Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/BMeTBB67tG_oMrVsUye27IndD5c.roa
File: BMeTBB67tG_oMrVsUye27IndD5c.roa (raw, json)
Hash identifier: vGHdzIV697aeRKKdHW+2Vuph0S2T+IZtP/+YD64DsPM=
Subject key identifier: 04:C7:93:04:1E:BB:B4:6F:E8:32:B5:6C:53:27:B6:EC:89:DD:0F:97
Certificate issuer: /CN=c32a16b207e3b6f6f72d3d0ad5fceba8ea103636
Certificate serial: 018CC64B7EE4AB6D58996DF871B30A13B341
Authority key identifier: C3:2A:16:B2:07:E3:B6:F6:F7:2D:3D:0A:D5:FC:EB:A8:EA:10:36:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wyoWsgfjtvb3LT0K1fzrqOoQNjY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/BMeTBB67tG_oMrVsUye27IndD5c.roa
Signing time: Mon 01 Jan 2024 18:31:25 +0000
ROA not before: Mon 01 Jan 2024 18:31:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198290
IP address blocks: 193.169.158.0/23 maxlen: 24
185.44.56.0/22 maxlen: 24
2a01:7360::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/wyoWsgfjtvb3LT0K1fzrqOoQNjY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/wyoWsgfjtvb3LT0K1fzrqOoQNjY.mft
rsync://rpki.ripe.net/repository/DEFAULT/wyoWsgfjtvb3LT0K1fzrqOoQNjY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:7e:e4:ab:6d:58:99:6d:f8:71:b3:0a:13:b3:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c32a16b207e3b6f6f72d3d0ad5fceba8ea103636
Validity
Not Before: Jan 1 18:31:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04c793041ebbb46fe832b56c5327b6ec89dd0f97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d4:92:c1:ee:50:a9:2a:5f:93:a3:07:be:b3:
d7:62:b2:9b:53:c4:44:09:00:dd:a4:dd:ae:4d:21:
d0:c4:ef:d4:bd:4e:fe:6f:6f:61:05:e8:58:6e:24:
ad:c5:45:7b:70:76:cb:2f:63:96:39:e2:0f:72:7c:
2c:b9:8e:c2:68:52:67:ec:47:eb:b1:35:93:e1:54:
d3:26:a4:f3:d3:80:c5:6a:22:f2:9c:8a:5f:b9:f2:
59:91:cd:6f:5b:9c:37:c1:83:6d:16:72:e8:05:d1:
c7:c8:84:21:d6:d4:c7:47:c7:d3:ce:dd:77:1e:48:
1a:f7:c9:da:b0:47:8d:30:b8:41:95:48:55:cb:fc:
b0:e9:95:f9:42:e3:31:32:40:be:4c:1f:75:75:0a:
7a:9d:ab:9b:69:34:2c:0e:41:05:48:66:74:1a:27:
2e:89:ca:c5:79:51:81:4c:6f:83:43:01:7a:bc:b6:
12:2c:4d:84:b4:f3:bf:3f:05:6f:d5:cc:c9:35:7d:
c1:12:ef:a9:37:5c:9e:06:fe:00:4c:f2:95:94:54:
0e:6d:06:fb:f2:75:ec:74:35:ea:3e:bf:2d:25:c1:
08:19:50:e1:26:37:54:44:e9:8b:3b:0d:47:14:e3:
4d:d5:ab:b8:5b:68:fe:32:c5:0d:54:e8:3c:30:18:
f7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C7:93:04:1E:BB:B4:6F:E8:32:B5:6C:53:27:B6:EC:89:DD:0F:97
X509v3 Authority Key Identifier:
keyid:C3:2A:16:B2:07:E3:B6:F6:F7:2D:3D:0A:D5:FC:EB:A8:EA:10:36:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wyoWsgfjtvb3LT0K1fzrqOoQNjY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/BMeTBB67tG_oMrVsUye27IndD5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/9a694b-c61b-41b2-93ce-4dc2f793c3cd/1/wyoWsgfjtvb3LT0K1fzrqOoQNjY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.44.56.0/22
