Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/BVBQIXEajc59H-aOalkOI6tCRvk.roa
File: BVBQIXEajc59H-aOalkOI6tCRvk.roa (raw, json)
Hash identifier: NfZP3p418w62gnkyUn/m/cQXZViYvytPq5eqjeMxzic=
Subject key identifier: 05:50:50:21:71:1A:8D:CE:7D:1F:E6:8E:6A:59:0E:23:AB:42:46:F9
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 018CCA2A6D3CAD34A13DFF459296DCD162D5
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/BVBQIXEajc59H-aOalkOI6tCRvk.roa
Signing time: Tue 02 Jan 2024 12:33:47 +0000
ROA not before: Tue 02 Jan 2024 12:33:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51089
IP address blocks: 185.218.4.0/22 maxlen: 24
185.218.6.0/24 maxlen: 24
185.218.7.0/24 maxlen: 24
185.218.6.0/23 maxlen: 23
31.25.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:6d:3c:ad:34:a1:3d:ff:45:92:96:dc:d1:62:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Jan 2 12:33:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05505021711a8dce7d1fe68e6a590e23ab4246f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:a8:44:b3:25:24:ab:39:de:6f:e4:44:e6:61:
55:73:6e:ce:ee:cc:71:45:8a:fb:59:04:e2:fb:1c:
8f:c8:41:25:9c:d8:ea:56:30:c0:ba:a1:2d:f0:3a:
fd:b3:50:52:33:ea:a1:6e:c0:1e:03:ad:c1:3e:63:
a1:e8:c3:1f:0d:ef:7d:06:96:04:ed:bb:6e:2d:5a:
5a:25:83:74:d4:a4:e0:fa:76:b7:cb:e7:13:ad:47:
60:50:ef:97:de:1b:aa:fe:a7:40:b0:bc:bd:92:f3:
14:e4:22:31:a3:8f:60:c4:d6:46:fc:28:9e:66:cd:
36:9f:0f:ea:d6:37:3c:a5:bf:1f:9b:be:a7:7e:e2:
6b:d5:e8:48:b5:2e:2a:e9:34:70:d0:77:52:e4:3e:
b4:8a:68:5c:6a:b0:f6:64:bb:0f:71:1a:63:8d:f6:
1e:f0:75:c8:c1:f1:a8:52:c2:6e:4e:a5:8d:33:96:
ae:9a:af:77:36:b9:26:a0:28:96:9d:92:55:0b:a4:
91:aa:6d:ec:68:e9:33:90:94:0c:bd:15:96:61:6e:
8b:4e:34:16:8e:d1:01:1e:13:75:75:86:7d:24:49:
cc:8d:b8:8d:2f:78:27:52:a1:2a:56:10:da:be:58:
47:59:52:03:76:76:87:b3:ff:6c:17:0d:16:fd:68:
6b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:50:50:21:71:1A:8D:CE:7D:1F:E6:8E:6A:59:0E:23:AB:42:46:F9
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/BVBQIXEajc59H-aOalkOI6tCRvk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.88.0/24
185.218.4.0/22
Signature Algorithm: sha256WithRSAEncryption
40:24:44:9d:d0:11:36:a1:d8:18:86:72:4e:5c:1c:a8:70:4c:
1d:2a:9b:35:33:5b:fb:be:b6:be:43:e2:e2:30:78:6c:a5:29:
fb:3a:94:61:80:2e:c0:91:85:5d:a8:ef:24:15:4f:ea:8f:25:
e2:8b:04:63:81:f7:64:82:3b:06:16:f0:dd:0b:93:a7:c7:f2:
1c:50:86:cf:18:7d:63:4e:cb:95:c4:3a:02:ea:e6:61:d1:68:
70:2b:f1:17:b3:1a:ca:60:8c:a8:c1:a8:de:2f:6d:a7:bd:74:
34:67:19:c7:e5:fb:6c:11:a8:d6:f2:76:4c:de:70:cf:77:74:
bc:d4:cd:38:8b:08:df:66:39:ef:1e:13:86:2c:b3:82:36:e5:
c5:b1:fa:c0:72:b5:d1:70:f8:5e:41:6a:ef:ff:7f:de:b5:02:
43:f6:5d:92:7b:c2:38:90:c8:4c:4d:74:48:df:78:34:17:b8:
33:da:c4:63:49:db:fa:84:f3:c3:bc:c2:5d:cf:af:40:06:32:
f2:51:50:ad:7c:c5:fa:85:f0:bf:b6:55:d7:4d:3b:e9:ba:00:
f9:f8:8d:3a:53:18:49:4b:57:30:fd:ca:c5:98:b5:94:69:1e:
d2:d9:42:d5:7c:ae:bd:79:2b:1f:69:1d:76:db:ac:8e:d7:38:
9f:fd:b6:00
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKKm08rTShPf9Fkpbc0WLVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjQwMTAyMTIzMzQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTUwNTAyMTcxMWE4ZGNlN2QxZmU2OGU2YTU5MGUyM2FiNDI0NmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlKhEsyUkqzneb+RE5mFVc27O7sxx
RYr7WQTi+xyPyEElnNjqVjDAuqEt8Dr9s1BSM+qhbsAeA63BPmOh6MMfDe99BpYE
7btuLVpaJYN01KTg+na3y+cTrUdgUO+X3huq/qdAsLy9kvMU5CIxo49gxNZG/Cie
Zs02nw/q1jc8pb8fm76nfuJr1ehItS4q6TRw0HdS5D60imhcarD2ZLsPcRpjjfYe
8HXIwfGoUsJuTqWNM5aumq93NrkmoCiWnZJVC6SRqm3saOkzkJQMvRWWYW6LTjQW
jtEBHhN1dYZ9JEnMjbiNL3gnUqEqVhDavlhHWVIDdnaHs/9sFw0W/WhrHQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAVQUCFxGo3OfR/mjmpZDiOrQkb5MB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvQlZCUUlYRWFqYzU5SC1hT2Fsa09JNnRDUnZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAHxlYAwQC
udoEMA0GCSqGSIb3DQEBCwUAA4IBAQBAJESd0BE2odgYhnJOXByocEwdKps1M1v7
vra+Q+LiMHhspSn7OpRhgC7AkYVdqO8kFU/qjyXiiwRjgfdkgjsGFvDdC5Onx/Ic
UIbPGH1jTsuVxDoC6uZh0WhwK/EXsxrKYIyowajeL22nvXQ0ZxnH5ftsEajW8nZM
3nDPd3S81M04iwjfZjnvHhOGLLOCNuXFsfrAcrXRcPheQWrv/3/etQJD9l2Se8I4
kMhMTXRI33g0F7gz2sRjSdv6hPPDvMJdz69ABjLyUVCtfMX6hfC/tlXXTTvpugD5
+I06UxhJS1cw/crFmLWUaR7S2ULVfK69eSsfaR1226yO1zif/bYA
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:42:51 2024 by rpki-client on console-fra.rpki-client.org