Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/bBg87APjDYZsh_vVwNd8St1GATA.roa
File: bBg87APjDYZsh_vVwNd8St1GATA.roa (raw, json)
Hash identifier: ph3gzanUfKJM/aYDf0ZzD7JQtXlReg/xbf2sXT3IBW4=
Subject key identifier: 6C:18:3C:EC:03:E3:0D:86:6C:87:FB:D5:C0:D7:7C:4A:DD:46:01:30
Certificate issuer: /CN=50980fb6ade858f2652e736993126c85759f06d9
Certificate serial: 018CC72726D249BA869F9B5BE9A766321958
Authority key identifier: 50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/bBg87APjDYZsh_vVwNd8St1GATA.roa
Signing time: Mon 01 Jan 2024 22:31:20 +0000
ROA not before: Mon 01 Jan 2024 22:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 91.232.8.0/22 maxlen: 24
91.218.176.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:26:d2:49:ba:86:9f:9b:5b:e9:a7:66:32:19:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50980fb6ade858f2652e736993126c85759f06d9
Validity
Not Before: Jan 1 22:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c183cec03e30d866c87fbd5c0d77c4add460130
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b9:9a:1e:5d:99:fa:1f:5f:66:7e:fe:94:22:
2f:00:8a:a1:f6:7e:cd:e0:c8:6c:10:7c:58:d5:95:
f4:49:2f:41:7f:70:c7:7b:aa:36:eb:6a:3b:df:55:
5e:99:78:cf:4a:e2:1e:95:55:c2:03:c4:81:29:03:
d9:36:b3:9e:20:05:a4:90:51:c8:a5:88:4c:27:b7:
4e:e5:5c:cc:9d:19:2a:0a:21:da:43:02:be:c2:94:
34:e6:8d:c0:43:ca:94:c3:20:8d:a7:4c:a7:fe:10:
70:79:c6:3a:17:28:6d:ce:68:7d:68:ba:43:23:9c:
27:90:bf:40:06:c2:2c:c3:53:3c:72:bc:12:76:4f:
d1:f8:8b:c3:b7:98:31:44:db:89:d6:6c:54:a7:2f:
06:37:34:f6:f2:c3:f8:6b:1b:7a:b1:ee:3e:1b:51:
0f:d9:9e:89:50:c6:ba:c6:45:f4:de:d3:64:61:c9:
4c:5b:72:6f:b5:97:d8:aa:e9:54:af:d3:78:fe:65:
55:cf:9d:04:0e:a3:e5:35:bb:78:17:7b:f9:f4:7b:
9d:8a:75:a1:57:b9:5f:f6:20:ff:b7:00:84:cc:b0:
ab:b0:08:c3:8d:91:c7:e0:f5:4d:1e:df:f2:73:dc:
4e:12:ee:5d:0e:0f:2d:3a:33:47:38:69:d9:cf:2f:
76:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:18:3C:EC:03:E3:0D:86:6C:87:FB:D5:C0:D7:7C:4A:DD:46:01:30
X509v3 Authority Key Identifier:
keyid:50:98:0F:B6:AD:E8:58:F2:65:2E:73:69:93:12:6C:85:75:9F:06:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UJgPtq3oWPJlLnNpkxJshXWfBtk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/bBg87APjDYZsh_vVwNd8St1GATA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/3c7af6-f466-4d87-b9f1-cca79a69820a/1/UJgPtq3oWPJlLnNpkxJshXWfBtk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.218.176.0/22
91.232.8.0/22
Signature Algorithm: sha256WithRSAEncryption
