Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/bmUuSlwCmSnhulY7FhNL1WiBGtY.roa
File: bmUuSlwCmSnhulY7FhNL1WiBGtY.roa (raw, json)
Hash identifier: vGcOfUYOkL3VmUZIjblzRBZFAX8+VlyYxZuXj/2BMoY=
Subject key identifier: 6E:65:2E:4A:5C:02:99:29:E1:BA:56:3B:16:13:4B:D5:68:81:1A:D6
Certificate issuer: /CN=be8c0a74f47312df298a46095e47525d515854a1
Certificate serial: 018CCA98FF8AA017E468C5096DC94E3459F7
Authority key identifier: BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/bmUuSlwCmSnhulY7FhNL1WiBGtY.roa
Signing time: Tue 02 Jan 2024 14:34:33 +0000
ROA not before: Tue 02 Jan 2024 14:34:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43658
IP address blocks: 94.232.208.0/21 maxlen: 21
176.97.0.0/21 maxlen: 21
91.197.168.0/22 maxlen: 22
91.218.72.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/vowKdPRzEt8pikYJXkdSXVFYVKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/vowKdPRzEt8pikYJXkdSXVFYVKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:98:ff:8a:a0:17:e4:68:c5:09:6d:c9:4e:34:59:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be8c0a74f47312df298a46095e47525d515854a1
Validity
Not Before: Jan 2 14:34:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e652e4a5c029929e1ba563b16134bd568811ad6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:21:f5:69:9e:5f:d9:b1:2a:70:95:9d:f0:40:
ec:2c:47:b2:e2:ab:d1:7b:61:52:d4:51:3f:04:fe:
85:78:4f:48:0d:0a:5f:f0:03:ad:84:25:13:21:a1:
da:aa:6d:5e:fc:57:e8:b6:d9:9a:45:8d:d4:39:46:
c6:b4:6e:2a:9e:71:f3:6e:a6:c0:97:95:14:9c:de:
f1:aa:f5:4e:ea:10:79:84:03:92:fb:05:9c:4b:e3:
65:41:8b:96:ee:0b:79:97:d5:04:cc:ac:e4:25:0e:
f7:23:3b:f8:d0:05:d6:e2:7c:67:5e:eb:94:55:4c:
80:70:33:75:fa:0a:83:3b:16:b7:34:f5:aa:0c:42:
26:94:08:78:5c:07:3d:9e:cd:31:d8:57:d2:fd:06:
0a:46:8f:e7:d7:97:12:15:ff:5d:a8:e5:e5:60:44:
b3:82:a5:b2:68:a0:00:02:b6:d9:36:0a:f7:ca:68:
ae:81:ff:51:cc:3d:e4:6b:a9:b0:77:45:b6:b8:f2:
26:da:95:c4:43:cd:d2:3c:11:5b:ed:ab:69:2e:96:
5a:bc:03:18:b5:72:c6:35:cf:14:04:20:f1:d6:21:
44:ba:00:26:7c:6b:f3:62:d7:e3:a8:e4:6d:dc:7f:
e3:f9:60:30:bc:6c:aa:90:15:40:0e:02:d8:37:12:
4a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:65:2E:4A:5C:02:99:29:E1:BA:56:3B:16:13:4B:D5:68:81:1A:D6
X509v3 Authority Key Identifier:
keyid:BE:8C:0A:74:F4:73:12:DF:29:8A:46:09:5E:47:52:5D:51:58:54:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vowKdPRzEt8pikYJXkdSXVFYVKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/bmUuSlwCmSnhulY7FhNL1WiBGtY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fc80f0-5c27-4898-84ac-28e416cf11cf/1/vowKdPRzEt8pikYJXkdSXVFYVKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.168.0/22
