Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0df9ab-2e78-4b98-a6ef-73bb9300f575/1/bXGp43gwyipow12HY7gws4F4huc.roa
File: bXGp43gwyipow12HY7gws4F4huc.roa (raw, json)
Hash identifier: S4zlXbklZgIiWDuO/kuamMDArjEqbSD0OX6xaRuBv/M=
Subject key identifier: 6D:71:A9:E3:78:30:CA:2A:68:C3:5D:87:63:B8:30:B3:81:78:86:E7
Certificate issuer: /CN=93fd26d3a0b693a029bc62dcb9dda9519e477640
Certificate serial: 018CC6B82172FCC9C81B4D4E8E80CB64FD66
Authority key identifier: 93:FD:26:D3:A0:B6:93:A0:29:BC:62:DC:B9:DD:A9:51:9E:47:76:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k_0m06C2k6ApvGLcud2pUZ5HdkA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0df9ab-2e78-4b98-a6ef-73bb9300f575/1/bXGp43gwyipow12HY7gws4F4huc.roa
Signing time: Mon 01 Jan 2024 20:30:05 +0000
ROA not before: Mon 01 Jan 2024 20:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60515
IP address blocks: 185.88.32.0/24 maxlen: 24
185.88.35.0/24 maxlen: 24
185.88.32.0/22 maxlen: 22
185.88.33.0/24 maxlen: 24
185.88.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0df9ab-2e78-4b98-a6ef-73bb9300f575/1/k_0m06C2k6ApvGLcud2pUZ5HdkA.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0df9ab-2e78-4b98-a6ef-73bb9300f575/1/k_0m06C2k6ApvGLcud2pUZ5HdkA.mft
rsync://rpki.ripe.net/repository/DEFAULT/k_0m06C2k6ApvGLcud2pUZ5HdkA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:21:72:fc:c9:c8:1b:4d:4e:8e:80:cb:64:fd:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93fd26d3a0b693a029bc62dcb9dda9519e477640
Validity
Not Before: Jan 1 20:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d71a9e37830ca2a68c35d8763b830b3817886e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:15:05:0a:92:72:d0:7a:44:bf:6c:ed:66:2d:
da:f6:ad:89:35:de:81:2a:53:11:e2:43:5e:03:36:
ed:eb:1c:27:58:5f:21:98:47:91:c9:6f:47:4e:4f:
96:3f:d2:2d:ea:b2:ff:47:78:33:e3:6a:7a:38:1e:
34:44:fe:65:77:f5:fc:f6:c1:61:b1:b8:00:1c:ee:
1c:1d:c9:c4:ec:60:51:2f:06:2b:67:e2:83:1b:c1:
ae:63:63:7e:72:a2:43:f8:90:30:6c:ba:f7:b6:68:
3b:10:29:06:82:4e:b8:c7:c8:81:70:63:78:7d:65:
28:b3:06:99:81:1a:bf:27:af:47:b7:38:fc:cb:07:
a6:e9:cf:7d:ac:4a:1a:91:50:7e:8d:dc:ae:d1:2e:
c6:5b:04:71:40:03:e7:47:4f:a0:5b:60:aa:0d:fd:
9c:5f:7e:23:4a:da:a6:11:e1:9b:87:8b:de:ab:ca:
b4:fe:59:5b:33:e4:3c:f2:66:30:39:86:8d:ea:8f:
9e:9a:90:a8:3b:bc:ae:c4:d9:01:d9:27:df:8d:0e:
b1:dd:5d:57:e2:45:1b:26:27:66:fd:53:51:33:ab:
bd:a8:80:e7:a8:6f:5e:9d:33:c0:96:e6:1d:41:e3:
e8:ab:f1:1e:f8:9a:2a:c1:29:cb:d1:d6:bc:89:1a:
62:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:71:A9:E3:78:30:CA:2A:68:C3:5D:87:63:B8:30:B3:81:78:86:E7
X509v3 Authority Key Identifier:
