Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/biaZMBJdBOPx2FHlzf8QzqNWSW4.roa
File: biaZMBJdBOPx2FHlzf8QzqNWSW4.roa (raw, json)
Hash identifier: R6EFt2yzO/6cvZjM+UoPUQd1LR5tVrN3Lm9Q4bu+Nzo=
Subject key identifier: 6E:26:99:30:12:5D:04:E3:F1:D8:51:E5:CD:FF:10:CE:A3:56:49:6E
Certificate issuer: /CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Certificate serial: 018CC6B94452A691F7E66D04E5F66814DAB7
Authority key identifier: 08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/biaZMBJdBOPx2FHlzf8QzqNWSW4.roa
Signing time: Mon 01 Jan 2024 20:31:19 +0000
ROA not before: Mon 01 Jan 2024 20:31:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28760
IP address blocks: 185.236.144.0/22 maxlen: 22
185.71.252.0/22 maxlen: 22
5.104.216.0/21 maxlen: 21
213.174.224.0/19 maxlen: 19
77.242.64.0/20 maxlen: 20
2a03:fa00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 May 2024 10:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:44:52:a6:91:f7:e6:6d:04:e5:f6:68:14:da:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=08a5c3aba421b78a7d5d09b75b4ce3be5273caac
Validity
Not Before: Jan 1 20:31:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e269930125d04e3f1d851e5cdff10cea356496e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:63:a8:55:a1:4d:30:70:d0:61:90:e0:60:55:
60:43:d2:70:6a:84:a6:2d:ff:db:a7:2a:b3:91:b7:
bc:46:a4:ee:c5:65:96:78:78:fe:17:b8:fd:d4:ca:
37:23:b0:d3:40:57:87:50:33:96:36:8e:16:e6:91:
bc:f5:d8:6f:da:33:8c:e0:f4:5d:4a:96:96:04:e6:
67:55:81:60:ae:87:dd:27:9c:e5:6d:40:77:e8:50:
62:8f:d6:56:95:c8:06:b1:f0:fc:ba:78:c3:97:f5:
c3:8e:e6:76:91:d8:63:64:b9:39:b2:45:b4:3e:f0:
78:20:91:55:9f:48:e2:ae:b8:70:cd:43:80:10:77:
21:86:92:49:e2:12:e4:b4:34:48:f3:db:b5:fd:b7:
68:a7:04:23:10:22:ae:3e:fc:b0:df:e1:3e:56:9a:
8c:6f:77:0c:c6:74:30:e3:6c:45:a8:06:43:6c:40:
40:b3:37:57:b7:76:09:73:fb:f1:78:d9:d2:0d:5a:
c8:ed:a1:d2:41:79:2c:5e:13:93:62:0e:46:cc:77:
91:b2:21:58:5e:e7:b7:73:04:0f:6a:22:e1:c7:8c:
67:b7:97:8d:0e:47:28:ad:5e:dd:6a:79:f1:5c:7c:
ef:63:1f:db:a7:aa:a2:62:bc:11:b1:52:f0:45:8f:
00:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:26:99:30:12:5D:04:E3:F1:D8:51:E5:CD:FF:10:CE:A3:56:49:6E
X509v3 Authority Key Identifier:
keyid:08:A5:C3:AB:A4:21:B7:8A:7D:5D:09:B7:5B:4C:E3:BE:52:73:CA:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CKXDq6Qht4p9XQm3W0zjvlJzyqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/biaZMBJdBOPx2FHlzf8QzqNWSW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/7bd8cf-2a61-4b74-860d-364fae7c72c4/1/CKXDq6Qht4p9XQm3W0zjvlJzyqw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.216.0/21
