Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8d53d0-ef20-4d22-ac47-7791752a9c6e/1/bPLFD2TiQjZpBe2a58r9Q8wSj20.roa
File: bPLFD2TiQjZpBe2a58r9Q8wSj20.roa (raw, json)
Hash identifier: zdepWLhDQBTVGXZPy52L0+xqt8i2lFTPj84GmXfWW4I=
Subject key identifier: 6C:F2:C5:0F:64:E2:42:36:69:05:ED:9A:E7:CA:FD:43:CC:12:8F:6D
Certificate issuer: /CN=6a0846bdbb08055acbd6ab59d9560981e046ee6f
Certificate serial: 018CC649D98FADA104D9E05B948464418B87
Authority key identifier: 6A:08:46:BD:BB:08:05:5A:CB:D6:AB:59:D9:56:09:81:E0:46:EE:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aghGvbsIBVrL1qtZ2VYJgeBG7m8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/8d53d0-ef20-4d22-ac47-7791752a9c6e/1/bPLFD2TiQjZpBe2a58r9Q8wSj20.roa
Signing time: Mon 01 Jan 2024 18:29:37 +0000
ROA not before: Mon 01 Jan 2024 18:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2108
IP address blocks: 82.132.0.0/17 maxlen: 17
161.53.0.0/16 maxlen: 16
31.147.0.0/16 maxlen: 16
193.198.0.0/16 maxlen: 16
2001:b68::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/8d53d0-ef20-4d22-ac47-7791752a9c6e/1/aghGvbsIBVrL1qtZ2VYJgeBG7m8.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/8d53d0-ef20-4d22-ac47-7791752a9c6e/1/aghGvbsIBVrL1qtZ2VYJgeBG7m8.mft
rsync://rpki.ripe.net/repository/DEFAULT/aghGvbsIBVrL1qtZ2VYJgeBG7m8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:d9:8f:ad:a1:04:d9:e0:5b:94:84:64:41:8b:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a0846bdbb08055acbd6ab59d9560981e046ee6f
Validity
Not Before: Jan 1 18:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cf2c50f64e242366905ed9ae7cafd43cc128f6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e5:91:85:12:23:26:08:06:d7:f0:2c:d8:75:
c0:eb:d8:d1:0a:23:21:08:ad:d4:a8:fe:cd:2d:d9:
ab:c3:eb:3a:0c:ea:86:fa:22:97:6a:01:a0:62:e8:
1c:c5:2d:8a:59:0d:f5:64:e7:c8:8a:7b:a0:bd:27:
a6:19:73:33:79:87:77:6c:79:58:06:26:ef:89:c0:
f7:6f:b2:00:c7:3f:1e:57:e1:90:35:fe:17:43:a4:
39:d3:ef:6b:d2:5a:78:13:de:4d:6a:16:72:e9:d6:
e3:6b:5f:af:cf:a1:ea:d7:19:fe:dd:e4:65:af:c6:
02:13:89:16:6f:08:48:77:04:20:71:f1:64:ad:50:
ba:d6:f6:9f:ff:db:13:52:9e:4f:1c:4b:c2:29:29:
ae:5a:ed:1f:6c:bb:28:f7:2c:57:e8:c5:22:5a:fe:
21:d3:e1:a2:64:01:2a:90:bc:9b:25:c5:bd:68:c1:
96:56:b1:64:0b:08:b2:ed:9b:98:1e:1e:c5:b4:ff:
00:12:b2:14:b6:35:cc:8d:d6:b8:5e:42:8c:c9:bb:
02:82:e8:c6:c5:9b:35:06:d7:2d:ee:09:88:ca:a8:
6b:f1:60:fe:76:2f:a7:ce:d5:c1:4b:02:a5:99:f8:
97:fc:b1:b2:54:68:14:ba:20:7e:57:ae:b4:35:fe:
12:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:F2:C5:0F:64:E2:42:36:69:05:ED:9A:E7:CA:FD:43:CC:12:8F:6D
X509v3 Authority Key Identifier:
keyid:6A:08:46:BD:BB:08:05:5A:CB:D6:AB:59:D9:56:09:81:E0:46:EE:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aghGvbsIBVrL1qtZ2VYJgeBG7m8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8d53d0-ef20-4d22-ac47-7791752a9c6e/1/bPLFD2TiQjZpBe2a58r9Q8wSj20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8d53d0-ef20-4d22-ac47-7791752a9c6e/1/aghGvbsIBVrL1qtZ2VYJgeBG7m8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.147.0.0/16
