Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/bchsf5nrj1Udv_J5JOU4AokJjK4.roa
File: bchsf5nrj1Udv_J5JOU4AokJjK4.roa (raw, json)
Hash identifier: 3jvr/yWfPRGWeT1eeF7boHSnP6Iu6hDM4ssqAdaQR64=
Subject key identifier: 6D:C8:6C:7F:99:EB:8F:55:1D:BF:F2:79:24:E5:38:02:89:09:8C:AE
Certificate issuer: /CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Certificate serial: 018CC9BCA0B229FE5B8718748177E112AB1C
Authority key identifier: FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/bchsf5nrj1Udv_J5JOU4AokJjK4.roa
Signing time: Tue 02 Jan 2024 10:33:51 +0000
ROA not before: Tue 02 Jan 2024 10:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 213.109.179.0/24 maxlen: 24
213.109.177.0/24 maxlen: 24
213.109.178.0/24 maxlen: 24
213.109.176.0/24 maxlen: 24
2a00:de61:300::/40 maxlen: 48
2a00:de61:200::/40 maxlen: 48
2a00:de61:100::/40 maxlen: 48
2a00:de61::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a0:b2:29:fe:5b:87:18:74:81:77:e1:12:ab:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa64a1f7ca40b58116e6bc838e062f9c712228a4
Validity
Not Before: Jan 2 10:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dc86c7f99eb8f551dbff27924e5380289098cae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0f:a6:8a:d0:9d:ff:55:29:62:f6:fc:23:b0:
0b:09:27:04:66:dc:8e:f0:69:b8:5a:cd:2b:9d:ae:
95:a6:aa:03:c6:3f:15:9c:8c:c3:39:43:90:68:a1:
da:f2:c5:37:6e:4e:e6:c1:34:e9:ea:98:a0:38:0d:
fa:9b:99:f2:4a:87:68:09:a0:71:ec:64:e8:eb:f8:
1a:52:d5:3a:5f:7d:83:c3:b6:3d:ab:0f:e7:92:06:
56:d6:23:fc:c8:f6:2f:ea:44:1d:47:79:20:ec:0c:
c7:26:d2:f4:bb:dc:4c:f4:df:08:8c:3b:13:66:8e:
02:5c:81:51:b3:71:dd:2f:1b:31:9b:64:3f:c8:dd:
d1:48:a9:bd:3e:37:fe:64:51:be:fc:3e:ff:8b:1b:
1c:ac:37:06:5a:f6:03:90:18:27:77:b5:57:36:4e:
f0:57:60:82:d8:c6:43:f9:58:c5:fb:21:1f:13:ca:
cd:9b:fa:b0:2f:6d:b2:d8:00:d9:dd:9a:20:ef:6e:
95:53:51:17:e1:d5:1c:e0:31:58:28:2e:6c:a4:fd:
4a:97:d8:f6:ab:a4:9e:d5:05:15:4d:fa:cd:91:58:
0b:cb:a5:50:c5:ba:7d:e5:d5:f9:43:0b:67:7e:c6:
66:e5:c0:3c:05:38:54:32:4a:dc:b8:18:12:a3:b4:
95:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C8:6C:7F:99:EB:8F:55:1D:BF:F2:79:24:E5:38:02:89:09:8C:AE
X509v3 Authority Key Identifier:
keyid:FA:64:A1:F7:CA:40:B5:81:16:E6:BC:83:8E:06:2F:9C:71:22:28:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/bchsf5nrj1Udv_J5JOU4AokJjK4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3f/ba27fb-2550-49ad-b0ef-5b83d0e96012/1/1-mSh98pAtYEW5ryDjgYvnHEiKKQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.109.176.0/22
IPv6:
2a00:de61::/38
Signature Algorithm: sha256WithRSAEncryption
