Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/bvs4shtlC-um2A5-gzYNEou7f7c.roa
File: bvs4shtlC-um2A5-gzYNEou7f7c.roa (raw, json)
Hash identifier: hJWVDOZfL0slIpSchI3KF84ezaMvxpu3/LrWk8iQXcc=
Subject key identifier: 6E:FB:38:B2:1B:65:0B:EB:A6:D8:0E:7E:83:36:0D:12:8B:BB:7F:B7
Certificate issuer: /CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Certificate serial: 018CE9CB414558EB0B9F4C000FAF496A5B12
Authority key identifier: 7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/bvs4shtlC-um2A5-gzYNEou7f7c.roa
Signing time: Mon 08 Jan 2024 15:57:41 +0000
ROA not before: Mon 08 Jan 2024 15:57:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62449
IP address blocks: 217.144.56.0/24 maxlen: 24
79.172.249.0/24 maxlen: 24
2a02:730:6000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:e9:cb:41:45:58:eb:0b:9f:4c:00:0f:af:49:6a:5b:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b5e37f6e3b9bd1cf3684b9c03c03ad1ca642497
Validity
Not Before: Jan 8 15:57:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6efb38b21b650beba6d80e7e83360d128bbb7fb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:64:92:2f:e3:ca:5f:2e:b2:1b:69:63:2e:37:
50:22:00:f8:6b:49:b2:ba:99:48:88:8a:37:e3:01:
d9:96:5d:44:8c:d6:dd:73:c0:72:6f:18:35:fe:52:
88:a2:34:5a:0b:88:cd:18:2e:ae:83:56:1d:2c:04:
ee:e2:14:09:7f:46:85:f4:ba:96:2d:b5:af:04:7d:
09:63:57:7a:57:db:e2:95:8b:2b:32:9a:6d:64:65:
85:5d:10:94:eb:a3:fc:f2:7a:da:b5:99:d3:46:2e:
44:63:6e:b3:e2:d0:c9:20:7b:f7:e1:ee:68:8a:9c:
d2:af:d6:2e:34:38:c0:cd:81:96:be:2a:54:d3:4a:
4f:a3:52:f8:3a:f2:7d:3a:39:82:26:aa:2d:8a:0e:
86:4b:0c:c0:6e:31:83:8d:01:1f:58:c6:f6:10:51:
94:e7:9b:82:33:e3:e7:2f:59:fb:d7:66:82:a0:23:
ce:ed:cf:dd:fb:16:5f:d7:f5:3d:52:ef:3b:5a:1e:
14:cf:59:c2:6f:0e:56:62:fd:1b:55:ef:44:5a:24:
cc:9f:ba:13:3b:1f:bd:3b:1f:f5:ae:b5:28:f2:e7:
77:6e:41:93:a6:a8:d9:f7:6d:4e:b1:ca:7e:a1:71:
a4:2c:28:84:fe:51:49:2b:d6:ea:49:19:22:73:47:
8a:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:FB:38:B2:1B:65:0B:EB:A6:D8:0E:7E:83:36:0D:12:8B:BB:7F:B7
X509v3 Authority Key Identifier:
keyid:7B:5E:37:F6:E3:B9:BD:1C:F3:68:4B:9C:03:C0:3A:D1:CA:64:24:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1439uO5vRzzaEucA8A60cpkJJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/bvs4shtlC-um2A5-gzYNEou7f7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/26728e-ddc7-4b0f-9d1e-9593a488afcc/1/e1439uO5vRzzaEucA8A60cpkJJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.172.249.0/24
217.144.56.0/24
IPv6:
2a02:730:6000::/48
