Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/bWd1JiKaNT9glgl-IaitZU9oLME.roa
File: bWd1JiKaNT9glgl-IaitZU9oLME.roa (raw, json)
Hash identifier: D24aYzQqw2pm8LhOuarzrwzSnqqikuToeB3UwSdruXE=
Subject key identifier: 6D:67:75:26:22:9A:35:3F:60:96:09:7E:21:A8:AD:65:4F:68:2C:C1
Certificate issuer: /CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Certificate serial: 018CC56EB92883BC299231F421002653F8E1
Authority key identifier: A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/bWd1JiKaNT9glgl-IaitZU9oLME.roa
Signing time: Mon 01 Jan 2024 14:30:17 +0000
ROA not before: Mon 01 Jan 2024 14:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33965
IP address blocks: 193.72.56.0/25 maxlen: 25
193.72.52.0/24 maxlen: 24
193.72.64.0/24 maxlen: 28
193.72.60.0/24 maxlen: 24
193.72.36.0/24 maxlen: 24
193.72.32.0/24 maxlen: 24
193.72.40.0/24 maxlen: 24
193.72.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.mft
rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b9:28:83:bc:29:92:31:f4:21:00:26:53:f8:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a74c6706e3fbebdff146a8a14ec2a3284a92ba62
Validity
Not Before: Jan 1 14:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d677526229a353f6096097e21a8ad654f682cc1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:39:4a:57:0a:32:d4:58:50:ab:29:24:b7:ef:
7e:37:e3:53:32:48:47:f1:83:d2:f3:82:6f:6f:66:
b2:a2:2d:7b:cd:16:e0:23:0e:d5:ec:44:f9:4f:d2:
48:d5:13:c0:6a:08:e7:9b:b5:ff:69:c5:f3:e2:36:
5b:be:87:ba:de:7c:da:20:d6:d6:98:62:9f:23:5e:
05:18:67:55:78:f8:39:fa:6d:7c:41:63:4f:b8:20:
41:2d:5b:41:5c:ad:44:ca:71:92:7f:9e:8b:01:a7:
89:ec:6b:5f:9f:19:32:aa:87:52:a0:a2:0c:f1:18:
b5:4a:7b:c4:d6:71:9c:fa:16:77:6b:7a:06:42:da:
74:e2:7c:9d:02:36:f1:1a:29:b4:98:e7:cb:5e:af:
10:0a:57:20:6a:0d:24:8d:14:1b:4e:44:52:9c:69:
2a:e1:46:2f:96:5c:7c:4d:d2:d2:af:7a:68:a2:53:
4c:ed:01:1b:20:b1:6c:7a:4d:87:9d:1b:96:3c:69:
63:7f:01:d6:fb:31:6e:fb:e2:ec:18:5f:4d:82:42:
6a:be:85:e5:d4:55:47:23:fc:d6:91:39:22:72:03:
53:54:4c:e1:c1:79:49:5f:e2:55:70:9c:dd:14:ac:
1d:bc:f7:fc:c5:0b:e5:d0:a4:5a:b4:37:ac:d7:29:
77:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:67:75:26:22:9A:35:3F:60:96:09:7E:21:A8:AD:65:4F:68:2C:C1
X509v3 Authority Key Identifier:
keyid:A7:4C:67:06:E3:FB:EB:DF:F1:46:A8:A1:4E:C2:A3:28:4A:92:BA:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p0xnBuP769_xRqihTsKjKEqSumI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/bWd1JiKaNT9glgl-IaitZU9oLME.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/a0c444-9796-4f06-83f2-aa788a420aec/1/p0xnBuP769_xRqihTsKjKEqSumI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.72.32.0/24
