Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/bImFPT4_xl9jMcSdRmVSxVZflKo.roa
File: bImFPT4_xl9jMcSdRmVSxVZflKo.roa (raw, json)
Hash identifier: FlIBwa8jS/7+t5bT/WA3N1pwc1fnXK0HW5G8zKkHMNg=
Subject key identifier: 6C:89:85:3D:3E:3F:C6:5F:63:31:C4:9D:46:65:52:C5:56:5F:94:AA
Certificate issuer: /CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Certificate serial: 01900B5F9FAA4E6B2F2F846F914525401E13
Authority key identifier: 05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/bImFPT4_xl9jMcSdRmVSxVZflKo.roa
Signing time: Wed 12 Jun 2024 07:35:34 +0000
ROA not before: Wed 12 Jun 2024 07:35:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54339
IP address blocks: 46.182.207.0/24 maxlen: 24
85.208.46.0/24 maxlen: 24
193.149.179.0/24 maxlen: 24
194.179.136.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:0b:5f:9f:aa:4e:6b:2f:2f:84:6f:91:45:25:40:1e:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0551605b675ece4e0fce7175ae31a93fa8272ba6
Validity
Not Before: Jun 12 07:35:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c89853d3e3fc65f6331c49d466552c5565f94aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:4a:5c:4d:ab:74:96:b1:47:ef:0b:e0:59:46:
f6:f1:90:5c:d0:89:d1:fb:39:8f:7e:0a:e8:99:f6:
ad:f6:a6:85:31:b9:fc:7e:9f:14:8d:d0:8c:4b:82:
d7:e0:a8:66:50:68:da:20:28:19:75:f5:bd:9d:e5:
1a:7f:6b:ff:bb:e8:d4:74:47:84:f6:bf:75:ca:7b:
43:c1:0f:fe:72:27:2d:53:ca:e7:77:0c:04:fc:89:
55:3b:4c:8c:35:41:67:7b:d8:22:c3:5f:3b:7b:55:
85:b3:b4:78:1c:51:c5:bf:6c:f5:cc:3a:55:85:76:
50:69:34:84:42:70:2e:ac:3f:a2:d2:e0:06:0e:37:
b4:63:9e:0e:29:9c:3d:6e:69:66:e6:86:3a:7e:e7:
71:08:67:41:cc:1f:79:c9:83:82:b0:98:de:b1:a9:
de:41:5d:e7:97:cd:1d:fe:9a:c6:d6:e8:af:7a:ef:
b1:a0:62:4c:89:3e:17:39:49:c6:a9:fa:dc:49:cd:
7a:84:0b:c5:61:9c:4c:83:90:55:35:61:23:cb:c6:
c0:f6:92:1c:c9:67:da:ae:c1:0a:9d:2d:e8:e7:3a:
fd:3e:42:4b:87:8d:c9:12:a3:11:1e:51:24:10:5c:
23:03:44:65:c3:85:e5:56:cd:d2:f9:3d:dc:00:35:
5c:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:89:85:3D:3E:3F:C6:5F:63:31:C4:9D:46:65:52:C5:56:5F:94:AA
X509v3 Authority Key Identifier:
keyid:05:51:60:5B:67:5E:CE:4E:0F:CE:71:75:AE:31:A9:3F:A8:27:2B:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BVFgW2dezk4PznF1rjGpP6gnK6Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/bImFPT4_xl9jMcSdRmVSxVZflKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/28ea45-7d30-46df-8f2a-0779f48ecea0/1/BVFgW2dezk4PznF1rjGpP6gnK6Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.207.0/24
85.208.46.0/24
