Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/bzckin69qzdPH52CZp-A9oK7B3M.roa
File: bzckin69qzdPH52CZp-A9oK7B3M.roa (raw, json)
Hash identifier: dlNYmMuFaGXCWPB56IoMF/5sKg5CmDSKXHt+p4Ekymo=
Subject key identifier: 6F:37:24:8A:7E:BD:AB:37:4F:1F:9D:82:66:9F:80:F6:82:BB:07:73
Certificate issuer: /CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Certificate serial: 018CC794CF2A2FCE7B4056DCF25A3EDC45F4
Authority key identifier: A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/bzckin69qzdPH52CZp-A9oK7B3M.roa
Signing time: Tue 02 Jan 2024 00:31:07 +0000
ROA not before: Tue 02 Jan 2024 00:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64105
IP address blocks: 2a02:9b0:25::/48 maxlen: 48
2a02:9b0:60::/48 maxlen: 48
2a02:9b0:20::/48 maxlen: 48
2a02:9b0:5e::/48 maxlen: 48
2a02:9b0:1e::/48 maxlen: 48
2a02:9b0:24::/48 maxlen: 48
2a02:9b0:1f::/48 maxlen: 48
2a02:9b0:5f::/48 maxlen: 48
2a02:9b0:22::/48 maxlen: 48
2a02:9b0:5d::/48 maxlen: 48
2a02:9b0:23::/48 maxlen: 48
2a02:9b0:26::/48 maxlen: 48
2a02:9b0:21::/48 maxlen: 48
2a02:9b0:61::/48 maxlen: 48
2a02:9b0:5c::/48 maxlen: 48
2a02:9b0:27::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.mft
rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:25:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:cf:2a:2f:ce:7b:40:56:dc:f2:5a:3e:dc:45:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a63bcc6d25f7476fbb3ec33f6dbc3e9eead92212
Validity
Not Before: Jan 2 00:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f37248a7ebdab374f1f9d82669f80f682bb0773
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d7:db:0f:3e:67:a2:fd:43:e3:57:6a:b8:fb:
1a:41:4e:12:36:8b:01:be:63:7f:40:1c:91:25:34:
a0:9b:e9:00:de:cd:13:34:d9:c7:61:70:42:ec:f7:
70:03:c4:34:7e:c8:3a:b1:55:ec:f7:2f:b6:66:4a:
2d:ae:61:90:84:a8:be:ae:c0:3f:5f:b4:33:5e:2c:
d8:04:26:38:54:b7:20:7f:e4:9b:7a:1a:18:19:0f:
3b:dc:31:ed:8e:41:53:cd:0b:7f:f2:76:17:9d:44:
6b:93:00:b3:ae:5f:43:a3:c7:9a:c6:ac:a0:12:27:
de:f5:3a:4a:0e:39:72:9a:3f:86:60:05:1c:c9:b5:
36:bf:8c:cf:42:76:67:7a:e7:f4:8f:9f:15:8c:e1:
d2:59:9d:68:9e:fd:0c:d9:54:f0:48:dc:d4:eb:32:
2c:aa:4f:53:ef:ff:69:25:59:87:15:f1:ad:53:f3:
49:6f:b2:ac:8f:c2:2f:23:18:e3:7f:77:ac:b1:14:
c3:5c:00:32:dc:d9:b4:a9:58:0a:d5:1b:9a:41:ad:
64:ee:3b:fb:69:19:27:39:04:1a:08:2f:11:a7:aa:
93:4a:96:b1:39:bc:4a:58:e8:26:2c:a6:aa:26:dc:
9a:9f:f1:3a:b2:a4:3c:14:5d:d5:ef:c4:9b:50:b3:
7e:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:37:24:8A:7E:BD:AB:37:4F:1F:9D:82:66:9F:80:F6:82:BB:07:73
X509v3 Authority Key Identifier:
keyid:A6:3B:CC:6D:25:F7:47:6F:BB:3E:C3:3F:6D:BC:3E:9E:EA:D9:22:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pjvMbSX3R2-7PsM_bbw-nurZIhI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/bzckin69qzdPH52CZp-A9oK7B3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/768fdb-d1b5-4bef-bcbd-4924fa000b7c/1/pjvMbSX3R2-7PsM_bbw-nurZIhI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a02:9b0:1e::-2a02:9b0:27:ffff:ffff:ffff:ffff:ffff
