Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/bfiIBz0O4mQBu6DBFzxZpAbrGS8.roa
File: bfiIBz0O4mQBu6DBFzxZpAbrGS8.roa (raw, json)
Hash identifier: N+6SSy+dRDHtePYahekfytCPqVY61OYN6/8EE/Dg1HQ=
Subject key identifier: 6D:F8:88:07:3D:0E:E2:64:01:BB:A0:C1:17:3C:59:A4:06:EB:19:2F
Certificate issuer: /CN=25dd9b849c0dafae386f470123b09261ae355517
Certificate serial: 018CCA2A213FF661593A5D25790A73E24794
Authority key identifier: 25:DD:9B:84:9C:0D:AF:AE:38:6F:47:01:23:B0:92:61:AE:35:55:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jd2bhJwNr644b0cBI7CSYa41VRc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/bfiIBz0O4mQBu6DBFzxZpAbrGS8.roa
Signing time: Tue 02 Jan 2024 12:33:27 +0000
ROA not before: Tue 02 Jan 2024 12:33:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51323
IP address blocks: 91.203.104.0/24 maxlen: 24
185.31.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/Jd2bhJwNr644b0cBI7CSYa41VRc.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/Jd2bhJwNr644b0cBI7CSYa41VRc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jd2bhJwNr644b0cBI7CSYa41VRc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:21:3f:f6:61:59:3a:5d:25:79:0a:73:e2:47:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25dd9b849c0dafae386f470123b09261ae355517
Validity
Not Before: Jan 2 12:33:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6df888073d0ee26401bba0c1173c59a406eb192f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:af:b8:75:78:50:87:a9:9e:eb:87:8d:a8:99:
5f:b8:fa:35:41:fe:66:96:2c:83:43:05:bd:43:52:
bf:71:fe:de:a0:0a:78:5e:ac:91:ad:38:6c:57:e2:
76:92:2c:0a:2d:c6:ec:e3:6d:01:c6:e7:c1:b4:00:
2c:1b:df:ad:51:53:06:32:e0:dd:89:7f:fa:bf:24:
5c:27:ba:3f:4a:01:22:7a:33:0b:54:6c:70:fa:7e:
a5:37:00:9e:e9:71:3b:4b:12:18:5f:70:94:70:e4:
a7:92:66:70:90:32:eb:fd:0f:57:0c:33:95:24:9f:
17:5e:d5:9c:77:f0:8f:d1:99:87:50:12:71:dd:f4:
92:f6:cc:96:f9:c5:69:25:a1:26:2b:7c:45:92:07:
17:62:93:49:d0:b0:71:98:8b:23:28:4c:33:7e:ca:
1e:fb:e2:c2:2f:04:74:f4:d4:c8:5c:32:02:58:de:
36:ad:66:62:8e:9f:86:9a:d0:b8:c6:91:ae:86:d6:
66:eb:99:4f:6a:5e:24:4f:70:db:a6:d6:fa:33:fd:
78:e9:72:ed:94:36:23:e5:4f:50:26:86:49:67:a2:
55:e4:00:a2:45:ee:d8:c6:1d:e8:1e:42:45:52:85:
f5:17:0c:a5:33:17:25:02:c5:9f:f4:85:86:3b:a9:
b3:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F8:88:07:3D:0E:E2:64:01:BB:A0:C1:17:3C:59:A4:06:EB:19:2F
X509v3 Authority Key Identifier:
keyid:25:DD:9B:84:9C:0D:AF:AE:38:6F:47:01:23:B0:92:61:AE:35:55:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jd2bhJwNr644b0cBI7CSYa41VRc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/bfiIBz0O4mQBu6DBFzxZpAbrGS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/d4e434-6356-46fd-8b35-7ffd5c550385/1/Jd2bhJwNr644b0cBI7CSYa41VRc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.104.0/24