keyid:93:FD:26:D3:A0:B6:93:A0:29:BC:62:DC:B9:DD:A9:51:9E:47:76:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k_0m06C2k6ApvGLcud2pUZ5HdkA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0df9ab-2e78-4b98-a6ef-73bb9300f575/1/bXGp43gwyipow12HY7gws4F4huc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0df9ab-2e78-4b98-a6ef-73bb9300f575/1/k_0m06C2k6ApvGLcud2pUZ5HdkA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.32.0/22
Signature Algorithm: sha256WithRSAEncryption
18:5a:0c:e8:a3:6b:5f:7d:3e:8d:6e:3b:0e:a0:60:91:2b:f9:
85:44:81:d8:56:f5:2c:cb:19:3f:3c:8a:46:93:aa:82:b3:46:
74:43:c2:12:07:a2:3c:95:3c:e8:a3:65:42:04:f9:6a:d3:7f:
a5:13:cb:89:ab:9f:9d:18:05:88:1e:83:c8:68:9f:41:ea:35:
fa:0e:5b:fb:0a:eb:2f:3d:cd:9c:ef:32:9a:9d:35:05:60:3f:
41:14:1d:bd:38:08:2c:74:ed:2d:1d:14:55:f5:e7:bd:63:82:
5b:1f:cd:14:cf:2a:f4:8d:fd:5e:a6:e5:7f:ee:37:dc:97:47:
3e:b5:9f:9f:70:44:bd:a9:0c:27:3d:dd:d1:9f:63:6c:7e:2a:
d7:25:7b:0f:c1:ea:a1:f5:07:a8:f0:88:20:5a:61:ee:39:84:
5c:fa:b8:13:34:2d:5c:ac:7a:dc:7d:64:b9:fb:8b:9c:d3:0f:
70:cc:f7:8a:c3:16:5f:e0:98:84:61:12:cc:88:75:93:da:e9:
5c:3f:9f:95:3d:ac:d1:eb:d3:43:25:6a:13:b2:76:09:5f:45:
af:bf:69:e9:84:02:06:19:9a:8e:c9:70:ea:27:08:2a:e7:42:
10:bc:f3:f6:0d:ce:86:e8:bc:89:00:d0:0e:24:0b:1f:86:5f:
20:69:29:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuCFy/MnIG01OjoDLZP1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzZmQyNmQzYTBiNjkzYTAyOWJjNjJkY2I5ZGRhOTUxOWU0
Nzc2NDAwHhcNMjQwMTAxMjAzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDcxYTllMzc4MzBjYTJhNjhjMzVkODc2M2I4MzBiMzgxNzg4NmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRUFCpJy0HpEv2ztZi3a9q2JNd6B
KlMR4kNeAzbt6xwnWF8hmEeRyW9HTk+WP9It6rL/R3gz42p6OB40RP5ld/X89sFh
sbgAHO4cHcnE7GBRLwYrZ+KDG8GuY2N+cqJD+JAwbLr3tmg7ECkGgk64x8iBcGN4
fWUoswaZgRq/J69Htzj8ywem6c99rEoakVB+jdyu0S7GWwRxQAPnR0+gW2CqDf2c
X34jStqmEeGbh4veq8q0/llbM+Q88mYwOYaN6o+empCoO7yuxNkB2SffjQ6x3V1X
4kUbJidm/VNRM6u9qIDnqG9enTPAluYdQePoq/Ee+JoqwSnL0da8iRpivQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG1xqeN4MMoqaMNdh2O4MLOBeIbnMB8GA1UdIwQY
MBaAFJP9JtOgtpOgKbxi3LndqVGeR3ZAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva18wbTA2QzJrNkFwdkdMY3VkMnBVWjVIZGtBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wZGY5YWItMmU3OC00Yjk4LWE2ZWYt
NzNiYjkzMDBmNTc1LzEvYlhHcDQzZ3d5aXBvdzEySFk3Z3dzNEY0aHVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wZGY5YWItMmU3OC00Yjk4LWE2ZWYtNzNiYjkzMDBmNTc1
LzEva18wbTA2QzJrNkFwdkdMY3VkMnBVWjVIZGtBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuVggMA0G
CSqGSIb3DQEBCwUAA4IBAQAYWgzoo2tffT6NbjsOoGCRK/mFRIHYVvUsyxk/PIpG
k6qCs0Z0Q8ISB6I8lTzoo2VCBPlq03+lE8uJq5+dGAWIHoPIaJ9B6jX6Dlv7Cusv
Pc2c7zKanTUFYD9BFB29OAgsdO0tHRRV9ee9Y4JbH80Uzyr0jf1epuV/7jfcl0c+
tZ+fcES9qQwnPd3Rn2NsfirXJXsPweqh9Qeo8IggWmHuOYRc+rgTNC1crHrcfWS5
+4uc0w9wzPeKwxZf4JiEYRLMiHWT2ulcP5+VPazR69NDJWoTsnYJX0Wvv2nphAIG
GZqOyXDqJwgq50IQvPP2Dc6G6LyJANAOJAsfhl8gaSlw
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:20:28 2024 by rpki-client on console-ams.rpki-client.org