Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/0602d4-55a5-4f49-8cfe-bee7a1839710/1/BvywEoccrJ60jje5eBOAjf8Tvx4.roa
File: BvywEoccrJ60jje5eBOAjf8Tvx4.roa (raw, json)
Hash identifier: yDGjpZriJffKRoKb1THMV0HS0cOk1cu91BBIIbAdZdc=
Subject key identifier: 06:FC:B0:12:87:1C:AC:9E:B4:8E:37:B9:78:13:80:8D:FF:13:BF:1E
Certificate issuer: /CN=627b305ba1babef4bfec68581e4039d41b5f71f2
Certificate serial: 018CC64B513CCFF1B0803C2CCB15BD7ED271
Authority key identifier: 62:7B:30:5B:A1:BA:BE:F4:BF:EC:68:58:1E:40:39:D4:1B:5F:71:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YnswW6G6vvS_7GhYHkA51BtfcfI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/0602d4-55a5-4f49-8cfe-bee7a1839710/1/BvywEoccrJ60jje5eBOAjf8Tvx4.roa
Signing time: Mon 01 Jan 2024 18:31:13 +0000
ROA not before: Mon 01 Jan 2024 18:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8224
IP address blocks: 195.72.192.0/19 maxlen: 19
159.253.96.0/21 maxlen: 21
185.79.52.0/22 maxlen: 22
2a01:2d8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/0602d4-55a5-4f49-8cfe-bee7a1839710/1/YnswW6G6vvS_7GhYHkA51BtfcfI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/0602d4-55a5-4f49-8cfe-bee7a1839710/1/YnswW6G6vvS_7GhYHkA51BtfcfI.mft
rsync://rpki.ripe.net/repository/DEFAULT/YnswW6G6vvS_7GhYHkA51BtfcfI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:51:3c:cf:f1:b0:80:3c:2c:cb:15:bd:7e:d2:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=627b305ba1babef4bfec68581e4039d41b5f71f2
Validity
Not Before: Jan 1 18:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06fcb012871cac9eb48e37b97813808dff13bf1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:0f:1b:00:5c:05:b4:1d:00:bd:0e:af:c1:11:
a7:5f:c5:87:2f:c9:1c:3f:cf:84:4d:fd:fb:87:ee:
52:21:1c:d8:da:66:3f:70:22:30:c4:28:08:49:3d:
6b:d5:3d:fa:ea:2a:aa:49:ff:4d:c1:50:52:50:33:
06:dd:59:c4:b8:05:c7:dc:00:52:df:cb:e3:63:84:
f5:7c:24:42:51:90:8f:f6:0a:fb:40:a5:90:97:9e:
a0:68:cf:ed:23:c7:32:01:a1:95:89:be:04:1c:af:
f0:e9:52:bf:2d:c2:6e:dc:60:25:8f:56:66:3a:ed:
92:d5:7e:4f:d0:d5:3d:20:53:19:b9:c7:01:45:ed:
7f:31:86:f9:d0:84:91:d5:bd:74:e4:61:48:a3:0a:
5a:68:09:c6:17:90:96:b8:9c:80:6d:c0:30:9f:31:
dd:4b:fc:e2:a1:58:a7:ed:41:e7:cf:8d:2b:1d:f5:
60:a4:39:a3:1d:5a:c8:66:43:5f:01:fe:74:79:4d:
9e:02:b8:b9:23:a0:33:a3:c3:33:fd:eb:74:7f:4f:
da:f0:8e:24:f1:98:5a:31:46:1f:69:73:16:2d:c4:
dd:a4:21:7c:96:de:48:9f:87:70:0e:39:e4:22:0b:
35:d0:b6:85:f6:f3:c3:11:01:41:5a:6d:b2:ca:e7:
04:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:FC:B0:12:87:1C:AC:9E:B4:8E:37:B9:78:13:80:8D:FF:13:BF:1E
X509v3 Authority Key Identifier:
keyid:62:7B:30:5B:A1:BA:BE:F4:BF:EC:68:58:1E:40:39:D4:1B:5F:71:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YnswW6G6vvS_7GhYHkA51BtfcfI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0602d4-55a5-4f49-8cfe-bee7a1839710/1/BvywEoccrJ60jje5eBOAjf8Tvx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/0602d4-55a5-4f49-8cfe-bee7a1839710/1/YnswW6G6vvS_7GhYHkA51BtfcfI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.253.96.0/21