Signature Algorithm: sha256WithRSAEncryption
a0:00:c7:7c:5c:6b:33:fb:d8:02:43:22:1a:68:40:f9:a7:83:
36:f9:98:4b:ce:d4:fa:33:88:46:4f:ba:6f:cc:5e:c0:3b:a7:
3b:fe:e2:28:f2:2c:d0:fd:dd:16:e5:2e:75:c0:6f:4c:5b:dd:
c0:f1:7f:fc:2a:71:6c:80:b1:11:14:53:f6:7e:2c:66:2f:a5:
8d:83:62:29:17:07:5b:e5:60:6d:a5:b8:67:e9:c2:65:ab:e8:
60:1e:6f:c9:cb:d6:19:62:b5:d9:85:fe:61:2a:ae:2c:e6:ed:
36:e1:54:4d:24:55:db:a1:3f:c1:1b:df:48:1e:ca:44:d5:f5:
2c:e5:1a:d0:86:16:41:9f:d3:75:aa:58:c1:5a:f7:25:56:ac:
bb:48:f1:ae:d9:e3:98:b0:b7:70:12:e1:5e:4d:3d:09:68:c9:
2d:8e:82:5f:ba:73:9e:8e:59:04:cb:84:bd:25:15:14:62:9c:
a4:2f:49:7c:63:c6:61:17:47:07:1f:01:45:9e:d7:cc:0c:75:
0e:c0:f9:3b:b3:3a:33:91:c4:00:29:1e:f7:71:b2:7d:9c:84:
5a:f1:b6:41:00:af:e9:7a:9a:d8:5c:54:58:ba:e0:02:92:15:
72:8a:eb:66:74:da:e5:47:6c:af:ff:02:20:1a:ed:0d:19:e5:
bf:cd:b7:09
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzpy0FFWOsLn0wAD69JalsSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiNWUzN2Y2ZTNiOWJkMWNmMzY4NGI5YzAzYzAzYWQxY2E2
NDI0OTcwHhcNMjQwMTA4MTU1NzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWZiMzhiMjFiNjUwYmViYTZkODBlN2U4MzM2MGQxMjhiYmI3ZmI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkWSSL+PKXy6yG2ljLjdQIgD4a0my
uplIiIo34wHZll1EjNbdc8Bybxg1/lKIojRaC4jNGC6ug1YdLATu4hQJf0aF9LqW
LbWvBH0JY1d6V9vilYsrMpptZGWFXRCU66P88nratZnTRi5EY26z4tDJIHv34e5o
ipzSr9YuNDjAzYGWvipU00pPo1L4OvJ9OjmCJqotig6GSwzAbjGDjQEfWMb2EFGU
55uCM+PnL1n712aCoCPO7c/d+xZf1/U9Uu87Wh4Uz1nCbw5WYv0bVe9EWiTMn7oT
Ox+9Ox/1rrUo8ud3bkGTpqjZ921Oscp+oXGkLCiE/lFJK9bqSRkic0eKPwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFG77OLIbZQvrptgOfoM2DRKLu3+3MB8GA1UdIwQY
MBaAFHteN/bjub0c82hLnAPAOtHKZCSXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUt
OTU5M2E0ODhhZmNjLzEvYnZzNHNodGxDLXVtMkE1LWd6WU5Fb3U3ZjdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8yNjcyOGUtZGRjNy00YjBmLTlkMWUtOTU5M2E0ODhhZmNj
LzEvZTE0Mzl1TzV2Unp6YUV1Y0E4QTYwY3BrSkpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAT6z5AwQA
2ZA4MA8EAgACMAkDBwAqAgcwYAAwDQYJKoZIhvcNAQELBQADggEBAKAAx3xcazP7
2AJDIhpoQPmngzb5mEvO1PoziEZPum/MXsA7pzv+4ijyLND93RblLnXAb0xb3cDx
f/wqcWyAsREUU/Z+LGYvpY2DYikXB1vlYG2luGfpwmWr6GAeb8nL1hlitdmF/mEq
rizm7TbhVE0kVduhP8Eb30geykTV9SzlGtCGFkGf03WqWMFa9yVWrLtI8a7Z45iw
t3AS4V5NPQloyS2Ogl+6c56OWQTLhL0lFRRinKQvSXxjxmEXRwcfAUWe18wMdQ7A
+TuzOjORxAApHvdxsn2chFrxtkEAr+l6mthcVFi64AKSFXKK62Z02uVHbK//AiAa
7Q0Z5b/Ntwk=
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:30:03 2024 by rpki-client on console-fra.rpki-client.org