Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/BgbPc-EKt-YNkVit1g_N0KZ0UNQ.roa
File: BgbPc-EKt-YNkVit1g_N0KZ0UNQ.roa (raw, json)
Hash identifier: pK93oIvu+LY220BpS2TbRn89Sky1WF5kMybQDnkqTdQ=
Subject key identifier: 06:06:CF:73:E1:0A:B7:E6:0D:91:58:AD:D6:0F:CD:D0:A6:74:50:D4
Certificate issuer: /CN=c613276cbca6793c33457a9bf22fc10b382301f4
Certificate serial: 018CC86F0CF9D8F413689EC5B09FC8AD2F6C
Authority key identifier: C6:13:27:6C:BC:A6:79:3C:33:45:7A:9B:F2:2F:C1:0B:38:23:01:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/BgbPc-EKt-YNkVit1g_N0KZ0UNQ.roa
Signing time: Tue 02 Jan 2024 04:29:30 +0000
ROA not before: Tue 02 Jan 2024 04:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208844
IP address blocks: 45.82.128.0/24 maxlen: 24
2a13:fe40::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:0c:f9:d8:f4:13:68:9e:c5:b0:9f:c8:ad:2f:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c613276cbca6793c33457a9bf22fc10b382301f4
Validity
Not Before: Jan 2 04:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0606cf73e10ab7e60d9158add60fcdd0a67450d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a6:4e:cc:16:d5:f6:df:7b:ed:11:7d:27:19:
8b:75:4c:d7:0f:fe:9d:a8:98:c6:0d:12:e8:c6:cd:
78:9e:74:2c:52:eb:85:d1:97:cf:cb:ac:2f:86:0f:
5f:a3:e4:d7:4b:5b:9f:f3:b1:57:23:4c:b5:6f:73:
f8:10:0e:4f:b1:c5:38:fd:e3:e4:f4:ef:1e:c3:77:
13:03:45:1f:72:cc:3e:5a:99:79:53:3b:31:f8:d7:
fe:82:f3:04:55:5f:39:85:50:2c:95:4c:b4:75:33:
50:1b:a1:2e:08:65:e1:be:ee:69:d3:21:4e:93:55:
a8:02:67:da:57:c2:55:8a:9b:6c:c2:10:e9:ad:89:
4a:b4:12:66:d6:b4:ac:38:6e:b0:c2:13:af:54:c8:
16:8b:95:70:97:f8:3e:9b:0f:a7:b5:88:df:4e:c6:
15:46:5a:d2:95:59:42:cf:7b:16:17:87:57:a1:11:
3e:c0:ce:81:3c:28:40:ab:0d:64:7e:8a:52:56:d3:
c4:4c:36:b1:c4:0f:96:76:e7:1d:4c:c1:77:2c:4b:
f6:00:b2:fc:0e:65:f5:a4:14:98:da:35:c5:90:84:
91:0d:f7:6d:f1:30:8e:0c:b5:da:a9:92:1a:53:cc:
17:41:a6:73:13:22:d8:69:c2:7d:95:bc:7f:5a:bd:
04:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:06:CF:73:E1:0A:B7:E6:0D:91:58:AD:D6:0F:CD:D0:A6:74:50:D4
X509v3 Authority Key Identifier:
keyid:C6:13:27:6C:BC:A6:79:3C:33:45:7A:9B:F2:2F:C1:0B:38:23:01:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhMnbLymeTwzRXqb8i_BCzgjAfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/BgbPc-EKt-YNkVit1g_N0KZ0UNQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/2818b6-1c13-4724-be92-8cd438b5f260/1/xhMnbLymeTwzRXqb8i_BCzgjAfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.128.0/24
IPv6:
2a13:fe40::/33
