Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/bw-MQalXkXYJmrXmzEKENOIK2Tg.roa
File: bw-MQalXkXYJmrXmzEKENOIK2Tg.roa (raw, json)
Hash identifier: bAJkw/mh+kktoYGqNhPi36g9Mk0QrQf7O1Vdl24WSjo=
Subject key identifier: 6F:0F:8C:41:A9:57:91:76:09:9A:B5:E6:CC:42:84:34:E2:0A:D9:38
Certificate issuer: /CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Certificate serial: 018CC26D2B3A81880DA1BFA6ACC38C947A64
Authority key identifier: 91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/bw-MQalXkXYJmrXmzEKENOIK2Tg.roa
Signing time: Mon 01 Jan 2024 00:29:43 +0000
ROA not before: Mon 01 Jan 2024 00:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209105
IP address blocks: 2001:67c:99c::/48 maxlen: 48
2001:67c:9a4::/48 maxlen: 48
2001:67c:9ac::/48 maxlen: 48
2001:67c:9a0::/48 maxlen: 48
2001:67c:9a8::/48 maxlen: 48
2001:67c:9b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Jun 2024 01:02:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:2b:3a:81:88:0d:a1:bf:a6:ac:c3:8c:94:7a:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91dd0e48d9011adf376665ad4d62cf31ce63058c
Validity
Not Before: Jan 1 00:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f0f8c41a9579176099ab5e6cc428434e20ad938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:71:47:05:91:94:ae:3d:e8:93:10:7f:b2:3e:
1e:ec:6a:9a:c8:37:09:0f:22:55:ca:7b:23:46:1f:
17:56:1a:60:df:08:f6:3c:ca:e3:72:98:76:4f:1f:
38:73:bb:59:0d:02:8e:20:93:84:57:44:bf:b1:2b:
14:aa:53:7d:dc:e2:dc:4f:c6:9c:74:ca:37:9d:47:
48:8f:36:0a:d3:f0:4b:4a:07:02:e9:6e:40:c8:3e:
9d:47:28:9e:c7:17:23:d4:f2:40:c9:80:ab:d9:bb:
e9:d3:5d:a5:99:54:60:2c:27:59:e4:c4:fe:77:fc:
34:db:40:09:a6:37:b3:a5:e6:e3:8a:f2:2a:b3:dd:
e8:76:e0:c5:6d:36:10:6f:e8:00:8b:cb:08:fc:1d:
62:e1:5b:8f:74:36:2c:4b:43:22:ec:01:d9:3b:f6:
81:6d:34:3f:52:76:21:12:f6:87:a7:89:0f:ba:57:
50:58:4b:9b:83:7e:4b:d4:21:f6:db:fc:1b:aa:7b:
d1:41:4f:6c:31:9d:c7:ae:8b:d6:76:31:05:fa:78:
5a:6f:cf:5e:28:28:52:3f:4f:04:88:f5:ec:5b:3d:
c1:44:24:dc:50:d7:ff:a5:b0:f6:77:63:3f:e7:d0:
ae:1e:fe:9c:50:29:8b:cf:18:82:5c:5a:c6:0e:d8:
cc:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:0F:8C:41:A9:57:91:76:09:9A:B5:E6:CC:42:84:34:E2:0A:D9:38
X509v3 Authority Key Identifier:
keyid:91:DD:0E:48:D9:01:1A:DF:37:66:65:AD:4D:62:CF:31:CE:63:05:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kd0OSNkBGt83ZmWtTWLPMc5jBYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/bw-MQalXkXYJmrXmzEKENOIK2Tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/1e9d04-d94f-4f13-be3c-10f34f558363/1/kd0OSNkBGt83ZmWtTWLPMc5jBYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:99c::/48