8d:4e:00:1d:5a:85:2a:ee:e6:35:03:88:59:56:ee:e3:15:42:
de:f4:7c:83:7e:6d:55:95:a9:b3:32:06:1f:e4:f2:7f:1e:80:
3b:19:a1:1f:13:23:74:23:7d:d1:18:c4:32:17:70:92:0e:3c:
e7:fb:b7:16:05:70:71:3c:67:36:06:e7:ce:44:ae:d8:4c:ff:
fb:de:94:9f:48:48:a3:eb:29:e5:15:a2:0d:f4:03:cd:e4:27:
27:6b:71:b2:06:5d:b0:ab:c7:e0:c7:17:08:22:87:74:c8:b0:
eb:15:97:39:09:01:1e:1b:f8:a9:09:1e:b6:67:26:a4:db:a5:
36:49:ed:87:13:bb:a7:2e:6a:d4:ca:cb:ba:71:bd:9b:a9:95:
1a:ef:10:b2:19:06:53:10:ca:63:89:c2:8f:9f:dc:56:bb:5f:
3f:00:87:1e:d6:ea:9c:29:42:bb:22:be:a2:ce:f6:68:4e:8e:
2c:0b:1d:a8:2a:3e:90:73:8b:64:1a:79:dc:a3:d0:28:50:dc:
25:39:f0:a3:2e:8e:cb:7c:f6:7e:78:d7:fa:6a:a8:67:5e:2c:
9d:f2:6c:e5:9e:71:43:70:bd:15:71:fc:09:c3:68:e4:f7:46:
10:3b:9d:93:7c:a5:c9:ee:d7:0a:02:dd:11:7f:fc:29:3c:37:
24:ca:97:bf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJybSSbqGn5tb6admMhlYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwOTgwZmI2YWRlODU4ZjI2NTJlNzM2OTkzMTI2Yzg1NzU5
ZjA2ZDkwHhcNMjQwMTAxMjIzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzE4M2NlYzAzZTMwZDg2NmM4N2ZiZDVjMGQ3N2M0YWRkNDYwMTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrmaHl2Z+h9fZn7+lCIvAIqh9n7N
4MhsEHxY1ZX0SS9Bf3DHe6o262o731VemXjPSuIelVXCA8SBKQPZNrOeIAWkkFHI
pYhMJ7dO5VzMnRkqCiHaQwK+wpQ05o3AQ8qUwyCNp0yn/hBwecY6Fyhtzmh9aLpD
I5wnkL9ABsIsw1M8crwSdk/R+IvDt5gxRNuJ1mxUpy8GNzT28sP4axt6se4+G1EP
2Z6JUMa6xkX03tNkYclMW3JvtZfYqulUr9N4/mVVz50EDqPlNbt4F3v59HudinWh
V7lf9iD/twCEzLCrsAjDjZHH4PVNHt/yc9xOEu5dDg8tOjNHOGnZzy92BwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGwYPOwD4w2GbIf71cDXfErdRgEwMB8GA1UdIwQY
MBaAFFCYD7at6FjyZS5zaZMSbIV1nwbZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEt
Y2NhNzlhNjk4MjBhLzEvYkJnODdBUGpEWVpzaF92VndOZDhTdDFHQVRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC8zYzdhZjYtZjQ2Ni00ZDg3LWI5ZjEtY2NhNzlhNjk4MjBh
LzEvVUpnUHRxM29XUEpsTG5OcGt4SnNoWFdmQnRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW9qwAwQC
W+gIMA0GCSqGSIb3DQEBCwUAA4IBAQCNTgAdWoUq7uY1A4hZVu7jFULe9HyDfm1V
lamzMgYf5PJ/HoA7GaEfEyN0I33RGMQyF3CSDjzn+7cWBXBxPGc2BufORK7YTP/7
3pSfSEij6ynlFaIN9APN5Ccna3GyBl2wq8fgxxcIIod0yLDrFZc5CQEeG/ipCR62
Zyak26U2Se2HE7unLmrUysu6cb2bqZUa7xCyGQZTEMpjicKPn9xWu18/AIce1uqc
KUK7Ir6izvZoTo4sCx2oKj6Qc4tkGnnco9AoUNwlOfCjLo7LfPZ+eNf6aqhnXiyd
8mzlnnFDcL0VcfwJw2jk90YQO52TfKXJ7tcKAt0Rf/wpPDckype/
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:51:48 2024 by rpki-client on console-fra.rpki-client.org