Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/bwLcB4QMwEb0Ra37b6n8hFIn1Ss.roa
File: bwLcB4QMwEb0Ra37b6n8hFIn1Ss.roa (raw, json)
Hash identifier: kKDz11tcuGZCiEbaZCx8KbnMj/9yntCddovOspalB8w=
Subject key identifier: 6F:02:DC:07:84:0C:C0:46:F4:45:AD:FB:6F:A9:FC:84:52:27:D5:2B
Certificate issuer: /CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Certificate serial: 018EBEAFC182A6654E1099062B8A153A5615
Authority key identifier: 9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/bwLcB4QMwEb0Ra37b6n8hFIn1Ss.roa
Signing time: Mon 08 Apr 2024 17:09:33 +0000
ROA not before: Mon 08 Apr 2024 17:09:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48749
IP address blocks: 86.107.59.0/24 maxlen: 24
2a05:8883:ffff::/48 maxlen: 48
2a0f:55c7:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:af:c1:82:a6:65:4e:10:99:06:2b:8a:15:3a:56:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9c542f5df3c1acb857fd50eeb016eed07385ff8c
Validity
Not Before: Apr 8 17:09:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f02dc07840cc046f445adfb6fa9fc845227d52b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:df:0c:9e:c3:42:09:55:76:97:61:89:2a:f6:
4c:22:0c:c3:5e:f7:11:83:d5:b9:fc:bd:75:f8:a1:
8f:db:44:cd:fd:f7:6b:73:82:0f:2c:5d:1e:b4:f7:
e4:b5:1d:3f:47:cc:0f:07:7d:12:12:48:6e:09:d0:
00:15:35:79:cd:7d:06:76:fb:8a:fb:90:ce:e9:a0:
e1:97:2d:e4:e0:1b:78:89:36:ab:ab:b1:7d:74:40:
c7:8f:71:d5:43:46:86:6d:05:47:d4:fb:a1:7d:48:
16:8a:14:ea:72:e6:7a:d3:4e:69:28:a8:d6:fb:d3:
eb:d8:d3:38:bf:a3:bd:a3:c2:7a:b5:99:eb:dc:3a:
c7:d0:95:33:3a:90:2c:de:42:7b:65:6c:59:60:9b:
a9:b3:3f:e5:fe:ab:54:2d:b3:11:31:bd:8f:4e:c5:
93:bb:77:b1:aa:fb:14:f9:18:45:bc:8e:c0:d0:9b:
05:32:ae:2e:54:4d:3f:d8:76:ee:d3:e6:e6:6d:df:
c7:b7:3d:41:00:10:d9:77:f8:16:ac:65:d3:88:d3:
1b:7d:23:e7:67:3c:50:8f:e6:23:e7:8c:43:b5:7a:
91:4a:b7:fe:9c:b0:da:4b:5c:86:89:6d:3d:86:4a:
d9:f8:d5:e8:b1:6c:7c:4e:2a:2f:7f:b6:ec:cf:e0:
7b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:02:DC:07:84:0C:C0:46:F4:45:AD:FB:6F:A9:FC:84:52:27:D5:2B
X509v3 Authority Key Identifier:
keyid:9C:54:2F:5D:F3:C1:AC:B8:57:FD:50:EE:B0:16:EE:D0:73:85:FF:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nFQvXfPBrLhX_VDusBbu0HOF_4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/bwLcB4QMwEb0Ra37b6n8hFIn1Ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/fb791b-8013-458a-9a1e-25dbf43804c5/1/nFQvXfPBrLhX_VDusBbu0HOF_4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.107.59.0/24
IPv6:
2a05:8883:ffff::/48
