Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/BkTiGvt6Xkt7TypwSkk9kGeK_TI.roa
File: BkTiGvt6Xkt7TypwSkk9kGeK_TI.roa (raw, json)
Hash identifier: GvRv2jJR2WpIsbeXM4cyRSz9VvhQQW2lZb1AKt8vKM8=
Subject key identifier: 06:44:E2:1A:FB:7A:5E:4B:7B:4F:2A:70:4A:49:3D:90:67:8A:FD:32
Certificate issuer: /CN=9803c40f77bc88faf209f31d361ebbab5caeac4a
Certificate serial: 018CCA2AE81B6C9C9FF010DCA86DC7AECC04
Authority key identifier: 98:03:C4:0F:77:BC:88:FA:F2:09:F3:1D:36:1E:BB:AB:5C:AE:AC:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mAPED3e8iPryCfMdNh67q1yurEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/BkTiGvt6Xkt7TypwSkk9kGeK_TI.roa
Signing time: Tue 02 Jan 2024 12:34:18 +0000
ROA not before: Tue 02 Jan 2024 12:34:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44358
IP address blocks: 185.150.42.0/24 maxlen: 24
194.0.3.0/24 maxlen: 24
194.0.20.0/24 maxlen: 24
194.0.19.0/24 maxlen: 24
194.0.18.0/24 maxlen: 24
2001:678:88::/48 maxlen: 48
2a07:ab42::/48 maxlen: 48
2001:678:6::/48 maxlen: 48
2001:678:19::/48 maxlen: 48
2001:678:8c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/mAPED3e8iPryCfMdNh67q1yurEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/mAPED3e8iPryCfMdNh67q1yurEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/mAPED3e8iPryCfMdNh67q1yurEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:e8:1b:6c:9c:9f:f0:10:dc:a8:6d:c7:ae:cc:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9803c40f77bc88faf209f31d361ebbab5caeac4a
Validity
Not Before: Jan 2 12:34:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0644e21afb7a5e4b7b4f2a704a493d90678afd32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:82:0f:3a:54:f2:68:b6:2c:22:73:9f:2d:f8:
32:92:bf:e8:57:55:c4:1b:cc:61:f0:28:b8:31:57:
d2:04:3d:d3:8f:90:aa:8f:5f:7f:22:e2:68:aa:76:
50:90:78:46:5d:9d:d1:d2:ab:fc:de:d8:be:34:37:
3b:e1:3d:3e:b8:5e:90:ef:b4:8b:20:a4:1c:59:44:
0c:75:0e:7f:ed:7f:c4:0a:5c:fc:f2:fd:dd:df:e7:
d2:a0:ca:ce:2c:b3:42:d6:88:b0:24:f5:b9:f3:28:
cc:3b:1d:c3:8e:4d:d1:bf:d6:fd:da:02:4b:cb:b1:
89:f3:b7:cd:9d:27:3e:80:77:1d:eb:1b:dc:00:aa:
d0:7a:cf:0e:92:72:b7:dc:5f:f7:62:31:73:f8:9c:
f0:2f:3b:4a:45:9f:b4:aa:74:d0:de:46:0d:ac:42:
50:4f:18:51:b8:9a:8d:d7:77:b2:b1:b8:b0:b6:60:
e7:bc:56:71:3f:f6:7e:0e:9e:fa:53:ad:cd:96:22:
ff:59:90:0d:b9:1b:2c:82:30:a9:ea:a7:a7:d1:3b:
c6:9e:74:00:17:24:e1:4e:13:a5:42:17:71:0c:fc:
b6:6f:84:1e:3f:7e:4c:fd:76:01:9d:2b:88:e5:dd:
13:67:69:b2:2a:b7:d5:79:6a:98:65:2f:10:7b:12:
06:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:44:E2:1A:FB:7A:5E:4B:7B:4F:2A:70:4A:49:3D:90:67:8A:FD:32
X509v3 Authority Key Identifier:
keyid:98:03:C4:0F:77:BC:88:FA:F2:09:F3:1D:36:1E:BB:AB:5C:AE:AC:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mAPED3e8iPryCfMdNh67q1yurEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/BkTiGvt6Xkt7TypwSkk9kGeK_TI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/bad4a0-3e9b-4764-8a24-f3a26f055f4e/1/mAPED3e8iPryCfMdNh67q1yurEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.42.0/24
