Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/bNmCIGJ_pz6ijntNuWixDLoff7I.roa
File: bNmCIGJ_pz6ijntNuWixDLoff7I.roa (raw, json)
Hash identifier: qTNoBHtFC4WQFeRpITpsK0ecQM89SP3DzjpT28M628E=
Subject key identifier: 6C:D9:82:20:62:7F:A7:3E:A2:8E:7B:4D:B9:68:B1:0C:BA:1F:7F:B2
Certificate issuer: /CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Certificate serial: 01919E5BCEF1FD07B5618B3EAB48CE7C10F7
Authority key identifier: 8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/bNmCIGJ_pz6ijntNuWixDLoff7I.roa
Signing time: Thu 29 Aug 2024 13:38:22 +0000
ROA not before: Thu 29 Aug 2024 13:38:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5482
IP address blocks: 31.22.12.0/22 maxlen: 24
37.48.224.0/24 maxlen: 24
37.48.229.0/24 maxlen: 24
37.48.230.0/24 maxlen: 24
51.179.192.0/18 maxlen: 24
62.64.128.0/21 maxlen: 24
62.64.136.0/22 maxlen: 24
62.64.144.0/20 maxlen: 24
141.195.128.0/19 maxlen: 24
141.195.136.0/21 maxlen: 24
141.195.144.0/21 maxlen: 24
185.102.148.0/22 maxlen: 24
188.74.64.0/19 maxlen: 24
212.132.160.0/19 maxlen: 24
217.142.64.0/18 maxlen: 24
217.168.248.0/21 maxlen: 24
2a04:c880::/32 maxlen: 48
2a05:87c0::/29 maxlen: 48
2a0f:9d80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/jBhqVuqEwTxidoqdF7rhM87fEEU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/jBhqVuqEwTxidoqdF7rhM87fEEU.mft
rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 04 Dec 2024 13:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9e:5b:ce:f1:fd:07:b5:61:8b:3e:ab:48:ce:7c:10:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c186a56ea84c13c62768a9d17bae133cedf1045
Validity
Not Before: Aug 29 13:38:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6cd98220627fa73ea28e7b4db968b10cba1f7fb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:23:6f:58:82:ee:7a:82:d4:93:e9:f0:69:d2:
52:e8:15:4f:98:a7:bf:ba:93:de:c7:88:49:95:f3:
f6:6b:7c:d5:a7:5c:6d:d6:5e:f3:0a:98:30:8a:1a:
87:2d:24:bc:1c:2b:08:5b:2e:48:2c:e9:96:fc:23:
c8:14:0b:38:b5:b2:d8:75:c0:e2:77:61:93:c5:bd:
fe:90:da:f0:e0:5b:b5:63:6f:be:4f:4a:03:99:c4:
3e:20:0d:4e:e2:0c:1b:a1:6e:12:82:85:b0:15:e0:
a6:1d:68:4b:5b:75:47:0c:12:e4:99:88:9a:e3:79:
c1:67:ce:a2:e9:db:0d:a8:ce:5e:9d:9d:f3:ce:46:
0e:a1:f9:22:b2:bd:88:56:79:86:16:e2:89:05:78:
21:56:e1:04:ba:f2:1a:8d:3b:de:c3:5a:62:00:0b:
d3:c3:df:71:9d:3b:17:b8:c1:35:a6:b6:8d:a0:2c:
ed:56:25:63:24:12:0f:dc:7e:65:eb:aa:2b:54:85:
29:4a:ca:e9:da:8b:42:f9:bc:83:96:75:dc:e8:0b:
5e:8a:3f:da:f4:1e:7c:8c:17:84:50:aa:fa:d0:3a:
b3:2c:d8:d6:e0:43:2b:5d:59:15:0a:31:eb:d1:da:
fe:81:3f:aa:f3:fc:76:8a:25:fe:2d:f7:20:05:ba:
9d:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:D9:82:20:62:7F:A7:3E:A2:8E:7B:4D:B9:68:B1:0C:BA:1F:7F:B2
X509v3 Authority Key Identifier:
keyid:8C:18:6A:56:EA:84:C1:3C:62:76:8A:9D:17:BA:E1:33:CE:DF:10:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jBhqVuqEwTxidoqdF7rhM87fEEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/bNmCIGJ_pz6ijntNuWixDLoff7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/c8ec95-b5f5-44fb-b93d-2092af647070/1/jBhqVuqEwTxidoqdF7rhM87fEEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.22.12.0/22