82.132.0.0/17
161.53.0.0/16
193.198.0.0/16
IPv6:
2001:b68::/32
Signature Algorithm: sha256WithRSAEncryption
1f:47:89:cc:e2:af:5d:2e:f5:cb:f4:a8:58:dd:13:e6:24:77:
b9:99:ec:66:c0:8b:5a:aa:82:03:f8:a1:54:a3:5d:95:87:1c:
ff:53:2a:bd:26:ad:89:9c:e4:44:12:4e:00:6a:80:9a:c8:e4:
ec:4f:e0:f5:0b:8b:2b:f2:e9:61:ce:eb:25:e8:0a:3c:da:36:
c9:70:e7:17:b1:a9:8b:8c:8f:db:8f:a7:e1:b2:1e:c5:c7:aa:
ec:7a:9c:08:24:6a:7f:ef:e4:79:60:01:e5:49:37:21:be:40:
48:aa:59:63:e3:30:31:e9:19:d5:3a:f8:db:62:fb:67:3c:3d:
67:ad:7a:9a:d6:35:2a:12:36:ad:43:56:6f:11:44:e7:72:63:
6d:6d:d7:43:5a:cd:4f:9d:35:85:50:8b:d8:d8:79:f8:86:e2:
d6:68:97:03:32:16:e7:ca:fc:f1:54:c9:2b:11:37:d9:e6:5e:
08:1d:4e:3c:64:0b:ec:dd:17:28:95:db:a8:b5:74:5e:33:d8:
c1:ce:e4:01:2a:ac:1c:af:e4:d7:8e:7f:a0:d8:f8:0f:9b:b3:
22:14:d0:92:b4:2a:7e:f8:a0:31:bc:34:c2:3a:8f:6d:92:20:
64:82:a4:7f:79:84:f4:bb:68:22:b3:05:b7:c5:ff:07:cd:60:
2f:ac:12:d5
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzGSdmPraEE2eBblIRkQYuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMDg0NmJkYmIwODA1NWFjYmQ2YWI1OWQ5NTYwOTgxZTA0
NmVlNmYwHhcNMjQwMTAxMTgyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2YyYzUwZjY0ZTI0MjM2NjkwNWVkOWFlN2NhZmQ0M2NjMTI4ZjZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguWRhRIjJggG1/As2HXA69jRCiMh
CK3UqP7NLdmrw+s6DOqG+iKXagGgYugcxS2KWQ31ZOfIinugvSemGXMzeYd3bHlY
BibvicD3b7IAxz8eV+GQNf4XQ6Q50+9r0lp4E95NahZy6dbja1+vz6Hq1xn+3eRl
r8YCE4kWbwhIdwQgcfFkrVC61vaf/9sTUp5PHEvCKSmuWu0fbLso9yxX6MUiWv4h
0+GiZAEqkLybJcW9aMGWVrFkCwiy7ZuYHh7FtP8AErIUtjXMjda4XkKMybsCgujG
xZs1Btct7gmIyqhr8WD+di+nztXBSwKlmfiX/LGyVGgUuiB+V660Nf4SQQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGzyxQ9k4kI2aQXtmufK/UPMEo9tMB8GA1UdIwQY
MBaAFGoIRr27CAVay9arWdlWCYHgRu5vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWdoR3Zic0lCVnJMMXF0WjJWWUpnZUJHN204LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84ZDUzZDAtZWYyMC00ZDIyLWFjNDct
Nzc5MTc1MmE5YzZlLzEvYlBMRkQyVGlRalpwQmUyYTU4cjlROHdTajIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84ZDUzZDAtZWYyMC00ZDIyLWFjNDctNzc5MTc1MmE5YzZl
LzEvYWdoR3Zic0lCVnJMMXF0WjJWWUpnZUJHN204LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAbBAIAATAVAwMAH5MDBAdS
hAADAwChNQMDAMHGMA0EAgACMAcDBQAgAQtoMA0GCSqGSIb3DQEBCwUAA4IBAQAf
R4nM4q9dLvXL9KhY3RPmJHe5mexmwItaqoID+KFUo12Vhxz/Uyq9Jq2JnOREEk4A
aoCayOTsT+D1C4sr8ulhzusl6Ao82jbJcOcXsamLjI/bj6fhsh7Fx6rsepwIJGp/
7+R5YAHlSTchvkBIqllj4zAx6RnVOvjbYvtnPD1nrXqa1jUqEjatQ1ZvEUTncmNt
bddDWs1PnTWFUIvY2Hn4huLWaJcDMhbnyvzxVMkrETfZ5l4IHU48ZAvs3Rcolduo
tXReM9jBzuQBKqwcr+TXjn+g2PgPm7MiFNCStCp++KAxvDTCOo9tkiBkgqR/eYT0
u2giswW3xf8HzWAvrBLV
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:40:16 2024 by rpki-client on console-fra.rpki-client.org