Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/dc11d6-4c35-4daa-a7de-3e51bcd14736/1/BF5lqxedcyNbH3nyhFnhPcp9SzY.roa
File: BF5lqxedcyNbH3nyhFnhPcp9SzY.roa (raw, json)
Hash identifier: eQfzEdqF4xXuYKePs447tpgn7dtMTWVeF8UwlH0+INo=
Subject key identifier: 04:5E:65:AB:17:9D:73:23:5B:1F:79:F2:84:59:E1:3D:CA:7D:4B:36
Certificate issuer: /CN=213cb2a2181a7d36f40e41758d627f701a602042
Certificate serial: 018F0ACBA335D2C76317D96667552FD0BC41
Authority key identifier: 21:3C:B2:A2:18:1A:7D:36:F4:0E:41:75:8D:62:7F:70:1A:60:20:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITyyohgafTb0DkF1jWJ_cBpgIEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/dc11d6-4c35-4daa-a7de-3e51bcd14736/1/BF5lqxedcyNbH3nyhFnhPcp9SzY.roa
Signing time: Tue 23 Apr 2024 11:51:08 +0000
ROA not before: Tue 23 Apr 2024 11:51:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215904
IP address blocks: 185.65.68.0/24 maxlen: 24
2a14:2f40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/dc11d6-4c35-4daa-a7de-3e51bcd14736/1/ITyyohgafTb0DkF1jWJ_cBpgIEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/dc11d6-4c35-4daa-a7de-3e51bcd14736/1/ITyyohgafTb0DkF1jWJ_cBpgIEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITyyohgafTb0DkF1jWJ_cBpgIEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 11:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:cb:a3:35:d2:c7:63:17:d9:66:67:55:2f:d0:bc:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=213cb2a2181a7d36f40e41758d627f701a602042
Validity
Not Before: Apr 23 11:51:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=045e65ab179d73235b1f79f28459e13dca7d4b36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:d9:62:f9:5e:15:0c:85:30:fe:b5:1e:f7:65:
c5:d4:39:11:c9:83:0e:ef:60:1b:d8:6a:f1:1b:76:
ea:aa:a8:84:4b:e9:62:de:8d:fd:4a:bb:38:b6:44:
1f:b6:75:7c:64:3d:e3:98:ef:62:fb:3e:71:2d:6e:
67:ad:ae:2c:e2:66:c1:d2:f2:43:74:bd:fb:f9:14:
38:93:48:69:dd:2b:fe:3e:52:ac:2c:8c:01:27:7e:
f4:90:74:65:4d:02:df:01:3a:55:5c:ca:4c:a6:4b:
73:99:6f:a9:f4:41:0f:52:f5:4b:5e:37:d1:be:96:
e7:26:ff:d6:7b:46:f3:b6:53:48:29:34:f1:9e:d5:
c2:4d:15:5c:75:74:d0:ef:d0:4a:6b:20:94:7e:15:
f6:09:bf:72:16:4c:15:dc:2e:19:02:c9:2e:87:54:
c3:52:8c:57:41:c1:d9:98:58:47:33:bf:53:ed:17:
0b:45:b8:44:71:98:60:2c:c8:35:76:57:9b:c0:9e:
1a:ff:d8:3e:f2:13:cd:37:23:56:3d:38:be:ac:d4:
76:6c:82:b7:d1:db:4d:bc:fe:88:c3:07:32:3d:9e:
b1:79:dd:11:01:92:6c:d9:f7:2c:7f:2c:05:88:a2:
b6:f5:a2:82:5e:dc:b1:b6:5d:9e:e8:bf:49:b7:ee:
15:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5E:65:AB:17:9D:73:23:5B:1F:79:F2:84:59:E1:3D:CA:7D:4B:36
X509v3 Authority Key Identifier:
keyid:21:3C:B2:A2:18:1A:7D:36:F4:0E:41:75:8D:62:7F:70:1A:60:20:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITyyohgafTb0DkF1jWJ_cBpgIEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/dc11d6-4c35-4daa-a7de-3e51bcd14736/1/BF5lqxedcyNbH3nyhFnhPcp9SzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/dc11d6-4c35-4daa-a7de-3e51bcd14736/1/ITyyohgafTb0DkF1jWJ_cBpgIEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.68.0/24