37.48.224.0/24
37.48.229.0-37.48.230.255
51.179.192.0/18
62.64.128.0-62.64.139.255
62.64.144.0/20
141.195.128.0/19
185.102.148.0/22
188.74.64.0/19
212.132.160.0/19
217.142.64.0/18
217.168.248.0/21
IPv6:
2a04:c880::/32
2a05:87c0::/29
2a0f:9d80::/32
Signature Algorithm: sha256WithRSAEncryption
85:9a:ea:f7:0d:79:0d:fd:27:2c:61:1d:73:0c:fd:93:57:b0:
ed:6b:58:c0:a5:93:62:28:59:2e:45:a3:dc:f7:a1:b6:c1:b5:
32:ad:60:49:63:0b:70:81:ed:30:ca:56:c2:25:0f:a5:eb:46:
5e:4f:59:41:43:7b:07:ca:65:49:f4:7c:fe:16:65:32:49:b7:
d7:fc:32:ed:5a:9d:21:72:a2:0a:a8:52:40:e1:66:18:7a:ec:
5e:47:77:f1:bc:70:80:29:07:12:b9:ba:fa:e9:f2:38:7b:6d:
6a:f4:86:5a:2b:88:56:98:39:62:61:f0:e8:ef:b2:0f:5b:65:
33:69:df:b8:a0:3b:43:2e:db:d7:29:98:b6:0a:83:80:57:15:
96:14:01:b9:9f:e1:cf:44:0a:04:94:da:7e:d8:b1:9c:f9:b1:
14:81:b7:9d:be:f5:d4:b2:a9:80:69:76:cb:1e:7c:a2:0b:9e:
83:c4:55:da:fd:55:12:8d:8f:52:bd:78:0a:58:3e:65:a8:43:
a1:b6:11:c5:6d:93:92:ae:d9:12:7b:d9:2a:8b:0e:19:08:e6:
d5:1d:55:17:aa:bc:28:87:55:34:a8:46:de:4f:76:cc:3d:38:
6f:5f:54:34:24:02:a3:c1:bf:68:52:d3:dc:7b:42:c1:88:3c:
59:0d:ee:ef
-----BEGIN CERTIFICATE-----
MIIFbTCCBFWgAwIBAgISAZGeW87x/Qe1YYs+q0jOfBD3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjMTg2YTU2ZWE4NGMxM2M2Mjc2OGE5ZDE3YmFlMTMzY2Vk
ZjEwNDUwHhcNMjQwODI5MTMzODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2Q5ODIyMDYyN2ZhNzNlYTI4ZTdiNGRiOTY4YjEwY2JhMWY3ZmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqyNvWILueoLUk+nwadJS6BVPmKe/
upPex4hJlfP2a3zVp1xt1l7zCpgwihqHLSS8HCsIWy5ILOmW/CPIFAs4tbLYdcDi
d2GTxb3+kNrw4Fu1Y2++T0oDmcQ+IA1O4gwboW4SgoWwFeCmHWhLW3VHDBLkmYia
43nBZ86i6dsNqM5enZ3zzkYOofkisr2IVnmGFuKJBXghVuEEuvIajTvew1piAAvT
w99xnTsXuME1praNoCztViVjJBIP3H5l66orVIUpSsrp2otC+byDlnXc6Ateij/a
9B58jBeEUKr60DqzLNjW4EMrXVkVCjHr0dr+gT+q8/x2iiX+LfcgBbqd3wIDAQAB
o4ICeTCCAnUwHQYDVR0OBBYEFGzZgiBif6c+oo57TblosQy6H3+yMB8GA1UdIwQY
MBaAFIwYalbqhME8YnaKnRe64TPO3xBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2Qt
MjA5MmFmNjQ3MDcwLzEvYk5tQ0lHSl9wejZpam50TnVXaXhETG9mZjdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi9jOGVjOTUtYjVmNS00NGZiLWI5M2QtMjA5MmFmNjQ3MDcw
LzEvakJocVZ1cUV3VHhpZG9xZEY3cmhNODdmRUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGOBggrBgEFBQcBBwEB/wR/MH0wXgQCAAEwWAMEAh8WDAME
ACUw4DAMAwQAJTDlAwQAJTDmAwQGM7PAMAwDBAc+QIADBAI+QIgDBAQ+QJADBAWN
w4ADBAK5ZpQDBAW8SkADBAXUhKADBAbZjkADBAPZqPgwGwQCAAIwFQMFACoEyIAD
BQMqBYfAAwUAKg+dgDANBgkqhkiG9w0BAQsFAAOCAQEAhZrq9w15Df0nLGEdcwz9
k1ew7WtYwKWTYihZLkWj3PehtsG1Mq1gSWMLcIHtMMpWwiUPpetGXk9ZQUN7B8pl
SfR8/hZlMkm31/wy7VqdIXKiCqhSQOFmGHrsXkd38bxwgCkHErm6+unyOHttavSG
WiuIVpg5YmHw6O+yD1tlM2nfuKA7Qy7b1ymYtgqDgFcVlhQBuZ/hz0QKBJTaftix
nPmxFIG3nb711LKpgGl2yx58ogueg8RV2v1VEo2PUr14Clg+ZahDobYRxW2Tkq7Z
EnvZKosOGQjm1R1VF6q8KIdVNKhG3k92zD04b19UNCQCo8G/aFLT3HtCwYg8WQ3u
7w==
-----END CERTIFICATE-----
Generated at Tue Dec 3 17:36:25 2024 by rpki-client on console-ams.rpki-client.org