Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/BmdjaS1vNDjNh4B-1vZW2TqI1s0.roa
File: BmdjaS1vNDjNh4B-1vZW2TqI1s0.roa (raw, json)
Hash identifier: vayW4tRByKqm24S2h0GGsg37A5tclZ3fyFJ5m4wiogo=
Subject key identifier: 06:67:63:69:2D:6F:34:38:CD:87:80:7E:D6:F6:56:D9:3A:88:D6:CD
Certificate issuer: /CN=18101772248996b87d90840c2d27d62549458173
Certificate serial: 018EAD80F818EA6F76F80191B6921D610598
Authority key identifier: 18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/BmdjaS1vNDjNh4B-1vZW2TqI1s0.roa
Signing time: Fri 05 Apr 2024 09:04:54 +0000
ROA not before: Fri 05 Apr 2024 09:04:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52035
IP address blocks: 158.41.24.0/21 maxlen: 24
2a0e:ce40::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ad:80:f8:18:ea:6f:76:f8:01:91:b6:92:1d:61:05:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18101772248996b87d90840c2d27d62549458173
Validity
Not Before: Apr 5 09:04:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=066763692d6f3438cd87807ed6f656d93a88d6cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:85:8e:67:34:19:a2:27:1e:31:d1:25:ee:ed:
0a:82:20:78:ff:70:2f:17:03:18:e0:bd:c4:c3:df:
7f:b0:b6:89:7d:da:0d:0e:c7:ee:73:80:27:3a:c8:
81:b1:49:19:06:e5:5a:73:ba:58:87:e5:51:fd:7b:
ce:47:0c:29:47:b4:95:9c:d9:d5:99:c0:fc:d3:5e:
84:48:89:38:b1:ae:36:b7:6e:86:a6:ce:b7:84:a1:
f5:76:2b:eb:c9:37:92:e2:ee:03:06:8b:7f:0c:38:
a6:f7:dd:a5:a9:02:78:fc:59:62:37:49:32:05:74:
47:02:e9:3b:9c:03:66:09:84:73:65:ce:11:da:2f:
b7:cb:4d:ff:d2:23:e6:5e:92:d3:63:3e:ca:ac:0b:
b0:a7:74:06:97:c5:db:26:77:4a:07:3d:40:99:ad:
5c:d3:94:f6:c7:cd:75:da:67:f7:43:5c:17:9a:b7:
ae:9f:31:71:7a:fd:7d:d7:f3:9e:cb:d4:0c:db:86:
8e:db:4c:92:d4:86:82:51:a0:72:45:c6:3c:67:c4:
75:ae:09:35:c5:6d:aa:5d:45:41:e6:0b:b3:b6:56:
38:6d:f6:21:9e:16:f8:7b:12:75:a5:7e:01:29:96:
f7:80:93:d3:a7:3d:fa:8d:41:d6:f6:91:ae:8b:89:
d0:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:67:63:69:2D:6F:34:38:CD:87:80:7E:D6:F6:56:D9:3A:88:D6:CD
X509v3 Authority Key Identifier:
keyid:18:10:17:72:24:89:96:B8:7D:90:84:0C:2D:27:D6:25:49:45:81:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBAXciSJlrh9kIQMLSfWJUlFgXM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/BmdjaS1vNDjNh4B-1vZW2TqI1s0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/20a5a5-0ba2-4052-beb4-3cc85ad3c190/1/GBAXciSJlrh9kIQMLSfWJUlFgXM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.41.24.0/21
IPv6:
2a0e:ce40::/29