185.79.52.0/22
195.72.192.0/19
IPv6:
2a01:2d8::/29
Signature Algorithm: sha256WithRSAEncryption
1c:61:e7:4c:14:3e:b3:11:e6:29:ce:eb:cf:95:7b:6e:4c:8a:
dd:80:cf:c0:f9:af:a0:b8:9a:d1:20:01:e9:30:e5:92:3d:32:
08:af:1c:81:bf:c6:31:6c:25:2b:75:b4:13:76:f7:1b:9f:1a:
27:c2:38:a1:13:32:c6:22:9b:83:9d:d2:7a:a5:b6:42:01:0f:
4c:2c:81:15:9f:0f:7e:45:13:9d:25:24:3b:56:17:f8:a0:01:
76:31:55:83:8f:19:b9:84:d3:75:a7:10:43:b3:fd:11:ca:0a:
66:67:4a:7e:73:ce:cd:92:20:b4:de:87:f0:07:dd:55:16:7c:
da:a1:cb:ab:e6:58:d1:01:13:28:3c:d8:25:2b:c7:16:c2:4b:
f5:34:88:f2:47:61:a1:e5:3d:db:4a:48:ac:7d:da:ca:87:ea:
ff:ed:3e:a5:9b:ea:64:25:9d:87:91:22:e3:55:cc:8f:4f:b4:
fc:a6:bd:ad:5b:46:42:bc:bf:52:ce:20:ce:16:95:fc:ed:0f:
c8:dc:7e:1c:95:5e:60:73:27:d9:52:b8:f1:c7:b4:70:b1:63:
5e:48:da:39:93:7e:2c:3f:07:11:7b:c4:0a:1a:87:f9:b6:70:
65:97:b5:d0:60:6f:7b:a7:45:4a:ef:bf:f3:33:f9:ff:2a:9b:
c9:2e:8a:cf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGS1E8z/GwgDwsyxW9ftJxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyN2IzMDViYTFiYWJlZjRiZmVjNjg1ODFlNDAzOWQ0MWI1
ZjcxZjIwHhcNMjQwMTAxMTgzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmZjYjAxMjg3MWNhYzllYjQ4ZTM3Yjk3ODEzODA4ZGZmMTNiZjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgw8bAFwFtB0AvQ6vwRGnX8WHL8kc
P8+ETf37h+5SIRzY2mY/cCIwxCgIST1r1T366iqqSf9NwVBSUDMG3VnEuAXH3ABS
38vjY4T1fCRCUZCP9gr7QKWQl56gaM/tI8cyAaGVib4EHK/w6VK/LcJu3GAlj1Zm
Ou2S1X5P0NU9IFMZuccBRe1/MYb50ISR1b105GFIowpaaAnGF5CWuJyAbcAwnzHd
S/zioVin7UHnz40rHfVgpDmjHVrIZkNfAf50eU2eAri5I6Azo8Mz/et0f0/a8I4k
8ZhaMUYfaXMWLcTdpCF8lt5In4dwDjnkIgs10LaF9vPDEQFBWm2yyucEyQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAb8sBKHHKyetI43uXgTgI3/E78eMB8GA1UdIwQY
MBaAFGJ7MFuhur70v+xoWB5AOdQbX3HyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWW5zd1c2RzZ2dlNfN0doWUhrQTUxQnRmY2ZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8wNjAyZDQtNTVhNS00ZjQ5LThjZmUt
YmVlN2ExODM5NzEwLzEvQnZ5d0VvY2NySjYwamplNWVCT0FqZjhUdng0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8wNjAyZDQtNTVhNS00ZjQ5LThjZmUtYmVlN2ExODM5NzEw
LzEvWW5zd1c2RzZ2dlNfN0doWUhrQTUxQnRmY2ZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDn/1gAwQC
uU80AwQFw0jAMA0EAgACMAcDBQMqAQLYMA0GCSqGSIb3DQEBCwUAA4IBAQAcYedM
FD6zEeYpzuvPlXtuTIrdgM/A+a+guJrRIAHpMOWSPTIIrxyBv8YxbCUrdbQTdvcb
nxonwjihEzLGIpuDndJ6pbZCAQ9MLIEVnw9+RROdJSQ7Vhf4oAF2MVWDjxm5hNN1
pxBDs/0RygpmZ0p+c87NkiC03ofwB91VFnzaocur5ljRARMoPNglK8cWwkv1NIjy
R2Gh5T3bSkisfdrKh+r/7T6lm+pkJZ2HkSLjVcyPT7T8pr2tW0ZCvL9SziDOFpX8
7Q/I3H4clV5gcyfZUrjxx7RwsWNeSNo5k34sPwcRe8QKGof5tnBll7XQYG97p0VK
77/zM/n/KpvJLorP
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:14:33 2024 by rpki-client on console-fra.rpki-client.org