Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/a3_BFszAvia-9yDMR2mo_oz3iUQ.roa
File: a3_BFszAvia-9yDMR2mo_oz3iUQ.roa (raw, json)
Hash identifier: GLw5LQvU9pm53TeCNj1uUR5mMhlL//uZLUSCQNUGRwg=
Subject key identifier: 6B:7F:C1:16:CC:C0:BE:26:BE:F7:20:CC:47:69:A8:FE:8C:F7:89:44
Certificate issuer: /CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Certificate serial: 018CCA2A26C20AF82454560D3F098D032904
Authority key identifier: 5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/a3_BFszAvia-9yDMR2mo_oz3iUQ.roa
Signing time: Tue 02 Jan 2024 12:33:29 +0000
ROA not before: Tue 02 Jan 2024 12:33:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203558
IP address blocks: 188.75.71.0/24 maxlen: 24
188.75.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:26:c2:0a:f8:24:54:56:0d:3f:09:8d:03:29:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5b698c4b612afee2cbb1cdd509e4f0246fbb80e1
Validity
Not Before: Jan 2 12:33:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b7fc116ccc0be26bef720cc4769a8fe8cf78944
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b4:6d:76:47:bd:9d:f3:0a:52:e1:79:75:9f:
6c:6f:4d:e5:93:54:77:e2:45:ac:ee:68:86:04:17:
b7:8b:0f:47:ed:3f:b6:58:66:94:c6:98:de:8a:d9:
c0:6e:06:fe:aa:e1:c7:52:dd:44:26:f3:38:fc:99:
86:f3:cd:3f:78:be:dd:1e:9f:55:66:64:bc:43:6c:
0e:b2:15:e4:ec:aa:6d:e3:ed:e3:c7:82:93:8a:58:
9b:bc:ec:7a:75:19:32:68:9a:96:2f:f5:ac:18:68:
ef:b5:2e:c6:ae:d3:ac:f3:67:39:3e:39:00:d7:b9:
f3:4d:9c:ca:91:b3:09:00:44:c3:b2:76:c6:ed:90:
47:55:8a:b6:40:4d:25:95:25:6b:d4:db:ba:77:4f:
fd:a8:d4:89:23:fc:16:b8:75:59:22:53:93:a7:d4:
fe:74:1b:05:ba:13:d4:5f:47:b5:ab:19:a3:f7:69:
a2:7b:05:29:cd:e0:78:f5:d7:e1:53:28:b8:66:7d:
8e:52:db:84:c7:a3:e7:d2:9b:e3:d1:07:6f:1e:d8:
d6:6e:bf:a9:87:57:9e:d8:14:8c:db:93:ec:aa:09:
14:69:45:3c:bb:7c:f2:d8:9e:1e:fc:b8:b5:6f:49:
fa:1e:e0:3a:56:22:01:9b:e7:0b:d4:6e:89:de:36:
79:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:7F:C1:16:CC:C0:BE:26:BE:F7:20:CC:47:69:A8:FE:8C:F7:89:44
X509v3 Authority Key Identifier:
keyid:5B:69:8C:4B:61:2A:FE:E2:CB:B1:CD:D5:09:E4:F0:24:6F:BB:80:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/a3_BFszAvia-9yDMR2mo_oz3iUQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/c16f55-b44d-40c3-9dac-cc2fafe3a8b4/1/W2mMS2Eq_uLLsc3VCeTwJG-7gOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.75.71.0/24
188.75.109.0/24
Signature Algorithm: sha256WithRSAEncryption
