Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/BTI-OYejCfxokvrBtx66yR0xxfQ.roa
File: BTI-OYejCfxokvrBtx66yR0xxfQ.roa (raw, json)
Hash identifier: eNpdcBNXcPMpX4iV3EDVeSvtYyJQoN0Hkku4w31OCME=
Subject key identifier: 05:32:3E:39:87:A3:09:FC:68:92:FA:C1:B7:1E:BA:C9:1D:31:C5:F4
Certificate issuer: /CN=29ad8bfe07ad5d2ccb43b0d1dba6b192cb51dbea
Certificate serial: 018CC8DEAEDC50B62942EDAF2384580BC551
Authority key identifier: 29:AD:8B:FE:07:AD:5D:2C:CB:43:B0:D1:DB:A6:B1:92:CB:51:DB:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ka2L_getXSzLQ7DR26axkstR2-o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/BTI-OYejCfxokvrBtx66yR0xxfQ.roa
Signing time: Tue 02 Jan 2024 06:31:26 +0000
ROA not before: Tue 02 Jan 2024 06:31:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 63949
IP address blocks: 151.236.216.0/21 maxlen: 24
80.85.84.0/22 maxlen: 24
176.58.96.0/19 maxlen: 24
212.71.232.0/21 maxlen: 24
212.71.244.0/22 maxlen: 24
194.233.160.0/21 maxlen: 24
192.53.112.0/21 maxlen: 24
194.233.168.0/21 maxlen: 24
212.71.248.0/21 maxlen: 24
85.159.208.0/21 maxlen: 24
88.80.184.0/21 maxlen: 24
194.233.176.0/21 maxlen: 24
192.53.120.0/22 maxlen: 24
192.53.124.0/22 maxlen: 24
109.237.24.0/22 maxlen: 24
194.233.184.0/21 maxlen: 24
192.46.208.0/21 maxlen: 24
192.46.216.0/22 maxlen: 24
192.46.222.0/23 maxlen: 24
192.46.220.0/23 maxlen: 24
192.46.224.0/21 maxlen: 24
192.46.232.0/21 maxlen: 24
192.53.160.0/21 maxlen: 24
192.53.168.0/23 maxlen: 24
192.53.172.0/22 maxlen: 24
192.53.170.0/23 maxlen: 24
213.52.128.0/22 maxlen: 24
178.79.128.0/18 maxlen: 24
85.90.244.0/22 maxlen: 24
212.111.40.0/22 maxlen: 24
185.3.92.0/22 maxlen: 24
194.195.112.0/21 maxlen: 24
194.195.120.0/21 maxlen: 24
213.219.36.0/22 maxlen: 24
109.74.192.0/20 maxlen: 24
194.195.208.0/21 maxlen: 24
194.195.216.0/21 maxlen: 24
213.168.248.0/22 maxlen: 24
194.195.240.0/21 maxlen: 24
194.195.248.0/21 maxlen: 24
2a01:7e02::/32 maxlen: 48
2a01:7e01::/32 maxlen: 48
2a01:7e04::/32 maxlen: 48
2a01:7e00::/32 maxlen: 48
2a01:7e03::/32 maxlen: 48
2a01:7e06::/32 maxlen: 48
2a01:7e07::/32 maxlen: 48
2a01:7e05::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/Ka2L_getXSzLQ7DR26axkstR2-o.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/Ka2L_getXSzLQ7DR26axkstR2-o.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ka2L_getXSzLQ7DR26axkstR2-o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 09:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:ae:dc:50:b6:29:42:ed:af:23:84:58:0b:c5:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29ad8bfe07ad5d2ccb43b0d1dba6b192cb51dbea
