Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/BGiXjMXPB8xUAKwzE1X-yqGRn0o.roa
File: BGiXjMXPB8xUAKwzE1X-yqGRn0o.roa (raw, json)
Hash identifier: Ea1yv0Ph2Z7nwaiuypyBlX6BivNiUZkdrA5jpZeDpDc=
Subject key identifier: 04:68:97:8C:C5:CF:07:CC:54:00:AC:33:13:55:FE:CA:A1:91:9F:4A
Certificate issuer: /CN=24d9bb0530dfe3228f83b0861392e2845934b698
Certificate serial: 018CC94D6D1922D8DFA852B9ECA5420BF2B0
Authority key identifier: 24:D9:BB:05:30:DF:E3:22:8F:83:B0:86:13:92:E2:84:59:34:B6:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JNm7BTDf4yKPg7CGE5LihFk0tpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/BGiXjMXPB8xUAKwzE1X-yqGRn0o.roa
Signing time: Tue 02 Jan 2024 08:32:23 +0000
ROA not before: Tue 02 Jan 2024 08:32:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204504
IP address blocks: 185.134.168.0/24 maxlen: 24
185.134.168.0/22 maxlen: 22
185.134.171.0/24 maxlen: 24
185.134.170.0/24 maxlen: 24
185.134.169.0/24 maxlen: 24
2a0e:3e80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/JNm7BTDf4yKPg7CGE5LihFk0tpg.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/JNm7BTDf4yKPg7CGE5LihFk0tpg.mft
rsync://rpki.ripe.net/repository/DEFAULT/JNm7BTDf4yKPg7CGE5LihFk0tpg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:6d:19:22:d8:df:a8:52:b9:ec:a5:42:0b:f2:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24d9bb0530dfe3228f83b0861392e2845934b698
Validity
Not Before: Jan 2 08:32:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0468978cc5cf07cc5400ac331355fecaa1919f4a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1e:a4:f0:48:bf:50:72:a5:5e:f0:8c:5b:64:
35:d6:52:b0:0d:67:5f:4c:84:4b:c1:d8:ed:fc:78:
8b:08:aa:f4:6a:93:1f:d5:be:eb:7c:0f:f2:42:80:
31:aa:a0:a9:ad:ac:21:7c:5e:f7:4c:c2:3f:e0:d9:
cf:cd:49:b3:3d:51:d9:a6:b7:ce:96:23:0a:6f:12:
15:25:65:3a:f7:08:b0:ff:dc:36:54:f1:c0:9a:34:
3a:b2:79:02:ce:90:92:b0:41:fa:67:72:1d:55:f8:
e2:86:da:0f:12:c3:f2:43:b8:a5:a6:5c:8d:4d:e2:
57:75:87:6b:95:f0:b8:c0:95:5e:c6:49:1a:e8:d3:
05:95:90:aa:98:2b:5a:8e:4a:00:63:b0:37:01:66:
7a:75:0f:c8:3c:9b:93:14:51:15:36:28:28:c1:00:
f7:da:a5:14:db:19:7f:93:8c:a2:eb:82:72:6c:91:
8c:ca:01:b1:72:d4:6f:6e:18:57:28:a9:e5:a3:ec:
ea:1e:b2:75:79:c0:fe:72:f5:48:61:48:0d:cd:64:
c2:d4:c6:e7:b1:ab:68:06:9a:c7:2f:1a:7b:3b:e1:
e3:1e:76:32:7f:c5:b0:32:8e:e3:4d:68:90:a4:bc:
f0:0d:8a:00:28:83:f4:9a:e7:20:c0:84:fd:d0:ed:
50:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:68:97:8C:C5:CF:07:CC:54:00:AC:33:13:55:FE:CA:A1:91:9F:4A
X509v3 Authority Key Identifier:
keyid:24:D9:BB:05:30:DF:E3:22:8F:83:B0:86:13:92:E2:84:59:34:B6:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JNm7BTDf4yKPg7CGE5LihFk0tpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/BGiXjMXPB8xUAKwzE1X-yqGRn0o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/a9979c-d989-46ff-b91e-4ea3011dab6c/1/JNm7BTDf4yKPg7CGE5LihFk0tpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.134.168.0/22
