Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/4a613a-31ef-4a73-8da4-a5af937fbc05/1/BQNe-0iRLM-SGKzI3eTxnPJwAzM.roa
File: BQNe-0iRLM-SGKzI3eTxnPJwAzM.roa (raw, json)
Hash identifier: zRnSfbLHDV2kK1s0FW7gq52xtpqTNc6DIGTLUzNLBJQ=
Subject key identifier: 05:03:5E:FB:48:91:2C:CF:92:18:AC:C8:DD:E4:F1:9C:F2:70:03:33
Certificate issuer: /CN=0b8e20c48e8973c331e33ce55195a321773f0ac3
Certificate serial: 018CC94BD85A74B96F160DFC4FF7E9F0AA28
Authority key identifier: 0B:8E:20:C4:8E:89:73:C3:31:E3:3C:E5:51:95:A3:21:77:3F:0A:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C44gxI6Jc8Mx4zzlUZWjIXc_CsM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/4a613a-31ef-4a73-8da4-a5af937fbc05/1/BQNe-0iRLM-SGKzI3eTxnPJwAzM.roa
Signing time: Tue 02 Jan 2024 08:30:40 +0000
ROA not before: Tue 02 Jan 2024 08:30:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13259
IP address blocks: 193.107.92.0/22 maxlen: 24
91.206.16.0/23 maxlen: 24
2001:678:68c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/4a613a-31ef-4a73-8da4-a5af937fbc05/1/C44gxI6Jc8Mx4zzlUZWjIXc_CsM.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/4a613a-31ef-4a73-8da4-a5af937fbc05/1/C44gxI6Jc8Mx4zzlUZWjIXc_CsM.mft
rsync://rpki.ripe.net/repository/DEFAULT/C44gxI6Jc8Mx4zzlUZWjIXc_CsM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:d8:5a:74:b9:6f:16:0d:fc:4f:f7:e9:f0:aa:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b8e20c48e8973c331e33ce55195a321773f0ac3
Validity
Not Before: Jan 2 08:30:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05035efb48912ccf9218acc8dde4f19cf2700333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:62:87:0e:d2:54:8b:a0:48:a9:a1:9f:00:cd:
12:da:67:8b:ba:0b:55:58:37:36:d8:48:db:36:d2:
0d:43:2f:27:2e:de:5f:3f:17:18:9f:f9:bb:ce:15:
86:72:ba:38:f0:f0:bd:58:1e:fc:23:23:49:c1:9a:
b0:23:16:6e:f5:e6:20:45:ff:d9:0d:e6:dd:27:c8:
59:fc:91:d9:7e:49:a9:a6:e8:18:6a:67:61:3e:ce:
25:3c:85:ec:a6:25:d1:36:9f:28:3b:1a:c4:5e:dc:
a6:d5:99:5e:c1:78:47:de:c6:38:3f:47:00:a6:bd:
92:49:9d:1f:72:4e:05:d2:34:0a:e9:69:f9:0d:e1:
82:cc:06:8c:b7:80:ab:7f:61:24:6b:9c:12:1c:ee:
45:2e:15:0b:65:05:71:22:4e:07:c9:b9:3b:b5:15:
55:81:ac:3d:b6:b9:4e:e9:fa:b1:44:cf:ce:5f:41:
9a:65:af:36:74:34:1b:cd:4e:a6:11:6a:7e:3b:28:
23:68:8b:e7:d1:de:9b:59:32:ef:15:63:27:89:f7:
ab:73:7f:2c:29:d8:7a:3f:77:fc:e8:64:e3:cb:a2:
10:42:22:c3:a4:99:5e:b9:b7:15:5c:89:91:b9:ff:
a4:bf:9e:67:ea:0c:4f:a9:04:a7:c8:8e:50:4b:96:
b3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:03:5E:FB:48:91:2C:CF:92:18:AC:C8:DD:E4:F1:9C:F2:70:03:33
X509v3 Authority Key Identifier:
keyid:0B:8E:20:C4:8E:89:73:C3:31:E3:3C:E5:51:95:A3:21:77:3F:0A:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C44gxI6Jc8Mx4zzlUZWjIXc_CsM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4a613a-31ef-4a73-8da4-a5af937fbc05/1/BQNe-0iRLM-SGKzI3eTxnPJwAzM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/4a613a-31ef-4a73-8da4-a5af937fbc05/1/C44gxI6Jc8Mx4zzlUZWjIXc_CsM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.16.0/23
