Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/Bi-xbkKZGLYVR7L_8_DFN-ySudw.roa
File: Bi-xbkKZGLYVR7L_8_DFN-ySudw.roa (raw, json)
Hash identifier: E8CQNizRkx38pPxhj+5iIik0zOyBOnMsFwEcUc2955Q=
Subject key identifier: 06:2F:B1:6E:42:99:18:B6:15:47:B2:FF:F3:F0:C5:37:EC:92:B9:DC
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 018CC794A38FC60983A038685194288ADBE4
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/Bi-xbkKZGLYVR7L_8_DFN-ySudw.roa
Signing time: Tue 02 Jan 2024 00:30:56 +0000
ROA not before: Tue 02 Jan 2024 00:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206902
IP address blocks: 84.38.140.0/24 maxlen: 24
87.99.73.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:a3:8f:c6:09:83:a0:38:68:51:94:28:8a:db:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jan 2 00:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=062fb16e429918b61547b2fff3f0c537ec92b9dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:86:ba:a0:07:ac:a9:46:77:53:f6:58:ec:07:
d3:49:9b:7f:c8:02:6b:98:31:62:09:89:12:10:9d:
b7:0c:b4:51:52:c9:e4:52:d4:c8:39:45:0f:88:86:
c8:4e:de:74:fa:ba:62:bf:27:51:6a:fa:e6:17:0b:
89:7d:da:1e:0c:ec:b5:6a:87:24:26:4f:2c:d3:dd:
da:d6:8d:ff:bc:2f:f4:55:4d:fe:8f:b5:7c:69:11:
53:52:e5:9e:41:45:f3:30:7a:a9:ba:bd:5a:80:da:
a0:35:64:1a:0d:41:64:52:6c:08:63:53:a5:25:89:
10:e5:d0:2e:46:ba:0b:57:15:e4:ba:23:6d:e3:7b:
ff:dd:73:37:6b:1c:48:97:d3:90:2e:db:d1:2b:c3:
f5:22:5a:e7:24:aa:8f:aa:6c:2f:cc:fd:a7:1a:69:
f2:8a:58:7d:b1:ab:2f:75:d6:a4:b0:c6:0d:c4:cb:
d8:07:b7:9c:eb:30:10:8f:ca:26:14:d8:f6:2c:85:
72:16:24:46:63:65:d6:9d:e3:80:77:72:a9:6d:fb:
72:8e:cb:32:64:8a:a6:4f:d3:a1:3b:bb:cb:51:4c:
6c:87:35:5b:bb:38:84:d0:ba:1b:b1:07:d0:fb:a7:
a0:a7:04:3f:fa:9b:78:ad:0a:2e:b4:bd:c2:e1:7d:
8a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:2F:B1:6E:42:99:18:B6:15:47:B2:FF:F3:F0:C5:37:EC:92:B9:DC
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/Bi-xbkKZGLYVR7L_8_DFN-ySudw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.38.140.0/24
87.99.73.0/24
Signature Algorithm: sha256WithRSAEncryption
51:32:e2:15:88:c8:97:de:c6:2b:85:26:76:ec:c4:88:af:06:
04:ef:4d:11:24:f4:c5:d2:85:f8:d9:72:09:37:86:e4:2e:95:
a6:8b:df:89:fc:58:f7:0b:f0:56:7c:29:af:96:e9:09:9d:5d:
57:a9:8c:30:d6:92:22:b0:24:94:51:39:83:66:5e:58:48:4b:
91:86:6d:56:16:03:f6:cb:4e:82:83:2b:ea:58:74:62:b2:19:
e6:d9:19:aa:e3:0a:91:a0:9f:0b:32:72:1c:7f:d4:a2:11:fe:
ff:96:e7:49:50:69:1a:d4:4b:76:73:95:8f:a1:20:e0:c3:98:
53:a4:23:fe:ea:36:2f:a5:87:d1:7a:5f:61:2b:45:6d:19:d9:
81:86:bc:9b:6f:11:1f:43:02:ef:22:1e:cd:fe:8f:b9:95:5d:
8a:64:87:92:b0:c5:3c:72:48:9f:f4:b9:e7:9b:bd:89:62:5b:
79:67:18:ab:33:17:75:09:5a:62:40:8a:06:ee:12:bd:dc:fe:
a5:23:e1:55:cf:72:45:f2:aa:4a:7d:c0:ef:93:b4:6f:93:02:
dd:eb:3e:ab:77:29:3b:12:01:ce:e6:89:e7:87:18:11:d0:35:
dc:82:2f:02:73:6c:3e:bf:9d:16:8d:93:ed:50:37:77:d6:31:
6f:b5:b7:d5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlKOPxgmDoDhoUZQoitvkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjQwMTAyMDAzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjJmYjE2ZTQyOTkxOGI2MTU0N2IyZmZmM2YwYzUzN2VjOTJiOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYa6oAesqUZ3U/ZY7AfTSZt/yAJr
mDFiCYkSEJ23DLRRUsnkUtTIOUUPiIbITt50+rpivydRavrmFwuJfdoeDOy1aock
Jk8s093a1o3/vC/0VU3+j7V8aRFTUuWeQUXzMHqpur1agNqgNWQaDUFkUmwIY1Ol
JYkQ5dAuRroLVxXkuiNt43v/3XM3axxIl9OQLtvRK8P1IlrnJKqPqmwvzP2nGmny
ilh9sasvddaksMYNxMvYB7ec6zAQj8omFNj2LIVyFiRGY2XWneOAd3Kpbftyjssy
ZIqmT9OhO7vLUUxshzVbuziE0LobsQfQ+6egpwQ/+pt4rQoutL3C4X2KiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAYvsW5CmRi2FUey//PwxTfskrncMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvQmkteGJrS1pHTFlWUjdMXzhfREZOLXlTdWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAVCaMAwQA
V2NJMA0GCSqGSIb3DQEBCwUAA4IBAQBRMuIViMiX3sYrhSZ27MSIrwYE700RJPTF
0oX42XIJN4bkLpWmi9+J/Fj3C/BWfCmvlukJnV1XqYww1pIisCSUUTmDZl5YSEuR
hm1WFgP2y06CgyvqWHRishnm2Rmq4wqRoJ8LMnIcf9SiEf7/ludJUGka1Et2c5WP
oSDgw5hTpCP+6jYvpYfRel9hK0VtGdmBhrybbxEfQwLvIh7N/o+5lV2KZIeSsMU8
ckif9Lnnm72JYlt5ZxirMxd1CVpiQIoG7hK93P6lI+FVz3JF8qpKfcDvk7RvkwLd
6z6rdyk7EgHO5onnhxgR0DXcgi8Cc2w+v50WjZPtUDd31jFvtbfV
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:34:58 2024 by rpki-client on console-fra.rpki-client.org