Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Bg0z3uiJQD5s-UFp3BNvEBdsrV8.roa
File: Bg0z3uiJQD5s-UFp3BNvEBdsrV8.roa (raw, json)
Hash identifier: 3H137b1RpEGFAm8QGfaTExIKWi3ZjUcI+Y+L/oEni+o=
Subject key identifier: 06:0D:33:DE:E8:89:40:3E:6C:F9:41:69:DC:13:6F:10:17:6C:AD:5F
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018DB1E3A24DF0A163087BCB3AECF76958E7
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Bg0z3uiJQD5s-UFp3BNvEBdsrV8.roa
Signing time: Fri 16 Feb 2024 12:28:21 +0000
ROA not before: Fri 16 Feb 2024 12:28:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 45.80.80.0/24 maxlen: 24
45.80.82.0/23 maxlen: 23
45.80.82.0/24 maxlen: 24
45.80.83.0/24 maxlen: 24
45.83.50.0/23 maxlen: 23
45.83.50.0/24 maxlen: 24
45.83.51.0/24 maxlen: 24
80.66.112.0/20 maxlen: 20
80.66.112.0/23 maxlen: 23
80.66.114.0/24 maxlen: 24
80.66.115.0/24 maxlen: 24
80.66.116.0/24 maxlen: 24
80.66.117.0/24 maxlen: 24
80.66.118.0/24 maxlen: 24
80.66.119.0/24 maxlen: 24
80.66.120.0/24 maxlen: 24
80.66.121.0/24 maxlen: 24
80.66.122.0/24 maxlen: 24
80.66.123.0/24 maxlen: 24
80.66.124.0/24 maxlen: 24
80.66.125.0/24 maxlen: 24
80.66.126.0/24 maxlen: 24
80.66.127.0/24 maxlen: 24
89.42.70.0/24 maxlen: 24
89.44.150.0/24 maxlen: 24
89.44.151.0/24 maxlen: 24
94.198.46.0/24 maxlen: 24
94.198.47.0/24 maxlen: 24
178.19.32.0/24 maxlen: 24
178.19.33.0/24 maxlen: 24
178.19.44.0/24 maxlen: 24
178.19.47.0/24 maxlen: 24
185.203.20.0/22 maxlen: 22
185.203.20.0/24 maxlen: 24
185.203.21.0/24 maxlen: 24
185.203.22.0/24 maxlen: 24
185.203.23.0/24 maxlen: 24
185.229.212.0/22 maxlen: 22
185.229.212.0/24 maxlen: 24
185.229.213.0/24 maxlen: 24
185.229.214.0/24 maxlen: 24
185.229.215.0/24 maxlen: 24
185.242.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 04:01:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:e3:a2:4d:f0:a1:63:08:7b:cb:3a:ec:f7:69:58:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Feb 16 12:28:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=060d33dee889403e6cf94169dc136f10176cad5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:01:13:e7:eb:24:3e:91:fd:ed:ef:66:da:90:
fc:78:08:a3:d6:aa:50:87:8d:48:39:8e:45:49:ca:
46:62:ad:4b:45:a1:b0:c5:8e:e1:4b:aa:e1:f8:ac:
00:2e:f3:2c:7b:6a:40:da:bd:f7:0c:b0:4d:b7:b6:
97:88:73:2e:2a:b3:38:90:f4:a9:03:d2:ce:1e:e1:
7d:24:e8:94:61:6e:ce:f4:e5:61:07:a6:96:48:94:
6c:f7:f9:ae:e7:a9:63:b2:8e:bc:6b:b8:bb:c0:51:
d1:e9:44:7a:28:d1:b0:73:20:88:97:47:90:95:fe:
f8:0d:b9:ea:69:4d:95:1b:f5:cc:36:7c:05:6c:2e:
df:2e:59:5e:86:13:1c:50:5f:d4:de:3b:f0:3f:42:
7b:98:5f:57:79:e0:27:d2:d8:d3:b3:92:65:d7:e0:
3b:3c:7e:41:78:28:cf:3e:72:9d:5b:78:c1:7a:27:
21:2c:c8:05:4e:0b:3e:bb:e2:43:9c:bf:22:23:d1:
2f:d7:8a:a4:d1:81:0a:cf:11:f2:4e:8a:c2:18:76:
d6:bd:71:14:0c:37:c5:8f:56:70:44:fb:4c:35:ba:
7f:5c:2e:98:11:78:f1:bf:12:8f:39:97:17:bc:8b:
69:97:55:78:8f:1f:c8:0f:ed:00:f9:7f:95:5c:6d:
46:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:0D:33:DE:E8:89:40:3E:6C:F9:41:69:DC:13:6F:10:17:6C:AD:5F
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/Bg0z3uiJQD5s-UFp3BNvEBdsrV8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.80.0/24
45.80.82.0/23
45.83.50.0/23
80.66.112.0/20
89.42.70.0/24
89.44.150.0/23
94.198.46.0/23
178.19.32.0/23
178.19.44.0/24
178.19.47.0/24
185.203.20.0/22
185.229.212.0/22
185.242.175.0/24
Signature Algorithm: sha256WithRSAEncryption
cd:be:d2:26:d0:8c:a9:de:3e:d8:ab:f4:7a:b7:19:8d:b3:b6:
e9:4e:ad:4a:8b:8b:88:b2:38:6a:b2:88:18:c8:2c:d3:de:96:
45:c1:5e:67:a0:74:04:ee:0f:d5:68:07:1d:ac:5a:e1:2f:b8:
9e:dc:f5:37:e6:6b:f0:4a:ae:2b:39:dd:06:ca:1b:b6:d8:d7:
3a:ee:d2:ce:4f:f9:f5:0e:a4:93:8e:d6:c4:b5:ec:56:70:74:
e8:49:30:6b:62:4d:43:ea:6d:60:3a:af:d5:8a:93:71:fc:f2:
f0:f9:a7:fe:74:c6:f9:93:80:29:b3:41:47:29:7a:71:25:29:
aa:ca:57:11:1c:ff:ce:42:5e:aa:57:67:ef:5c:ec:d0:5a:49:
1b:d3:9a:ab:f6:78:8d:9f:3e:3c:8b:0a:5c:ea:a9:14:8d:3d:
a0:89:6b:8f:98:67:4c:3a:0d:ec:42:64:93:88:98:bd:4a:2d:
11:93:e7:ad:14:66:5c:14:ae:4a:4c:ea:fd:de:a5:91:4e:84:
96:da:11:00:6f:a1:0c:04:e1:01:59:9a:be:28:a5:ff:0c:61:
e7:81:c3:59:83:5e:02:0f:72:2c:8c:08:20:9d:2e:f6:a4:e3:
6e:ac:55:67:92:57:99:f7:4e:d3:3b:f2:80:ef:fd:82:f2:9e:
b5:a3:1c:2f
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAY2x46JN8KFjCHvLOuz3aVjnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMjE2MTIyODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjBkMzNkZWU4ODk0MDNlNmNmOTQxNjlkYzEzNmYxMDE3NmNhZDVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQET5+skPpH97e9m2pD8eAij1qpQ
h41IOY5FScpGYq1LRaGwxY7hS6rh+KwALvMse2pA2r33DLBNt7aXiHMuKrM4kPSp
A9LOHuF9JOiUYW7O9OVhB6aWSJRs9/mu56ljso68a7i7wFHR6UR6KNGwcyCIl0eQ
lf74DbnqaU2VG/XMNnwFbC7fLllehhMcUF/U3jvwP0J7mF9XeeAn0tjTs5Jl1+A7
PH5BeCjPPnKdW3jBeichLMgFTgs+u+JDnL8iI9Ev14qk0YEKzxHyTorCGHbWvXEU
DDfFj1ZwRPtMNbp/XC6YEXjxvxKPOZcXvItpl1V4jx/ID+0A+X+VXG1G5QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFAYNM97oiUA+bPlBadwTbxAXbK1fMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvQmcwejN1aUpRRDVzLVVGcDNCTnZFQmRzclY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQALVBQAwQB
LVBSAwQBLVMyAwQEUEJwAwQAWSpGAwQBWSyWAwQBXsYuAwQBshMgAwQAshMsAwQA
shMvAwQCucsUAwQCueXUAwQAufKvMA0GCSqGSIb3DQEBCwUAA4IBAQDNvtIm0Iyp
3j7Yq/R6txmNs7bpTq1Ki4uIsjhqsogYyCzT3pZFwV5noHQE7g/VaAcdrFrhL7ie
3PU35mvwSq4rOd0Gyhu22Nc67tLOT/n1DqSTjtbEtexWcHToSTBrYk1D6m1gOq/V
ipNx/PLw+af+dMb5k4Aps0FHKXpxJSmqylcRHP/OQl6qV2fvXOzQWkkb05qr9niN
nz48iwpc6qkUjT2giWuPmGdMOg3sQmSTiJi9Si0Rk+etFGZcFK5KTOr93qWRToSW
2hEAb6EMBOEBWZq+KKX/DGHngcNZg14CD3IsjAggnS72pONurFVnkleZ907TO/KA
7/2C8p61oxwv
-----END CERTIFICATE-----
Generated at Fri May 3 12:41:38 2024 by rpki-client on console-fra.rpki-client.org