Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/1beaa4-ac9c-4a89-9272-1c2267ebf5d5/1/BsI4gal2WXzic8nQiJkMTA14LKk.roa
File: BsI4gal2WXzic8nQiJkMTA14LKk.roa (raw, json)
Hash identifier: alJuzYPhgp8NaU7KpNCDNBCSZF9ikWn6agn4bMwWAdI=
Subject key identifier: 06:C2:38:81:A9:76:59:7C:E2:73:C9:D0:88:99:0C:4C:0D:78:2C:A9
Certificate issuer: /CN=e3cc589b99ba4942cadedc1789389642963c48ae
Certificate serial: 018CC5DC49C9D3F07EF90B02B2D5C861E28B
Authority key identifier: E3:CC:58:9B:99:BA:49:42:CA:DE:DC:17:89:38:96:42:96:3C:48:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/48xYm5m6SULK3twXiTiWQpY8SK4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/1beaa4-ac9c-4a89-9272-1c2267ebf5d5/1/BsI4gal2WXzic8nQiJkMTA14LKk.roa
Signing time: Mon 01 Jan 2024 16:29:57 +0000
ROA not before: Mon 01 Jan 2024 16:29:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 178.250.16.0/24 maxlen: 24
178.250.18.0/24 maxlen: 24
185.24.240.0/24 maxlen: 24
2a00:fc80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/1beaa4-ac9c-4a89-9272-1c2267ebf5d5/1/48xYm5m6SULK3twXiTiWQpY8SK4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/1beaa4-ac9c-4a89-9272-1c2267ebf5d5/1/48xYm5m6SULK3twXiTiWQpY8SK4.mft
rsync://rpki.ripe.net/repository/DEFAULT/48xYm5m6SULK3twXiTiWQpY8SK4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 13:01:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:49:c9:d3:f0:7e:f9:0b:02:b2:d5:c8:61:e2:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3cc589b99ba4942cadedc1789389642963c48ae
Validity
Not Before: Jan 1 16:29:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06c23881a976597ce273c9d088990c4c0d782ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:38:dd:65:10:b4:ce:28:7a:b7:53:77:64:2d:
12:40:4d:6c:97:ea:3b:5a:5e:11:c5:fa:2e:56:0c:
85:47:37:5e:82:9d:57:81:ba:bc:61:83:07:e9:08:
c1:36:a1:36:fb:d9:79:30:39:b5:e0:36:9e:87:6b:
50:ed:14:3f:44:0d:91:52:c1:08:76:0a:23:43:1c:
2d:59:e4:3b:96:1f:80:00:2b:3d:4d:0f:96:f0:ba:
f9:3b:45:c6:05:af:96:62:27:e8:c2:d7:64:c1:ed:
dd:11:3a:01:c2:65:45:93:36:e5:8f:94:6c:3d:d3:
0e:b1:61:cf:0e:63:9a:08:4e:01:16:5b:55:76:fd:
c5:29:aa:8d:c2:df:f5:19:89:d4:16:5b:45:31:ba:
36:9f:d7:75:14:7f:02:7c:f2:83:a9:c1:c2:41:50:
13:79:7d:37:f0:78:e1:8e:e6:18:4f:f6:c8:c1:d7:
fa:1e:61:d8:f3:3d:53:59:08:09:15:f8:be:26:0a:
ae:cd:12:58:e0:51:fe:8e:90:90:15:7e:21:f2:06:
57:e6:c8:c7:cb:c2:96:84:ba:6d:1c:f5:5a:cd:7a:
24:23:f2:15:75:a5:08:26:7c:86:2d:f9:c8:a1:32:
2e:98:04:ef:1c:26:a2:74:0f:b1:cb:c3:82:24:c5:
60:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C2:38:81:A9:76:59:7C:E2:73:C9:D0:88:99:0C:4C:0D:78:2C:A9
X509v3 Authority Key Identifier:
keyid:E3:CC:58:9B:99:BA:49:42:CA:DE:DC:17:89:38:96:42:96:3C:48:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/48xYm5m6SULK3twXiTiWQpY8SK4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1beaa4-ac9c-4a89-9272-1c2267ebf5d5/1/BsI4gal2WXzic8nQiJkMTA14LKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/1beaa4-ac9c-4a89-9272-1c2267ebf5d5/1/48xYm5m6SULK3twXiTiWQpY8SK4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.250.16.0/24