c6:f3:5b:4a:7d:f0:a0:6e:9b:79:f3:20:06:25:d6:52:65:21:
61:73:af:95:7a:7d:a4:12:d1:4f:ee:17:e6:a3:3a:24:be:97:
d0:0e:2c:29:cb:9d:0f:73:e3:80:f0:12:92:64:23:be:64:90:
60:75:83:a7:e4:e0:2b:32:1c:af:08:d2:b6:25:97:e5:9e:c5:
67:f7:8b:c1:de:27:27:df:25:95:71:8c:45:b8:2a:aa:7d:8e:
18:d3:5a:ba:55:b5:e3:c1:52:a4:72:69:1f:fd:ce:ab:e7:59:
d3:4a:8d:80:bf:50:d6:1d:1b:40:4b:9d:80:75:8d:59:ef:4d:
dd:4f:75:4a:19:f2:1a:d6:5d:ce:8c:1a:c9:03:19:16:7b:29:
16:ca:bf:00:27:c9:74:16:a4:61:2f:8a:bd:78:23:2a:05:9a:
e4:88:47:67:ae:fd:f3:bd:06:b7:aa:ad:d1:7b:ea:51:cb:4c:
5e:48:1c:31:a0:cc:04:2a:63:6b:cb:72:c5:3b:2c:05:2c:f0:
63:1b:ba:3a:3c:10:92:75:0d:ad:3a:25:80:2e:99:fe:f1:45:
ed:46:b6:49:5c:14:9c:e7:f1:c6:4f:bf:6f:4e:44:68:fd:f0:
a1:67:16:7b:68:76:97:47:16:34:68:c3:6b:d7:3d:d1:82:97:
fa:52:3b:27
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJvKCyKf5bhxh0gXfhEqscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNjRhMWY3Y2E0MGI1ODExNmU2YmM4MzhlMDYyZjljNzEy
MjI4YTQwHhcNMjQwMTAyMTAzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGM4NmM3Zjk5ZWI4ZjU1MWRiZmYyNzkyNGU1MzgwMjg5MDk4Y2FlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsg+mitCd/1UpYvb8I7ALCScEZtyO
8Gm4Ws0rna6VpqoDxj8VnIzDOUOQaKHa8sU3bk7mwTTp6pigOA36m5nySodoCaBx
7GTo6/gaUtU6X32Dw7Y9qw/nkgZW1iP8yPYv6kQdR3kg7AzHJtL0u9xM9N8IjDsT
Zo4CXIFRs3HdLxsxm2Q/yN3RSKm9Pjf+ZFG+/D7/ixscrDcGWvYDkBgnd7VXNk7w
V2CC2MZD+VjF+yEfE8rNm/qwL22y2ADZ3Zog726VU1EX4dUc4DFYKC5spP1Kl9j2
q6Se1QUVTfrNkVgLy6VQxbp95dX5QwtnfsZm5cA8BThUMkrcuBgSo7SVuwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFG3IbH+Z649VHb/yeSTlOAKJCYyuMB8GA1UdIwQY
MBaAFPpkoffKQLWBFua8g44GL5xxIiikMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1tU2g5OHBBdFlFVzVyeURqZ1l2bkhFaUtLUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2YvYmEyN2ZiLTI1NTAtNDlhZC1iMGVm
LTViODNkMGU5NjAxMi8xL2JjaHNmNW5yajFVZHZfSjVKT1U0QW9rSmpLNC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2YvYmEyN2ZiLTI1NTAtNDlhZC1iMGVmLTViODNkMGU5NjAx
Mi8xLzEtbVNoOThwQXRZRVc1cnlEamdZdm5IRWlLS1EuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLwYIKwYBBQUHAQcBAf8EIDAeMAwEAgABMAYDBALVbbAw
DgQCAAIwCAMGAioA3mEAMA0GCSqGSIb3DQEBCwUAA4IBAQDG81tKffCgbpt58yAG
JdZSZSFhc6+Ven2kEtFP7hfmozokvpfQDiwpy50Pc+OA8BKSZCO+ZJBgdYOn5OAr
MhyvCNK2JZflnsVn94vB3icn3yWVcYxFuCqqfY4Y01q6VbXjwVKkcmkf/c6r51nT
So2Av1DWHRtAS52AdY1Z703dT3VKGfIa1l3OjBrJAxkWeykWyr8AJ8l0FqRhL4q9
eCMqBZrkiEdnrv3zvQa3qq3Re+pRy0xeSBwxoMwEKmNry3LFOywFLPBjG7o6PBCS
dQ2tOiWALpn+8UXtRrZJXBSc5/HGT79vTkRo/fChZxZ7aHaXRxY0aMNr1z3Rgpf6
Ujsn
-----END CERTIFICATE-----
Generated at Thu May 2 06:11:33 2024 by rpki-client on console-ams.rpki-client.org