Validity
Not Before: Jan 2 06:31:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05323e3987a309fc6892fac1b71ebac91d31c5f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:25:d7:13:49:f4:91:74:5c:42:5a:87:48:c4:
b3:3b:44:13:e4:28:31:b9:82:a2:96:03:90:c5:3c:
14:b3:98:d1:31:e5:60:8c:a7:79:c2:e1:84:07:c6:
fc:6b:fd:6e:bf:cd:6f:9c:66:8f:9c:a9:28:dd:52:
bc:07:88:eb:04:ae:d9:2d:42:36:b6:01:88:d1:2c:
ce:b9:b8:c9:e3:b4:4c:e0:40:2f:c2:12:c3:7a:b0:
f8:b2:86:a0:95:d6:4f:85:35:4e:be:b0:c8:13:6e:
0e:b4:26:4d:30:09:26:d5:8e:33:89:64:7e:e7:24:
f7:11:e8:56:75:18:e7:f7:87:ae:36:ac:f3:7e:4f:
6b:af:6a:b6:a6:1d:88:24:07:98:1c:1c:fc:07:67:
d6:fe:8d:bd:13:5d:c9:84:0b:2a:81:c4:ce:12:36:
7f:f4:27:0d:cc:03:36:3a:d6:13:fe:7b:73:bc:b6:
e8:0d:5d:ab:be:8f:f7:c8:52:a8:1b:fe:84:d9:a3:
27:c6:24:13:6e:eb:0f:ee:f3:03:2b:75:8f:a9:f5:
ab:8c:e3:d7:f1:19:b5:b4:88:6b:d1:3c:47:46:1c:
cc:83:7e:7c:0b:aa:b4:30:94:f6:35:aa:c9:0b:62:
26:b4:05:b7:89:43:2d:b4:a1:e6:d4:d5:da:96:2a:
f9:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:32:3E:39:87:A3:09:FC:68:92:FA:C1:B7:1E:BA:C9:1D:31:C5:F4
X509v3 Authority Key Identifier:
keyid:29:AD:8B:FE:07:AD:5D:2C:CB:43:B0:D1:DB:A6:B1:92:CB:51:DB:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ka2L_getXSzLQ7DR26axkstR2-o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/BTI-OYejCfxokvrBtx66yR0xxfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/235d26-7094-4feb-9ca9-378499398f18/1/Ka2L_getXSzLQ7DR26axkstR2-o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.85.84.0/22
85.90.244.0/22
85.159.208.0/21
88.80.184.0/21
109.74.192.0/20
109.237.24.0/22
151.236.216.0/21
176.58.96.0/19
178.79.128.0/18
185.3.92.0/22
192.46.208.0-192.46.239.255
192.53.112.0/20
192.53.160.0/20
194.195.112.0/20
194.195.208.0/20
194.195.240.0/20
194.233.160.0/19
212.71.232.0/21
212.71.244.0-212.71.255.255
212.111.40.0/22
213.52.128.0/22
213.168.248.0/22
213.219.36.0/22
IPv6:
2a01:7e00::/29
Signature Algorithm: sha256WithRSAEncryption
32:e6:be:ec:ff:14:f5:af:92:0e:45:f6:56:ea:44:ca:42:b5:
e2:bd:b6:fe:9e:51:12:cd:f6:a4:0f:38:2f:13:35:fc:67:70:
07:c1:75:6e:e9:88:4a:ef:5e:99:36:98:a5:1d:4c:c0:98:f0:
51:26:2b:d5:80:a0:24:29:25:5e:83:b2:3c:04:fa:89:0d:5f:
f3:ea:32:d1:a5:35:a4:45:1a:b9:bf:90:81:33:84:51:67:18:
50:4b:9d:2b:eb:67:a4:a8:e9:1f:57:bb:06:a5:69:44:29:12:
7f:45:fb:91:a9:5d:e0:a7:46:94:39:d8:91:87:76:d1:7a:9f:
ca:71:15:32:5c:79:07:2c:b8:2e:c0:91:bc:b9:1b:2e:02:3a:
14:89:bd:7e:9e:0d:d6:12:a9:e1:42:3f:20:e6:10:dd:72:52:
c4:46:e0:f7:2c:eb:51:48:25:92:25:55:57:75:f3:82:a6:3d:
b7:c3:70:d1:4f:d5:5f:a1:e1:b4:a8:bb:1e:bf:b9:36:65:40:
82:42:7e:5c:1f:d7:8d:fb:75:22:c7:ef:9c:1d:ea:35:52:fd:
25:10:39:02:9f:58:e5:8d:4c:3a:8c:26:6d:88:c0:0e:26:7d:
88:01:da:a3:fd:c1:79:a3:d8:42:ab:8f:6b:66:97:68:ed:1f:
09:ad:7a:9e
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAYzI3q7cULYpQu2vI4RYC8VRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5YWQ4YmZlMDdhZDVkMmNjYjQzYjBkMWRiYTZiMTkyY2I1
MWRiZWEwHhcNMjQwMTAyMDYzMTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTMyM2UzOTg3YTMwOWZjNjg5MmZhYzFiNzFlYmFjOTFkMzFjNWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoiXXE0n0kXRcQlqHSMSzO0QT5Cgx
uYKilgOQxTwUs5jRMeVgjKd5wuGEB8b8a/1uv81vnGaPnKko3VK8B4jrBK7ZLUI2
tgGI0SzOubjJ47RM4EAvwhLDerD4soagldZPhTVOvrDIE24OtCZNMAkm1Y4ziWR+
5yT3EehWdRjn94euNqzzfk9rr2q2ph2IJAeYHBz8B2fW/o29E13JhAsqgcTOEjZ/
9CcNzAM2OtYT/ntzvLboDV2rvo/3yFKoG/6E2aMnxiQTbusP7vMDK3WPqfWrjOPX
8Rm1tIhr0TxHRhzMg358C6q0MJT2NarJC2ImtAW3iUMttKHm1NXalir5nQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFAUyPjmHown8aJL6wbceuskdMcX0MB8GA1UdIwQY
MBaAFCmti/4HrV0sy0Ow0dumsZLLUdvqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2EyTF9nZXRYU3pMUTdEUjI2YXhrc3RSMi1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My8yMzVkMjYtNzA5NC00ZmViLTljYTkt
Mzc4NDk5Mzk4ZjE4LzEvQlRJLU9ZZWpDZnhva3ZyQnR4NjZ5UjB4eGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My8yMzVkMjYtNzA5NC00ZmViLTljYTktMzc4NDk5Mzk4ZjE4
LzEvS2EyTF9nZXRYU3pMUTdEUjI2YXhrc3RSMi1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBoAQCAAEwgZkDBAJQ
VVQDBAJVWvQDBANVn9ADBANYULgDBARtSsADBAJt7RgDBAOX7NgDBAWwOmADBAay
T4ADBAK5A1wwDAMEBMAu0AMEBMAu4AMEBMA1cAMEBMA1oAMEBMLDcAMEBMLD0AME
BMLD8AMEBcLpoAMEA9RH6DALAwQC1Ef0AwMD1EADBALUbygDBALVNIADBALVqPgD
BALV2yQwDQQCAAIwBwMFAyoBfgAwDQYJKoZIhvcNAQELBQADggEBADLmvuz/FPWv
kg5F9lbqRMpCteK9tv6eURLN9qQPOC8TNfxncAfBdW7piErvXpk2mKUdTMCY8FEm
K9WAoCQpJV6DsjwE+okNX/PqMtGlNaRFGrm/kIEzhFFnGFBLnSvrZ6So6R9Xuwal
aUQpEn9F+5GpXeCnRpQ52JGHdtF6n8pxFTJceQcsuC7Akby5Gy4COhSJvX6eDdYS
qeFCPyDmEN1yUsRG4Pcs61FIJZIlVVd184KmPbfDcNFP1V+h4bSoux6/uTZlQIJC
flwf1437dSLH75wd6jVS/SUQOQKfWOWNTDqMJm2IwA4mfYgB2qP9wXmj2EKrj2tm
l2jtHwmtep4=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:21:02 2024 by rpki-client on console-fra.rpki-client.org