Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/BV_dIcP3PiR-50lmtWY1MpNX43E.roa
File: BV_dIcP3PiR-50lmtWY1MpNX43E.roa (raw, json)
Hash identifier: aipX5fks9jFF5BdX3LVy3U/nej7nx45YhybwaV4patY=
Subject key identifier: 05:5F:DD:21:C3:F7:3E:24:7E:E7:49:66:B5:66:35:32:93:57:E3:71
Certificate issuer: /CN=6b4b3e6a7c8783fc8a5719fbd9f37b32c8c7c5ca
Certificate serial: 018CC9BC664EE8D03151848742F89356CDF5
Authority key identifier: 6B:4B:3E:6A:7C:87:83:FC:8A:57:19:FB:D9:F3:7B:32:C8:C7:C5:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a0s-anyHg_yKVxn72fN7MsjHxco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/BV_dIcP3PiR-50lmtWY1MpNX43E.roa
Signing time: Tue 02 Jan 2024 10:33:36 +0000
ROA not before: Tue 02 Jan 2024 10:33:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202908
IP address blocks: 194.147.68.0/24 maxlen: 24
194.147.69.0/24 maxlen: 24
194.124.190.0/24 maxlen: 24
194.124.191.0/24 maxlen: 24
2a0a:aec0::/29 maxlen: 48
2a0a:aec0:100b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/a0s-anyHg_yKVxn72fN7MsjHxco.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/a0s-anyHg_yKVxn72fN7MsjHxco.mft
rsync://rpki.ripe.net/repository/DEFAULT/a0s-anyHg_yKVxn72fN7MsjHxco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:66:4e:e8:d0:31:51:84:87:42:f8:93:56:cd:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b4b3e6a7c8783fc8a5719fbd9f37b32c8c7c5ca
Validity
Not Before: Jan 2 10:33:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=055fdd21c3f73e247ee74966b56635329357e371
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:db:f1:9b:d1:65:a0:bf:b9:5d:7f:ab:2b:62:
a7:7c:e3:ae:f9:46:f0:84:3a:52:af:96:9c:b8:3c:
c0:67:8e:d3:ce:79:2b:f3:ea:1c:9c:da:00:fd:48:
c7:aa:ab:04:7f:fb:a0:1f:1e:d1:a3:6e:c5:0f:0e:
b9:46:5f:e3:77:3f:44:ba:4d:e3:19:13:cf:0d:57:
da:a2:c1:f4:dc:6d:1f:08:b3:d6:6e:83:f9:20:5f:
36:d0:01:cd:22:6d:be:11:90:87:d1:d3:15:4b:0c:
96:f5:c7:9b:5f:40:cb:84:1a:a8:25:45:1a:4e:0f:
68:b4:14:32:2f:ff:70:0b:df:8a:a6:d9:d4:13:96:
ea:a9:ca:e4:ff:53:ff:1a:ad:94:68:6d:f4:33:b1:
48:bc:0f:d7:5b:f8:6d:6f:2f:21:9c:5f:bf:61:f5:
4f:ea:df:1f:45:ad:c7:7b:1b:9f:64:3d:da:0d:d0:
42:75:61:f9:d1:2f:99:56:b9:5f:69:ad:cb:e8:40:
82:ab:a8:af:05:aa:7f:4f:b7:ea:59:bc:34:93:63:
fa:83:01:92:2e:9d:8d:f0:89:34:a0:27:d1:de:ba:
e0:2f:99:36:bb:2e:85:6f:5f:e9:30:50:59:0f:a5:
f7:51:58:6c:02:81:a4:18:ee:45:d9:6e:db:c4:a0:
d6:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:5F:DD:21:C3:F7:3E:24:7E:E7:49:66:B5:66:35:32:93:57:E3:71
X509v3 Authority Key Identifier:
keyid:6B:4B:3E:6A:7C:87:83:FC:8A:57:19:FB:D9:F3:7B:32:C8:C7:C5:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0s-anyHg_yKVxn72fN7MsjHxco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/BV_dIcP3PiR-50lmtWY1MpNX43E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/464194-53ad-4031-856b-4332c957a22f/1/a0s-anyHg_yKVxn72fN7MsjHxco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.124.190.0/23
