Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/02445c-81f9-47b3-9385-34f7d5131367/1/BHOrynnb72lZBtfWHoEeVXL8048.roa
File: BHOrynnb72lZBtfWHoEeVXL8048.roa (raw, json)
Hash identifier: yE8ROULTpPijguR7tdW63RzIet9zh/vjyAjtzrJb+Y4=
Subject key identifier: 04:73:AB:CA:79:DB:EF:69:59:06:D7:D6:1E:81:1E:55:72:FC:D3:8F
Certificate issuer: /CN=07887ceb1cbd1029ef8a76df77f1152bb473b643
Certificate serial: 018CC87143BCA9FBF5CFC9CDFED3874B3EF1
Authority key identifier: 07:88:7C:EB:1C:BD:10:29:EF:8A:76:DF:77:F1:15:2B:B4:73:B6:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B4h86xy9ECnvinbfd_EVK7RztkM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/02445c-81f9-47b3-9385-34f7d5131367/1/BHOrynnb72lZBtfWHoEeVXL8048.roa
Signing time: Tue 02 Jan 2024 04:31:55 +0000
ROA not before: Tue 02 Jan 2024 04:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21409
IP address blocks: 213.246.32.0/19 maxlen: 32
213.246.33.0/24 maxlen: 32
213.246.35.0/24 maxlen: 32
213.246.36.0/22 maxlen: 32
213.246.42.0/24 maxlen: 32
185.10.99.0/24 maxlen: 24
213.246.51.0/24 maxlen: 32
213.246.49.0/24 maxlen: 32
213.246.55.0/24 maxlen: 32
213.246.52.0/23 maxlen: 32
213.246.56.0/22 maxlen: 32
213.246.61.0/24 maxlen: 32
213.246.62.0/23 maxlen: 32
213.246.60.0/24 maxlen: 32
78.24.128.0/21 maxlen: 32
94.125.160.0/21 maxlen: 32
80.93.80.0/20 maxlen: 32
178.170.0.0/17 maxlen: 32
185.246.84.0/22 maxlen: 22
109.238.0.0/20 maxlen: 32
109.238.15.0/24 maxlen: 32
2a00:c70::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/02445c-81f9-47b3-9385-34f7d5131367/1/B4h86xy9ECnvinbfd_EVK7RztkM.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/02445c-81f9-47b3-9385-34f7d5131367/1/B4h86xy9ECnvinbfd_EVK7RztkM.mft
rsync://rpki.ripe.net/repository/DEFAULT/B4h86xy9ECnvinbfd_EVK7RztkM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:43:bc:a9:fb:f5:cf:c9:cd:fe:d3:87:4b:3e:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07887ceb1cbd1029ef8a76df77f1152bb473b643
Validity
Not Before: Jan 2 04:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0473abca79dbef695906d7d61e811e5572fcd38f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:c8:05:9b:c3:40:13:6a:3a:f4:a8:e3:3f:20:
e2:4a:99:20:2d:d7:81:16:76:40:89:ac:79:8c:e0:
09:46:17:4c:35:c4:47:70:4a:28:e0:13:ab:25:cc:
2a:eb:4a:a1:04:9a:58:1d:92:c6:a1:8b:d6:e9:ec:
2e:c5:7a:73:c8:8d:64:9d:51:c4:9f:b6:81:a4:25:
94:2b:9a:a1:36:e4:53:f3:42:8f:e2:15:e7:bc:36:
20:71:6f:f5:91:70:d1:58:65:b6:34:54:d9:26:55:
82:42:19:40:64:3e:60:bf:cb:96:25:33:a8:8c:50:
b8:4a:f9:63:51:a2:8c:da:94:e4:db:ff:b2:cf:bc:
84:ad:bb:76:3d:e8:66:e6:cf:eb:39:b7:a9:21:b8:
25:1a:a5:eb:88:75:04:2d:fd:ed:00:0e:85:74:c4:
99:e1:9b:84:73:a3:cf:02:fe:a9:75:ee:61:f9:06:
e9:50:64:46:41:9d:c3:a5:6a:47:00:5e:cc:45:85:
ae:08:78:dd:00:55:f4:4e:8a:2c:ba:3e:93:c7:84:
79:01:48:f8:13:78:54:93:8b:d7:90:44:07:a1:43:
bd:b7:e2:2b:a6:56:2b:bd:73:72:0a:ef:1b:c4:75:
fd:fa:46:0f:65:b1:81:26:f7:14:23:95:e9:d9:9c:
cf:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:73:AB:CA:79:DB:EF:69:59:06:D7:D6:1E:81:1E:55:72:FC:D3:8F
X509v3 Authority Key Identifier:
keyid:07:88:7C:EB:1C:BD:10:29:EF:8A:76:DF:77:F1:15:2B:B4:73:B6:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B4h86xy9ECnvinbfd_EVK7RztkM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/02445c-81f9-47b3-9385-34f7d5131367/1/BHOrynnb72lZBtfWHoEeVXL8048.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/02445c-81f9-47b3-9385-34f7d5131367/1/B4h86xy9ECnvinbfd_EVK7RztkM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.24.128.0/21
80.93.80.0/20
94.125.160.0/21
109.238.0.0/20
178.170.0.0/17
185.10.99.0/24
185.246.84.0/22
213.246.32.0/19
IPv6:
2a00:c70::/32
Signature Algorithm: sha256WithRSAEncryption
3b:4a:46:90:a0:af:92:ea:43:72:7b:a5:73:82:ab:0a:43:7d:
11:fb:da:0f:cf:20:5d:52:d2:2a:d9:03:67:69:57:7e:13:cc:
dd:53:42:23:c4:7e:48:23:a2:63:81:81:58:b5:2d:50:10:15:
35:50:0b:2e:ad:8e:9e:42:f3:cc:08:e4:92:6a:c8:c3:86:c8:
da:87:ed:39:d2:c5:11:dd:ad:a5:be:90:b7:04:c5:2d:01:78:
75:f4:cc:67:2b:ce:f1:91:6e:3e:e2:a3:7e:cc:b4:21:44:f3:
0c:ef:2b:e1:29:31:11:f9:3c:40:e1:96:1e:3b:46:fd:75:2c:
d8:04:fa:60:29:39:f0:32:60:d7:ef:63:36:83:d7:c5:b2:f8:
ef:be:af:6b:78:47:96:43:d4:70:07:b5:db:1a:64:7d:fd:22:
f2:8e:5e:9e:19:fa:b4:b3:02:fc:c5:70:7a:63:23:bb:8f:d6:
e3:39:9d:57:f7:ca:d8:09:84:0f:50:a4:ee:7d:41:01:e5:58:
8c:e6:54:57:0b:95:ba:ff:a1:a1:48:5e:f3:91:e7:0c:1e:0d:
e8:15:25:01:0f:ba:c7:f1:5b:28:69:75:b1:53:10:fb:77:a0:
45:26:4f:c8:83:0d:82:99:6a:34:3e:e4:4f:23:dc:4e:f3:7f:
50:a6:64:a1
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzIcUO8qfv1z8nN/tOHSz7xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ODg3Y2ViMWNiZDEwMjllZjhhNzZkZjc3ZjExNTJiYjQ3
M2I2NDMwHhcNMjQwMTAyMDQzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDczYWJjYTc5ZGJlZjY5NTkwNmQ3ZDYxZTgxMWU1NTcyZmNkMzhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsgFm8NAE2o69KjjPyDiSpkgLdeB
FnZAiax5jOAJRhdMNcRHcEoo4BOrJcwq60qhBJpYHZLGoYvW6ewuxXpzyI1knVHE
n7aBpCWUK5qhNuRT80KP4hXnvDYgcW/1kXDRWGW2NFTZJlWCQhlAZD5gv8uWJTOo
jFC4SvljUaKM2pTk2/+yz7yErbt2Pehm5s/rObepIbglGqXriHUELf3tAA6FdMSZ
4ZuEc6PPAv6pde5h+QbpUGRGQZ3DpWpHAF7MRYWuCHjdAFX0Toosuj6Tx4R5AUj4
E3hUk4vXkEQHoUO9t+IrplYrvXNyCu8bxHX9+kYPZbGBJvcUI5Xp2ZzPJwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFARzq8p52+9pWQbX1h6BHlVy/NOPMB8GA1UdIwQY
MBaAFAeIfOscvRAp74p233fxFSu0c7ZDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjRoODZ4eTlFQ252aW5iZmRfRVZLN1J6dGtNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC8wMjQ0NWMtODFmOS00N2IzLTkzODUt
MzRmN2Q1MTMxMzY3LzEvQkhPcnlubmI3MmxaQnRmV0hvRWVWWEw4MDQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC8wMjQ0NWMtODFmOS00N2IzLTkzODUtMzRmN2Q1MTMxMzY3
LzEvQjRoODZ4eTlFQ252aW5iZmRfRVZLN1J6dGtNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQDThiAAwQE
UF1QAwQDXn2gAwQEbe4AAwQHsqoAAwQAuQpjAwQCufZUAwQF1fYgMA0EAgACMAcD
BQAqAAxwMA0GCSqGSIb3DQEBCwUAA4IBAQA7SkaQoK+S6kNye6VzgqsKQ30R+9oP
zyBdUtIq2QNnaVd+E8zdU0IjxH5II6JjgYFYtS1QEBU1UAsurY6eQvPMCOSSasjD
hsjah+050sUR3a2lvpC3BMUtAXh19MxnK87xkW4+4qN+zLQhRPMM7yvhKTER+TxA
4ZYeO0b9dSzYBPpgKTnwMmDX72M2g9fFsvjvvq9reEeWQ9RwB7XbGmR9/SLyjl6e
Gfq0swL8xXB6YyO7j9bjOZ1X98rYCYQPUKTufUEB5ViM5lRXC5W6/6GhSF7zkecM
Hg3oFSUBD7rH8VsoaXWxUxD7d6BFJk/Igw2CmWo0PuRPI9xO839QpmSh
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:42:52 2024 by rpki-client on console-ams.rpki-client.org