193.149.179.0/24
194.179.136.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:b4:90:3e:84:f9:a9:1f:49:c2:b9:25:59:3e:2e:7f:ad:a0:
8b:4b:4f:71:57:0a:95:88:3a:87:1f:40:c3:8f:a8:63:55:cc:
09:d4:85:21:39:aa:2e:8e:c7:07:7f:6a:82:a9:60:67:29:ea:
b5:a5:f6:d7:a1:8b:b5:f6:1b:d5:a8:90:93:9b:00:e0:72:db:
18:3b:fd:1e:79:b9:97:60:82:04:3d:8c:d3:1c:9e:35:72:fe:
af:4a:d8:82:ba:32:7f:3d:78:39:3d:75:eb:36:85:c2:51:08:
b0:e2:42:df:c3:41:b0:8d:04:f7:70:77:7f:fc:89:42:1b:dd:
47:44:69:6e:f7:a1:2d:cc:5e:8f:91:5b:b3:c4:68:c7:44:5c:
b7:d6:86:66:bd:45:b9:9b:10:60:8d:37:18:1d:a8:4f:6d:06:
a9:60:b0:46:c8:db:33:00:eb:14:41:53:52:ce:be:f5:b4:68:
03:72:33:98:e6:7f:28:51:75:f1:90:d9:3b:fa:64:4e:dc:a9:
25:4e:40:1c:b9:e8:00:1b:7f:ee:6c:b6:c7:a0:f7:3a:0d:9e:
ff:b1:54:8d:26:d3:61:4e:5c:92:ea:c6:a5:8a:2e:dc:b1:9b:
de:24:33:e8:7e:55:a8:51:98:d9:11:3d:43:42:f4:df:f3:40:
e2:51:cd:04
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZALX5+qTmsvL4RvkUUlQB4TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NTE2MDViNjc1ZWNlNGUwZmNlNzE3NWFlMzFhOTNmYTgy
NzJiYTYwHhcNMjQwNjEyMDczNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzg5ODUzZDNlM2ZjNjVmNjMzMWM0OWQ0NjY1NTJjNTU2NWY5NGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA60pcTat0lrFH7wvgWUb28ZBc0InR
+zmPfgromfat9qaFMbn8fp8UjdCMS4LX4KhmUGjaICgZdfW9neUaf2v/u+jUdEeE
9r91yntDwQ/+cictU8rndwwE/IlVO0yMNUFne9giw187e1WFs7R4HFHFv2z1zDpV
hXZQaTSEQnAurD+i0uAGDje0Y54OKZw9bmlm5oY6fudxCGdBzB95yYOCsJjesane
QV3nl80d/prG1uiveu+xoGJMiT4XOUnGqfrcSc16hAvFYZxMg5BVNWEjy8bA9pIc
yWfarsEKnS3o5zr9PkJLh43JEqMRHlEkEFwjA0Rlw4XlVs3S+T3cADVcqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGyJhT0+P8ZfYzHEnUZlUsVWX5SqMB8GA1UdIwQY
MBaAFAVRYFtnXs5OD85xda4xqT+oJyumMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEt
MDc3OWY0OGVjZWEwLzEvYkltRlBUNF94bDlqTWNTZFJtVlN4VlpmbEtvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8yOGVhNDUtN2QzMC00NmRmLThmMmEtMDc3OWY0OGVjZWEw
LzEvQlZGZ1cyZGV6azRQem5GMXJqR3BQNmduSzZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALrbPAwQA
VdAuAwQAwZWzAwQBwrOIMA0GCSqGSIb3DQEBCwUAA4IBAQBetJA+hPmpH0nCuSVZ
Pi5/raCLS09xVwqViDqHH0DDj6hjVcwJ1IUhOaoujscHf2qCqWBnKeq1pfbXoYu1
9hvVqJCTmwDgctsYO/0eebmXYIIEPYzTHJ41cv6vStiCujJ/PXg5PXXrNoXCUQiw
4kLfw0GwjQT3cHd//IlCG91HRGlu96EtzF6PkVuzxGjHRFy31oZmvUW5mxBgjTcY
HahPbQapYLBGyNszAOsUQVNSzr71tGgDcjOY5n8oUXXxkNk7+mRO3KklTkAcuegA
G3/ubLbHoPc6DZ7/sVSNJtNhTlyS6salii7csZveJDPoflWoUZjZET1DQvTf80Di
Uc0E
-----END CERTIFICATE-----
Generated at Mon Nov 25 01:43:41 2024 by rpki-client on console-fra.rpki-client.org