Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/23a2b2-69bb-4933-ae6f-8c9f2d705948/1/BfcfF2b1LL5M2AE__W3yCJVNAKA.roa
File: BfcfF2b1LL5M2AE__W3yCJVNAKA.roa (raw, json)
Hash identifier: +bgWpcxXbBLXQoTPRn9MMXKJT/S9VM5GWgJ62Kc9z/4=
Subject key identifier: 05:F7:1F:17:66:F5:2C:BE:4C:D8:01:3F:FD:6D:F2:08:95:4D:00:A0
Certificate issuer: /CN=58bb54987639ba0c6cfbcad598c3f5e39fca945c
Certificate serial: 019425218E14EE2983A14118DB9347EA19E3
Authority key identifier: 58:BB:54:98:76:39:BA:0C:6C:FB:CA:D5:98:C3:F5:E3:9F:CA:94:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WLtUmHY5ugxs-8rVmMP145_KlFw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/23a2b2-69bb-4933-ae6f-8c9f2d705948/1/BfcfF2b1LL5M2AE__W3yCJVNAKA.roa
Signing time: Thu 02 Jan 2025 03:49:03 +0000
ROA not before: Thu 02 Jan 2025 03:49:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59871
IP address blocks: 185.68.68.0/22 maxlen: 22
2a03:2a60:dc::/48 maxlen: 48
2a03:2a60:8000::/48 maxlen: 48
2a03:2a60:8001::/48 maxlen: 48
2a03:2a60:8100::/48 maxlen: 48
2a03:2a60:8101::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/23a2b2-69bb-4933-ae6f-8c9f2d705948/1/WLtUmHY5ugxs-8rVmMP145_KlFw.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/23a2b2-69bb-4933-ae6f-8c9f2d705948/1/WLtUmHY5ugxs-8rVmMP145_KlFw.mft
rsync://rpki.ripe.net/repository/DEFAULT/WLtUmHY5ugxs-8rVmMP145_KlFw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:8e:14:ee:29:83:a1:41:18:db:93:47:ea:19:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58bb54987639ba0c6cfbcad598c3f5e39fca945c
Validity
Not Before: Jan 2 03:49:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05f71f1766f52cbe4cd8013ffd6df208954d00a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ed:d9:12:17:c6:f6:ed:4f:35:8c:6e:86:f3:
2e:22:93:f0:3a:b2:f1:7a:47:e7:06:3e:a8:2a:c2:
9f:6a:29:c6:65:92:73:44:72:da:86:d7:12:c0:ff:
3f:74:cc:21:41:31:b4:67:ff:db:82:e2:f0:bc:cd:
40:1c:52:1e:c9:a3:27:29:47:bf:27:1f:2b:9d:48:
b7:21:7d:5a:1e:69:2b:cd:b6:8e:ae:67:2d:a1:12:
04:5c:a9:bb:b4:34:98:07:67:b4:74:11:e0:a0:a4:
b9:40:79:68:38:b5:0e:ef:0c:a9:bb:ea:b9:6f:60:
db:82:aa:9d:6b:39:08:62:19:a3:6f:05:f3:94:6a:
a5:c7:da:f8:d4:02:d1:ae:ea:f0:1c:94:16:16:9b:
cb:9a:6c:73:13:9e:f6:c0:aa:be:ee:d5:32:48:3a:
37:b2:ba:ae:70:fe:0b:77:18:09:0c:3c:ab:cf:89:
9c:4e:e0:3b:4c:0c:1e:64:56:89:38:a4:3c:e6:48:
3c:2b:ec:6a:aa:10:64:82:ef:ca:91:c2:bd:44:51:
fe:8c:08:d9:5e:dc:d2:3c:b5:ce:61:d6:56:c1:4b:
e5:70:45:02:9c:4e:a6:63:e1:e9:88:e5:8f:7d:6d:
7b:94:08:65:0e:43:78:89:4b:17:3b:26:85:fd:bd:
15:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F7:1F:17:66:F5:2C:BE:4C:D8:01:3F:FD:6D:F2:08:95:4D:00:A0
X509v3 Authority Key Identifier:
keyid:58:BB:54:98:76:39:BA:0C:6C:FB:CA:D5:98:C3:F5:E3:9F:CA:94:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WLtUmHY5ugxs-8rVmMP145_KlFw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/23a2b2-69bb-4933-ae6f-8c9f2d705948/1/BfcfF2b1LL5M2AE__W3yCJVNAKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/23a2b2-69bb-4933-ae6f-8c9f2d705948/1/WLtUmHY5ugxs-8rVmMP145_KlFw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.68.68.0/22
IPv6:
2a03:2a60:dc::/48
2a03:2a60:8000::/47
2a03:2a60:8100::/47
Signature Algorithm: sha256WithRSAEncryption
19:86:bb:40:9b:18:9b:22:8b:98:3c:8a:aa:ef:ec:41:44:5f:
6a:be:1f:f7:64:1c:f3:9b:69:be:fc:97:f6:e5:84:4e:00:8f:
c8:49:8e:33:73:23:45:31:dc:3a:79:f2:72:8f:68:69:12:ab:
87:ac:f9:c2:19:ad:a1:a1:8e:db:5c:e7:78:3d:f8:34:d4:93:
5e:8d:0f:47:f8:b8:cb:4d:fe:76:bc:e9:10:89:ed:58:77:27:
76:0c:1a:92:9d:3e:28:ff:f8:e1:fd:c7:fd:ca:ae:b7:1a:95:
71:4a:c5:83:72:65:65:53:5a:5a:eb:e0:a7:82:f2:c5:7f:c1:
97:93:4f:b9:e0:4b:11:65:ce:b3:74:c6:39:70:99:95:19:52:
f6:5b:4f:3c:c4:2b:cc:8b:45:ed:30:d9:ae:36:49:f7:f2:f7:
b6:97:05:89:99:cb:e5:69:0f:fe:1f:15:d6:bb:d4:00:e4:14:
2e:3a:f9:0e:89:af:0e:46:b7:eb:4e:8f:18:08:4d:b5:c9:a9:
83:30:91:6e:94:06:50:81:02:7d:72:1c:91:77:88:3b:14:a1:
0d:95:59:c3:69:8f:64:bc:fd:fc:56:4c:b8:69:77:08:cc:c4:
84:d0:da:c0:6a:fb:e3:59:77:34:b3:f4:a2:71:7c:30:96:8e:
1f:60:cb:38
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQlIY4U7imDoUEY25NH6hnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YmI1NDk4NzYzOWJhMGM2Y2ZiY2FkNTk4YzNmNWUzOWZj
YTk0NWMwHhcNMjUwMTAyMDM0OTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWY3MWYxNzY2ZjUyY2JlNGNkODAxM2ZmZDZkZjIwODk1NGQwMGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+3ZEhfG9u1PNYxuhvMuIpPwOrLx
ekfnBj6oKsKfainGZZJzRHLahtcSwP8/dMwhQTG0Z//bguLwvM1AHFIeyaMnKUe/
Jx8rnUi3IX1aHmkrzbaOrmctoRIEXKm7tDSYB2e0dBHgoKS5QHloOLUO7wypu+q5
b2DbgqqdazkIYhmjbwXzlGqlx9r41ALRrurwHJQWFpvLmmxzE572wKq+7tUySDo3
srqucP4LdxgJDDyrz4mcTuA7TAweZFaJOKQ85kg8K+xqqhBkgu/KkcK9RFH+jAjZ
XtzSPLXOYdZWwUvlcEUCnE6mY+HpiOWPfW17lAhlDkN4iUsXOyaF/b0V6wIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFAX3Hxdm9Sy+TNgBP/1t8giVTQCgMB8GA1UdIwQY
MBaAFFi7VJh2OboMbPvK1ZjD9eOfypRcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0x0VW1IWTV1Z3hzLThyVm1NUDE0NV9LbEZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8yM2EyYjItNjliYi00OTMzLWFlNmYt
OGM5ZjJkNzA1OTQ4LzEvQmZjZkYyYjFMTDVNMkFFX19XM3lDSlZOQUtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8yM2EyYjItNjliYi00OTMzLWFlNmYtOGM5ZjJkNzA1OTQ4
LzEvV0x0VW1IWTV1Z3hzLThyVm1NUDE0NV9LbEZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQCuUREMCEE
AgACMBsDBwAqAypgANwDBwEqAypggAADBwEqAypggQAwDQYJKoZIhvcNAQELBQAD
ggEBABmGu0CbGJsii5g8iqrv7EFEX2q+H/dkHPObab78l/blhE4Aj8hJjjNzI0Ux
3Dp58nKPaGkSq4es+cIZraGhjttc53g9+DTUk16ND0f4uMtN/na86RCJ7Vh3J3YM
GpKdPij/+OH9x/3KrrcalXFKxYNyZWVTWlrr4KeC8sV/wZeTT7ngSxFlzrN0xjlw
mZUZUvZbTzzEK8yLRe0w2a42Sffy97aXBYmZy+VpD/4fFda71ADkFC46+Q6Jrw5G
t+tOjxgITbXJqYMwkW6UBlCBAn1yHJF3iDsUoQ2VWcNpj2S8/fxWTLhpdwjMxITQ
2sBq++NZdzSz9KJxfDCWjh9gyzg=
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:08:28 2025 by rpki-client