2001:67c:9a0::/48
2001:67c:9a4::/48
2001:67c:9a8::/48
2001:67c:9ac::/48
2001:67c:9b0::/48
Signature Algorithm: sha256WithRSAEncryption
05:a7:ef:b1:b4:be:01:19:e8:03:c1:d1:f1:39:19:a7:f6:ca:
aa:7e:f5:81:0a:74:b9:a2:2b:db:fc:57:9b:d1:d4:e3:3e:09:
14:0e:3c:0a:08:31:86:07:f6:04:0b:c8:08:4b:33:e8:18:ae:
5b:0b:d7:98:26:d9:fa:0d:76:7a:25:ea:4b:56:ea:b4:76:9f:
8e:92:61:bc:80:32:d5:b4:5d:a9:68:f2:48:96:b6:5e:e3:46:
bb:07:d0:78:ab:e9:3b:fb:55:bd:8b:58:7b:f9:45:e1:50:06:
ba:3f:e1:41:69:a6:9a:e3:87:63:5a:43:2f:aa:9d:22:c9:a2:
b8:04:bb:c6:26:8a:d5:6b:ab:f7:76:bc:a8:ac:18:5c:0c:fe:
9e:22:15:e7:9b:d6:07:29:63:10:de:df:43:b7:e2:45:9b:dd:
c5:c2:52:69:b6:7e:34:84:91:a4:cc:64:7d:29:06:e4:9f:83:
e3:75:90:1b:86:e2:49:52:93:8b:8a:c6:85:69:69:7a:b1:c5:
e8:08:c4:66:3f:f1:65:3b:4a:5d:68:48:b3:a4:94:53:cd:20:
58:e7:05:94:8e:31:be:13:8e:1b:60:a5:06:f4:a5:e0:9b:2c:
6c:89:26:e1:bb:3c:b1:7f:4e:10:48:d9:49:e1:32:ea:94:9d:
ec:b8:b7:66
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzCbSs6gYgNob+mrMOMlHpkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZGQwZTQ4ZDkwMTFhZGYzNzY2NjVhZDRkNjJjZjMxY2U2
MzA1OGMwHhcNMjQwMTAxMDAyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjBmOGM0MWE5NTc5MTc2MDk5YWI1ZTZjYzQyODQzNGUyMGFkOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgXFHBZGUrj3okxB/sj4e7GqayDcJ
DyJVynsjRh8XVhpg3wj2PMrjcph2Tx84c7tZDQKOIJOEV0S/sSsUqlN93OLcT8ac
dMo3nUdIjzYK0/BLSgcC6W5AyD6dRyiexxcj1PJAyYCr2bvp012lmVRgLCdZ5MT+
d/w020AJpjezpebjivIqs93oduDFbTYQb+gAi8sI/B1i4VuPdDYsS0Mi7AHZO/aB
bTQ/UnYhEvaHp4kPuldQWEubg35L1CH22/wbqnvRQU9sMZ3HrovWdjEF+nhab89e
KChSP08EiPXsWz3BRCTcUNf/pbD2d2M/59CuHv6cUCmLzxiCXFrGDtjMOQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFG8PjEGpV5F2CZq15sxChDTiCtk4MB8GA1UdIwQY
MBaAFJHdDkjZARrfN2ZlrU1izzHOYwWMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2Mt
MTBmMzRmNTU4MzYzLzEvYnctTVFhbFhrWFlKbXJYbXpFS0VOT0lLMlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS8xZTlkMDQtZDk0Zi00ZjEzLWJlM2MtMTBmMzRmNTU4MzYz
LzEva2QwT1NOa0JHdDgzWm1XdFRXTFBNYzVqQll3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAAjA2AwcAIAEGfAmc
AwcAIAEGfAmgAwcAIAEGfAmkAwcAIAEGfAmoAwcAIAEGfAmsAwcAIAEGfAmwMA0G
CSqGSIb3DQEBCwUAA4IBAQAFp++xtL4BGegDwdHxORmn9sqqfvWBCnS5oivb/Feb
0dTjPgkUDjwKCDGGB/YEC8gISzPoGK5bC9eYJtn6DXZ6JepLVuq0dp+OkmG8gDLV
tF2paPJIlrZe40a7B9B4q+k7+1W9i1h7+UXhUAa6P+FBaaaa44djWkMvqp0iyaK4
BLvGJorVa6v3dryorBhcDP6eIhXnm9YHKWMQ3t9Dt+JFm93FwlJptn40hJGkzGR9
KQbkn4PjdZAbhuJJUpOLisaFaWl6scXoCMRmP/FlO0pdaEizpJRTzSBY5wWUjjG+
E44bYKUG9KXgmyxsiSbhuzyxf04QSNlJ4TLqlJ3suLdm
-----END CERTIFICATE-----
Generated at Tue Jun 11 11:09:05 2024 by rpki-client on console-ams.rpki-client.org