2a0f:55c7:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
43:b4:13:86:18:49:01:ae:a6:ba:ad:1f:d4:ae:f9:b5:21:0a:
1c:e0:dc:34:ae:9b:a5:47:d6:40:08:02:8c:e1:03:25:6d:b9:
69:02:9f:08:02:66:57:9e:91:93:66:bf:cf:6a:c2:23:ec:42:
ea:d2:0f:cb:f2:c0:77:fe:6b:56:3e:f2:28:26:ca:d6:7a:06:
8f:06:f4:8c:eb:07:d2:d2:b9:be:0a:5e:09:e2:aa:cf:d3:6f:
de:82:9d:68:e5:9c:a6:49:35:94:c5:42:10:b9:3e:4d:56:d6:
b4:db:50:d6:1b:14:d9:7b:92:5c:97:24:39:2c:4b:c6:56:8f:
d2:be:e6:26:46:b8:48:f1:80:38:c2:3e:1c:e0:13:f8:06:b0:
f4:b7:cf:24:69:5d:12:a6:d7:90:5d:a1:5b:65:09:06:cc:4a:
7b:ba:b8:3b:44:6d:cc:54:4e:2b:d7:a3:84:72:65:83:20:c6:
98:86:81:32:53:da:e2:ce:c6:62:cf:19:ec:8b:db:6e:cf:fb:
0c:f9:0b:7d:83:ae:d4:13:75:90:76:10:d4:f1:20:47:1d:45:
82:65:63:0e:46:15:26:f0:0d:67:5d:34:21:89:45:65:4c:8a:
99:92:3e:e6:88:90:0e:52:78:d0:4b:c7:35:fc:ac:78:a4:2e:
43:17:f2:92
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY6+r8GCpmVOEJkGK4oVOlYVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDljNTQyZjVkZjNjMWFjYjg1N2ZkNTBlZWIwMTZlZWQwNzM4
NWZmOGMwHhcNMjQwNDA4MTcwOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjAyZGMwNzg0MGNjMDQ2ZjQ0NWFkZmI2ZmE5ZmM4NDUyMjdkNTJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkN8MnsNCCVV2l2GJKvZMIgzDXvcR
g9W5/L11+KGP20TN/fdrc4IPLF0etPfktR0/R8wPB30SEkhuCdAAFTV5zX0GdvuK
+5DO6aDhly3k4Bt4iTarq7F9dEDHj3HVQ0aGbQVH1PuhfUgWihTqcuZ6005pKKjW
+9Pr2NM4v6O9o8J6tZnr3DrH0JUzOpAs3kJ7ZWxZYJupsz/l/qtULbMRMb2PTsWT
u3exqvsU+RhFvI7A0JsFMq4uVE0/2Hbu0+bmbd/Htz1BABDZd/gWrGXTiNMbfSPn
ZzxQj+Yj54xDtXqRSrf+nLDaS1yGiW09hkrZ+NXosWx8Tiovf7bsz+B7swIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFG8C3AeEDMBG9EWt+2+p/IRSJ9UrMB8GA1UdIwQY
MBaAFJxUL13zway4V/1Q7rAW7tBzhf+MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUt
MjVkYmY0MzgwNGM1LzEvYndMY0I0UU13RWIwUmEzN2I2bjhoRkluMVNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS9mYjc5MWItODAxMy00NThhLTlhMWUtMjVkYmY0MzgwNGM1
LzEvbkZRdlhmUEJyTGhYX1ZEdXNCYnUwSE9GXzR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQAVms7MBgE
AgACMBIDBwAqBYiD//8DBwAqD1XH//8wDQYJKoZIhvcNAQELBQADggEBAEO0E4YY
SQGuprqtH9Su+bUhChzg3DSum6VH1kAIAozhAyVtuWkCnwgCZleekZNmv89qwiPs
QurSD8vywHf+a1Y+8igmytZ6Bo8G9IzrB9LSub4KXgniqs/Tb96CnWjlnKZJNZTF
QhC5Pk1W1rTbUNYbFNl7klyXJDksS8ZWj9K+5iZGuEjxgDjCPhzgE/gGsPS3zyRp
XRKm15BdoVtlCQbMSnu6uDtEbcxUTivXo4RyZYMgxpiGgTJT2uLOxmLPGeyL227P
+wz5C32DrtQTdZB2ENTxIEcdRYJlYw5GFSbwDWddNCGJRWVMipmSPuaIkA5SeNBL
xzX8rHikLkMX8pI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:13:50 2024 by rpki-client on console-fra.rpki-client.org