Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/bheHp8Z0is1VSBEzmg9STp37tXM.roa
File: bheHp8Z0is1VSBEzmg9STp37tXM.roa (raw, json)
Hash identifier: K3wFKKjeSon5EkKfGzGpwSVqVhYU7S390QD5ERMMABg=
Subject key identifier: 6E:17:87:A7:C6:74:8A:CD:55:48:11:33:9A:0F:52:4E:9D:FB:B5:73
Certificate issuer: /CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Certificate serial: 018CC6B93B7FB29472256FA0E30C0BD7D2AD
Authority key identifier: BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/bheHp8Z0is1VSBEzmg9STp37tXM.roa
Signing time: Mon 01 Jan 2024 20:31:17 +0000
ROA not before: Mon 01 Jan 2024 20:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 212.24.176.0/24 maxlen: 24
91.82.105.0/24 maxlen: 24
213.253.215.0/24 maxlen: 24
81.0.120.0/24 maxlen: 24
195.184.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.mft
rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:3b:7f:b2:94:72:25:6f:a0:e3:0c:0b:d7:d2:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfb097a36c2325d1031ff4091ba00a86459d4288
Validity
Not Before: Jan 1 20:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e1787a7c6748acd554811339a0f524e9dfbb573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:50:cb:0c:6d:9e:37:36:07:fe:cf:1c:da:54:
36:60:c3:dc:86:b7:7e:91:ec:4e:ab:7a:d9:93:5f:
09:ea:04:41:0b:7a:96:92:8a:eb:99:0a:45:a0:ff:
3d:89:b6:71:01:8a:d2:a4:6b:60:48:13:b0:c0:57:
9a:80:3b:5d:17:91:a8:0e:7e:68:a5:c8:36:43:bc:
d0:75:a4:c5:af:83:63:28:f9:e5:22:fb:6c:46:7f:
86:21:71:14:66:2a:9f:eb:26:4a:2e:c4:bb:ce:8e:
db:96:fc:9d:ce:e0:bf:1c:1e:df:5b:e8:87:a2:25:
2f:86:4b:00:43:52:9f:40:f0:5a:38:b1:81:08:30:
94:bf:86:ff:3a:92:ba:3b:10:e2:89:32:6f:b8:7c:
a8:a5:66:55:56:95:8c:ce:52:ad:0c:3d:68:09:11:
a0:81:d1:37:a4:c4:0b:ec:0c:db:6f:0a:25:0c:1d:
ba:c0:f9:09:d7:2d:07:e2:38:6c:34:2d:03:af:82:
23:84:5a:ce:c5:03:f7:d9:d9:36:27:17:77:12:60:
93:c9:eb:4a:7c:95:db:37:48:28:26:97:51:4d:95:
60:ab:23:4c:fe:75:78:21:70:0b:53:3e:41:61:a5:
7a:17:a9:bf:38:ac:21:59:ff:e9:7d:1c:d8:66:63:
68:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:17:87:A7:C6:74:8A:CD:55:48:11:33:9A:0F:52:4E:9D:FB:B5:73
X509v3 Authority Key Identifier:
keyid:BF:B0:97:A3:6C:23:25:D1:03:1F:F4:09:1B:A0:0A:86:45:9D:42:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v7CXo2wjJdEDH_QJG6AKhkWdQog.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/bheHp8Z0is1VSBEzmg9STp37tXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/f2c5e8-8d37-4838-a33b-ecc49bdc2ad8/1/v7CXo2wjJdEDH_QJG6AKhkWdQog.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.0.120.0/24