91.218.72.0/22
94.232.208.0/21
176.97.0.0/21
Signature Algorithm: sha256WithRSAEncryption
2d:85:e0:9a:e4:c1:ea:4c:02:b2:69:e6:b2:ea:eb:6a:96:b2:
60:02:c6:8c:41:42:f0:d0:ca:fb:49:20:20:3b:ea:ac:44:e4:
92:57:d7:87:7c:2a:6a:67:13:3f:65:43:2e:78:63:9d:1a:ef:
db:5d:e6:8d:af:43:76:fa:a3:c6:5b:a7:46:a6:63:4a:29:62:
1e:64:c1:5e:65:d2:b2:7d:86:08:47:2b:cd:ad:af:cc:41:5f:
28:e1:0b:ad:ce:e0:fd:9b:7b:a0:46:f7:76:f7:1e:bd:ee:40:
6f:9e:46:d5:62:4d:54:c0:11:a9:1c:0c:af:3b:b6:7f:32:d5:
b7:d5:7c:24:0d:54:22:3e:dd:45:85:4d:62:2d:7a:f8:78:d3:
99:06:99:d1:99:5e:7f:ed:73:4e:8f:34:22:fa:0b:27:ec:1b:
7a:8f:66:80:b4:f1:6b:bb:4e:f4:3a:9d:6f:0c:d5:09:47:ff:
ce:d6:71:20:dc:0a:55:d3:56:1f:c4:3b:58:5d:68:ac:c2:59:
1f:a1:e9:4a:f5:36:fb:63:1d:87:12:bf:c2:d1:7d:15:cd:b9:
71:4e:23:48:b3:0d:76:7a:4c:4c:d9:0e:53:fa:cc:38:a4:29:
9d:eb:2a:b5:d6:77:04:da:0a:d3:4e:fb:a9:01:5d:ae:e3:61:
07:3a:8f:03
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzKmP+KoBfkaMUJbclONFn3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOGMwYTc0ZjQ3MzEyZGYyOThhNDYwOTVlNDc1MjVkNTE1
ODU0YTEwHhcNMjQwMTAyMTQzNDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTY1MmU0YTVjMDI5OTI5ZTFiYTU2M2IxNjEzNGJkNTY4ODExYWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSH1aZ5f2bEqcJWd8EDsLEey4qvR
e2FS1FE/BP6FeE9IDQpf8AOthCUTIaHaqm1e/FfottmaRY3UOUbGtG4qnnHzbqbA
l5UUnN7xqvVO6hB5hAOS+wWcS+NlQYuW7gt5l9UEzKzkJQ73Izv40AXW4nxnXuuU
VUyAcDN1+gqDOxa3NPWqDEImlAh4XAc9ns0x2FfS/QYKRo/n15cSFf9dqOXlYESz
gqWyaKAAArbZNgr3ymiugf9RzD3ka6mwd0W2uPIm2pXEQ83SPBFb7atpLpZavAMY
tXLGNc8UBCDx1iFEugAmfGvzYtfjqORt3H/j+WAwvGyqkBVADgLYNxJKPQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG5lLkpcApkp4bpWOxYTS9VogRrWMB8GA1UdIwQY
MBaAFL6MCnT0cxLfKYpGCV5HUl1RWFShMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMt
MjhlNDE2Y2YxMWNmLzEvYm1VdVNsd0NtU25odWxZN0ZoTkwxV2lCR3RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi9mYzgwZjAtNWMyNy00ODk4LTg0YWMtMjhlNDE2Y2YxMWNm
LzEvdm93S2RQUnpFdDhwaWtZSlhrZFNYVkZZVktFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8WoAwQC
W9pIAwQDXujQAwQDsGEAMA0GCSqGSIb3DQEBCwUAA4IBAQAtheCa5MHqTAKyaeay
6utqlrJgAsaMQULw0Mr7SSAgO+qsROSSV9eHfCpqZxM/ZUMueGOdGu/bXeaNr0N2
+qPGW6dGpmNKKWIeZMFeZdKyfYYIRyvNra/MQV8o4QutzuD9m3ugRvd29x697kBv
nkbVYk1UwBGpHAyvO7Z/MtW31XwkDVQiPt1FhU1iLXr4eNOZBpnRmV5/7XNOjzQi
+gsn7Bt6j2aAtPFru070Op1vDNUJR//O1nEg3ApV01YfxDtYXWiswlkfoelK9Tb7
Yx2HEr/C0X0VzblxTiNIsw12ekxM2Q5T+sw4pCmd6yq11ncE2grTTvupAV2u42EH
Oo8D
-----END CERTIFICATE-----
Generated at Mon May 20 17:36:55 2024 by rpki-client on console-ams.rpki-client.org