Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bgWGrpszQbw9X4KEX9vFy2xap24.roa
File: bgWGrpszQbw9X4KEX9vFy2xap24.roa (raw, json)
Hash identifier: +7XaeBXxu17uVXyvmerLDpsE7xBekPkRr4k1Ermi11A=
Subject key identifier: 6E:05:86:AE:9B:33:41:BC:3D:5F:82:84:5F:DB:C5:CB:6C:5A:A7:6E
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 018CC56E101DD889EEA945CCF4032A1B1806
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bgWGrpszQbw9X4KEX9vFy2xap24.roa
Signing time: Mon 01 Jan 2024 14:29:33 +0000
ROA not before: Mon 01 Jan 2024 14:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56681
IP address blocks: 188.255.224.0/24 maxlen: 24
188.255.221.0/24 maxlen: 24
188.255.146.0/24 maxlen: 24
188.255.169.0/24 maxlen: 24
188.255.173.0/24 maxlen: 24
188.255.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 May 2024 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:10:1d:d8:89:ee:a9:45:cc:f4:03:2a:1b:18:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jan 1 14:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e0586ae9b3341bc3d5f82845fdbc5cb6c5aa76e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:1f:24:74:9e:f8:e9:b8:fe:67:e9:e2:9f:b3:
05:d7:32:cc:7a:09:64:16:8b:a6:c4:10:ba:20:cc:
47:09:d7:fc:0d:57:a7:8d:be:67:31:24:f1:de:c5:
79:8f:28:9b:4b:6b:8e:4d:fe:a0:fc:fa:3f:ed:5f:
5b:7c:38:0f:d9:5f:82:48:38:71:86:74:b3:06:87:
44:75:56:ef:e3:0c:b4:9a:04:47:5d:44:6b:05:93:
89:77:54:ec:00:dd:c1:42:c9:f4:1e:23:cc:c6:31:
76:30:b5:e6:53:dc:6f:1a:8b:23:5e:e8:71:61:29:
fb:62:a8:06:ca:16:59:d7:c3:43:a0:0e:3e:48:eb:
ae:18:d9:d8:74:94:3e:57:e1:77:ef:81:09:85:8d:
67:21:2c:be:79:c2:f5:b5:47:b6:d6:66:b5:fb:68:
16:c8:8f:d3:54:f3:cf:a6:4b:6f:75:9a:94:ff:c0:
2d:37:9b:b6:35:1a:a8:eb:f6:2c:cd:eb:7c:15:64:
cf:91:c6:67:ff:c2:cc:b4:23:b9:be:eb:f2:ab:00:
da:3e:79:95:36:c3:b9:fd:ac:fb:76:96:15:46:fe:
6a:05:64:95:d1:dc:4b:fd:b7:fe:a6:0b:8e:34:27:
24:b8:ca:16:b5:ed:98:97:81:b8:df:92:77:64:bc:
31:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:05:86:AE:9B:33:41:BC:3D:5F:82:84:5F:DB:C5:CB:6C:5A:A7:6E
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/bgWGrpszQbw9X4KEX9vFy2xap24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.255.146.0/24
188.255.169.0/24
188.255.173.0/24
188.255.184.0/24
188.255.221.0/24
188.255.224.0/24
Signature Algorithm: sha256WithRSAEncryption
8f:95:9f:b9:0d:1a:b1:99:38:a6:c7:ec:89:66:ba:80:70:ce:
d5:bf:92:5f:30:96:54:f5:af:87:77:c7:91:df:ac:e8:ff:f7:
31:01:a2:ef:39:66:bb:af:39:bb:42:6e:e3:92:79:4d:8c:45:
a6:d3:ed:51:b9:ad:0b:99:fa:bc:43:dc:2c:81:04:a2:63:e3:
0a:3a:dd:a5:2c:e4:5e:a8:32:ba:b8:74:1c:48:b4:a4:a7:78:
2a:b8:52:93:e7:79:44:57:57:40:99:03:73:22:54:6b:36:e5:
26:f8:90:70:ee:14:d9:1a:92:92:87:28:84:89:c8:79:2e:1a:
93:7e:a3:e8:05:be:54:5a:e5:75:ff:b2:45:1a:b6:58:78:cb:
2c:be:96:ce:c0:40:0c:73:a2:cb:24:58:c9:6c:e5:1b:41:41:
bb:2d:f4:ca:74:9e:1f:e5:44:53:82:27:77:47:d6:c7:a1:10:
d5:51:30:bf:61:c1:08:50:cb:6f:5b:c8:c1:76:d5:d5:49:98:
b9:41:0e:13:66:32:b0:97:75:20:12:2d:3a:1e:5b:1f:c4:a8:
1e:59:66:a3:a5:57:03:68:7d:ee:53:43:b3:11:06:53:e2:68:
b7:9a:64:53:db:41:69:e4:46:70:fe:dd:93:91:f3:78:8e:bf:
b5:ec:03:9f
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzFbhAd2InuqUXM9AMqGxgGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjQwMTAxMTQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTA1ODZhZTliMzM0MWJjM2Q1ZjgyODQ1ZmRiYzVjYjZjNWFhNzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkB8kdJ746bj+Z+nin7MF1zLMeglk
FoumxBC6IMxHCdf8DVenjb5nMSTx3sV5jyibS2uOTf6g/Po/7V9bfDgP2V+CSDhx
hnSzBodEdVbv4wy0mgRHXURrBZOJd1TsAN3BQsn0HiPMxjF2MLXmU9xvGosjXuhx
YSn7YqgGyhZZ18NDoA4+SOuuGNnYdJQ+V+F374EJhY1nISy+ecL1tUe21ma1+2gW
yI/TVPPPpktvdZqU/8AtN5u2NRqo6/Yszet8FWTPkcZn/8LMtCO5vuvyqwDaPnmV
NsO5/az7dpYVRv5qBWSV0dxL/bf+pguONCckuMoWte2Yl4G435J3ZLwx0wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG4Fhq6bM0G8PV+ChF/bxctsWqduMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvYmdXR3Jwc3pRYnc5WDRLRVg5dkZ5MnhhcDI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAvP+SAwQA
vP+pAwQAvP+tAwQAvP+4AwQAvP/dAwQAvP/gMA0GCSqGSIb3DQEBCwUAA4IBAQCP
lZ+5DRqxmTimx+yJZrqAcM7Vv5JfMJZU9a+Hd8eR36zo//cxAaLvOWa7rzm7Qm7j
knlNjEWm0+1Rua0Lmfq8Q9wsgQSiY+MKOt2lLOReqDK6uHQcSLSkp3gquFKT53lE
V1dAmQNzIlRrNuUm+JBw7hTZGpKShyiEich5LhqTfqPoBb5UWuV1/7JFGrZYeMss
vpbOwEAMc6LLJFjJbOUbQUG7LfTKdJ4f5URTgid3R9bHoRDVUTC/YcEIUMtvW8jB
dtXVSZi5QQ4TZjKwl3UgEi06HlsfxKgeWWajpVcDaH3uU0OzEQZT4mi3mmRT20Fp
5EZw/t2TkfN4jr+17AOf
-----END CERTIFICATE-----
Generated at Sat May 25 12:53:32 2024 by rpki-client on console-ams.rpki-client.org