Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/bGEtg8HRG22cZRcPvkPLCVyCzDk.roa
File: bGEtg8HRG22cZRcPvkPLCVyCzDk.roa (raw, json)
Hash identifier: TT7jtFQbtnPJLTUZEX6aUJw3aAnM2gbQm9Naj8EA+2Y=
Subject key identifier: 6C:61:2D:83:C1:D1:1B:6D:9C:65:17:0F:BE:43:CB:09:5C:82:CC:39
Certificate issuer: /CN=4ba7b24f87ea51446d519afd4fe60419198ec012
Certificate serial: 018CC7947EEA75A0BE0CC050AE3048539641
Authority key identifier: 4B:A7:B2:4F:87:EA:51:44:6D:51:9A:FD:4F:E6:04:19:19:8E:C0:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S6eyT4fqUURtUZr9T-YEGRmOwBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/bGEtg8HRG22cZRcPvkPLCVyCzDk.roa
Signing time: Tue 02 Jan 2024 00:30:46 +0000
ROA not before: Tue 02 Jan 2024 00:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49010
IP address blocks: 193.187.164.0/22 maxlen: 22
91.207.2.0/23 maxlen: 23
109.232.72.0/21 maxlen: 21
185.20.140.0/22 maxlen: 22
84.252.76.0/22 maxlen: 22
86.62.24.0/22 maxlen: 22
2a09:5500::/29 maxlen: 29
2a00:19f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/S6eyT4fqUURtUZr9T-YEGRmOwBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/S6eyT4fqUURtUZr9T-YEGRmOwBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/S6eyT4fqUURtUZr9T-YEGRmOwBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 15:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:7e:ea:75:a0:be:0c:c0:50:ae:30:48:53:96:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ba7b24f87ea51446d519afd4fe60419198ec012
Validity
Not Before: Jan 2 00:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c612d83c1d11b6d9c65170fbe43cb095c82cc39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:f5:99:d2:7f:50:31:7f:1e:ac:03:17:53:3d:
66:75:6f:36:15:2e:90:27:37:9e:6b:ea:01:2a:f3:
1b:25:ec:0d:21:df:7b:75:fe:f0:b6:3f:38:91:8e:
aa:f7:1f:e4:0e:3f:78:e6:7e:f8:c5:82:1e:2b:6e:
87:a8:ee:b5:8e:5d:21:f5:0a:10:53:04:ca:8e:9b:
17:c6:16:06:4b:a3:90:b5:80:e0:e8:44:55:8a:8b:
e0:7a:bd:31:8d:44:08:d8:9f:51:bc:98:71:f9:c3:
0f:a8:12:6c:f4:cc:ec:d4:28:e4:4c:18:59:47:3d:
54:b4:d2:2b:23:11:65:d6:35:98:3a:5c:75:68:b8:
e0:af:a1:25:be:9c:2c:bc:8d:c0:87:6a:ee:d8:90:
79:db:8a:da:d8:ce:42:d2:66:28:df:84:b2:7f:58:
b8:aa:39:54:dc:09:08:c1:2d:29:10:58:52:90:4f:
ab:2f:b5:e0:9d:25:ab:16:27:a2:fb:f2:ec:a4:ad:
7a:fa:06:47:4b:48:36:09:ac:41:8f:a4:1f:3d:15:
7d:33:fa:94:05:57:28:78:3d:f2:5c:2d:84:d2:6f:
6c:95:d8:91:4d:87:8b:a3:ad:18:3d:61:93:4b:19:
c5:67:90:d2:80:77:3f:22:34:5a:32:d9:9b:71:74:
34:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:61:2D:83:C1:D1:1B:6D:9C:65:17:0F:BE:43:CB:09:5C:82:CC:39
X509v3 Authority Key Identifier:
keyid:4B:A7:B2:4F:87:EA:51:44:6D:51:9A:FD:4F:E6:04:19:19:8E:C0:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S6eyT4fqUURtUZr9T-YEGRmOwBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/bGEtg8HRG22cZRcPvkPLCVyCzDk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/31fded-6fde-45ce-b358-a26889ee22c2/1/S6eyT4fqUURtUZr9T-YEGRmOwBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.252.76.0/22
