Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/BKPYrcT3PkXpKt-Ap9gC5F-yla0.roa
File: BKPYrcT3PkXpKt-Ap9gC5F-yla0.roa (raw, json)
Hash identifier: 6ds5UWXhWwS2+yzzhk07ZzNBU13XKDSB+9ZSnxkqwrw=
Subject key identifier: 04:A3:D8:AD:C4:F7:3E:45:E9:2A:DF:80:A7:D8:02:E4:5F:B2:95:AD
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 0191E1DA0C200EE7511D604B59CC4A8CE8A8
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/BKPYrcT3PkXpKt-Ap9gC5F-yla0.roa
Signing time: Wed 11 Sep 2024 16:10:49 +0000
ROA not before: Wed 11 Sep 2024 16:10:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203025
IP address blocks: 194.50.184.0/23 maxlen: 23
194.50.188.0/23 maxlen: 23
2a02:c580::/29 maxlen: 29
2a09:ef40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:da:0c:20:0e:e7:51:1d:60:4b:59:cc:4a:8c:e8:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Sep 11 16:10:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04a3d8adc4f73e45e92adf80a7d802e45fb295ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ad:f2:9a:43:06:06:0c:65:f5:88:7b:77:c6:
42:fa:3e:30:c3:89:29:36:8d:6d:77:b0:28:ca:4f:
81:b7:ff:ce:1d:dc:ed:0a:77:0b:2f:36:99:14:60:
2c:3e:2b:4c:7b:00:e1:f0:eb:5e:49:dd:59:98:e0:
13:f2:a1:2d:cb:43:9a:ee:0c:6a:b0:e8:0a:8e:7d:
e5:4a:b2:7e:28:a6:ed:5d:80:6b:62:89:14:0f:fb:
c7:0a:a4:00:53:97:98:0e:06:91:92:f5:b9:e4:fd:
20:0e:56:a3:ad:4b:fa:2f:f7:92:62:48:d0:e7:e1:
29:d0:63:ac:91:87:61:f1:11:1f:29:08:6b:8a:64:
05:12:72:ff:87:1c:38:e4:27:05:42:a4:bd:09:64:
e0:34:30:7c:d7:9b:52:af:ba:74:a6:2f:cb:4c:a3:
49:df:42:e9:83:d7:19:59:fe:a5:44:cc:6c:f1:af:
3e:85:5a:b7:1b:e6:2c:83:05:de:b1:4c:0e:77:41:
2e:f2:f4:1b:4e:b0:66:e6:18:f0:2a:c5:0d:14:3a:
ca:bb:97:a2:b9:33:5d:d3:65:68:b1:e6:c4:94:f7:
0f:86:44:d1:53:7a:f4:11:99:a8:97:28:33:58:02:
b2:d4:08:a1:29:3b:ae:82:11:14:52:34:ed:56:4b:
f7:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A3:D8:AD:C4:F7:3E:45:E9:2A:DF:80:A7:D8:02:E4:5F:B2:95:AD
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/BKPYrcT3PkXpKt-Ap9gC5F-yla0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.50.184.0/23
194.50.188.0/23
IPv6:
2a02:c580::/29
2a09:ef40::/29
Signature Algorithm: sha256WithRSAEncryption
72:55:85:98:7c:aa:1f:ae:27:14:5a:c5:e9:96:e5:be:3e:b8:
f6:9d:97:1d:6f:db:ee:05:9b:21:47:fb:3e:ff:a6:4e:4a:8f:
c9:b1:fe:3b:78:30:8c:89:f2:47:88:73:7a:ac:4c:8e:d9:9a:
00:1d:81:48:b4:bd:05:f3:cd:5c:be:58:a6:c6:38:0f:23:0b:
cf:05:05:5a:de:57:50:ef:7e:2f:f0:b9:f3:f7:16:07:87:3e:
66:3d:ae:4f:96:1f:ad:6f:73:22:87:7e:d6:bc:cd:44:52:58:
08:f5:a9:38:f5:9c:08:da:7b:ae:f1:ec:ba:0e:1a:0a:87:26:
1f:a0:56:1b:ef:34:c9:9f:13:94:0f:36:72:c3:8e:1c:5f:84:
a4:b4:f6:33:48:cc:27:d4:30:bc:e6:32:29:06:33:08:b4:fc:
16:01:54:8e:60:b0:c9:c3:45:e4:68:a3:62:b2:f0:43:01:36:
a3:36:cb:60:b5:60:e8:d0:eb:cf:6e:93:97:40:fe:48:89:4d:
a5:5f:e0:02:9e:aa:3a:35:3d:bf:06:c3:67:ef:30:99:ce:c1:
0b:2f:e6:90:41:a5:ee:a9:d2:34:2a:a4:26:d5:a8:f9:c7:03:
ab:e5:09:71:68:0c:4d:77:d6:00:d1:27:e9:89:0a:0d:b2:cc:
cf:02:93:da
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZHh2gwgDudRHWBLWcxKjOioMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjQwOTExMTYxMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGEzZDhhZGM0ZjczZTQ1ZTkyYWRmODBhN2Q4MDJlNDVmYjI5NWFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1a3ymkMGBgxl9Yh7d8ZC+j4ww4kp
No1td7Aoyk+Bt//OHdztCncLLzaZFGAsPitMewDh8OteSd1ZmOAT8qEty0Oa7gxq
sOgKjn3lSrJ+KKbtXYBrYokUD/vHCqQAU5eYDgaRkvW55P0gDlajrUv6L/eSYkjQ
5+Ep0GOskYdh8REfKQhrimQFEnL/hxw45CcFQqS9CWTgNDB815tSr7p0pi/LTKNJ
30Lpg9cZWf6lRMxs8a8+hVq3G+YsgwXesUwOd0Eu8vQbTrBm5hjwKsUNFDrKu5ei
uTNd02VosebElPcPhkTRU3r0EZmolygzWAKy1AihKTuughEUUjTtVkv3xQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFASj2K3E9z5F6SrfgKfYAuRfspWtMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvQktQWXJjVDNQa1hwS3QtQXA5Z0M1Ri15bGEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQBwjK4AwQB
wjK8MBQEAgACMA4DBQMqAsWAAwUDKgnvQDANBgkqhkiG9w0BAQsFAAOCAQEAclWF
mHyqH64nFFrF6Zblvj649p2XHW/b7gWbIUf7Pv+mTkqPybH+O3gwjInyR4hzeqxM
jtmaAB2BSLS9BfPNXL5YpsY4DyMLzwUFWt5XUO9+L/C58/cWB4c+Zj2uT5YfrW9z
Iod+1rzNRFJYCPWpOPWcCNp7rvHsug4aCocmH6BWG+80yZ8TlA82csOOHF+EpLT2
M0jMJ9QwvOYyKQYzCLT8FgFUjmCwycNF5GijYrLwQwE2ozbLYLVg6NDrz26Tl0D+
SIlNpV/gAp6qOjU9vwbDZ+8wmc7BCy/mkEGl7qnSNCqkJtWo+ccDq+UJcWgMTXfW
ANEn6YkKDbLMzwKT2g==
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:31 2024 by rpki-client on console-ams.rpki-client.org