IPv6:
2a14:2f40::/32
Signature Algorithm: sha256WithRSAEncryption
67:6e:c6:9f:3c:27:4b:4e:b8:a2:d5:87:1f:82:16:b9:eb:e9:
bd:98:6e:15:71:4c:88:be:63:4a:20:9e:a4:c7:f6:ca:6a:c8:
f4:2e:21:68:cd:04:31:2d:06:07:55:bd:42:c2:53:4a:bd:95:
fb:34:10:93:35:a2:fb:51:ef:ca:ca:19:fa:47:ff:74:b2:92:
58:9e:c1:ac:df:a2:87:06:54:65:c7:45:31:d6:78:cf:96:65:
ba:89:b2:5d:2b:8e:b2:d0:d4:32:c2:df:34:2c:3e:a9:b6:b1:
13:1f:ec:70:69:d7:22:26:62:72:ad:32:c0:a6:27:ae:c9:33:
30:8a:9b:91:14:6e:7e:24:78:1d:38:79:57:be:31:cb:8c:15:
82:88:5a:f1:1a:02:ea:74:87:5a:d5:85:43:19:e9:83:fb:6d:
9f:a1:78:38:70:cc:7b:4e:7b:13:fb:c5:ce:14:2f:20:2e:85:
e9:3d:83:29:76:eb:5a:1b:71:d2:87:e5:85:a0:52:55:32:5f:
4c:6c:3f:56:25:61:19:4c:f3:b2:8e:ca:32:48:4c:f7:41:98:
60:b4:6e:7a:51:cb:80:7a:9f:74:e7:31:a2:73:59:06:7e:6f:
15:af:17:5a:01:4b:c0:d7:2d:49:18:68:49:d8:d7:e1:bb:10:
ff:3a:b6:e0
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY8Ky6M10sdjF9lmZ1Uv0LxBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxM2NiMmEyMTgxYTdkMzZmNDBlNDE3NThkNjI3ZjcwMWE2
MDIwNDIwHhcNMjQwNDIzMTE1MTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDVlNjVhYjE3OWQ3MzIzNWIxZjc5ZjI4NDU5ZTEzZGNhN2Q0YjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgNli+V4VDIUw/rUe92XF1DkRyYMO
72Ab2GrxG3bqqqiES+li3o39Srs4tkQftnV8ZD3jmO9i+z5xLW5nra4s4mbB0vJD
dL37+RQ4k0hp3Sv+PlKsLIwBJ370kHRlTQLfATpVXMpMpktzmW+p9EEPUvVLXjfR
vpbnJv/We0bztlNIKTTxntXCTRVcdXTQ79BKayCUfhX2Cb9yFkwV3C4ZAskuh1TD
UoxXQcHZmFhHM79T7RcLRbhEcZhgLMg1dlebwJ4a/9g+8hPNNyNWPTi+rNR2bIK3
0dtNvP6IwwcyPZ6xed0RAZJs2fcsfywFiKK29aKCXtyxtl2e6L9Jt+4VfQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAReZasXnXMjWx958oRZ4T3KfUs2MB8GA1UdIwQY
MBaAFCE8sqIYGn029A5BdY1if3AaYCBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVR5eW9oZ2FmVGIwRGtGMWpXSl9jQnBnSUVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9kYzExZDYtNGMzNS00ZGFhLWE3ZGUt
M2U1MWJjZDE0NzM2LzEvQkY1bHF4ZWRjeU5iSDNueWhGbmhQY3A5U3pZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9kYzExZDYtNGMzNS00ZGFhLWE3ZGUtM2U1MWJjZDE0NzM2
LzEvSVR5eW9oZ2FmVGIwRGtGMWpXSl9jQnBnSUVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuUFEMA0E
AgACMAcDBQAqFC9AMA0GCSqGSIb3DQEBCwUAA4IBAQBnbsafPCdLTrii1Ycfgha5
6+m9mG4VcUyIvmNKIJ6kx/bKasj0LiFozQQxLQYHVb1CwlNKvZX7NBCTNaL7Ue/K
yhn6R/90spJYnsGs36KHBlRlx0Ux1njPlmW6ibJdK46y0NQywt80LD6ptrETH+xw
adciJmJyrTLApieuyTMwipuRFG5+JHgdOHlXvjHLjBWCiFrxGgLqdIda1YVDGemD
+22foXg4cMx7TnsT+8XOFC8gLoXpPYMpdutaG3HSh+WFoFJVMl9MbD9WJWEZTPOy
jsoySEz3QZhgtG56UcuAep905zGic1kGfm8VrxdaAUvA1y1JGGhJ2NfhuxD/Orbg
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:12:50 2024 by rpki-client on console-fra.rpki-client.org