Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/c6eb97-48e8-4e5b-97cd-d5d8e04e5975/1/BskvBpEwLjGbpQoVd74oHAe1dMg.roa
File: BskvBpEwLjGbpQoVd74oHAe1dMg.roa (raw, json)
Hash identifier: s3iqhBUy0vCUoWaOPPSeWRtk6CLwrjvqac716gwQMPg=
Subject key identifier: 06:C9:2F:06:91:30:2E:31:9B:A5:0A:15:77:BE:28:1C:07:B5:74:C8
Certificate issuer: /CN=15bd7f78b7a044ae134c88b624e831a761143b79
Certificate serial: 018CC94BED5DF163E2ECE3468817EDA12F1A
Authority key identifier: 15:BD:7F:78:B7:A0:44:AE:13:4C:88:B6:24:E8:31:A7:61:14:3B:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fb1_eLegRK4TTIi2JOgxp2EUO3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/c6eb97-48e8-4e5b-97cd-d5d8e04e5975/1/BskvBpEwLjGbpQoVd74oHAe1dMg.roa
Signing time: Tue 02 Jan 2024 08:30:45 +0000
ROA not before: Tue 02 Jan 2024 08:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201522
IP address blocks: 185.71.172.0/24 maxlen: 24
185.71.172.0/22 maxlen: 22
185.71.175.0/24 maxlen: 24
185.71.173.0/24 maxlen: 24
185.71.174.0/24 maxlen: 24
2a05:33c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/c6eb97-48e8-4e5b-97cd-d5d8e04e5975/1/Fb1_eLegRK4TTIi2JOgxp2EUO3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/c6eb97-48e8-4e5b-97cd-d5d8e04e5975/1/Fb1_eLegRK4TTIi2JOgxp2EUO3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fb1_eLegRK4TTIi2JOgxp2EUO3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:ed:5d:f1:63:e2:ec:e3:46:88:17:ed:a1:2f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15bd7f78b7a044ae134c88b624e831a761143b79
Validity
Not Before: Jan 2 08:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06c92f0691302e319ba50a1577be281c07b574c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:52:f5:9f:6c:a7:24:38:20:f6:63:57:e3:78:
c6:3c:9f:c9:f7:60:85:30:b6:42:8a:17:df:1e:4e:
05:e5:32:c8:52:85:4c:36:e6:df:19:7b:a3:62:7f:
45:e1:d7:fe:d7:27:25:3f:5d:87:2d:7d:fd:b3:fd:
03:05:f3:03:41:ca:ff:a5:a8:24:ab:7f:3e:b9:d1:
8e:1a:b0:ce:6a:19:7f:54:3b:74:13:5d:eb:bd:30:
ec:fd:98:f0:c3:77:5b:95:4b:a8:8b:d2:47:05:98:
b8:d1:27:81:24:8e:1c:1f:68:e3:8c:9e:6a:e4:fa:
01:57:62:1c:74:92:77:6c:e9:1c:08:5f:7d:d6:1a:
d0:ff:02:95:8f:fc:a2:59:85:fa:57:16:ac:d2:33:
f1:e8:0d:20:fc:60:9c:0c:b2:cf:28:74:c3:84:97:
24:9c:a1:7d:1f:17:38:22:fd:6f:51:15:9d:0c:e4:
4d:5d:d8:77:08:89:19:01:2c:36:2b:f3:06:39:6c:
ba:85:e1:e1:32:51:4c:58:21:5f:4a:52:89:6b:41:
f5:9b:5a:ee:73:ba:4a:86:1b:52:0e:74:d9:da:49:
f5:65:3b:29:38:f3:19:42:95:76:fb:ef:aa:d7:d1:
fa:6b:da:85:e1:22:da:56:fe:ee:d6:75:8e:0a:87:
c3:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C9:2F:06:91:30:2E:31:9B:A5:0A:15:77:BE:28:1C:07:B5:74:C8
X509v3 Authority Key Identifier:
keyid:15:BD:7F:78:B7:A0:44:AE:13:4C:88:B6:24:E8:31:A7:61:14:3B:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fb1_eLegRK4TTIi2JOgxp2EUO3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c6eb97-48e8-4e5b-97cd-d5d8e04e5975/1/BskvBpEwLjGbpQoVd74oHAe1dMg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/c6eb97-48e8-4e5b-97cd-d5d8e04e5975/1/Fb1_eLegRK4TTIi2JOgxp2EUO3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.71.172.0/22
IPv6:
2a05:33c0::/48
Signature Algorithm: sha256WithRSAEncryption
3f:9c:ab:e4:66:5a:a8:bc:4e:d4:76:8f:e1:59:5e:bb:fd:23:
cc:45:d1:7d:e1:3a:cc:af:35:6d:82:c0:d6:c8:25:da:18:2a:
a2:25:76:ce:ae:d8:e1:22:e7:c3:29:56:93:1e:46:e0:21:9d:
e8:ae:c2:19:ed:c3:db:9a:da:bd:01:2f:6a:23:18:3a:cc:f1:
59:1b:c8:27:f3:15:fc:ff:7d:5b:50:30:f0:72:21:8e:e0:ac:
09:23:29:f7:0d:91:30:32:37:c7:78:3f:42:26:6c:b5:7f:ac:
42:cc:c2:ec:47:19:0d:96:11:bd:d0:07:c7:86:01:b4:3c:1d:
9b:3c:4e:f0:24:bd:85:6c:e9:7c:94:73:b0:ec:45:dd:aa:d0:
8f:cd:8d:5f:05:d7:14:ac:09:9a:0d:13:c7:5b:bc:24:81:c4:
d7:4a:62:4e:35:b9:87:0b:bb:37:e1:7a:b6:a6:81:b2:e2:5f:
cf:44:f9:05:02:f5:3c:d4:f7:d0:65:09:f9:c6:31:20:03:21:
67:85:ca:42:db:a0:44:d7:9b:7c:4a:e2:9a:92:59:f8:8a:9e:
0d:12:29:6a:07:c0:29:ba:fc:51:dc:f6:85:94:9f:a0:7c:61:
1b:d7:85:31:e4:29:e4:ca:d6:36:55:37:98:8c:c9:71:3c:f0:
3c:17:ec:64
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJS+1d8WPi7ONGiBftoS8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1YmQ3Zjc4YjdhMDQ0YWUxMzRjODhiNjI0ZTgzMWE3NjEx
NDNiNzkwHhcNMjQwMTAyMDgzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmM5MmYwNjkxMzAyZTMxOWJhNTBhMTU3N2JlMjgxYzA3YjU3NGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkVL1n2ynJDgg9mNX43jGPJ/J92CF
MLZCihffHk4F5TLIUoVMNubfGXujYn9F4df+1yclP12HLX39s/0DBfMDQcr/pagk
q38+udGOGrDOahl/VDt0E13rvTDs/Zjww3dblUuoi9JHBZi40SeBJI4cH2jjjJ5q
5PoBV2IcdJJ3bOkcCF991hrQ/wKVj/yiWYX6Vxas0jPx6A0g/GCcDLLPKHTDhJck
nKF9Hxc4Iv1vURWdDORNXdh3CIkZASw2K/MGOWy6heHhMlFMWCFfSlKJa0H1m1ru
c7pKhhtSDnTZ2kn1ZTspOPMZQpV2+++q19H6a9qF4SLaVv7u1nWOCofD8wIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAbJLwaRMC4xm6UKFXe+KBwHtXTIMB8GA1UdIwQY
MBaAFBW9f3i3oESuE0yItiToMadhFDt5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmIxX2VMZWdSSzRUVElpMkpPZ3hwMkVVTzNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9jNmViOTctNDhlOC00ZTViLTk3Y2Qt
ZDVkOGUwNGU1OTc1LzEvQnNrdkJwRXdMakdicFFvVmQ3NG9IQWUxZE1nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9jNmViOTctNDhlOC00ZTViLTk3Y2QtZDVkOGUwNGU1OTc1
LzEvRmIxX2VMZWdSSzRUVElpMkpPZ3hwMkVVTzNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuUesMA8E
AgACMAkDBwAqBTPAAAAwDQYJKoZIhvcNAQELBQADggEBAD+cq+RmWqi8TtR2j+FZ
Xrv9I8xF0X3hOsyvNW2CwNbIJdoYKqIlds6u2OEi58MpVpMeRuAhneiuwhntw9ua
2r0BL2ojGDrM8VkbyCfzFfz/fVtQMPByIY7grAkjKfcNkTAyN8d4P0ImbLV/rELM
wuxHGQ2WEb3QB8eGAbQ8HZs8TvAkvYVs6XyUc7DsRd2q0I/NjV8F1xSsCZoNE8db
vCSBxNdKYk41uYcLuzfheramgbLiX89E+QUC9TzU99BlCfnGMSADIWeFykLboETX
m3xK4pqSWfiKng0SKWoHwCm6/FHc9oWUn6B8YRvXhTHkKeTK1jZVN5iMyXE88DwX
7GQ=
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:58:40 2024 by rpki-client on console-ams.rpki-client.org