2a02:9b0:5c::-2a02:9b0:61:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
01:18:81:d2:c2:15:16:ed:38:0f:1a:97:7b:8e:82:29:5b:29:
07:9e:8e:7d:86:cc:70:13:de:dc:94:75:a4:03:48:c4:44:cd:
af:b5:21:20:ac:f0:3a:cc:0a:55:fb:e1:5c:c7:ba:5d:c6:d4:
a3:94:2b:df:a9:c9:a3:dd:50:44:66:5c:7f:b1:29:16:9c:7a:
0e:53:93:65:d6:08:e9:a9:2a:22:64:6f:e8:2e:d8:e1:70:06:
b9:ed:9b:a5:1f:06:29:a0:e3:33:7d:d0:bb:e5:29:92:15:67:
e7:70:ce:32:06:ae:be:cb:c1:f5:c1:cc:08:c5:9c:13:be:3c:
89:f5:9b:db:89:ae:4b:ff:dd:5e:3d:97:46:b1:fc:b8:dd:54:
0b:aa:ff:cc:3e:0b:15:ad:04:fa:7e:7a:9f:e7:bb:3b:3e:d8:
67:45:e4:75:bd:98:a5:5d:2d:41:7d:c2:17:28:e3:8d:c5:fc:
aa:08:e2:f9:f6:41:a6:00:2e:ea:5b:a8:d7:8a:33:05:28:35:
1a:73:15:7a:63:54:55:29:cb:5d:73:0b:4c:bf:3f:e2:aa:5e:
3c:23:d0:a5:54:ed:38:9e:19:c8:62:d9:f3:25:df:2c:1b:de:
7d:b3:c2:e0:d9:fd:61:e4:2b:e6:ef:fc:74:c4:e1:37:94:92:
bb:c3:1f:71
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzHlM8qL857QFbc8lo+3EX0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2M2JjYzZkMjVmNzQ3NmZiYjNlYzMzZjZkYmMzZTllZWFk
OTIyMTIwHhcNMjQwMTAyMDAzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjM3MjQ4YTdlYmRhYjM3NGYxZjlkODI2NjlmODBmNjgyYmIwNzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNfbDz5nov1D41dquPsaQU4SNosB
vmN/QByRJTSgm+kA3s0TNNnHYXBC7PdwA8Q0fsg6sVXs9y+2ZkotrmGQhKi+rsA/
X7QzXizYBCY4VLcgf+SbehoYGQ873DHtjkFTzQt/8nYXnURrkwCzrl9Do8eaxqyg
Eife9TpKDjlymj+GYAUcybU2v4zPQnZneuf0j58VjOHSWZ1onv0M2VTwSNzU6zIs
qk9T7/9pJVmHFfGtU/NJb7Ksj8IvIxjjf3essRTDXAAy3Nm0qVgK1RuaQa1k7jv7
aRknOQQaCC8Rp6qTSpaxObxKWOgmLKaqJtyan/E6sqQ8FF3V78SbULN+6QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFG83JIp+vas3Tx+dgmafgPaCuwdzMB8GA1UdIwQY
MBaAFKY7zG0l90dvuz7DP228Pp7q2SISMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQt
NDkyNGZhMDAwYjdjLzEvYnpja2luNjlxemRQSDUyQ1pwLUE5b0s3QjNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS83NjhmZGItZDFiNS00YmVmLWJjYmQtNDkyNGZhMDAwYjdj
LzEvcGp2TWJTWDNSMi03UHNNX2Jidy1udXJaSWhJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAAjAoMBIDBwEqAgmw
AB4DBwMqAgmwACAwEgMHAioCCbAAXAMHASoCCbAAYDANBgkqhkiG9w0BAQsFAAOC
AQEAARiB0sIVFu04DxqXe46CKVspB56OfYbMcBPe3JR1pANIxETNr7UhIKzwOswK
VfvhXMe6XcbUo5Qr36nJo91QRGZcf7EpFpx6DlOTZdYI6akqImRv6C7Y4XAGue2b
pR8GKaDjM33Qu+UpkhVn53DOMgauvsvB9cHMCMWcE748ifWb24muS//dXj2XRrH8
uN1UC6r/zD4LFa0E+n56n+e7Oz7YZ0Xkdb2YpV0tQX3CFyjjjcX8qgji+fZBpgAu
6luo14ozBSg1GnMVemNUVSnLXXMLTL8/4qpePCPQpVTtOJ4ZyGLZ8yXfLBvefbPC
4Nn9YeQr5u/8dMThN5SSu8MfcQ==
-----END CERTIFICATE-----
Generated at Thu May 2 15:16:37 2024 by rpki-client on console-ams.rpki-client.org