Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/BrX0BVR8mXz9lz_W622YZCmAV7c.roa
File: BrX0BVR8mXz9lz_W622YZCmAV7c.roa (raw, json)
Hash identifier: fTGrWzN/R3ilDjWBw0FD9/Lx/zP2JwxI22Oum77TpoA=
Subject key identifier: 06:B5:F4:05:54:7C:99:7C:FD:97:3F:D6:EB:6D:98:64:29:80:57:B7
Certificate issuer: /CN=0b1870c96ef09723811fb89250eea6eba963c0df
Certificate serial: 019141467E4EDD69F36FB9FF87F4B544FBD4
Authority key identifier: 0B:18:70:C9:6E:F0:97:23:81:1F:B8:92:50:EE:A6:EB:A9:63:C0:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/BrX0BVR8mXz9lz_W622YZCmAV7c.roa
Signing time: Sun 11 Aug 2024 11:50:24 +0000
ROA not before: Sun 11 Aug 2024 11:50:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 378
IP address blocks: 132.64.0.0/15 maxlen: 15
132.64.0.0/16 maxlen: 16
132.64.1.0/24 maxlen: 24
132.64.2.0/24 maxlen: 24
132.64.3.0/24 maxlen: 24
132.64.5.0/24 maxlen: 24
132.64.6.0/24 maxlen: 24
132.64.7.0/24 maxlen: 24
132.64.16.0/24 maxlen: 24
132.64.17.0/24 maxlen: 24
132.64.40.0/24 maxlen: 24
132.64.43.0/24 maxlen: 24
132.64.44.0/24 maxlen: 24
132.64.45.0/24 maxlen: 24
132.64.254.0/24 maxlen: 24
132.65.0.0/16 maxlen: 16
192.114.88.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/CxhwyW7wlyOBH7iSUO6m66ljwN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/CxhwyW7wlyOBH7iSUO6m66ljwN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:41:46:7e:4e:dd:69:f3:6f:b9:ff:87:f4:b5:44:fb:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b1870c96ef09723811fb89250eea6eba963c0df
Validity
Not Before: Aug 11 11:50:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06b5f405547c997cfd973fd6eb6d9864298057b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:12:08:d2:52:93:08:3f:96:38:19:d8:ac:e7:
70:4c:2b:6e:0b:e3:a3:65:83:cd:f8:c2:e6:34:45:
1c:c4:52:91:a6:07:c8:7d:ac:8e:c1:a7:0a:36:fb:
6f:9c:4f:89:47:65:f2:c3:61:99:3a:6d:96:b1:ce:
f8:54:b9:42:f4:4e:38:ae:f0:f7:92:8a:65:ef:ea:
b5:ba:da:e1:1b:cb:e9:5e:3a:14:ce:db:54:b3:08:
1d:f6:ad:0f:87:c0:01:48:28:c4:57:56:d1:41:7b:
52:06:92:f3:d7:b4:4c:ae:d6:03:eb:d6:f7:9a:3c:
ab:a9:05:6f:58:a0:82:0a:b6:f9:a7:93:f0:ee:fc:
0b:e5:28:f2:db:f6:73:ad:36:ae:21:5d:4a:fb:c3:
8d:4c:24:da:42:c0:7f:7d:87:8d:e9:f6:fd:b1:d2:
ea:8b:15:d6:37:05:28:6a:5c:f2:c2:03:74:2f:70:
08:6f:29:0c:8a:9c:cb:f9:5c:3a:e9:6a:6a:95:bc:
fd:a6:4d:fb:2b:d9:bc:3e:96:ce:fc:08:ad:01:5c:
81:43:64:ad:f1:ba:bb:91:86:1c:e1:78:a5:9b:b0:
f6:9d:c8:e5:66:41:e7:26:54:72:80:b9:dc:ff:00:
de:ea:eb:b4:79:12:02:61:4c:e3:19:8e:ca:56:95:
a0:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B5:F4:05:54:7C:99:7C:FD:97:3F:D6:EB:6D:98:64:29:80:57:B7
X509v3 Authority Key Identifier:
keyid:0B:18:70:C9:6E:F0:97:23:81:1F:B8:92:50:EE:A6:EB:A9:63:C0:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CxhwyW7wlyOBH7iSUO6m66ljwN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/BrX0BVR8mXz9lz_W622YZCmAV7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/87702a-3af6-46c7-a123-a2e24f980b3f/1/CxhwyW7wlyOBH7iSUO6m66ljwN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.64.0.0/15
192.114.88.0/22
Signature Algorithm: sha256WithRSAEncryption
68:f1:33:67:55:07:f3:3a:76:29:8f:f2:2c:6e:3b:50:1b:1a:
df:0d:06:02:c6:fd:fe:ce:8e:62:32:e1:d1:fa:a3:17:4b:93:
70:4e:8a:43:b2:0e:34:cd:fa:0d:02:6d:7b:75:1b:f1:df:76:
87:e7:1a:ca:f5:13:ee:f3:3f:d9:5b:80:b2:63:d9:33:b6:16:
70:d0:f9:12:7e:64:bd:0c:ff:bd:ac:c4:69:22:db:91:5b:58:
60:cf:ee:b5:95:ed:49:ed:60:e3:b9:41:9c:d8:95:aa:b9:a3:
30:0c:05:3a:ca:cc:8b:46:cc:00:9a:d3:7b:9f:cd:61:cf:9d:
e5:98:b3:85:16:3d:78:19:39:7b:36:43:9f:cd:78:bb:c5:62:
67:f7:0b:ce:d8:8b:2d:37:4c:aa:61:79:12:20:2a:67:eb:19:
46:90:cb:78:ce:80:df:5e:c7:a2:df:e1:25:06:50:8b:6f:b5:
bd:53:6f:ad:95:eb:39:7b:74:25:21:c5:75:2f:76:f8:cd:7a:
30:61:24:31:4d:56:12:3c:0d:9f:3c:12:d7:6d:bc:51:df:3f:
b6:d7:32:67:45:0e:c9:d0:62:fd:4c:b4:fe:3f:27:91:79:74:
6d:e9:46:df:d4:73:ff:39:62:86:eb:d7:3d:f3:cd:fc:55:7a:
ba:c0:83:a3
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZFBRn5O3Wnzb7n/h/S1RPvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMTg3MGM5NmVmMDk3MjM4MTFmYjg5MjUwZWVhNmViYTk2
M2MwZGYwHhcNMjQwODExMTE1MDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmI1ZjQwNTU0N2M5OTdjZmQ5NzNmZDZlYjZkOTg2NDI5ODA1N2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxII0lKTCD+WOBnYrOdwTCtuC+Oj
ZYPN+MLmNEUcxFKRpgfIfayOwacKNvtvnE+JR2Xyw2GZOm2Wsc74VLlC9E44rvD3
kopl7+q1utrhG8vpXjoUzttUswgd9q0Ph8ABSCjEV1bRQXtSBpLz17RMrtYD69b3
mjyrqQVvWKCCCrb5p5Pw7vwL5Sjy2/ZzrTauIV1K+8ONTCTaQsB/fYeN6fb9sdLq
ixXWNwUoalzywgN0L3AIbykMipzL+Vw66Wpqlbz9pk37K9m8PpbO/AitAVyBQ2St
8bq7kYYc4Xilm7D2ncjlZkHnJlRygLnc/wDe6uu0eRICYUzjGY7KVpWgIQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFAa19AVUfJl8/Zc/1uttmGQpgFe3MB8GA1UdIwQY
MBaAFAsYcMlu8JcjgR+4klDupuupY8DfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3hod3lXN3dseU9CSDdpU1VPNm02Nmxqd044LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny84NzcwMmEtM2FmNi00NmM3LWExMjMt
YTJlMjRmOTgwYjNmLzEvQnJYMEJWUjhtWHo5bHpfVzYyMllaQ21BVjdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny84NzcwMmEtM2FmNi00NmM3LWExMjMtYTJlMjRmOTgwYjNm
LzEvQ3hod3lXN3dseU9CSDdpU1VPNm02Nmxqd044LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMBhEADBALA
clgwDQYJKoZIhvcNAQELBQADggEBAGjxM2dVB/M6dimP8ixuO1AbGt8NBgLG/f7O
jmIy4dH6oxdLk3BOikOyDjTN+g0CbXt1G/HfdofnGsr1E+7zP9lbgLJj2TO2FnDQ
+RJ+ZL0M/72sxGki25FbWGDP7rWV7UntYOO5QZzYlaq5ozAMBTrKzItGzACa03uf
zWHPneWYs4UWPXgZOXs2Q5/NeLvFYmf3C87Yiy03TKpheRIgKmfrGUaQy3jOgN9e
x6Lf4SUGUItvtb1Tb62V6zl7dCUhxXUvdvjNejBhJDFNVhI8DZ88EtdtvFHfP7bX
MmdFDsnQYv1MtP4/J5F5dG3pRt/Uc/85Yobr1z3zzfxVerrAg6M=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:40:20 2024 by rpki-client on console-ams.rpki-client.org