Signature Algorithm: sha256WithRSAEncryption
c4:bc:03:9c:1c:55:44:4d:e9:2e:81:36:d2:cf:4a:91:d3:20:
c0:d5:73:21:fc:4f:b6:cc:8c:a6:54:d7:6e:b6:a0:3f:83:df:
0b:97:3e:30:f9:23:ab:42:c6:6a:77:0b:30:f5:4d:fe:a5:33:
f6:fc:fe:44:6c:4d:af:40:64:01:e2:0d:36:de:08:5a:37:37:
ea:59:ba:ff:cf:ec:57:04:a0:68:d7:97:1f:c0:ad:30:67:7b:
01:75:bc:a2:5a:0b:f5:b5:ec:74:80:13:bf:54:e9:bd:0d:6f:
10:4c:4f:8c:b1:b5:44:ba:a5:e3:4e:18:4c:ac:8a:5f:54:e8:
d5:28:e0:94:a8:f1:4d:47:14:cd:f6:4a:43:aa:16:82:14:af:
f9:ff:83:6f:c0:80:97:b1:d6:5d:b0:fe:21:d4:1d:fb:67:fa:
83:9d:bc:1e:05:95:2c:79:09:5e:12:4e:be:bb:21:ba:39:79:
17:49:25:6e:39:6d:0a:e2:8b:d9:e8:19:63:5d:90:62:6a:e5:
ad:28:74:d1:a8:4e:1f:32:a2:8f:1e:3b:e7:7b:99:fc:9c:67:
19:27:e7:6e:b3:66:03:d5:e3:69:db:c1:77:51:bb:23:a6:06:
db:c6:b4:32:9d:ad:af:98:3a:d1:bf:0e:03:0a:b8:19:b0:63:
36:1d:3b:e4
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzIbwz52PQTaJ7FsJ/IrS9sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTMyNzZjYmNhNjc5M2MzMzQ1N2E5YmYyMmZjMTBiMzgy
MzAxZjQwHhcNMjQwMTAyMDQyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjA2Y2Y3M2UxMGFiN2U2MGQ5MTU4YWRkNjBmY2RkMGE2NzQ1MGQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KZOzBbV9t977RF9JxmLdUzXD/6d
qJjGDRLoxs14nnQsUuuF0ZfPy6wvhg9fo+TXS1uf87FXI0y1b3P4EA5PscU4/ePk
9O8ew3cTA0Ufcsw+Wpl5Uzsx+Nf+gvMEVV85hVAslUy0dTNQG6EuCGXhvu5p0yFO
k1WoAmfaV8JViptswhDprYlKtBJm1rSsOG6wwhOvVMgWi5Vwl/g+mw+ntYjfTsYV
RlrSlVlCz3sWF4dXoRE+wM6BPChAqw1kfopSVtPETDaxxA+WducdTMF3LEv2ALL8
DmX1pBSY2jXFkISRDfdt8TCODLXaqZIaU8wXQaZzEyLYacJ9lbx/Wr0EJwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFAYGz3PhCrfmDZFYrdYPzdCmdFDUMB8GA1UdIwQY
MBaAFMYTJ2y8pnk8M0V6m/IvwQs4IwH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC8yODE4YjYtMWMxMy00NzI0LWJlOTIt
OGNkNDM4YjVmMjYwLzEvQmdiUGMtRUt0LVlOa1ZpdDFnX04wS1owVU5RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC8yODE4YjYtMWMxMy00NzI0LWJlOTItOGNkNDM4YjVmMjYw
LzEveGhNbmJMeW1lVHd6UlhxYjhpX0JDemdqQWZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQALVKAMA4E
AgACMAgDBgcqE/5AADANBgkqhkiG9w0BAQsFAAOCAQEAxLwDnBxVRE3pLoE20s9K
kdMgwNVzIfxPtsyMplTXbragP4PfC5c+MPkjq0LGancLMPVN/qUz9vz+RGxNr0Bk
AeINNt4IWjc36lm6/8/sVwSgaNeXH8CtMGd7AXW8oloL9bXsdIATv1TpvQ1vEExP
jLG1RLql404YTKyKX1To1SjglKjxTUcUzfZKQ6oWghSv+f+Db8CAl7HWXbD+IdQd
+2f6g528HgWVLHkJXhJOvrshujl5F0klbjltCuKL2egZY12QYmrlrSh00ahOHzKi
jx4753uZ/JxnGSfnbrNmA9XjadvBd1G7I6YG28a0Mp2tr5g60b8OAwq4GbBjNh07
5A==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:17:02 2024 by rpki-client on console-ams.rpki-client.org