194.147.68.0/23
IPv6:
2a0a:aec0::/29
Signature Algorithm: sha256WithRSAEncryption
2c:d5:f1:13:78:c0:7d:47:9b:de:13:4d:7c:a6:46:58:9f:c2:
f2:a3:df:2b:76:23:11:4e:1e:35:cf:24:b2:c4:5e:c5:57:90:
c8:b7:d8:f8:fb:8c:af:c0:aa:58:cf:63:74:da:c6:e4:ce:aa:
17:38:8b:e3:e0:c2:93:68:a5:2d:08:6f:e9:b6:db:db:24:eb:
6a:25:3d:9e:5e:44:89:64:41:1f:52:6f:23:a4:cf:bd:b3:fa:
b1:86:45:83:ef:38:43:9b:84:fa:59:04:7c:8b:8a:dc:af:de:
db:41:ef:6a:b7:94:55:57:fb:43:91:5f:5c:c0:b7:c3:4c:74:
e0:23:63:09:3d:fa:f4:d7:d5:bd:f4:46:31:1e:c5:66:f5:43:
dd:6e:08:1a:d4:82:9b:14:f4:68:4c:f6:b7:84:75:be:39:36:
94:96:52:35:bc:03:77:b3:ee:29:19:17:72:fd:3f:f0:22:f3:
c1:fd:e6:c0:e3:01:e4:c7:cf:57:6f:0f:3f:82:43:5b:19:31:
cd:37:e6:83:26:36:5b:ae:5c:05:6b:19:ed:86:dc:f8:8c:2d:
96:d0:32:e0:75:e5:f0:71:a2:ef:01:32:f5:78:82:2a:42:65:
5a:eb:c4:ba:18:57:8b:e0:35:6d:f9:84:be:fb:fc:f9:42:30:
f8:e9:bb:42
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJvGZO6NAxUYSHQviTVs31MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNGIzZTZhN2M4NzgzZmM4YTU3MTlmYmQ5ZjM3YjMyYzhj
N2M1Y2EwHhcNMjQwMTAyMTAzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTVmZGQyMWMzZjczZTI0N2VlNzQ5NjZiNTY2MzUzMjkzNTdlMzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutvxm9FloL+5XX+rK2KnfOOu+Ubw
hDpSr5acuDzAZ47Tznkr8+ocnNoA/UjHqqsEf/ugHx7Ro27FDw65Rl/jdz9Euk3j
GRPPDVfaosH03G0fCLPWboP5IF820AHNIm2+EZCH0dMVSwyW9cebX0DLhBqoJUUa
Tg9otBQyL/9wC9+KptnUE5bqqcrk/1P/Gq2UaG30M7FIvA/XW/htby8hnF+/YfVP
6t8fRa3HexufZD3aDdBCdWH50S+ZVrlfaa3L6ECCq6ivBap/T7fqWbw0k2P6gwGS
Lp2N8Ik0oCfR3rrgL5k2uy6Fb1/pMFBZD6X3UVhsAoGkGO5F2W7bxKDW8wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAVf3SHD9z4kfudJZrVmNTKTV+NxMB8GA1UdIwQY
MBaAFGtLPmp8h4P8ilcZ+9nzezLIx8XKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTBzLWFueUhnX3lLVnhuNzJmTjdNc2pIeGNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NjQxOTQtNTNhZC00MDMxLTg1NmIt
NDMzMmM5NTdhMjJmLzEvQlZfZEljUDNQaVItNTBsbXRXWTFNcE5YNDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NjQxOTQtNTNhZC00MDMxLTg1NmItNDMzMmM5NTdhMjJm
LzEvYTBzLWFueUhnX3lLVnhuNzJmTjdNc2pIeGNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQBwny+AwQB
wpNEMA0EAgACMAcDBQMqCq7AMA0GCSqGSIb3DQEBCwUAA4IBAQAs1fETeMB9R5ve
E018pkZYn8Lyo98rdiMRTh41zySyxF7FV5DIt9j4+4yvwKpYz2N02sbkzqoXOIvj
4MKTaKUtCG/pttvbJOtqJT2eXkSJZEEfUm8jpM+9s/qxhkWD7zhDm4T6WQR8i4rc
r97bQe9qt5RVV/tDkV9cwLfDTHTgI2MJPfr019W99EYxHsVm9UPdbgga1IKbFPRo
TPa3hHW+OTaUllI1vAN3s+4pGRdy/T/wIvPB/ebA4wHkx89Xbw8/gkNbGTHNN+aD
JjZbrlwFaxnthtz4jC2W0DLgdeXwcaLvATL1eIIqQmVa68S6GFeL4DVt+YS++/z5
QjD46btC
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:22:17 2024 by rpki-client on console-fra.rpki-client.org