:67:f0:8f:1a:
56:91:3c:dd:9e:5d:39:4c:da:69:bc:33:ca:b5:74:
fe:b6:f0:80:9b:9e:36:bd:30:f6:83:0f:ad:37:1b:
af:94:11:ba:68:db:4a:3c:3c:c6:4f:f3:f6:2c:33:
43:ce:d4:60:06:5c:ff:59:f6:ff:b3:70:83:4a:11:
12:b3:9f:ce:c5:0e:7e:86:5d:c0:8c:23:38:14:0c:
85:f2:02:d9:29:c7:87:66:6a:12:cd:4f:ef:68:30:
19:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:7C:F5:4F:FB:23:87:28:B8:A3:DF:1A:B4:F0:61:C5:32:2D:90:F6
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/BXz1T_sjhyi4o98atPBhxTItkPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.231.0/24
45.89.247.0/24
91.92.240.0/20
94.156.64.0/21
Signature Algorithm: sha256WithRSAEncryption
40:8b:1d:67:d0:01:f7:a3:a3:fd:29:a1:2e:b7:65:c4:a2:18:
15:4b:59:91:f5:82:4f:bc:5a:6b:32:ad:f9:94:30:17:cd:bc:
5c:53:d4:23:25:a9:f0:e8:1a:5d:7c:05:71:64:bc:6d:81:37:
c4:f7:cc:02:f5:1a:01:47:3f:e3:eb:fd:41:31:78:7f:8c:13:
c5:0d:44:cc:cf:6e:2b:a8:bb:8d:07:af:da:f1:e7:41:87:a0:
35:9f:c0:40:01:ee:ea:0f:fe:d6:e9:0b:f5:65:0c:77:9d:ca:
85:e9:56:f3:84:72:20:62:90:27:dc:38:5f:94:ae:a2:03:36:
20:34:fb:bb:7c:99:e3:82:06:2f:4c:79:be:a8:58:08:b3:b4:
50:66:d9:28:56:8d:f4:24:97:c0:6f:97:16:51:74:1f:75:6b:
34:0a:59:4a:37:7a:d8:07:4d:dc:04:0f:55:37:f0:e4:01:59:
27:e7:9a:56:96:37:76:3e:8e:72:67:c9:f3:75:fb:0d:e7:85:
e0:99:de:11:85:3b:5f:43:b9:a3:ff:54:af:07:11:41:6e:62:
95:de:79:f2:ed:05:40:8a:28:0c:02:b8:08:95:16:e3:bd:d9:
93:69:30:1e:38:98:9c:2a:5a:95:ee:f6:43:34:2a:36:b8:bf:
1c:97:c2:72
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzI3RQ13zl5RMNGL6L+Wb1uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTdjZjU0ZmZiMjM4NzI4YjhhM2RmMWFiNGYwNjFjNTMyMmQ5MGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodZ+v1EAC9vZksPeJz/n6VzbKms0
v4tI783eoJzXB38UdQH3Cfr0b61Ck1as2m11QpHc9heQbjIfLV6g+HdcYNsmPaNv
UfC+wiUtYXVGzJZ1YGbypyGiQPkvaZU5XJmcnQrksnXcy6PgzBHb1SKlYFCr4WVw
r8Ak8lqKTTmHYXvJYRep1nnw9oz0BcbLOqX1QB1/jXnWZPb0bPAKdY2GK2fwjxpW
kTzdnl05TNppvDPKtXT+tvCAm542vTD2gw+tNxuvlBG6aNtKPDzGT/P2LDNDztRg
Blz/Wfb/s3CDShESs5/OxQ5+hl3AjCM4FAyF8gLZKceHZmoSzU/vaDAZfwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAV89U/7I4couKPfGrTwYcUyLZD2MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQlh6MVRfc2poeWk0bzk4YXRQQmh4VEl0a1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALULnAwQA
LVn3AwQEW1zwAwQDXpxAMA0GCSqGSIb3DQEBCwUAA4IBAQBAix1n0AH3o6P9KaEu
t2XEohgVS1mR9YJPvFprMq35lDAXzbxcU9QjJanw6BpdfAVxZLxtgTfE98wC9RoB
Rz/j6/1BMXh/jBPFDUTMz24rqLuNB6/a8edBh6A1n8BAAe7qD/7W6Qv1ZQx3ncqF
6VbzhHIgYpAn3DhflK6iAzYgNPu7fJnjggYvTHm+qFgIs7RQZtkoVo30JJfAb5cW
UXQfdWs0CllKN3rYB03cBA9VN/DkAVkn55pWljd2Po5yZ8nzdfsN54Xgmd4RhTtf
Q7mj/1SvBxFBbmKV3nny7QVAiigMArgIlRbjvdmTaTAeOJicKlqV7vZDNCo2uL8c
l8Jy
-----END CERTIFICATE-----
Generated at Sun Apr 28 01:06:34 2024 by rpki-client on console-ams.rpki-client.org