185.31.88.0/22
Signature Algorithm: sha256WithRSAEncryption
81:b4:c3:e3:bf:37:44:15:67:71:7d:4a:37:e3:ee:fb:1e:b5:
18:f4:30:88:9c:bd:65:5c:ae:e5:30:8a:44:c2:49:14:e2:51:
a2:30:bd:f0:76:80:60:2c:35:bf:7e:81:bf:79:6d:cc:86:67:
cb:fa:bf:5a:13:3d:ea:3f:9e:9b:66:0b:e9:1f:e2:ac:e6:4d:
6b:21:f1:ef:75:70:90:a4:18:78:bd:54:c8:89:ad:20:5b:1c:
bb:57:5e:bc:79:95:4f:2a:65:8e:44:69:8f:b3:6d:f8:46:5d:
2a:7e:be:9d:0f:24:63:2d:97:be:a0:38:6f:d1:d3:49:da:27:
2a:22:61:cd:8e:63:ef:54:a3:7b:82:85:b1:80:8a:fb:38:54:
ae:a6:8b:b1:f7:e2:53:c5:74:b5:7c:17:d0:2c:b3:13:5f:fc:
f4:ee:e2:e6:24:6f:e2:82:5a:70:f9:3b:c1:04:f8:b3:88:57:
e2:ed:16:03:0a:80:df:1a:21:97:c5:2c:7d:6e:b4:d8:41:d4:
99:2c:00:0d:2e:82:bf:f8:4d:d2:ea:2b:ff:51:45:08:75:7c:
da:ec:19:3b:a0:31:73:d9:65:bb:be:7c:ed:3b:d3:7e:d7:70:
57:da:3b:49:f7:43:e0:48:12:f7:a3:b1:b2:19:52:9d:da:92:
a7:ac:36:ce
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKiE/9mFZOl0leQpz4keUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZGQ5Yjg0OWMwZGFmYWUzODZmNDcwMTIzYjA5MjYxYWUz
NTU1MTcwHhcNMjQwMTAyMTIzMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGY4ODgwNzNkMGVlMjY0MDFiYmEwYzExNzNjNTlhNDA2ZWIxOTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApq+4dXhQh6me64eNqJlfuPo1Qf5m
liyDQwW9Q1K/cf7eoAp4XqyRrThsV+J2kiwKLcbs420BxufBtAAsG9+tUVMGMuDd
iX/6vyRcJ7o/SgEiejMLVGxw+n6lNwCe6XE7SxIYX3CUcOSnkmZwkDLr/Q9XDDOV
JJ8XXtWcd/CP0ZmHUBJx3fSS9syW+cVpJaEmK3xFkgcXYpNJ0LBxmIsjKEwzfsoe
++LCLwR09NTIXDICWN42rWZijp+GmtC4xpGuhtZm65lPal4kT3Dbptb6M/146XLt
lDYj5U9QJoZJZ6JV5ACiRe7Yxh3oHkJFUoX1FwylMxclAsWf9IWGO6mz5QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG34iAc9DuJkAbugwRc8WaQG6xkvMB8GA1UdIwQY
MBaAFCXdm4ScDa+uOG9HASOwkmGuNVUXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmQyYmhKd05yNjQ0YjBjQkk3Q1NZYTQxVlJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9kNGU0MzQtNjM1Ni00NmZkLThiMzUt
N2ZmZDVjNTUwMzg1LzEvYmZpSUJ6ME80bVFCdTZEQkZ6eFpwQWJyR1M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9kNGU0MzQtNjM1Ni00NmZkLThiMzUtN2ZmZDVjNTUwMzg1
LzEvSmQyYmhKd05yNjQ0YjBjQkk3Q1NZYTQxVlJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW8toAwQC
uR9YMA0GCSqGSIb3DQEBCwUAA4IBAQCBtMPjvzdEFWdxfUo34+77HrUY9DCInL1l
XK7lMIpEwkkU4lGiML3wdoBgLDW/foG/eW3MhmfL+r9aEz3qP56bZgvpH+Ks5k1r
IfHvdXCQpBh4vVTIia0gWxy7V168eZVPKmWORGmPs234Rl0qfr6dDyRjLZe+oDhv
0dNJ2icqImHNjmPvVKN7goWxgIr7OFSupoux9+JTxXS1fBfQLLMTX/z07uLmJG/i
glpw+TvBBPiziFfi7RYDCoDfGiGXxSx9brTYQdSZLAANLoK/+E3S6iv/UUUIdXza
7Bk7oDFz2WW7vnztO9N+13BX2jtJ90PgSBL3o7GyGVKd2pKnrDbO
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:03 2024 by rpki-client on console-ams.rpki-client.org