Signature Algorithm: sha256WithRSAEncryption
22:0c:79:dc:68:a4:6f:2c:1b:38:cb:db:01:0f:f2:b9:e3:bf:
71:a4:63:92:af:5d:89:5c:21:da:56:db:fb:d3:7a:74:79:b7:
a5:8c:fc:61:61:3a:c9:42:24:2e:bb:c2:71:7d:22:48:b0:67:
66:4c:8d:b2:50:49:0f:a7:ad:2c:a5:d7:1f:d5:ff:9b:e5:ab:
40:55:f9:d6:78:0f:79:d4:b7:ff:d2:de:10:1a:04:df:b9:44:
bb:1f:ae:a5:bd:db:af:c2:2d:2d:45:ce:c3:02:dd:c7:67:1f:
39:da:ae:15:cf:a0:08:a7:bc:a5:bf:96:c1:2b:08:b4:e7:52:
f8:70:05:04:7f:1f:1c:98:61:f9:2b:26:3c:89:a7:61:17:33:
8f:1a:a7:e2:2f:b9:2e:e2:c9:70:b7:ab:aa:02:39:b4:8d:d2:
2d:62:87:41:9b:9b:1c:89:b1:c8:5b:1b:66:4e:93:a4:ef:45:
c5:d9:81:8c:f7:7f:2f:bc:44:24:78:4f:8f:bc:50:a9:7a:db:
be:b2:c1:4b:f9:55:f9:9b:28:b6:8b:25:78:a9:e2:fd:09:f0:
46:5a:20:14:a4:3d:82:ea:94:c5:86:de:62:fb:93:d4:2f:20:
88:7c:7f:e1:21:31:c4:6b:c2:6f:ea:79:0d:13:e6:87:bc:62:
ff:14:3b:88
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY6tgPgY6m92+AGRtpIdYQWYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTAxNzcyMjQ4OTk2Yjg3ZDkwODQwYzJkMjdkNjI1NDk0
NTgxNzMwHhcNMjQwNDA1MDkwNDU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjY3NjM2OTJkNmYzNDM4Y2Q4NzgwN2VkNmY2NTZkOTNhODhkNmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYWOZzQZoiceMdEl7u0KgiB4/3Av
FwMY4L3Ew99/sLaJfdoNDsfuc4AnOsiBsUkZBuVac7pYh+VR/XvORwwpR7SVnNnV
mcD8016ESIk4sa42t26Gps63hKH1divryTeS4u4DBot/DDim992lqQJ4/FliN0ky
BXRHAuk7nANmCYRzZc4R2i+3y03/0iPmXpLTYz7KrAuwp3QGl8XbJndKBz1Ama1c
05T2x8112mf3Q1wXmreunzFxev191/Oey9QM24aO20yS1IaCUaByRcY8Z8R1rgk1
xW2qXUVB5guztlY4bfYhnhb4exJ1pX4BKZb3gJPTpz36jUHW9pGui4nQ6wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAZnY2ktbzQ4zYeAftb2Vtk6iNbNMB8GA1UdIwQY
MBaAFBgQF3IkiZa4fZCEDC0n1iVJRYFzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQt
M2NjODVhZDNjMTkwLzEvQm1kamFTMXZORGpOaDRCLTF2WlcyVHFJMXMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS8yMGE1YTUtMGJhMi00MDUyLWJlYjQtM2NjODVhZDNjMTkw
LzEvR0JBWGNpU0pscmg5a0lRTUxTZldKVWxGZ1hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDnikYMA0E
AgACMAcDBQMqDs5AMA0GCSqGSIb3DQEBCwUAA4IBAQAiDHncaKRvLBs4y9sBD/K5
479xpGOSr12JXCHaVtv703p0ebeljPxhYTrJQiQuu8JxfSJIsGdmTI2yUEkPp60s
pdcf1f+b5atAVfnWeA951Lf/0t4QGgTfuUS7H66lvduvwi0tRc7DAt3HZx852q4V
z6AIp7ylv5bBKwi051L4cAUEfx8cmGH5KyY8iadhFzOPGqfiL7ku4slwt6uqAjm0
jdItYodBm5scibHIWxtmTpOk70XF2YGM938vvEQkeE+PvFCpetu+ssFL+VX5myi2
iyV4qeL9CfBGWiAUpD2C6pTFht5i+5PULyCIfH/hITHEa8Jv6nkNE+aHvGL/FDuI
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:44:42 2024 by rpki-client on console-ams.rpki-client.org