178.250.18.0/24
185.24.240.0/24
IPv6:
2a00:fc80::/48
Signature Algorithm: sha256WithRSAEncryption
1a:e8:29:d2:09:cb:42:b7:1d:67:1d:47:6f:41:31:6a:41:2b:
c5:d7:95:b3:dc:d0:e9:60:32:c6:66:c4:87:74:31:15:a1:62:
e5:72:ff:4d:fb:2f:2b:03:92:4b:93:89:ed:e0:fe:04:94:15:
83:b1:53:3f:e5:fd:11:e0:c3:0f:39:55:b4:fb:0c:d0:93:8a:
c8:2f:83:0b:9e:7a:65:9b:f0:ff:e9:5d:ef:b6:26:ab:01:f6:
fd:62:45:e8:01:71:2c:f9:42:a1:49:85:2f:2b:78:fc:f4:33:
4b:25:68:b9:5b:8b:3b:61:ef:b3:84:2c:6c:24:59:a7:77:1c:
cd:aa:34:8e:c8:69:d7:ee:ad:da:2a:2f:1b:8d:2a:67:04:44:
8d:0c:14:cf:8f:bf:75:34:ae:30:a7:33:ef:eb:28:e8:f0:a8:
f6:0e:4b:4d:de:e0:95:75:41:71:59:24:1d:24:40:bc:da:eb:
03:6a:3c:d4:30:34:f8:3c:87:9a:d2:4d:df:6e:38:ad:0e:29:
44:82:cc:a6:cf:71:82:df:ef:6f:24:57:ff:20:fc:90:6d:0e:
8b:bb:c6:c8:0b:c6:50:33:74:67:82:33:5a:a2:72:46:e7:67:
15:4d:a5:29:f0:f6:49:fc:62:45:f1:f4:0f:de:82:07:17:29:
1a:d7:91:2b
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzF3EnJ0/B++QsCstXIYeKLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzY2M1ODliOTliYTQ5NDJjYWRlZGMxNzg5Mzg5NjQyOTYz
YzQ4YWUwHhcNMjQwMTAxMTYyOTU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmMyMzg4MWE5NzY1OTdjZTI3M2M5ZDA4ODk5MGM0YzBkNzgyY2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTjdZRC0zih6t1N3ZC0SQE1sl+o7
Wl4RxfouVgyFRzdegp1Xgbq8YYMH6QjBNqE2+9l5MDm14Daeh2tQ7RQ/RA2RUsEI
dgojQxwtWeQ7lh+AACs9TQ+W8Lr5O0XGBa+WYifowtdkwe3dEToBwmVFkzblj5Rs
PdMOsWHPDmOaCE4BFltVdv3FKaqNwt/1GYnUFltFMbo2n9d1FH8CfPKDqcHCQVAT
eX038HjhjuYYT/bIwdf6HmHY8z1TWQgJFfi+JgquzRJY4FH+jpCQFX4h8gZX5sjH
y8KWhLptHPVazXokI/IVdaUIJnyGLfnIoTIumATvHCaidA+xy8OCJMVgPQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAbCOIGpdll84nPJ0IiZDEwNeCypMB8GA1UdIwQY
MBaAFOPMWJuZuklCyt7cF4k4lkKWPEiuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDh4WW01bTZTVUxLM3R3WGlUaVdRcFk4U0s0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC8xYmVhYTQtYWM5Yy00YTg5LTkyNzIt
MWMyMjY3ZWJmNWQ1LzEvQnNJNGdhbDJXWHppYzhuUWlKa01UQTE0TEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC8xYmVhYTQtYWM5Yy00YTg5LTkyNzItMWMyMjY3ZWJmNWQ1
LzEvNDh4WW01bTZTVUxLM3R3WGlUaVdRcFk4U0s0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAsvoQAwQA
svoSAwQAuRjwMA8EAgACMAkDBwAqAPyAAAAwDQYJKoZIhvcNAQELBQADggEBABro
KdIJy0K3HWcdR29BMWpBK8XXlbPc0OlgMsZmxId0MRWhYuVy/037LysDkkuTie3g
/gSUFYOxUz/l/RHgww85VbT7DNCTisgvgwueemWb8P/pXe+2JqsB9v1iRegBcSz5
QqFJhS8rePz0M0slaLlbizth77OELGwkWad3HM2qNI7IadfurdoqLxuNKmcERI0M
FM+Pv3U0rjCnM+/rKOjwqPYOS03e4JV1QXFZJB0kQLza6wNqPNQwNPg8h5rSTd9u
OK0OKUSCzKbPcYLf728kV/8g/JBtDou7xsgLxlAzdGeCM1qickbnZxVNpSnw9kn8
YkXx9A/eggcXKRrXkSs=
-----END CERTIFICATE-----
Generated at Wed May 8 21:45:26 2024 by rpki-client on console-fra.rpki-client.org