193.72.36.0/24
193.72.40.0/24
193.72.48.0/24
193.72.52.0/24
193.72.56.0/25
193.72.60.0/24
193.72.64.0/24
Signature Algorithm: sha256WithRSAEncryption
00:dc:a7:c5:62:e5:82:10:32:ce:03:dd:f8:20:a5:e8:19:bf:
c8:ac:da:88:8a:0a:9d:23:5c:03:23:e3:16:80:ae:3c:27:29:
43:00:7d:10:72:e7:2a:10:59:14:1d:89:04:6c:bb:33:5a:42:
c9:31:a6:1f:b2:9f:65:36:a7:88:b1:95:65:a4:1f:0e:e0:34:
c6:ba:1c:f6:b4:df:66:62:ed:95:57:d0:ac:25:05:10:fa:a9:
28:e9:98:07:68:3d:91:96:0f:7e:6c:33:e0:f8:31:00:25:db:
2c:63:b9:e8:a3:a6:1c:91:b4:3d:df:a6:35:a7:35:a9:a5:5b:
4c:10:c7:de:d6:da:c5:05:2a:7e:c4:0d:df:74:95:95:af:d0:
b8:eb:09:f5:df:c5:91:58:7c:3a:3e:61:6e:7c:b7:7c:ea:2e:
cf:a4:02:83:5e:ab:ad:33:3c:40:fe:f5:db:79:a8:ff:28:1d:
58:f7:c3:6e:dc:de:a7:6a:c1:14:df:5e:27:97:ff:f7:61:f0:
76:86:d2:6e:fd:9b:1b:98:f6:df:1f:eb:ac:b5:9f:1c:5a:5e:
58:9e:e1:b0:c5:62:8a:af:1a:86:f8:6c:88:d2:bd:c3:4e:33:
e5:7a:21:a9:ef:70:c6:59:d1:b4:f5:48:db:e6:b3:30:9c:d7:
72:18:a7:76
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzFbrkog7wpkjH0IQAmU/jhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3NGM2NzA2ZTNmYmViZGZmMTQ2YThhMTRlYzJhMzI4NGE5
MmJhNjIwHhcNMjQwMTAxMTQzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDY3NzUyNjIyOWEzNTNmNjA5NjA5N2UyMWE4YWQ2NTRmNjgyY2MxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTlKVwoy1FhQqykkt+9+N+NTMkhH
8YPS84Jvb2ayoi17zRbgIw7V7ET5T9JI1RPAagjnm7X/acXz4jZbvoe63nzaINbW
mGKfI14FGGdVePg5+m18QWNPuCBBLVtBXK1EynGSf56LAaeJ7GtfnxkyqodSoKIM
8Ri1SnvE1nGc+hZ3a3oGQtp04nydAjbxGim0mOfLXq8QClcgag0kjRQbTkRSnGkq
4UYvllx8TdLSr3poolNM7QEbILFsek2HnRuWPGljfwHW+zFu++LsGF9NgkJqvoXl
1FVHI/zWkTkicgNTVEzhwXlJX+JVcJzdFKwdvPf8xQvl0KRatDes1yl3pwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFG1ndSYimjU/YJYJfiGorWVPaCzBMB8GA1UdIwQY
MBaAFKdMZwbj++vf8UaooU7CoyhKkrpiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjIt
YWE3ODhhNDIwYWVjLzEvYldkMUppS2FOVDlnbGdsLUlhaXRaVTlvTE1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9hMGM0NDQtOTc5Ni00ZjA2LTgzZjItYWE3ODhhNDIwYWVj
LzEvcDB4bkJ1UDc2OV94UnFpaFRzS2pLRXFTdW1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTA3BAIAATAxAwQAwUggAwQA
wUgkAwQAwUgoAwQAwUgwAwQAwUg0AwUHwUg4AAMEAMFIPAMEAMFIQDANBgkqhkiG
9w0BAQsFAAOCAQEAANynxWLlghAyzgPd+CCl6Bm/yKzaiIoKnSNcAyPjFoCuPCcp
QwB9EHLnKhBZFB2JBGy7M1pCyTGmH7KfZTaniLGVZaQfDuA0xroc9rTfZmLtlVfQ
rCUFEPqpKOmYB2g9kZYPfmwz4PgxACXbLGO56KOmHJG0Pd+mNac1qaVbTBDH3tba
xQUqfsQN33SVla/QuOsJ9d/FkVh8Oj5hbny3fOouz6QCg16rrTM8QP7123mo/ygd
WPfDbtzep2rBFN9eJ5f/92HwdobSbv2bG5j23x/rrLWfHFpeWJ7hsMViiq8ahvhs
iNK9w04z5Xohqe9wxlnRtPVI2+azMJzXchindg==
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:24:33 2024 by rpki-client on console-ams.rpki-client.org