193.107.92.0/22
IPv6:
2001:678:68c::/48
Signature Algorithm: sha256WithRSAEncryption
2c:81:c7:56:99:7c:31:c7:67:09:1f:38:1e:88:95:50:2a:52:
4b:bb:0a:23:52:a3:ec:2c:e8:53:18:b3:4b:1f:6a:65:f3:8b:
43:4f:88:55:24:cc:d5:c7:0b:25:14:46:e7:58:bb:53:ed:10:
35:57:6e:4e:b2:fb:69:43:4e:23:be:e2:2a:e2:16:4e:25:92:
fe:13:8b:99:8c:3d:d8:20:85:5f:f6:71:fb:27:2c:ba:47:f2:
c0:66:1d:68:a3:46:b9:c3:27:78:14:30:20:6d:c6:76:0c:7e:
2a:8c:03:63:61:f1:7e:df:16:41:54:aa:ea:07:91:3d:86:a9:
68:db:fe:ac:ae:ff:fe:c4:17:be:2c:58:c1:f7:7a:1f:84:c2:
bd:3d:34:06:4a:57:69:4e:04:c5:53:41:7d:ae:f5:85:40:73:
98:00:b7:9c:73:e6:fd:c2:f2:43:fd:af:d0:11:b8:1a:55:0e:
b6:9b:ac:fa:5a:a7:ee:3a:a1:d8:a2:56:5e:0b:91:4c:41:3e:
c3:77:d1:83:ca:d3:08:0b:5b:a8:93:68:b7:a2:36:0e:b6:85:
b6:6c:d8:0e:1b:73:ae:dd:95:99:b3:b8:97:d6:c9:42:ad:9a:
17:46:93:0f:eb:46:b4:58:ad:c6:11:02:c8:16:49:2d:0b:1d:
3f:8f:7c:f9
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzJS9hadLlvFg38T/fp8KooMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOGUyMGM0OGU4OTczYzMzMWUzM2NlNTUxOTVhMzIxNzcz
ZjBhYzMwHhcNMjQwMTAyMDgzMDQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTAzNWVmYjQ4OTEyY2NmOTIxOGFjYzhkZGU0ZjE5Y2YyNzAwMzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoGKHDtJUi6BIqaGfAM0S2meLugtV
WDc22EjbNtINQy8nLt5fPxcYn/m7zhWGcro48PC9WB78IyNJwZqwIxZu9eYgRf/Z
DebdJ8hZ/JHZfkmppugYamdhPs4lPIXspiXRNp8oOxrEXtym1ZlewXhH3sY4P0cA
pr2SSZ0fck4F0jQK6Wn5DeGCzAaMt4Crf2Eka5wSHO5FLhULZQVxIk4Hybk7tRVV
gaw9trlO6fqxRM/OX0GaZa82dDQbzU6mEWp+OygjaIvn0d6bWTLvFWMniferc38s
Kdh6P3f86GTjy6IQQiLDpJleubcVXImRuf+kv55n6gxPqQSnyI5QS5az8wIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFAUDXvtIkSzPkhisyN3k8ZzycAMzMB8GA1UdIwQY
MBaAFAuOIMSOiXPDMeM85VGVoyF3PwrDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzQ0Z3hJNkpjOE14NHp6bFVaV2pJWGNfQ3NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80YTYxM2EtMzFlZi00YTczLThkYTQt
YTVhZjkzN2ZiYzA1LzEvQlFOZS0waVJMTS1TR0t6STNlVHhuUEp3QXpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80YTYxM2EtMzFlZi00YTczLThkYTQtYTVhZjkzN2ZiYzA1
LzEvQzQ0Z3hJNkpjOE14NHp6bFVaV2pJWGNfQ3NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBW84QAwQC
wWtcMA8EAgACMAkDBwAgAQZ4BowwDQYJKoZIhvcNAQELBQADggEBACyBx1aZfDHH
ZwkfOB6IlVAqUku7CiNSo+ws6FMYs0sfamXzi0NPiFUkzNXHCyUURudYu1PtEDVX
bk6y+2lDTiO+4iriFk4lkv4Ti5mMPdgghV/2cfsnLLpH8sBmHWijRrnDJ3gUMCBt
xnYMfiqMA2Nh8X7fFkFUquoHkT2GqWjb/qyu//7EF74sWMH3eh+Ewr09NAZKV2lO
BMVTQX2u9YVAc5gAt5xz5v3C8kP9r9ARuBpVDrabrPpap+46odiiVl4LkUxBPsN3
0YPK0wgLW6iTaLeiNg62hbZs2A4bc67dlZmzuJfWyUKtmhdGkw/rRrRYrcYRAsgW
SS0LHT+PfPk=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:12:40 2024 by rpki-client on console-fra.rpki-client.org