86.62.24.0/22
91.207.2.0/23
109.232.72.0/21
185.20.140.0/22
193.187.164.0/22
IPv6:
2a00:19f8::/32
2a09:5500::/29
Signature Algorithm: sha256WithRSAEncryption
25:23:4c:1a:ea:ff:e5:38:dc:a9:d4:cc:b8:2d:b2:4d:cb:c6:
64:a6:fa:d6:4e:ea:16:ee:a3:1f:9a:b6:07:fe:23:20:f3:60:
91:43:49:e9:01:25:b7:bb:9c:ca:11:b8:9e:03:61:33:5e:9e:
3f:4f:49:47:91:cf:d8:d8:9a:2f:1b:77:2d:1f:57:2e:71:2b:
af:17:c6:a8:f6:31:65:6d:c6:43:9e:44:7e:40:c0:34:b9:95:
e9:f3:89:df:74:75:bf:02:2a:34:e6:ea:55:50:86:ce:cd:ba:
39:bf:51:b2:2f:b4:e0:a2:6d:7f:8c:df:81:11:bb:e4:f6:ae:
ac:cb:49:6d:b7:7a:41:aa:9f:42:43:7e:30:76:12:ba:bc:04:
52:9a:39:aa:f4:c3:fc:a5:97:25:df:38:0e:42:92:d9:f4:86:
fd:b7:0d:f1:49:16:16:67:2a:a2:d5:2a:f7:04:33:25:10:63:
2e:6a:81:46:57:da:8b:8f:9e:96:ba:1e:cf:d8:d0:8c:a3:99:
7a:21:c0:68:20:51:44:e0:f3:8c:88:8a:1e:31:7d:77:92:ea:
4e:4b:dd:20:8d:ee:19:06:fb:bc:be:73:f1:d4:7c:74:1c:0c:
06:84:c2:57:a8:8c:64:b7:88:03:56:0c:d8:ce:95:44:8e:bc:
3c:7b:42:6b
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzHlH7qdaC+DMBQrjBIU5ZBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiYTdiMjRmODdlYTUxNDQ2ZDUxOWFmZDRmZTYwNDE5MTk4
ZWMwMTIwHhcNMjQwMTAyMDAzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzYxMmQ4M2MxZDExYjZkOWM2NTE3MGZiZTQzY2IwOTVjODJjYzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmfWZ0n9QMX8erAMXUz1mdW82FS6Q
Jzeea+oBKvMbJewNId97df7wtj84kY6q9x/kDj945n74xYIeK26HqO61jl0h9QoQ
UwTKjpsXxhYGS6OQtYDg6ERViovger0xjUQI2J9RvJhx+cMPqBJs9Mzs1CjkTBhZ
Rz1UtNIrIxFl1jWYOlx1aLjgr6ElvpwsvI3Ah2ru2JB524ra2M5C0mYo34Syf1i4
qjlU3AkIwS0pEFhSkE+rL7XgnSWrFiei+/LspK16+gZHS0g2CaxBj6QfPRV9M/qU
BVcoeD3yXC2E0m9sldiRTYeLo60YPWGTSxnFZ5DSgHc/IjRaMtmbcXQ07wIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFGxhLYPB0RttnGUXD75Dywlcgsw5MB8GA1UdIwQY
MBaAFEunsk+H6lFEbVGa/U/mBBkZjsASMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzZleVQ0ZnFVVVJ0VVpyOVQtWUVHUm1Pd0JJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi8zMWZkZWQtNmZkZS00NWNlLWIzNTgt
YTI2ODg5ZWUyMmMyLzEvYkdFdGc4SFJHMjJjWlJjUHZrUExDVnlDekRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi8zMWZkZWQtNmZkZS00NWNlLWIzNTgtYTI2ODg5ZWUyMmMy
LzEvUzZleVQ0ZnFVVVJ0VVpyOVQtWUVHUm1Pd0JJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCVPxMAwQC
Vj4YAwQBW88CAwQDbehIAwQCuRSMAwQCwbukMBQEAgACMA4DBQAqABn4AwUDKglV
ADANBgkqhkiG9w0BAQsFAAOCAQEAJSNMGur/5TjcqdTMuC2yTcvGZKb61k7qFu6j
H5q2B/4jIPNgkUNJ6QElt7ucyhG4ngNhM16eP09JR5HP2NiaLxt3LR9XLnErrxfG
qPYxZW3GQ55EfkDANLmV6fOJ33R1vwIqNObqVVCGzs26Ob9Rsi+04KJtf4zfgRG7
5PaurMtJbbd6QaqfQkN+MHYSurwEUpo5qvTD/KWXJd84DkKS2fSG/bcN8UkWFmcq
otUq9wQzJRBjLmqBRlfai4+elroez9jQjKOZeiHAaCBRRODzjIiKHjF9d5LqTkvd
II3uGQb7vL5z8dR8dBwMBoTCV6iMZLeIA1YM2M6VRI68PHtCaw==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:14:57 2024 by rpki-client on console-ams.rpki-client.org