Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/b906c9-2b3d-437c-a3cd-5d92cef23c5a/1/Bojh71W17hKzDnIHuFcmVFn3N1U.roa
File: Bojh71W17hKzDnIHuFcmVFn3N1U.roa (raw, json)
Hash identifier: CsgyTyNzCzERmbz5DF7y0Npqn3NJ7OFAvDDQTZ89uXw=
Subject key identifier: 06:88:E1:EF:55:B5:EE:12:B3:0E:72:07:B8:57:26:54:59:F7:37:55
Certificate issuer: /CN=6f80964407c5daa44088acfe95e6488b800fade5
Certificate serial: 018CC94D8EBF7A2A32EE9BCDE356E62F94E9
Authority key identifier: 6F:80:96:44:07:C5:DA:A4:40:88:AC:FE:95:E6:48:8B:80:0F:AD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4CWRAfF2qRAiKz-leZIi4APreU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/b906c9-2b3d-437c-a3cd-5d92cef23c5a/1/Bojh71W17hKzDnIHuFcmVFn3N1U.roa
Signing time: Tue 02 Jan 2024 08:32:32 +0000
ROA not before: Tue 02 Jan 2024 08:32:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8245
IP address blocks: 185.202.192.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/b906c9-2b3d-437c-a3cd-5d92cef23c5a/1/b4CWRAfF2qRAiKz-leZIi4APreU.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/b906c9-2b3d-437c-a3cd-5d92cef23c5a/1/b4CWRAfF2qRAiKz-leZIi4APreU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4CWRAfF2qRAiKz-leZIi4APreU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 20:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:8e:bf:7a:2a:32:ee:9b:cd:e3:56:e6:2f:94:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f80964407c5daa44088acfe95e6488b800fade5
Validity
Not Before: Jan 2 08:32:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0688e1ef55b5ee12b30e7207b857265459f73755
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:65:94:3d:21:68:a0:e8:b6:4e:bb:e5:57:3a:
8a:9d:33:7a:9a:f2:8c:64:a7:76:e6:30:3a:d6:6d:
4c:0f:92:73:02:d2:1d:06:05:c0:ec:0a:3b:18:fa:
ef:0e:6c:15:88:88:f9:de:85:2d:16:b8:35:0b:76:
c5:e3:e7:28:6c:d3:d5:4b:37:84:f3:ab:b6:00:79:
8e:59:08:b1:23:53:b4:8e:3e:65:32:ce:37:6c:1c:
52:f1:78:c0:54:0a:78:8a:75:d9:3f:8c:7a:54:c6:
ad:21:6d:5c:af:a7:d1:a8:be:75:b3:cf:9e:ca:20:
7b:5f:ef:19:cf:41:5d:6a:33:29:e8:32:72:e4:01:
00:5e:74:17:0b:17:8e:bf:ef:bf:37:47:9a:77:8a:
5f:89:3a:65:5f:e7:d3:97:d7:92:1f:14:89:52:b8:
61:fe:73:76:a9:5d:69:84:6c:4e:da:68:bb:e1:8a:
49:c0:86:98:42:5d:31:4f:8c:b5:25:e2:ae:89:4e:
f1:3d:f8:fc:2b:18:2e:82:3a:82:66:0c:cd:67:bd:
ff:0d:22:75:ce:84:d1:30:6c:2a:f4:47:0e:57:f4:
77:0f:42:61:cd:d4:5d:06:66:ed:da:8b:5c:24:05:
4c:eb:13:c0:19:86:b6:33:5a:05:74:8c:83:e2:52:
83:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:88:E1:EF:55:B5:EE:12:B3:0E:72:07:B8:57:26:54:59:F7:37:55
X509v3 Authority Key Identifier:
keyid:6F:80:96:44:07:C5:DA:A4:40:88:AC:FE:95:E6:48:8B:80:0F:AD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4CWRAfF2qRAiKz-leZIi4APreU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b906c9-2b3d-437c-a3cd-5d92cef23c5a/1/Bojh71W17hKzDnIHuFcmVFn3N1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/b906c9-2b3d-437c-a3cd-5d92cef23c5a/1/b4CWRAfF2qRAiKz-leZIi4APreU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.192.0/22
Signature Algorithm: sha256WithRSAEncryption
09:6c:c6:1e:02:8c:02:b8:b1:f3:0e:b8:79:7b:8c:04:b7:bd:
2a:25:3f:01:d3:d6:0b:5f:0e:a9:50:cd:36:27:1f:a8:b8:86:
f8:99:38:d7:86:b2:4c:4f:c4:53:7d:a5:ae:46:28:9b:82:f3:
b0:bd:3a:06:af:20:64:3b:2d:f1:d9:c3:8a:33:f8:ee:5f:ee:
21:45:82:1c:46:f1:ca:c4:19:6e:24:c5:85:4d:23:e2:d9:57:
62:93:65:df:27:e7:6c:dd:75:01:52:65:9d:27:39:0d:8d:84:
3e:5b:c7:41:d6:31:6e:79:3e:55:f4:cb:89:9f:1f:c4:50:0f:
1b:9e:bc:4d:9d:f3:8d:73:f7:58:57:85:47:dc:55:b5:e8:17:
d4:c1:0e:34:4e:31:98:b4:4e:16:0b:74:79:31:4c:9c:c1:f9:
fb:1d:9c:a8:89:75:9a:83:a0:3c:09:0a:b2:52:ca:63:7e:1d:
49:a1:06:73:a8:4c:af:89:14:4e:fc:79:dc:e4:39:42:b0:88:
57:9f:79:b1:fc:43:71:46:11:f9:e7:a3:2a:7d:c8:d4:62:0c:
bd:55:b7:9f:9a:c3:76:49:8b:ce:0d:80:68:03:b0:c4:1a:ae:
f8:fe:3e:4b:4a:25:50:60:88:64:d0:9e:25:85:6b:51:f6:c0:
d6:40:6f:eb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTY6/eioy7pvN41bmL5TpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODA5NjQ0MDdjNWRhYTQ0MDg4YWNmZTk1ZTY0ODhiODAw
ZmFkZTUwHhcNMjQwMTAyMDgzMjMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjg4ZTFlZjU1YjVlZTEyYjMwZTcyMDdiODU3MjY1NDU5ZjczNzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg2WUPSFooOi2TrvlVzqKnTN6mvKM
ZKd25jA61m1MD5JzAtIdBgXA7Ao7GPrvDmwViIj53oUtFrg1C3bF4+cobNPVSzeE
86u2AHmOWQixI1O0jj5lMs43bBxS8XjAVAp4inXZP4x6VMatIW1cr6fRqL51s8+e
yiB7X+8Zz0FdajMp6DJy5AEAXnQXCxeOv++/N0ead4pfiTplX+fTl9eSHxSJUrhh
/nN2qV1phGxO2mi74YpJwIaYQl0xT4y1JeKuiU7xPfj8KxgugjqCZgzNZ73/DSJ1
zoTRMGwq9EcOV/R3D0JhzdRdBmbt2otcJAVM6xPAGYa2M1oFdIyD4lKDNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAaI4e9Vte4Ssw5yB7hXJlRZ9zdVMB8GA1UdIwQY
MBaAFG+AlkQHxdqkQIis/pXmSIuAD63lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRDV1JBZkYycVJBaUt6LWxlWklpNEFQcmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9iOTA2YzktMmIzZC00MzdjLWEzY2Qt
NWQ5MmNlZjIzYzVhLzEvQm9qaDcxVzE3aEt6RG5JSHVGY21WRm4zTjFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9iOTA2YzktMmIzZC00MzdjLWEzY2QtNWQ5MmNlZjIzYzVh
LzEvYjRDV1JBZkYycVJBaUt6LWxlWklpNEFQcmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucrAMA0G
CSqGSIb3DQEBCwUAA4IBAQAJbMYeAowCuLHzDrh5e4wEt70qJT8B09YLXw6pUM02
Jx+ouIb4mTjXhrJMT8RTfaWuRiibgvOwvToGryBkOy3x2cOKM/juX+4hRYIcRvHK
xBluJMWFTSPi2Vdik2XfJ+ds3XUBUmWdJzkNjYQ+W8dB1jFueT5V9MuJnx/EUA8b
nrxNnfONc/dYV4VH3FW16BfUwQ40TjGYtE4WC3R5MUycwfn7HZyoiXWag6A8CQqy
Uspjfh1JoQZzqEyviRRO/Hnc5DlCsIhXn3mx/ENxRhH556MqfcjUYgy9VbefmsN2
SYvODYBoA7DEGq74/j5LSiVQYIhk0J4lhWtR9sDWQG/r
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:10:37 2024 by rpki-client on console-ams.rpki-client.org