Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/f153e7-07d9-4b81-aaed-cbec43fd92a1/1/Bx_CIIRTPASTWSI5EL_cFTRm7uk.roa
File: Bx_CIIRTPASTWSI5EL_cFTRm7uk.roa (raw, json)
Hash identifier: e5EthyQ8A+86Z1Aw1D0v4X1GBM7rjtmKNV0eJ1L3+Ns=
Subject key identifier: 07:1F:C2:20:84:53:3C:04:93:59:22:39:10:BF:DC:15:34:66:EE:E9
Certificate issuer: /CN=b1d802667980944df4da2ab4b08e9d34b20a8d11
Certificate serial: 018CC56E617ED5A7EFDD54F45BDBDFD927C2
Authority key identifier: B1:D8:02:66:79:80:94:4D:F4:DA:2A:B4:B0:8E:9D:34:B2:0A:8D:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sdgCZnmAlE302iq0sI6dNLIKjRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/f153e7-07d9-4b81-aaed-cbec43fd92a1/1/Bx_CIIRTPASTWSI5EL_cFTRm7uk.roa
Signing time: Mon 01 Jan 2024 14:29:54 +0000
ROA not before: Mon 01 Jan 2024 14:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207192
IP address blocks: 185.161.48.0/22 maxlen: 22
185.161.51.0/24 maxlen: 24
185.161.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/f153e7-07d9-4b81-aaed-cbec43fd92a1/1/sdgCZnmAlE302iq0sI6dNLIKjRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/f153e7-07d9-4b81-aaed-cbec43fd92a1/1/sdgCZnmAlE302iq0sI6dNLIKjRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sdgCZnmAlE302iq0sI6dNLIKjRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:61:7e:d5:a7:ef:dd:54:f4:5b:db:df:d9:27:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1d802667980944df4da2ab4b08e9d34b20a8d11
Validity
Not Before: Jan 1 14:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=071fc22084533c049359223910bfdc153466eee9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:23:3d:6c:b3:39:62:1e:f1:49:fa:a2:c9:49:
ec:83:02:89:dc:6c:b2:84:dd:c5:68:31:2a:75:8a:
9f:ce:73:61:c7:59:ac:e6:49:60:85:e9:a4:f5:c7:
c1:fa:ed:a4:55:44:a4:f1:fb:ea:b8:27:39:ed:77:
db:cc:0c:b8:7d:9d:9f:99:91:2e:73:b9:04:26:bd:
a1:6a:78:08:4a:e5:cb:24:30:77:63:50:94:b9:0e:
7c:9e:59:fd:ac:0f:a8:87:29:fc:1a:ec:0e:9c:08:
01:d1:d6:25:02:4e:a2:ed:d6:e6:b0:a6:af:2d:bf:
7d:08:d4:1b:b6:71:d2:51:c3:2a:89:a6:63:3c:a1:
38:6b:d9:9d:3d:67:cd:8b:f4:6d:1b:01:31:57:63:
65:fe:b7:ff:db:36:c9:e1:8e:85:21:b9:70:d8:02:
24:d5:2a:8b:c7:15:7a:82:61:7c:dc:91:52:9a:4f:
94:d5:89:12:5b:ae:aa:c8:4d:e6:87:cd:32:7c:7f:
f6:11:4e:6f:7f:a1:37:d4:10:82:8b:af:f5:d4:a4:
c9:e7:d8:18:81:5a:c7:65:91:77:98:03:41:f0:7b:
20:ec:ef:00:34:20:10:60:fa:68:27:6f:02:a3:0f:
89:54:66:e7:4e:a2:17:cd:a2:f2:4a:0d:26:37:9f:
bb:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:1F:C2:20:84:53:3C:04:93:59:22:39:10:BF:DC:15:34:66:EE:E9
X509v3 Authority Key Identifier:
keyid:B1:D8:02:66:79:80:94:4D:F4:DA:2A:B4:B0:8E:9D:34:B2:0A:8D:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sdgCZnmAlE302iq0sI6dNLIKjRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f153e7-07d9-4b81-aaed-cbec43fd92a1/1/Bx_CIIRTPASTWSI5EL_cFTRm7uk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/f153e7-07d9-4b81-aaed-cbec43fd92a1/1/sdgCZnmAlE302iq0sI6dNLIKjRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.161.48.0/22
