Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/Bznr5KOUJrVuR7aiMFfF4Zwzw1E.roa
File: Bznr5KOUJrVuR7aiMFfF4Zwzw1E.roa (raw, json)
Hash identifier: Z3M5ZIoFGewg1F/Yi0d+EZLmt4bVSdsxUuaEtWTXgXY=
Subject key identifier: 07:39:EB:E4:A3:94:26:B5:6E:47:B6:A2:30:57:C5:E1:9C:33:C3:51
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 018CC6B93EF5E1E47F2C8FDDF2F3177498AE
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/Bznr5KOUJrVuR7aiMFfF4Zwzw1E.roa
Signing time: Mon 01 Jan 2024 20:31:18 +0000
ROA not before: Mon 01 Jan 2024 20:31:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197889
IP address blocks: 195.184.4.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.mft
rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:3e:f5:e1:e4:7f:2c:8f:dd:f2:f3:17:74:98:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Jan 1 20:31:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0739ebe4a39426b56e47b6a23057c5e19c33c351
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:2c:02:be:df:46:5a:d1:6f:34:cf:da:77:4c:
6d:77:b1:69:6e:7e:0e:9b:2d:bd:06:e1:32:54:b0:
29:90:46:db:bc:d2:6f:bd:13:5c:9d:f2:62:d0:7d:
fa:6d:fb:e0:89:57:47:e2:e6:b2:2c:cb:d7:4b:39:
80:ed:22:41:80:b2:15:4b:66:e4:86:3f:9d:53:e4:
f1:85:3d:f5:fc:70:66:21:21:a5:41:6c:07:3c:a9:
40:87:44:91:f8:f9:15:09:42:23:b8:c0:00:25:b8:
e0:fb:46:55:57:c2:7e:97:a7:1b:e0:f4:a7:6e:74:
7c:f8:ac:f4:17:05:32:5d:43:5f:96:c6:21:3a:db:
f8:59:45:a5:02:e6:c3:42:18:40:4e:0d:7f:3e:cc:
92:f3:02:b0:58:d2:09:d6:4c:dd:bc:f4:08:f3:20:
ea:49:68:a7:73:43:90:04:bd:ae:3f:96:ab:2e:44:
c9:a0:bd:94:9b:3e:bf:d6:10:a8:89:c1:7a:4d:56:
36:5f:f4:bb:82:40:af:c6:1b:67:36:c7:f6:68:eb:
6d:9a:e6:c4:92:91:8a:43:ed:b8:7e:fd:cd:df:0e:
aa:44:5b:30:dc:b7:8f:52:86:bf:f7:15:e0:e8:90:
b2:4f:1f:ee:75:fb:2d:22:c1:df:6b:b3:e1:2f:c8:
48:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:39:EB:E4:A3:94:26:B5:6E:47:B6:A2:30:57:C5:E1:9C:33:C3:51
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/Bznr5KOUJrVuR7aiMFfF4Zwzw1E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.184.4.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:ca:74:c0:ee:32:16:c2:67:80:15:0a:cc:99:4d:bf:fd:ad:
02:3c:3f:1c:ca:47:57:fe:f5:01:6b:3b:8a:58:fc:c7:6e:60:
79:c1:ee:2d:60:26:0f:ab:94:41:55:ab:eb:b4:63:2d:c9:36:
77:51:c1:83:f9:50:1d:90:df:37:4b:3b:eb:d5:d5:f7:99:bb:
45:76:be:d9:05:51:de:aa:c9:a7:6b:8e:f1:a4:4c:8a:aa:50:
50:f8:92:87:1d:ba:2a:7b:15:8b:d1:58:1c:ab:dd:72:b5:aa:
ec:e3:20:aa:b4:47:ca:dc:49:66:4d:95:90:11:aa:2a:19:fc:
d7:f2:bd:75:50:65:da:44:43:b6:90:38:bf:9b:ab:dc:4a:08:
de:39:a4:b1:62:25:b5:93:40:79:cd:78:9a:20:04:76:84:91:
1e:2a:86:cf:6c:77:89:20:95:bb:1f:0a:21:44:5a:e2:0a:84:
c5:46:6f:14:4d:bf:c6:5d:84:84:c0:25:a3:30:58:3d:eb:2e:
ec:95:e4:7d:ed:b8:61:d6:16:0b:47:94:1c:83:78:94:5e:df:
ea:4d:3b:5f:ff:58:8e:d6:19:08:94:8a:28:c5:80:d7:b2:fe:
61:8f:36:e0:3b:84:f7:54:0f:02:c1:7f:ea:6b:45:c7:f6:60:
91:02:8a:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuT714eR/LI/d8vMXdJiuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjQwMTAxMjAzMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzM5ZWJlNGEzOTQyNmI1NmU0N2I2YTIzMDU3YzVlMTljMzNjMzUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqywCvt9GWtFvNM/ad0xtd7Fpbn4O
my29BuEyVLApkEbbvNJvvRNcnfJi0H36bfvgiVdH4uayLMvXSzmA7SJBgLIVS2bk
hj+dU+TxhT31/HBmISGlQWwHPKlAh0SR+PkVCUIjuMAAJbjg+0ZVV8J+l6cb4PSn
bnR8+Kz0FwUyXUNflsYhOtv4WUWlAubDQhhATg1/PsyS8wKwWNIJ1kzdvPQI8yDq
SWinc0OQBL2uP5arLkTJoL2Umz6/1hCoicF6TVY2X/S7gkCvxhtnNsf2aOttmubE
kpGKQ+24fv3N3w6qRFsw3LePUoa/9xXg6JCyTx/udfstIsHfa7PhL8hINQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAc56+SjlCa1bke2ojBXxeGcM8NRMB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvQnpucjVLT1VKclZ1UjdhaU1GZkY0Wnd6dzFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw7gEMA0G
CSqGSIb3DQEBCwUAA4IBAQBPynTA7jIWwmeAFQrMmU2//a0CPD8cykdX/vUBazuK
WPzHbmB5we4tYCYPq5RBVavrtGMtyTZ3UcGD+VAdkN83Szvr1dX3mbtFdr7ZBVHe
qsmna47xpEyKqlBQ+JKHHboqexWL0Vgcq91ytars4yCqtEfK3ElmTZWQEaoqGfzX
8r11UGXaREO2kDi/m6vcSgjeOaSxYiW1k0B5zXiaIAR2hJEeKobPbHeJIJW7Hwoh
RFriCoTFRm8UTb/GXYSEwCWjMFg96y7sleR97bhh1hYLR5Qcg3iUXt/qTTtf/1iO
1hkIlIooxYDXsv5hjzbgO4T3VA8CwX/qa0XH9mCRAoqX
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:39 2024 by rpki-client on console-fra.rpki-client.org