77.242.64.0/20
185.71.252.0/22
185.236.144.0/22
213.174.224.0/19
IPv6:
2a03:fa00::/29
Signature Algorithm: sha256WithRSAEncryption
0c:b1:58:aa:a4:b0:80:92:71:ab:7e:69:00:72:72:b9:fd:a4:
f6:59:62:06:b8:84:6b:0c:06:e5:4c:bd:85:5c:b8:6f:61:5d:
ee:5b:c5:70:99:cc:d4:1b:7b:98:42:93:9d:48:8f:26:92:98:
67:8e:bf:d1:f5:98:d2:5c:a7:ec:40:ab:b1:a8:0e:ad:ba:17:
38:8c:f9:3c:11:60:b5:bb:ec:83:06:88:4b:2e:11:21:41:1d:
cd:b3:fb:e9:4e:c1:fb:40:cb:62:f5:b7:52:bc:84:74:da:0f:
28:e7:27:ff:a9:1f:ab:cc:7e:24:33:ad:4f:8d:46:a3:a5:c6:
dd:4f:5b:e4:3d:76:00:a7:c7:55:cc:ae:62:8d:a3:a3:bd:ca:
43:3f:6a:62:da:4e:8d:28:1d:86:c6:05:9c:75:82:44:0e:a6:
60:cb:e7:fd:67:aa:be:d1:ae:ce:4b:5a:35:a6:8f:2c:23:87:
53:f6:12:06:39:c7:4b:18:be:fe:e8:8e:28:06:c0:c3:77:8d:
6c:65:75:86:68:26:23:08:76:dc:2d:73:94:3a:9e:6c:65:7f:
17:2c:ea:a2:2a:57:12:cc:d9:e2:3e:9c:6d:86:0f:ce:7d:f0:
ae:1d:b8:85:eb:e2:c6:4b:cc:2e:dd:3f:85:61:d9:10:5d:4c:
e1:d2:5f:45
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzGuURSppH35m0E5fZoFNq3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4YTVjM2FiYTQyMWI3OGE3ZDVkMDliNzViNGNlM2JlNTI3
M2NhYWMwHhcNMjQwMTAxMjAzMTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTI2OTkzMDEyNWQwNGUzZjFkODUxZTVjZGZmMTBjZWEzNTY0OTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnGOoVaFNMHDQYZDgYFVgQ9JwaoSm
Lf/bpyqzkbe8RqTuxWWWeHj+F7j91Mo3I7DTQFeHUDOWNo4W5pG89dhv2jOM4PRd
SpaWBOZnVYFgrofdJ5zlbUB36FBij9ZWlcgGsfD8unjDl/XDjuZ2kdhjZLk5skW0
PvB4IJFVn0jirrhwzUOAEHchhpJJ4hLktDRI89u1/bdopwQjECKuPvyw3+E+VpqM
b3cMxnQw42xFqAZDbEBAszdXt3YJc/vxeNnSDVrI7aHSQXksXhOTYg5GzHeRsiFY
Xue3cwQPaiLhx4xnt5eNDkcorV7dannxXHzvYx/bp6qiYrwRsVLwRY8ARQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFG4mmTASXQTj8dhR5c3/EM6jVkluMB8GA1UdIwQY
MBaAFAilw6ukIbeKfV0Jt1tM475Sc8qsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQt
MzY0ZmFlN2M3MmM0LzEvYmlhWk1CSmRCT1B4MkZIbHpmOFF6cU5XU1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My83YmQ4Y2YtMmE2MS00Yjc0LTg2MGQtMzY0ZmFlN2M3MmM0
LzEvQ0tYRHE2UWh0NHA5WFFtM1cwemp2bEp6eXF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDBWjYAwQE
TfJAAwQCuUf8AwQCueyQAwQF1a7gMA0EAgACMAcDBQMqA/oAMA0GCSqGSIb3DQEB
CwUAA4IBAQAMsViqpLCAknGrfmkAcnK5/aT2WWIGuIRrDAblTL2FXLhvYV3uW8Vw
mczUG3uYQpOdSI8mkphnjr/R9ZjSXKfsQKuxqA6tuhc4jPk8EWC1u+yDBohLLhEh
QR3Ns/vpTsH7QMti9bdSvIR02g8o5yf/qR+rzH4kM61PjUajpcbdT1vkPXYAp8dV
zK5ijaOjvcpDP2pi2k6NKB2GxgWcdYJEDqZgy+f9Z6q+0a7OS1o1po8sI4dT9hIG
OcdLGL7+6I4oBsDDd41sZXWGaCYjCHbcLXOUOp5sZX8XLOqiKlcSzNniPpxthg/O
ffCuHbiF6+LGS8wu3T+FYdkQXUzh0l9F
-----END CERTIFICATE-----
Generated at Mon May 27 13:02:37 2024 by rpki-client on console-fra.rpki-client.org