Signature Algorithm: sha256WithRSAEncryption
51:07:91:43:d6:31:e1:72:1b:45:43:d0:46:2e:29:c1:04:9e:
66:56:8b:57:6b:bd:b5:52:8a:c5:75:7a:7b:ea:f6:94:2e:9a:
4e:b7:3b:b7:22:4d:90:9e:17:b5:ac:91:64:3b:0e:6a:bc:83:
19:6b:f5:44:a8:d9:f7:5e:13:4f:70:e9:42:74:77:e6:14:2b:
1f:95:0f:0d:22:40:6a:3e:9c:75:57:e6:9a:ae:1b:72:69:bd:
e8:7c:be:5b:d3:e2:f3:ba:fb:61:74:48:87:fd:67:32:b4:0b:
be:af:d0:dd:74:2f:c8:ca:95:cf:b7:9d:c2:a7:2e:13:a8:3d:
0e:a0:b0:69:61:5b:a5:ea:89:74:7b:00:aa:a8:f5:8a:be:eb:
76:7d:41:23:a8:31:14:74:cf:83:a1:bd:35:bd:3e:3a:01:78:
f3:b0:b2:b9:e2:3a:6a:52:1a:80:89:db:c9:13:4e:56:b5:2a:
ad:72:e6:56:58:11:1b:7c:2c:e4:91:3b:1d:a4:a6:88:37:bf:
29:39:eb:7f:af:26:9c:aa:74:29:29:e1:70:7a:17:05:a3:d9:
6d:83:d9:c5:cf:f0:ad:1d:90:66:6c:09:2f:ee:7f:18:41:e2:
2d:a4:87:47:ff:53:ce:53:98:95:9a:99:e7:b4:66:05:47:1f:
b6:b7:70:36
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbmF+1afv3VT0W9vf2SfCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxZDgwMjY2Nzk4MDk0NGRmNGRhMmFiNGIwOGU5ZDM0YjIw
YThkMTEwHhcNMjQwMTAxMTQyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzFmYzIyMDg0NTMzYzA0OTM1OTIyMzkxMGJmZGMxNTM0NjZlZWU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSM9bLM5Yh7xSfqiyUnsgwKJ3Gyy
hN3FaDEqdYqfznNhx1ms5klghemk9cfB+u2kVUSk8fvquCc57XfbzAy4fZ2fmZEu
c7kEJr2hangISuXLJDB3Y1CUuQ58nln9rA+ohyn8GuwOnAgB0dYlAk6i7dbmsKav
Lb99CNQbtnHSUcMqiaZjPKE4a9mdPWfNi/RtGwExV2Nl/rf/2zbJ4Y6FIblw2AIk
1SqLxxV6gmF83JFSmk+U1YkSW66qyE3mh80yfH/2EU5vf6E31BCCi6/11KTJ59gY
gVrHZZF3mANB8Hsg7O8ANCAQYPpoJ28Cow+JVGbnTqIXzaLySg0mN5+7zwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAcfwiCEUzwEk1kiORC/3BU0Zu7pMB8GA1UdIwQY
MBaAFLHYAmZ5gJRN9NoqtLCOnTSyCo0RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2RnQ1pubUFsRTMwMmlxMHNJNmROTElLalJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC9mMTUzZTctMDdkOS00YjgxLWFhZWQt
Y2JlYzQzZmQ5MmExLzEvQnhfQ0lJUlRQQVNUV1NJNUVMX2NGVFJtN3VrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC9mMTUzZTctMDdkOS00YjgxLWFhZWQtY2JlYzQzZmQ5MmEx
LzEvc2RnQ1pubUFsRTMwMmlxMHNJNmROTElLalJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuaEwMA0G
CSqGSIb3DQEBCwUAA4IBAQBRB5FD1jHhchtFQ9BGLinBBJ5mVotXa721UorFdXp7
6vaULppOtzu3Ik2Qnhe1rJFkOw5qvIMZa/VEqNn3XhNPcOlCdHfmFCsflQ8NIkBq
Ppx1V+aarhtyab3ofL5b0+LzuvthdEiH/WcytAu+r9DddC/IypXPt53Cpy4TqD0O
oLBpYVul6ol0ewCqqPWKvut2fUEjqDEUdM+Dob01vT46AXjzsLK54jpqUhqAidvJ
E05WtSqtcuZWWBEbfCzkkTsdpKaIN78pOet/ryacqnQpKeFwehcFo9ltg9nFz/Ct
HZBmbAkv7n8YQeItpIdH/1POU5iVmpnntGYFRx+2t3A2
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:35 2024 by rpki-client on console-ams.rpki-client.org