Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/9b81fe-67d2-4948-b4b1-2b785b72b4f4/1/Bu8cyJfLUMcvrrBgoJFNkK4kRJw.roa
File: Bu8cyJfLUMcvrrBgoJFNkK4kRJw.roa (raw, json)
Hash identifier: 61jQ45zXUQG42MtVg3Qck68+bAmfkz9eWUtrtgcsCN4=
Subject key identifier: 06:EF:1C:C8:97:CB:50:C7:2F:AE:B0:60:A0:91:4D:90:AE:24:44:9C
Certificate issuer: /CN=8f156e69f9444c2b06687256085b6a7a4e9887f6
Certificate serial: 018CC56EA12A42013742798C77E229327C69
Authority key identifier: 8F:15:6E:69:F9:44:4C:2B:06:68:72:56:08:5B:6A:7A:4E:98:87:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jxVuaflETCsGaHJWCFtqek6Yh_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/9b81fe-67d2-4948-b4b1-2b785b72b4f4/1/Bu8cyJfLUMcvrrBgoJFNkK4kRJw.roa
Signing time: Mon 01 Jan 2024 14:30:10 +0000
ROA not before: Mon 01 Jan 2024 14:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51200
IP address blocks: 91.230.137.0/24 maxlen: 24
91.230.136.0/22 maxlen: 22
91.230.136.0/24 maxlen: 24
91.230.139.0/24 maxlen: 24
91.230.138.0/24 maxlen: 24
2001:67c:2b88::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/9b81fe-67d2-4948-b4b1-2b785b72b4f4/1/jxVuaflETCsGaHJWCFtqek6Yh_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/9b81fe-67d2-4948-b4b1-2b785b72b4f4/1/jxVuaflETCsGaHJWCFtqek6Yh_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/jxVuaflETCsGaHJWCFtqek6Yh_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:a1:2a:42:01:37:42:79:8c:77:e2:29:32:7c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f156e69f9444c2b06687256085b6a7a4e9887f6
Validity
Not Before: Jan 1 14:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06ef1cc897cb50c72faeb060a0914d90ae24449c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:50:36:6b:f3:ed:7e:4b:ea:3d:ea:6a:73:4c:
ca:53:e0:ad:4c:af:d4:3f:48:15:b0:c1:31:36:39:
a5:b2:1b:d4:af:89:06:6b:02:fe:9e:99:15:ac:2b:
d8:86:bb:91:d9:c5:5d:5b:7f:e1:6a:b0:12:02:30:
e2:1e:d3:6e:17:1b:62:f4:c9:80:c3:6d:a1:9a:2a:
73:92:16:34:83:e1:c6:a6:a2:e9:98:ea:56:d7:cb:
b6:a6:5a:bb:a6:cb:9b:3d:ce:bc:89:ba:99:2a:dc:
85:04:d3:39:60:d0:18:c6:8d:50:60:5b:d0:ed:fd:
2f:9c:78:9b:64:81:75:a5:d1:7d:6c:be:d6:da:ae:
0b:57:6a:67:e7:d4:e1:cc:6d:65:2b:5a:c8:4b:e0:
4f:bc:c2:76:c1:3f:e5:57:19:2e:d8:0c:98:58:b9:
d5:e7:b9:a1:a5:d3:f1:02:4d:f2:68:14:51:bb:89:
bf:72:bf:10:91:c4:5d:fb:04:73:fd:d1:1a:81:2b:
74:41:f6:5c:d8:df:ec:4a:b5:31:e9:d9:a6:0e:ce:
25:73:8b:ca:04:4a:1f:6e:39:69:b1:f3:12:e2:c2:
15:39:5f:4e:d7:54:51:de:be:c3:32:ab:50:6e:20:
b6:e8:ba:f7:83:14:61:d7:fb:03:95:c1:e5:64:a8:
c1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:EF:1C:C8:97:CB:50:C7:2F:AE:B0:60:A0:91:4D:90:AE:24:44:9C
X509v3 Authority Key Identifier:
keyid:8F:15:6E:69:F9:44:4C:2B:06:68:72:56:08:5B:6A:7A:4E:98:87:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jxVuaflETCsGaHJWCFtqek6Yh_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9b81fe-67d2-4948-b4b1-2b785b72b4f4/1/Bu8cyJfLUMcvrrBgoJFNkK4kRJw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/9b81fe-67d2-4948-b4b1-2b785b72b4f4/1/jxVuaflETCsGaHJWCFtqek6Yh_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.136.0/22
IPv6:
2001:67c:2b88::/48
Signature Algorithm: sha256WithRSAEncryption
87:97:d0:09:c7:d2:9a:e2:99:d8:f1:c5:aa:96:0f:0b:9f:ce:
b4:94:37:cf:d0:d6:2a:66:d4:55:d4:3f:f2:a8:3c:11:bc:ed:
4d:83:e5:53:38:06:91:37:11:7c:57:72:d3:f4:76:a5:1b:b7:
26:e0:17:9c:7c:cb:f6:42:bb:c9:e5:62:68:11:b3:71:32:80:
c1:97:40:c4:62:85:f8:c3:5f:e2:74:87:cf:1a:a0:ad:3b:be:
09:77:4d:fc:aa:14:e7:00:a3:0c:fd:58:8a:e0:1e:db:7e:c2:
b0:6c:e4:f9:82:65:3b:ea:b9:e1:8a:2a:d0:2a:b2:2b:e0:4f:
e2:2c:ca:5c:bc:99:51:34:a9:e5:b8:c6:13:df:01:07:fe:9e:
d1:da:23:b4:0a:4d:ca:dd:9f:00:63:a3:34:0c:b0:0e:99:bc:
98:82:df:50:48:00:5c:1a:04:6b:f8:63:eb:ca:fe:cb:75:a7:
2b:b9:a2:26:e0:54:8e:5d:7d:98:d3:6f:4a:ec:81:2d:a3:e8:
f7:dd:cd:9c:54:c3:c5:b6:37:1c:6d:3b:5c:7e:25:d3:79:3b:
d2:53:06:a2:33:87:70:c5:0b:a6:43:ad:a9:dc:9e:2b:4d:16:
74:2b:21:0e:3c:a6:b8:d0:51:29:e7:ec:59:81:24:c2:ea:0a:
42:57:72:fc
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzFbqEqQgE3QnmMd+IpMnxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmMTU2ZTY5Zjk0NDRjMmIwNjY4NzI1NjA4NWI2YTdhNGU5
ODg3ZjYwHhcNMjQwMTAxMTQzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmVmMWNjODk3Y2I1MGM3MmZhZWIwNjBhMDkxNGQ5MGFlMjQ0NDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn1A2a/PtfkvqPepqc0zKU+CtTK/U
P0gVsMExNjmlshvUr4kGawL+npkVrCvYhruR2cVdW3/harASAjDiHtNuFxti9MmA
w22hmipzkhY0g+HGpqLpmOpW18u2plq7psubPc68ibqZKtyFBNM5YNAYxo1QYFvQ
7f0vnHibZIF1pdF9bL7W2q4LV2pn59ThzG1lK1rIS+BPvMJ2wT/lVxku2AyYWLnV
57mhpdPxAk3yaBRRu4m/cr8QkcRd+wRz/dEagSt0QfZc2N/sSrUx6dmmDs4lc4vK
BEofbjlpsfMS4sIVOV9O11RR3r7DMqtQbiC26Lr3gxRh1/sDlcHlZKjBGQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFAbvHMiXy1DHL66wYKCRTZCuJEScMB8GA1UdIwQY
MBaAFI8Vbmn5REwrBmhyVghbanpOmIf2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanhWdWFmbEVUQ3NHYUhKV0NGdHFlazZZaF9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85YjgxZmUtNjdkMi00OTQ4LWI0YjEt
MmI3ODViNzJiNGY0LzEvQnU4Y3lKZkxVTWN2cnJCZ29KRk5rSzRrUkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85YjgxZmUtNjdkMi00OTQ4LWI0YjEtMmI3ODViNzJiNGY0
LzEvanhWdWFmbEVUQ3NHYUhKV0NGdHFlazZZaF9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCW+aIMA8E
AgACMAkDBwAgAQZ8K4gwDQYJKoZIhvcNAQELBQADggEBAIeX0AnH0primdjxxaqW
DwufzrSUN8/Q1ipm1FXUP/KoPBG87U2D5VM4BpE3EXxXctP0dqUbtybgF5x8y/ZC
u8nlYmgRs3EygMGXQMRihfjDX+J0h88aoK07vgl3TfyqFOcAowz9WIrgHtt+wrBs
5PmCZTvqueGKKtAqsivgT+Isyly8mVE0qeW4xhPfAQf+ntHaI7QKTcrdnwBjozQM
sA6ZvJiC31BIAFwaBGv4Y+vK/st1pyu5oibgVI5dfZjTb0rsgS2j6PfdzZxUw8W2
NxxtO1x+JdN5O9JTBqIzh3DFC6ZDrancnitNFnQrIQ48prjQUSnn7FmBJMLqCkJX
cvw=
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:49:14 2024 by rpki-client on console-fra.rpki-client.org