Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/BWUIt6vEnUaBQD4tgt9z9FatIDQ.roa
File: BWUIt6vEnUaBQD4tgt9z9FatIDQ.roa (raw, json)
Hash identifier: sGPPl889jeGqU7CCkhgqbgWGVH93C3hJ1ctLTRWoGnQ=
Subject key identifier: 05:65:08:B7:AB:C4:9D:46:81:40:3E:2D:82:DF:73:F4:56:AD:20:34
Certificate issuer: /CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Certificate serial: 0190A0EEF9F67617BD2E021CCE7A55B5F308
Authority key identifier: 44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/BWUIt6vEnUaBQD4tgt9z9FatIDQ.roa
Signing time: Thu 11 Jul 2024 08:35:34 +0000
ROA not before: Thu 11 Jul 2024 08:35:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211027
IP address blocks: 2a09:3d00::/29 maxlen: 36
2a09:b680::/29 maxlen: 36
2a0f:c582::/32 maxlen: 32
2a10:c340:7000::/36 maxlen: 36
2a11:200:2000::/36 maxlen: 36
2a11:780::/29 maxlen: 36
2a11:b80::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.mft
rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a0:ee:f9:f6:76:17:bd:2e:02:1c:ce:7a:55:b5:f3:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4459ec2a5fd53909c5239f4cc8d6d329a2779bb1
Validity
Not Before: Jul 11 08:35:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=056508b7abc49d4681403e2d82df73f456ad2034
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:78:c7:4f:42:2e:ab:3c:a4:f0:b7:7d:9d:ca:
9f:17:79:0b:3d:28:6f:00:9c:0c:b2:ba:36:09:8f:
c0:c5:ec:5f:39:19:1d:f7:d7:0b:54:54:cd:b4:1a:
90:f5:a1:ee:21:1b:49:08:a7:fc:68:64:42:8e:3d:
26:5c:50:ac:24:40:30:79:bf:e2:20:b5:f2:43:44:
6a:2f:b5:2c:d7:d6:ce:1f:a3:ec:d7:09:fc:dc:a8:
3b:01:d0:e2:fb:3e:d6:46:dc:d1:da:df:5e:4e:5e:
46:ef:be:8b:5a:78:48:62:dd:de:69:96:f1:3c:b8:
23:60:03:af:75:ee:4e:50:de:07:da:ce:8d:c3:ce:
dc:aa:51:61:16:7a:68:f0:f2:14:b6:19:a0:df:6d:
3c:6e:1f:0b:ba:5c:ac:eb:97:99:79:8a:6d:45:28:
bf:5f:a0:a8:f6:ce:fd:91:f3:24:78:7c:67:f0:11:
65:3c:a3:cf:9a:1a:23:fb:04:1f:69:2e:53:bf:70:
06:c2:ec:1c:25:54:34:cd:4f:d8:bd:c0:e6:53:6e:
16:15:d6:e1:21:62:b6:78:3f:66:fe:2c:24:d1:4b:
47:e9:30:52:de:ac:11:e5:55:ec:7f:8e:58:34:f2:
bc:9d:39:c4:dd:f2:21:74:5a:25:96:79:0f:28:3e:
7e:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:65:08:B7:AB:C4:9D:46:81:40:3E:2D:82:DF:73:F4:56:AD:20:34
X509v3 Authority Key Identifier:
keyid:44:59:EC:2A:5F:D5:39:09:C5:23:9F:4C:C8:D6:D3:29:A2:77:9B:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RFnsKl_VOQnFI59MyNbTKaJ3m7E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/BWUIt6vEnUaBQD4tgt9z9FatIDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/f0ae62-c107-43ce-a8a9-6b4372602096/1/RFnsKl_VOQnFI59MyNbTKaJ3m7E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:3d00::/29
