Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/e8c264-be46-46f1-928e-48c10a978bd0/1/Bo-sWGao0vLZibgrH135PxDHCiA.roa
File: Bo-sWGao0vLZibgrH135PxDHCiA.roa (raw, json)
Hash identifier: Rjn3SitSgLr1a2JhobjRpELJcOTbfqGprsUE3jlPZck=
Subject key identifier: 06:8F:AC:58:66:A8:D2:F2:D9:89:B8:2B:1F:5D:F9:3F:10:C7:0A:20
Certificate issuer: /CN=ba443d86435578576b4231555a0ed213f522bef3
Certificate serial: 018CC2DAE223E77EE7E4C73EE7F5FA4258F4
Authority key identifier: BA:44:3D:86:43:55:78:57:6B:42:31:55:5A:0E:D2:13:F5:22:BE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ukQ9hkNVeFdrQjFVWg7SE_UivvM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/e8c264-be46-46f1-928e-48c10a978bd0/1/Bo-sWGao0vLZibgrH135PxDHCiA.roa
Signing time: Mon 01 Jan 2024 02:29:33 +0000
ROA not before: Mon 01 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20914
IP address blocks: 80.76.0.0/21 maxlen: 21
2a00:ce8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/e8c264-be46-46f1-928e-48c10a978bd0/1/ukQ9hkNVeFdrQjFVWg7SE_UivvM.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/e8c264-be46-46f1-928e-48c10a978bd0/1/ukQ9hkNVeFdrQjFVWg7SE_UivvM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ukQ9hkNVeFdrQjFVWg7SE_UivvM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e2:23:e7:7e:e7:e4:c7:3e:e7:f5:fa:42:58:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba443d86435578576b4231555a0ed213f522bef3
Validity
Not Before: Jan 1 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=068fac5866a8d2f2d989b82b1f5df93f10c70a20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:43:6a:73:47:1a:06:78:bf:82:3d:93:e4:fb:
d4:22:28:a4:7c:e8:6f:34:8e:27:6e:9d:58:79:3e:
bf:ee:86:79:cf:7b:6e:f7:43:b0:de:04:12:78:61:
3d:ef:6d:35:a4:22:3f:74:97:f3:76:3f:bf:1f:ef:
22:94:9a:5a:25:26:59:bd:85:ca:c0:ac:61:07:ce:
51:15:b3:32:7f:06:f5:2e:9f:55:b0:94:f2:d3:63:
3c:87:9f:d9:40:dd:55:9a:d3:00:5c:71:00:16:55:
8a:bb:09:c4:0b:c2:de:14:c6:ce:d0:59:19:be:c1:
5e:5e:3e:a7:d4:14:42:c1:89:9d:1c:5c:55:6f:e1:
b8:df:b7:fa:70:3e:9b:7a:ca:52:12:52:f2:33:61:
1b:43:c2:40:1a:4b:cb:0d:4f:1b:bc:77:b2:59:80:
6e:8f:b4:5f:9d:66:74:06:70:ea:bf:39:6f:76:c0:
cb:84:64:b1:f3:0c:ba:a3:8c:74:d3:30:0b:ad:85:
47:da:22:7b:04:a4:1e:9b:3e:7e:74:e1:0f:3d:68:
5c:52:2a:11:c7:2c:40:d0:db:ac:cd:1e:9b:65:d4:
16:b9:3c:fe:f8:0c:cc:cb:8e:68:e0:38:93:76:23:
ea:65:40:76:f1:6a:90:27:f9:2d:4c:33:56:09:dd:
5b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:8F:AC:58:66:A8:D2:F2:D9:89:B8:2B:1F:5D:F9:3F:10:C7:0A:20
X509v3 Authority Key Identifier:
keyid:BA:44:3D:86:43:55:78:57:6B:42:31:55:5A:0E:D2:13:F5:22:BE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ukQ9hkNVeFdrQjFVWg7SE_UivvM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e8c264-be46-46f1-928e-48c10a978bd0/1/Bo-sWGao0vLZibgrH135PxDHCiA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/e8c264-be46-46f1-928e-48c10a978bd0/1/ukQ9hkNVeFdrQjFVWg7SE_UivvM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.0.0/21