91.82.105.0/24
195.184.27.0/24
212.24.176.0/24
213.253.215.0/24
Signature Algorithm: sha256WithRSAEncryption
64:cd:0e:5f:73:36:24:0c:a1:90:f2:77:71:82:d9:7f:c7:4d:
de:f5:d3:4a:2a:1f:50:2d:b2:4f:0b:a1:19:da:21:66:f4:ae:
24:b4:e3:24:4a:3f:bb:75:79:ad:84:96:99:15:19:0c:f4:c7:
ad:ba:40:0c:d5:56:5e:49:56:52:f9:b5:85:6c:dc:4e:6e:39:
0a:15:53:55:4c:01:ba:e8:bc:f6:30:5d:1f:b0:6b:07:7b:a3:
98:2a:5d:6f:a4:b9:ed:c4:48:b5:f1:46:e0:d1:49:c6:9f:54:
49:3a:81:c7:69:75:82:cb:f5:0d:bc:98:fa:72:73:86:d6:e4:
c5:34:82:db:c1:42:92:ce:66:32:8f:ba:c8:9f:47:9b:6d:43:
2d:64:f2:cb:e0:b8:3e:7f:fe:3f:ff:c9:26:3d:6a:c6:c3:58:
f5:0f:69:77:20:e2:ff:d7:4b:e6:05:46:ac:2f:18:60:7b:fe:
d7:9a:6a:e2:76:4f:c9:45:84:c1:0c:5e:97:b2:c6:65:96:b0:
59:ab:80:18:39:f9:75:0d:8b:32:ec:ba:b4:de:86:cd:2e:0f:
3f:47:b3:0f:ca:1d:9f:2b:08:19:05:a2:88:40:49:6e:ea:c7:
dc:3d:25:7a:7b:b8:f7:7a:a0:48:72:e4:1f:72:ee:4a:67:69:
27:d6:e6:59
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzGuTt/spRyJW+g4wwL19KtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYjA5N2EzNmMyMzI1ZDEwMzFmZjQwOTFiYTAwYTg2NDU5
ZDQyODgwHhcNMjQwMTAxMjAzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTE3ODdhN2M2NzQ4YWNkNTU0ODExMzM5YTBmNTI0ZTlkZmJiNTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1DLDG2eNzYH/s8c2lQ2YMPchrd+
kexOq3rZk18J6gRBC3qWkorrmQpFoP89ibZxAYrSpGtgSBOwwFeagDtdF5GoDn5o
pcg2Q7zQdaTFr4NjKPnlIvtsRn+GIXEUZiqf6yZKLsS7zo7blvydzuC/HB7fW+iH
oiUvhksAQ1KfQPBaOLGBCDCUv4b/OpK6OxDiiTJvuHyopWZVVpWMzlKtDD1oCRGg
gdE3pMQL7AzbbwolDB26wPkJ1y0H4jhsNC0Dr4IjhFrOxQP32dk2Jxd3EmCTyetK
fJXbN0goJpdRTZVgqyNM/nV4IXALUz5BYaV6F6m/OKwhWf/pfRzYZmNo0QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG4Xh6fGdIrNVUgRM5oPUk6d+7VzMB8GA1UdIwQY
MBaAFL+wl6NsIyXRAx/0CRugCoZFnUKIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2It
ZWNjNDliZGMyYWQ4LzEvYmhlSHA4WjBpczFWU0JFem1nOVNUcDM3dFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9mMmM1ZTgtOGQzNy00ODM4LWEzM2ItZWNjNDliZGMyYWQ4
LzEvdjdDWG8yd2pKZEVESF9RSkc2QUtoa1dkUW9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUQB4AwQA
W1JpAwQAw7gbAwQA1BiwAwQA1f3XMA0GCSqGSIb3DQEBCwUAA4IBAQBkzQ5fczYk
DKGQ8ndxgtl/x03e9dNKKh9QLbJPC6EZ2iFm9K4ktOMkSj+7dXmthJaZFRkM9Met
ukAM1VZeSVZS+bWFbNxObjkKFVNVTAG66Lz2MF0fsGsHe6OYKl1vpLntxEi18Ubg
0UnGn1RJOoHHaXWCy/UNvJj6cnOG1uTFNILbwUKSzmYyj7rIn0ebbUMtZPLL4Lg+
f/4//8kmPWrGw1j1D2l3IOL/10vmBUasLxhge/7Xmmridk/JRYTBDF6XssZllrBZ
q4AYOfl1DYsy7Lq03obNLg8/R7MPyh2fKwgZBaKIQElu6sfcPSV6e7j3eqBIcuQf
cu5KZ2kn1uZZ
-----END CERTIFICATE-----
Generated at Thu May 2 21:15:01 2024 by rpki-client on console-fra.rpki-client.org