194.0.3.0/24
194.0.18.0-194.0.20.255
IPv6:
2001:678:6::/48
2001:678:19::/48
2001:678:88::/48
2001:678:8c::/48
2a07:ab42::/48
Signature Algorithm: sha256WithRSAEncryption
57:3d:32:36:38:3d:ef:e7:5d:06:0e:7f:af:e2:f4:ea:30:e5:
a2:c1:29:f3:2f:b2:f0:25:9b:52:1e:cd:aa:ce:cc:57:28:c5:
7a:c2:29:92:a6:b2:ad:82:6f:e2:ce:6e:79:37:e7:3a:36:64:
3d:ae:13:ef:42:0f:47:a5:76:d4:af:3a:3d:c1:3d:14:f3:6b:
94:67:b6:38:e5:b5:bd:54:89:f9:72:ea:be:73:4d:e7:26:82:
b9:11:29:3d:b9:81:09:a1:71:7d:58:11:64:74:da:5c:92:30:
f3:64:eb:fc:25:30:10:d1:59:12:c4:50:fc:3d:4f:48:95:c0:
e7:9e:cd:c4:43:3d:b3:d9:eb:9d:fb:b2:63:a8:fd:bc:57:fd:
03:29:72:4d:db:7b:98:ca:7a:9c:a7:4f:cb:40:f9:e8:21:c1:
95:73:72:a8:e6:ba:6e:b7:88:af:4d:82:b3:11:08:bb:92:f5:
15:74:72:53:19:eb:74:ec:20:af:d5:b0:63:ab:c2:02:56:e2:
f1:00:e3:57:4e:b9:43:ab:a2:3c:ce:be:ba:09:7f:6f:a7:66:
22:fb:77:fe:86:86:20:5d:23:41:c0:d6:89:47:c0:7e:9a:97:
6d:bb:3c:52:6d:05:43:10:82:68:48:12:4d:82:14:93:54:59:
06:e4:d6:57
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAYzKKugbbJyf8BDcqG3HrswEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MDNjNDBmNzdiYzg4ZmFmMjA5ZjMxZDM2MWViYmFiNWNh
ZWFjNGEwHhcNMjQwMTAyMTIzNDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjQ0ZTIxYWZiN2E1ZTRiN2I0ZjJhNzA0YTQ5M2Q5MDY3OGFmZDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk4IPOlTyaLYsInOfLfgykr/oV1XE
G8xh8Ci4MVfSBD3Tj5Cqj19/IuJoqnZQkHhGXZ3R0qv83ti+NDc74T0+uF6Q77SL
IKQcWUQMdQ5/7X/EClz88v3d3+fSoMrOLLNC1oiwJPW58yjMOx3Djk3Rv9b92gJL
y7GJ87fNnSc+gHcd6xvcAKrQes8OknK33F/3YjFz+JzwLztKRZ+0qnTQ3kYNrEJQ
TxhRuJqN13eysbiwtmDnvFZxP/Z+Dp76U63NliL/WZANuRssgjCp6qen0TvGnnQA
FyThThOlQhdxDPy2b4QeP35M/XYBnSuI5d0TZ2myKrfVeWqYZS8QexIGGQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFAZE4hr7el5Le08qcEpJPZBniv0yMB8GA1UdIwQY
MBaAFJgDxA93vIj68gnzHTYeu6tcrqxKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUFQRUQzZThpUHJ5Q2ZNZE5oNjdxMXl1ckVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9iYWQ0YTAtM2U5Yi00NzY0LThhMjQt
ZjNhMjZmMDU1ZjRlLzEvQmtUaUd2dDZYa3Q3VHlwd1NrazlrR2VLX1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9iYWQ0YTAtM2U5Yi00NzY0LThhMjQtZjNhMjZmMDU1ZjRl
LzEvbUFQRUQzZThpUHJ5Q2ZNZE5oNjdxMXl1ckVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAgBAIAATAaAwQAuZYqAwQA
wgADMAwDBAHCABIDBADCABQwMwQCAAIwLQMHACABBngABgMHACABBngAGQMHACAB
BngAiAMHACABBngAjAMHACoHq0IAADANBgkqhkiG9w0BAQsFAAOCAQEAVz0yNjg9
7+ddBg5/r+L06jDlosEp8y+y8CWbUh7Nqs7MVyjFesIpkqayrYJv4s5ueTfnOjZk
Pa4T70IPR6V21K86PcE9FPNrlGe2OOW1vVSJ+XLqvnNN5yaCuREpPbmBCaFxfVgR
ZHTaXJIw82Tr/CUwENFZEsRQ/D1PSJXA557NxEM9s9nrnfuyY6j9vFf9AylyTdt7
mMp6nKdPy0D56CHBlXNyqOa6breIr02CsxEIu5L1FXRyUxnrdOwgr9WwY6vCAlbi
8QDjV065Q6uiPM6+ugl/b6dmIvt3/oaGIF0jQcDWiUfAfpqXbbs8Um0FQxCCaEgS
TYIUk1RZBuTWVw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:43:07 2024 by rpki-client on console-ams.rpki-client.org