IPv6:
2a00:ce8::/32
Signature Algorithm: sha256WithRSAEncryption
20:1b:d8:31:7d:5c:e9:ab:1d:ec:75:e1:eb:cc:bb:19:28:93:
36:6e:d2:f3:18:cb:37:6b:42:ea:b0:a2:58:ca:f4:56:cf:8d:
05:c9:bb:c6:04:55:5a:57:b7:fd:88:1d:1c:61:8e:fd:59:8c:
dc:68:ab:01:3e:a9:09:43:bc:d6:03:02:7e:8a:05:5e:84:99:
59:4b:bb:2d:5e:26:58:75:74:45:4f:94:c9:20:8c:3b:d0:bc:
7d:df:51:3c:09:7f:1c:6a:8b:fb:31:f7:5d:21:34:e9:1e:e1:
ab:36:7b:02:e5:de:80:10:d6:be:88:fb:93:90:2f:dc:92:e0:
a6:32:9e:69:ab:ab:fc:a6:84:bc:b2:8a:93:7e:9d:3d:50:d6:
02:ed:43:12:b5:3e:2f:f0:93:ae:1b:ef:3c:a8:c4:83:37:6c:
8c:f4:38:79:ee:57:9e:be:b5:63:b5:89:91:29:6a:5c:35:33:
ca:b6:bd:b5:b4:4a:be:2c:d4:8d:58:5c:a0:64:0e:34:bd:d4:
5f:cd:29:be:27:e1:9c:53:96:aa:12:8a:a1:c1:3e:eb:cf:e2:
bc:95:4a:be:b3:ec:d2:71:c6:f1:46:80:91:99:a6:05:1e:59:
96:35:4a:e5:84:b7:91:1d:2f:e3:91:f6:7d:18:e3:74:ac:ec:
83:6e:7f:e7
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2uIj537n5Mc+5/X6Qlj0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNDQzZDg2NDM1NTc4NTc2YjQyMzE1NTVhMGVkMjEzZjUy
MmJlZjMwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjhmYWM1ODY2YThkMmYyZDk4OWI4MmIxZjVkZjkzZjEwYzcwYTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykNqc0caBni/gj2T5PvUIiikfOhv
NI4nbp1YeT6/7oZ5z3tu90Ow3gQSeGE97201pCI/dJfzdj+/H+8ilJpaJSZZvYXK
wKxhB85RFbMyfwb1Lp9VsJTy02M8h5/ZQN1VmtMAXHEAFlWKuwnEC8LeFMbO0FkZ
vsFeXj6n1BRCwYmdHFxVb+G437f6cD6bespSElLyM2EbQ8JAGkvLDU8bvHeyWYBu
j7RfnWZ0BnDqvzlvdsDLhGSx8wy6o4x00zALrYVH2iJ7BKQemz5+dOEPPWhcUioR
xyxA0NuszR6bZdQWuTz++AzMy45o4DiTdiPqZUB28WqQJ/ktTDNWCd1bPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAaPrFhmqNLy2Ym4Kx9d+T8QxwogMB8GA1UdIwQY
MBaAFLpEPYZDVXhXa0IxVVoO0hP1Ir7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWtROWhrTlZlRmRyUWpGVldnN1NFX1VpdnZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi9lOGMyNjQtYmU0Ni00NmYxLTkyOGUt
NDhjMTBhOTc4YmQwLzEvQm8tc1dHYW8wdkxaaWJnckgxMzVQeERIQ2lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi9lOGMyNjQtYmU0Ni00NmYxLTkyOGUtNDhjMTBhOTc4YmQw
LzEvdWtROWhrTlZlRmRyUWpGVldnN1NFX1VpdnZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDUEwAMA0E
AgACMAcDBQAqAAzoMA0GCSqGSIb3DQEBCwUAA4IBAQAgG9gxfVzpqx3sdeHrzLsZ
KJM2btLzGMs3a0LqsKJYyvRWz40FybvGBFVaV7f9iB0cYY79WYzcaKsBPqkJQ7zW
AwJ+igVehJlZS7stXiZYdXRFT5TJIIw70Lx931E8CX8caov7MfddITTpHuGrNnsC
5d6AENa+iPuTkC/ckuCmMp5pq6v8poS8soqTfp09UNYC7UMStT4v8JOuG+88qMSD
N2yM9Dh57leevrVjtYmRKWpcNTPKtr21tEq+LNSNWFygZA40vdRfzSm+J+GcU5aq
EoqhwT7rz+K8lUq+s+zSccbxRoCRmaYFHlmWNUrlhLeRHS/jkfZ9GON0rOyDbn/n
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:12:24 2024 by rpki-client on console-fra.rpki-client.org