193.169.158.0/23
IPv6:
2a01:7360::/32
Signature Algorithm: sha256WithRSAEncryption
9f:92:32:fe:4d:e1:21:79:39:c8:7f:47:f3:dd:98:af:22:8e:
98:3b:12:fd:a6:2e:ac:44:7d:a7:95:b0:aa:04:ea:20:bf:37:
17:c2:8c:6f:ef:74:79:24:29:da:19:94:6a:8c:c6:a0:81:eb:
64:aa:08:c8:36:1d:da:fa:44:6e:32:82:68:74:39:27:f2:d0:
de:96:67:1b:ad:14:a8:93:d2:b5:e2:3e:a0:88:c3:a7:45:90:
09:cf:af:79:91:30:2c:0c:0e:a6:72:3f:41:b8:02:ca:b0:b7:
b3:3d:9b:1e:45:42:b1:28:2b:73:5e:0e:32:bf:31:dd:88:f8:
7b:b5:c2:98:18:b5:8c:1e:26:65:f2:0c:85:4d:6c:f6:c9:1b:
aa:7c:f1:e1:40:db:12:34:41:2a:6f:ca:bf:cb:39:fc:8a:95:
46:f1:36:14:44:8d:82:8d:59:ea:34:4a:70:07:43:58:5d:ca:
2b:eb:1c:d5:6a:0a:28:33:1d:71:0c:6a:7d:ee:93:f4:79:7f:
eb:49:44:73:c4:ac:24:f3:c0:49:79:ce:4a:a8:1a:fe:bc:d0:
b8:a3:89:65:32:d4:af:49:79:a1:6f:67:d4:d6:77:b0:e1:f5:
65:2e:7f:2f:4b:e5:65:5f:b5:e6:ac:14:ab:a5:c7:2a:0a:0a:
76:20:05:0d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGS37kq21YmW34cbMKE7NBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMmExNmIyMDdlM2I2ZjZmNzJkM2QwYWQ1ZmNlYmE4ZWEx
MDM2MzYwHhcNMjQwMTAxMTgzMTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGM3OTMwNDFlYmJiNDZmZTgzMmI1NmM1MzI3YjZlYzg5ZGQwZjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv9SSwe5QqSpfk6MHvrPXYrKbU8RE
CQDdpN2uTSHQxO/UvU7+b29hBehYbiStxUV7cHbLL2OWOeIPcnwsuY7CaFJn7Efr
sTWT4VTTJqTz04DFaiLynIpfufJZkc1vW5w3wYNtFnLoBdHHyIQh1tTHR8fTzt13
Hkga98nasEeNMLhBlUhVy/yw6ZX5QuMxMkC+TB91dQp6naubaTQsDkEFSGZ0Gicu
icrFeVGBTG+DQwF6vLYSLE2EtPO/PwVv1czJNX3BEu+pN1yeBv4ATPKVlFQObQb7
8nXsdDXqPr8tJcEIGVDhJjdUROmLOw1HFONN1au4W2j+MsUNVOg8MBj3swIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFATHkwQeu7Rv6DK1bFMntuyJ3Q+XMB8GA1UdIwQY
MBaAFMMqFrIH47b29y09CtX866jqEDY2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3lvV3NnZmp0dmIzTFQwSzFmenJxT29RTmpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC85YTY5NGItYzYxYi00MWIyLTkzY2Ut
NGRjMmY3OTNjM2NkLzEvQk1lVEJCNjd0R19vTXJWc1V5ZTI3SW5kRDVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC85YTY5NGItYzYxYi00MWIyLTkzY2UtNGRjMmY3OTNjM2Nk
LzEvd3lvV3NnZmp0dmIzTFQwSzFmenJxT29RTmpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuSw4AwQB
wameMA0EAgACMAcDBQAqAXNgMA0GCSqGSIb3DQEBCwUAA4IBAQCfkjL+TeEheTnI
f0fz3ZivIo6YOxL9pi6sRH2nlbCqBOogvzcXwoxv73R5JCnaGZRqjMaggetkqgjI
Nh3a+kRuMoJodDkn8tDelmcbrRSok9K14j6giMOnRZAJz695kTAsDA6mcj9BuALK
sLezPZseRUKxKCtzXg4yvzHdiPh7tcKYGLWMHiZl8gyFTWz2yRuqfPHhQNsSNEEq
b8q/yzn8ipVG8TYURI2CjVnqNEpwB0NYXcor6xzVagooMx1xDGp97pP0eX/rSURz
xKwk88BJec5KqBr+vNC4o4llMtSvSXmhb2fU1new4fVlLn8vS+VlX7XmrBSrpccq
Cgp2IAUN
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:11:17 2024 by rpki-client on console-fra.rpki-client.org