Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/Bb3nt7ZJNgJ_IsOSfTRi94xJdIU.roa
File: Bb3nt7ZJNgJ_IsOSfTRi94xJdIU.roa (raw, json)
Hash identifier: jEpLcItVm5XqrWN7XwZN1w4tCUgb1DJOWzYJIRksl8k=
Subject key identifier: 05:BD:E7:B7:B6:49:36:02:7F:22:C3:92:7D:34:62:F7:8C:49:74:85
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 019246ECACE8201954FABD24FE523E617D40
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/Bb3nt7ZJNgJ_IsOSfTRi94xJdIU.roa
Signing time: Tue 01 Oct 2024 07:12:48 +0000
ROA not before: Tue 01 Oct 2024 07:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49549
IP address blocks: 146.19.128.0/24 maxlen: 24
178.250.187.0/24 maxlen: 24
178.250.191.0/24 maxlen: 24
193.0.227.0/24 maxlen: 24
193.0.229.0/24 maxlen: 24
193.0.230.0/24 maxlen: 24
193.0.239.0/24 maxlen: 24
217.119.129.0/24 maxlen: 24
2a0f:cdc2::/32 maxlen: 32
2a0f:cdc4::/32 maxlen: 32
2a0f:cdc5::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:46:ec:ac:e8:20:19:54:fa:bd:24:fe:52:3e:61:7d:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Oct 1 07:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05bde7b7b64936027f22c3927d3462f78c497485
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:37:dc:46:96:d0:65:53:25:98:b5:d9:73:57:
fe:84:61:04:ca:ed:42:33:d1:21:68:09:e1:f0:85:
86:0f:b6:68:a5:47:49:78:06:80:fd:5e:a6:72:08:
f6:28:bf:5d:9e:6c:df:f7:cb:c8:4b:fa:9f:cc:eb:
f4:28:b7:da:a0:3d:13:60:f5:39:ff:07:f7:78:76:
93:fd:d7:c1:f2:08:51:68:fb:26:63:b5:5c:84:fe:
dd:f0:06:f0:b9:b0:0a:82:14:8e:60:14:49:7a:17:
a8:86:16:92:b8:13:bc:03:c3:83:f1:39:dc:d4:bf:
81:8b:85:27:d7:03:dc:89:c3:40:4a:ff:8f:b4:c2:
c6:cb:a3:81:5b:14:d8:d1:76:f8:61:7a:02:c9:11:
d6:a4:6e:d9:62:0e:86:65:71:87:2b:6e:2d:4c:d5:
44:ab:33:57:fd:af:21:81:c7:75:94:2b:b0:1f:53:
f4:94:1f:f5:e4:25:03:a0:28:34:8a:7f:1f:fe:51:
ce:3c:83:5c:66:dc:b8:b2:51:1d:66:fa:11:b9:8b:
92:9f:3c:7b:ee:cd:29:cf:22:2f:73:8e:86:d0:4e:
20:a3:5b:81:e1:0d:55:31:7c:68:72:be:c0:a9:9e:
01:7f:4d:df:1b:84:39:09:a9:60:30:b7:2c:81:3d:
1b:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:BD:E7:B7:B6:49:36:02:7F:22:C3:92:7D:34:62:F7:8C:49:74:85
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/Bb3nt7ZJNgJ_IsOSfTRi94xJdIU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.128.0/24
178.250.187.0/24
178.250.191.0/24
193.0.227.0/24
193.0.229.0-193.0.230.255
193.0.239.0/24
