Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/bRRrHSByaOZb9vXvgXkcKncCDCw.roa
File: bRRrHSByaOZb9vXvgXkcKncCDCw.roa (raw, json)
Hash identifier: WxHYvRmXbq9LOU7KNnK1XCvoUo/NJg6P0Opljf8j7Zg=
Subject key identifier: 6D:14:6B:1D:20:72:68:E6:5B:F6:F5:EF:81:79:1C:2A:77:02:0C:2C
Certificate issuer: /CN=70bf553042f1a43827dc034500bbd1068a7297ca
Certificate serial: 018E3CF9F62FCBAF0A0B1481901920AAB0D9
Authority key identifier: 70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/bRRrHSByaOZb9vXvgXkcKncCDCw.roa
Signing time: Thu 14 Mar 2024 12:39:58 +0000
ROA not before: Thu 14 Mar 2024 12:39:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207137
IP address blocks: 2a13:240::/48 maxlen: 48
2a13:240:1::/48 maxlen: 48
2a13:240:2::/48 maxlen: 48
2a13:240:3::/48 maxlen: 48
2a13:240:4::/48 maxlen: 48
2a13:240:5::/48 maxlen: 48
2a13:240:6::/48 maxlen: 48
2a13:240:7::/48 maxlen: 48
2a13:240:8::/48 maxlen: 48
2a13:240:9::/48 maxlen: 48
2a13:240:4200::/40 maxlen: 40
2a13:240:4300::/40 maxlen: 40
2a13:240:4400::/40 maxlen: 40
2a13:240:4500::/40 maxlen: 40
2a13:240:4600::/40 maxlen: 40
2a13:240:4700::/40 maxlen: 40
2a13:240:4800::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.mft
rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3c:f9:f6:2f:cb:af:0a:0b:14:81:90:19:20:aa:b0:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70bf553042f1a43827dc034500bbd1068a7297ca
Validity
Not Before: Mar 14 12:39:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d146b1d207268e65bf6f5ef81791c2a77020c2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:b4:eb:8f:39:d2:41:dc:e4:f0:c2:03:b7:41:
a3:b8:8d:69:28:97:59:4a:cc:e3:cc:56:53:4c:81:
c9:ce:88:12:95:ca:e0:f3:b5:0d:45:77:6d:8c:c7:
74:7a:4f:df:a1:65:53:19:55:10:e1:f4:d1:a1:bb:
83:53:a7:75:93:01:93:d1:f0:da:b2:24:c9:57:e3:
d9:74:8b:66:3f:db:b3:5f:2d:18:29:3c:34:bb:27:
7d:af:74:76:c5:de:00:93:60:68:92:8c:e8:bb:6d:
96:e3:0c:55:92:55:27:44:67:da:fc:a9:3c:85:b8:
d8:9c:df:72:34:a8:e5:f1:d5:d7:82:a0:4f:26:bf:
f3:3a:2e:6f:3d:57:02:9a:ee:de:8f:78:7e:90:ea:
a0:47:bf:30:0b:a3:06:09:1e:4c:2d:c2:58:00:ba:
db:74:65:53:33:1c:61:a5:f1:5b:0e:76:13:a4:ce:
d5:11:1f:e0:9c:8d:9c:47:a1:91:c0:84:5b:17:3e:
56:04:3e:95:90:31:d6:13:9d:41:da:ac:b4:dc:59:
84:af:44:fc:e9:11:6c:25:76:12:0e:e1:20:a9:73:
ac:97:93:8f:38:80:dd:50:dc:4d:78:31:8c:8d:db:
e8:28:45:6b:f6:d0:f9:e6:22:2d:99:0f:4c:e0:a8:
99:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:14:6B:1D:20:72:68:E6:5B:F6:F5:EF:81:79:1C:2A:77:02:0C:2C
X509v3 Authority Key Identifier:
keyid:70:BF:55:30:42:F1:A4:38:27:DC:03:45:00:BB:D1:06:8A:72:97:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cL9VMELxpDgn3ANFALvRBopyl8o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/bRRrHSByaOZb9vXvgXkcKncCDCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/df7944-2589-47cb-ab56-5358401fb796/1/cL9VMELxpDgn3ANFALvRBopyl8o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a13:240::-2a13:240:9:ffff:ffff:ffff:ffff:ffff