2a09:b680::/29
2a0f:c582::/32
2a10:c340:7000::/36
2a11:200:2000::/36
2a11:780::/29
2a11:b80::/29
Signature Algorithm: sha256WithRSAEncryption
0a:68:40:06:1c:37:41:f3:66:ce:06:d6:24:6d:ea:7d:a0:1f:
27:57:80:39:e7:0d:6c:65:18:bf:c8:8e:0c:d2:5f:92:07:a8:
65:9e:27:ce:00:c7:46:75:48:90:b4:48:63:24:6a:28:c2:17:
b1:22:d1:e5:53:1d:25:ff:13:11:10:f4:d0:b3:db:29:85:84:
61:24:25:78:f3:47:1c:03:a0:71:3f:db:b1:47:d4:3a:54:27:
3c:7a:36:64:a6:a8:b7:0b:2d:eb:5f:a3:e5:9f:44:3b:a7:77:
b1:b7:49:6b:d7:ec:8d:94:d3:56:dd:c6:53:fd:01:b8:7b:06:
94:7b:db:15:05:6c:c4:90:8d:f2:4d:50:60:7d:e3:bf:43:68:
58:56:9e:1a:ee:17:c3:0d:ac:4c:c7:a3:dd:50:f5:af:79:5b:
fa:d9:37:a2:75:93:e9:c7:e9:a1:51:d1:c4:33:59:f5:44:50:
da:1a:c3:01:85:e4:e2:91:03:ee:a2:8e:5b:24:e7:52:25:66:
2b:8e:81:5a:05:84:aa:bc:72:08:70:c2:99:6e:7f:2c:34:32:
b6:a0:57:7b:a9:08:59:0f:7a:81:3e:79:20:10:60:21:5c:46:
27:a1:df:4a:38:9e:fe:3e:ec:f4:01:09:db:56:72:75:fb:66:
3a:a5:f2:1a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZCg7vn2dhe9LgIcznpVtfMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0NTllYzJhNWZkNTM5MDljNTIzOWY0Y2M4ZDZkMzI5YTI3
NzliYjEwHhcNMjQwNzExMDgzNTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTY1MDhiN2FiYzQ5ZDQ2ODE0MDNlMmQ4MmRmNzNmNDU2YWQyMDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinjHT0Iuqzyk8Ld9ncqfF3kLPShv
AJwMsro2CY/AxexfORkd99cLVFTNtBqQ9aHuIRtJCKf8aGRCjj0mXFCsJEAweb/i
ILXyQ0RqL7Us19bOH6Ps1wn83Kg7AdDi+z7WRtzR2t9eTl5G776LWnhIYt3eaZbx
PLgjYAOvde5OUN4H2s6Nw87cqlFhFnpo8PIUthmg3208bh8Lulys65eZeYptRSi/
X6Co9s79kfMkeHxn8BFlPKPPmhoj+wQfaS5Tv3AGwuwcJVQ0zU/YvcDmU24WFdbh
IWK2eD9m/iwk0UtH6TBS3qwR5VXsf45YNPK8nTnE3fIhdFollnkPKD5+pwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAVlCLerxJ1GgUA+LYLfc/RWrSA0MB8GA1UdIwQY
MBaAFERZ7Cpf1TkJxSOfTMjW0ymid5uxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTkt
NmI0MzcyNjAyMDk2LzEvQldVSXQ2dkVuVWFCUUQ0dGd0OXo5RmF0SURRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny9mMGFlNjItYzEwNy00M2NlLWE4YTktNmI0MzcyNjAyMDk2
LzEvUkZuc0tsX1ZPUW5GSTU5TXlOYlRLYUozbTdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzA5BAIAAjAzAwUDKgk9AAMF
AyoJtoADBQAqD8WCAwYEKhDDQHADBgQqEQIAIAMFAyoRB4ADBQMqEQuAMA0GCSqG
SIb3DQEBCwUAA4IBAQAKaEAGHDdB82bOBtYkbep9oB8nV4A55w1sZRi/yI4M0l+S
B6hlnifOAMdGdUiQtEhjJGoowhexItHlUx0l/xMREPTQs9sphYRhJCV480ccA6Bx
P9uxR9Q6VCc8ejZkpqi3Cy3rX6Pln0Q7p3ext0lr1+yNlNNW3cZT/QG4ewaUe9sV
BWzEkI3yTVBgfeO/Q2hYVp4a7hfDDaxMx6PdUPWveVv62TeidZPpx+mhUdHEM1n1
RFDaGsMBheTikQPuoo5bJOdSJWYrjoFaBYSqvHIIcMKZbn8sNDK2oFd7qQhZD3qB
PnkgEGAhXEYnod9KOJ7+Puz0AQnbVnJ1+2Y6pfIa
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:14:49 2024 by rpki-client on console-fra.rpki-client.org