IPv6:
2a0e:3e80::/29
Signature Algorithm: sha256WithRSAEncryption
62:11:c2:b5:f7:7f:ae:08:4c:71:e1:d8:20:00:b6:2a:56:e2:
36:2e:15:ba:75:a3:90:ca:0c:e3:98:00:7b:3d:aa:67:d0:a5:
d1:5c:c1:5c:0b:7d:e2:20:1f:cd:85:6b:f5:52:27:f9:c8:41:
42:c1:87:99:67:cd:24:be:f4:d5:91:a4:f1:18:14:e7:5f:1d:
28:a8:40:13:03:76:0d:fe:f0:f3:10:c7:90:32:33:e8:42:fb:
85:1a:f0:3a:7e:2b:46:e1:8b:16:96:12:30:70:de:fb:b6:c7:
c2:8f:52:cf:ba:30:f6:1f:7e:b9:0d:e4:00:f6:11:99:3e:75:
f9:b9:86:26:23:70:8b:e6:8f:b2:d5:a0:4b:94:b3:87:19:9c:
37:21:aa:f9:68:6f:2b:66:27:eb:8e:f6:81:dc:34:30:32:a1:
c7:a7:b7:bd:b6:c5:ba:5b:77:67:27:27:91:64:92:93:9a:f0:
01:6c:e9:24:99:bd:c0:4a:ea:7c:e1:e3:d0:a3:6e:43:28:c2:
77:7d:86:a0:a9:8f:e6:1d:3d:d2:c6:e6:a0:5a:e1:69:b1:e7:
1e:1a:35:31:59:76:0f:bc:2f:13:5a:11:9b:b1:e6:0f:3e:9e:
bb:28:87:d5:06:a7:8f:46:98:13:30:41:87:5c:26:6e:96:90:
86:8d:8e:73
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTW0ZItjfqFK57KVCC/KwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZDliYjA1MzBkZmUzMjI4ZjgzYjA4NjEzOTJlMjg0NTkz
NGI2OTgwHhcNMjQwMTAyMDgzMjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDY4OTc4Y2M1Y2YwN2NjNTQwMGFjMzMxMzU1ZmVjYWExOTE5ZjRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsR6k8Ei/UHKlXvCMW2Q11lKwDWdf
TIRLwdjt/HiLCKr0apMf1b7rfA/yQoAxqqCprawhfF73TMI/4NnPzUmzPVHZprfO
liMKbxIVJWU69wiw/9w2VPHAmjQ6snkCzpCSsEH6Z3IdVfjihtoPEsPyQ7ilplyN
TeJXdYdrlfC4wJVexkka6NMFlZCqmCtajkoAY7A3AWZ6dQ/IPJuTFFEVNigowQD3
2qUU2xl/k4yi64JybJGMygGxctRvbhhXKKnlo+zqHrJ1ecD+cvVIYUgNzWTC1Mbn
satoBprHLxp7O+HjHnYyf8WwMo7jTWiQpLzwDYoAKIP0mucgwIT90O1QZwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFARol4zFzwfMVACsMxNV/sqhkZ9KMB8GA1UdIwQY
MBaAFCTZuwUw3+Mij4OwhhOS4oRZNLaYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk5tN0JURGY0eUtQZzdDR0U1TGloRmswdHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My9hOTk3OWMtZDk4OS00NmZmLWI5MWUt
NGVhMzAxMWRhYjZjLzEvQkdpWGpNWFBCOHhVQUt3ekUxWC15cUdSbjBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My9hOTk3OWMtZDk4OS00NmZmLWI5MWUtNGVhMzAxMWRhYjZj
LzEvSk5tN0JURGY0eUtQZzdDR0U1TGloRmswdHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuYaoMA0E
AgACMAcDBQMqDj6AMA0GCSqGSIb3DQEBCwUAA4IBAQBiEcK193+uCExx4dggALYq
VuI2LhW6daOQygzjmAB7Papn0KXRXMFcC33iIB/NhWv1Uif5yEFCwYeZZ80kvvTV
kaTxGBTnXx0oqEATA3YN/vDzEMeQMjPoQvuFGvA6fitG4YsWlhIwcN77tsfCj1LP
ujD2H365DeQA9hGZPnX5uYYmI3CL5o+y1aBLlLOHGZw3Iar5aG8rZifrjvaB3DQw
MqHHp7e9tsW6W3dnJyeRZJKTmvABbOkkmb3ASup84ePQo25DKMJ3fYagqY/mHT3S
xuagWuFpseceGjUxWXYPvC8TWhGbseYPPp67KIfVBqePRpgTMEGHXCZulpCGjY5z
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:42:10 2024 by rpki-client on console-fra.rpki-client.org