2a13:240:4200::-2a13:240:48ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
6b:30:c7:c2:7b:f7:31:5f:50:8d:3e:72:40:e1:73:1c:1c:93:
6c:21:81:0a:a3:41:21:5e:cc:c7:6f:0b:e1:66:4a:74:e8:ce:
96:6f:e4:32:32:00:d5:19:48:08:ee:64:9c:22:5d:66:cb:26:
4d:f3:3e:dd:f1:34:e8:26:4a:5a:7f:37:b7:52:6e:7f:db:64:
c3:96:7a:44:af:50:a1:e5:ec:65:a4:8d:21:8d:d7:c7:c1:ad:
7d:4b:ca:e4:eb:1c:89:67:34:41:a0:38:f9:4b:0d:c8:32:2a:
48:0f:36:a0:39:95:51:d7:31:b4:34:1b:2c:e7:0f:86:4d:18:
39:00:3b:b4:18:d6:84:39:26:dd:aa:c2:83:30:00:b0:89:9b:
29:21:1a:20:ad:c8:b4:8a:c4:84:72:ec:27:9f:d6:91:bc:4b:
49:34:50:85:d8:27:df:b1:9e:36:c2:ac:8c:92:88:cd:50:bb:
85:fc:77:7f:16:ff:18:66:a5:aa:30:83:08:4b:09:54:eb:94:
ce:31:43:0b:f5:fa:28:2b:35:67:07:72:48:0f:c8:39:7c:c9:
0a:77:12:b5:bc:0c:72:a4:f7:a9:80:6b:3e:f1:45:85:b0:86:
57:4c:e5:82:16:e3:6e:e5:2e:4c:7e:f0:b7:ca:fa:23:79:d3:
e8:7d:bc:34
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAY48+fYvy68KCxSBkBkgqrDZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwYmY1NTMwNDJmMWE0MzgyN2RjMDM0NTAwYmJkMTA2OGE3
Mjk3Y2EwHhcNMjQwMzE0MTIzOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDE0NmIxZDIwNzI2OGU2NWJmNmY1ZWY4MTc5MWMyYTc3MDIwYzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbTrjznSQdzk8MIDt0GjuI1pKJdZ
SszjzFZTTIHJzogSlcrg87UNRXdtjMd0ek/foWVTGVUQ4fTRobuDU6d1kwGT0fDa
siTJV+PZdItmP9uzXy0YKTw0uyd9r3R2xd4Ak2Bokozou22W4wxVklUnRGfa/Kk8
hbjYnN9yNKjl8dXXgqBPJr/zOi5vPVcCmu7ej3h+kOqgR78wC6MGCR5MLcJYALrb
dGVTMxxhpfFbDnYTpM7VER/gnI2cR6GRwIRbFz5WBD6VkDHWE51B2qy03FmEr0T8
6RFsJXYSDuEgqXOsl5OPOIDdUNxNeDGMjdvoKEVr9tD55iItmQ9M4KiZ+wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG0Uax0gcmjmW/b174F5HCp3AgwsMB8GA1UdIwQY
MBaAFHC/VTBC8aQ4J9wDRQC70QaKcpfKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYt
NTM1ODQwMWZiNzk2LzEvYlJSckhTQnlhT1piOXZYdmdYa2NLbmNDREN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9kZjc5NDQtMjU4OS00N2NiLWFiNTYtNTM1ODQwMWZiNzk2
LzEvY0w5Vk1FTHhwRGduM0FORkFMdlJCb3B5bDhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAAjAkMBADBQYqEwJA
AwcBKhMCQAAIMBADBgEqEwJAQgMGACoTAkBIMA0GCSqGSIb3DQEBCwUAA4IBAQBr
MMfCe/cxX1CNPnJA4XMcHJNsIYEKo0EhXszHbwvhZkp06M6Wb+QyMgDVGUgI7mSc
Il1myyZN8z7d8TToJkpafze3Um5/22TDlnpEr1Ch5exlpI0hjdfHwa19S8rk6xyJ
ZzRBoDj5Sw3IMipIDzagOZVR1zG0NBss5w+GTRg5ADu0GNaEOSbdqsKDMACwiZsp
IRogrci0isSEcuwnn9aRvEtJNFCF2CffsZ42wqyMkojNULuF/Hd/Fv8YZqWqMIMI
SwlU65TOMUML9fooKzVnB3JID8g5fMkKdxK1vAxypPepgGs+8UWFsIZXTOWCFuNu
5S5MfvC3yvojedPofbw0
-----END CERTIFICATE-----
Generated at Mon May 20 17:31:35 2024 by rpki-client on console-ams.rpki-client.org