18:b9:de:b0:d9:39:2c:92:2c:d0:fb:71:b0:27:34:d2:2c:5e:
99:00:51:6a:02:2e:f8:cf:1f:cf:54:be:45:c2:d3:12:88:9c:
34:23:48:fd:9b:b4:a7:3d:e7:1a:c3:01:4b:93:33:3c:09:c0:
97:e5:f6:c6:a8:7e:25:17:98:41:b5:10:09:cc:f1:80:bc:04:
df:ae:46:35:56:53:a4:a1:ed:ad:75:64:71:4d:4c:ae:2d:b3:
ba:56:00:f9:24:58:67:bf:d7:67:ba:37:2e:d5:00:8f:88:01:
60:c0:b8:37:c1:86:78:2b:d9:ed:7a:4a:52:f8:77:09:7e:70:
05:f3:61:32:45:41:bf:81:99:e7:e4:a7:d9:37:b1:eb:d1:95:
2e:85:ab:86:9f:56:6b:cc:6d:56:5b:56:fd:fa:3e:f0:ff:73:
88:ff:e8:c0:07:84:30:dc:76:59:3c:d6:20:25:5a:61:cc:bf:
6e:8a:39:a6:05:92:8d:9f:a5:5b:24:13:38:1d:ea:49:83:4c:
bb:ff:37:df:81:06:a6:eb:df:6d:99:ab:b9:d6:08:62:45:a6:
a2:7c:1d:14:04:41:18:e1:8d:68:8d:3a:eb:59:8f:d3:3a:3c:
0b:db:eb:28:a2:fd:ca:06:36:27:ad:0e:33:65:95:01:43:d7:
1c:70:f0:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKibCCvgkVFYNPwmNAykEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViNjk4YzRiNjEyYWZlZTJjYmIxY2RkNTA5ZTRmMDI0NmZi
YjgwZTEwHhcNMjQwMTAyMTIzMzI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjdmYzExNmNjYzBiZTI2YmVmNzIwY2M0NzY5YThmZThjZjc4OTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7Rtdke9nfMKUuF5dZ9sb03lk1R3
4kWs7miGBBe3iw9H7T+2WGaUxpjeitnAbgb+quHHUt1EJvM4/JmG880/eL7dHp9V
ZmS8Q2wOshXk7Kpt4+3jx4KTilibvOx6dRkyaJqWL/WsGGjvtS7GrtOs82c5PjkA
17nzTZzKkbMJAETDsnbG7ZBHVYq2QE0llSVr1Nu6d0/9qNSJI/wWuHVZIlOTp9T+
dBsFuhPUX0e1qxmj92miewUpzeB49dfhUyi4Zn2OUtuEx6Pn0pvj0QdvHtjWbr+p
h1ee2BSM25PsqgkUaUU8u3zy2J4e/Li1b0n6HuA6ViIBm+cL1G6J3jZ5owIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGt/wRbMwL4mvvcgzEdpqP6M94lEMB8GA1UdIwQY
MBaAFFtpjEthKv7iy7HN1Qnk8CRvu4DhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMt
Y2MyZmFmZTNhOGI0LzEvYTNfQkZzekF2aWEtOXlETVIybW9fb3ozaVVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS9jMTZmNTUtYjQ0ZC00MGMzLTlkYWMtY2MyZmFmZTNhOGI0
LzEvVzJtTVMyRXFfdUxMc2MzVkNlVHdKRy03Z09FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvEtHAwQA
vEttMA0GCSqGSIb3DQEBCwUAA4IBAQAYud6w2TkskizQ+3GwJzTSLF6ZAFFqAi74
zx/PVL5FwtMSiJw0I0j9m7SnPecawwFLkzM8CcCX5fbGqH4lF5hBtRAJzPGAvATf
rkY1VlOkoe2tdWRxTUyuLbO6VgD5JFhnv9dnujcu1QCPiAFgwLg3wYZ4K9ntekpS
+HcJfnAF82EyRUG/gZnn5KfZN7Hr0ZUuhauGn1ZrzG1WW1b9+j7w/3OI/+jAB4Qw
3HZZPNYgJVphzL9uijmmBZKNn6VbJBM4HepJg0y7/zffgQam699tmau51ghiRaai
fB0UBEEY4Y1ojTrrWY/TOjwL2+soov3KBjYnrQ4zZZUBQ9cccPCG
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:08 2024 by rpki-client on console-fra.rpki-client.org