217.119.129.0/24
IPv6:
2a0f:cdc2::/32
2a0f:cdc4::/31
Signature Algorithm: sha256WithRSAEncryption
24:82:fc:72:9f:37:d8:6c:3a:2b:5f:8e:c4:d7:33:d4:89:27:
93:9b:e5:9a:e8:73:2b:8b:90:db:d9:3c:7b:b2:1c:f6:99:33:
89:f1:1f:9f:74:99:e5:91:28:70:66:71:4a:47:87:09:7c:34:
f3:a8:33:78:10:c1:33:f2:d3:73:c6:46:f6:99:9c:4c:bb:f0:
c1:db:83:4c:cc:47:b2:9a:da:de:bd:f3:24:3c:b4:fa:46:79:
7c:78:b7:65:fe:bf:80:39:b3:ef:97:1e:5d:8f:d8:6c:56:03:
a3:cd:00:52:45:6b:c3:32:63:9f:4a:7f:50:33:76:66:5c:07:
89:45:cb:ac:0c:25:ac:21:1e:83:e9:a6:18:58:6a:5d:e2:48:
6d:58:b5:34:4f:fd:89:72:97:ce:c7:f1:61:91:bd:26:70:7c:
3e:5c:73:9d:dd:f6:9d:78:0d:57:21:37:fe:a7:e4:88:a3:ac:
bc:b6:ad:33:b2:0b:00:7c:10:4a:d7:b8:fe:b6:ef:0c:f1:46:
7a:4d:6f:29:c5:6c:8c:26:8e:37:f2:d2:22:8b:fd:73:eb:9a:
21:47:95:31:94:c1:7c:a5:0e:13:4e:41:44:5f:9c:93:c6:32:
21:ba:ab:40:93:7c:8d:a2:13:9d:99:63:bf:79:a8:9c:6d:be:
7d:43:63:09
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZJG7KzoIBlU+r0k/lI+YX1AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjQxMDAxMDcxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWJkZTdiN2I2NDkzNjAyN2YyMmMzOTI3ZDM0NjJmNzhjNDk3NDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjfcRpbQZVMlmLXZc1f+hGEEyu1C
M9EhaAnh8IWGD7ZopUdJeAaA/V6mcgj2KL9dnmzf98vIS/qfzOv0KLfaoD0TYPU5
/wf3eHaT/dfB8ghRaPsmY7VchP7d8AbwubAKghSOYBRJeheohhaSuBO8A8OD8Tnc
1L+Bi4Un1wPcicNASv+PtMLGy6OBWxTY0Xb4YXoCyRHWpG7ZYg6GZXGHK24tTNVE
qzNX/a8hgcd1lCuwH1P0lB/15CUDoCg0in8f/lHOPINcZty4slEdZvoRuYuSnzx7
7s0pzyIvc46G0E4go1uB4Q1VMXxocr7AqZ4Bf03fG4Q5CalgMLcsgT0bTQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAW957e2STYCfyLDkn00YveMSXSFMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvQmIzbnQ3WkpOZ0pfSXNPU2ZUUmk5NHhKZElVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDA4BAIAATAyAwQAkhOAAwQA
svq7AwQAsvq/AwQAwQDjMAwDBADBAOUDBADBAOYDBADBAO8DBADZd4EwFAQCAAIw
DgMFACoPzcIDBQEqD83EMA0GCSqGSIb3DQEBCwUAA4IBAQAkgvxynzfYbDorX47E
1zPUiSeTm+Wa6HMri5Db2Tx7shz2mTOJ8R+fdJnlkShwZnFKR4cJfDTzqDN4EMEz
8tNzxkb2mZxMu/DB24NMzEeymtrevfMkPLT6Rnl8eLdl/r+AObPvlx5dj9hsVgOj
zQBSRWvDMmOfSn9QM3ZmXAeJRcusDCWsIR6D6aYYWGpd4khtWLU0T/2JcpfOx/Fh
kb0mcHw+XHOd3fadeA1XITf+p+SIo6y8tq0zsgsAfBBK17j+tu8M8UZ6TW8pxWyM
Jo438tIii/1z65ohR5UxlMF8pQ4TTkFEX5yTxjIhuqtAk3yNohOdmWO/eaicbb59
Q2MJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 17:51:39 2024 by rpki-client on console-ams.rpki-client.org