Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/bghzccBVwP0Ws9cWIzYltKL2Djc.roa
File: bghzccBVwP0Ws9cWIzYltKL2Djc.roa (raw, json)
Hash identifier: FR0pE3j5b/ldHoikdkPRJHe8H2UiXrkXgYQBocWMwhg=
Subject key identifier: 6E:08:73:71:C0:55:C0:FD:16:B3:D7:16:23:36:25:B4:A2:F6:0E:37
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FA6AD584EEF6A87CC1ECFE7629E5E
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/bghzccBVwP0Ws9cWIzYltKL2Djc.roa
Signing time: Tue 02 Jan 2024 04:30:09 +0000
ROA not before: Tue 02 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39351
IP address blocks: 45.92.231.0/24 maxlen: 24
45.149.104.0/24 maxlen: 24
45.130.118.0/24 maxlen: 24
194.34.172.0/24 maxlen: 24
45.132.193.0/24 maxlen: 24
2a07:e341::/32 maxlen: 32
2a07:e344::/32 maxlen: 48
2a07:e340::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 03:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a6:ad:58:4e:ef:6a:87:cc:1e:cf:e7:62:9e:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e087371c055c0fd16b3d716233625b4a2f60e37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:ba:c4:e6:fa:04:06:45:cb:22:9c:01:7c:16:
e6:af:07:43:f7:f3:b1:9c:c7:12:4b:03:de:df:a1:
89:b1:92:3c:52:f5:a1:6a:41:5c:f5:b5:5b:1a:fc:
30:bc:f4:ff:6f:19:77:54:53:01:90:72:a9:80:41:
c0:dd:c4:ba:ad:f3:39:d3:38:06:70:46:18:4f:7a:
db:24:85:64:cc:4a:01:a8:f9:3d:20:7b:c0:03:16:
33:7d:ba:3d:7a:e4:6d:86:54:ca:2d:0e:c8:66:14:
59:75:10:53:b8:47:b1:aa:f9:2c:06:c6:d2:b8:bf:
ad:fc:5a:24:72:b4:40:ab:3d:57:94:83:fe:0b:4d:
b0:d1:62:04:d4:d1:8f:f9:27:8d:75:8b:ba:a5:5b:
2a:6e:47:48:ea:68:d9:5f:52:85:9a:2a:ef:91:3f:
f1:5b:53:17:95:00:04:64:60:a6:94:74:3b:53:fa:
07:6a:4a:3b:36:b5:a3:4c:9e:ee:ec:95:bf:8d:66:
4f:20:a3:2a:84:f3:09:69:b9:e8:16:b8:26:7b:46:
87:45:79:d1:09:18:66:8c:ce:69:94:5c:3d:d3:99:
b6:86:7a:22:57:c2:9d:5b:4c:44:c2:f6:0f:0e:ee:
ad:fe:00:83:3a:ff:bf:f7:90:41:97:71:7e:f2:af:
56:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:08:73:71:C0:55:C0:FD:16:B3:D7:16:23:36:25:B4:A2:F6:0E:37
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/bghzccBVwP0Ws9cWIzYltKL2Djc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.231.0/24
45.130.118.0/24
45.132.193.0/24
45.149.104.0/24
194.34.172.0/24
IPv6:
2a07:e340::/31
2a07:e344::/32
Signature Algorithm: sha256WithRSAEncryption
30:1b:4c:4c:fa:33:fb:b2:ea:36:04:09:26:45:d7:23:76:6d:
b6:a6:30:e9:22:64:3b:5c:f3:86:ec:82:e5:02:46:5e:f5:cd:
86:ea:76:13:ff:c0:c9:76:8d:c1:63:ef:42:cf:60:2f:5f:91:
da:24:87:e1:e3:9b:40:8d:f4:b4:42:8e:eb:5f:50:ac:ba:da:
91:7a:1b:ae:0e:52:70:68:c7:25:02:a0:00:de:ae:e5:fd:8e:
f9:ab:dc:01:44:d7:b6:ea:ce:87:a3:0c:21:0b:d4:ab:cc:74:
9d:da:5e:42:e7:2a:a3:76:4a:cc:27:a8:28:d1:ac:be:83:c9:
df:ba:ae:26:4f:88:57:e4:d2:b5:b7:c1:12:12:81:d7:28:e0:
3c:7c:6e:34:c6:27:5b:b6:fc:44:71:b0:f0:c8:d8:7f:31:cf:
ee:60:6f:66:a2:49:1d:4f:3b:80:13:86:87:14:01:b8:82:9f:
b0:65:ef:f9:87:05:45:8f:6c:7d:ee:a0:22:17:3d:3b:ad:94:
9e:1e:a1:96:22:05:a9:06:67:56:c3:ae:ec:d6:ac:82:31:d6:
f0:67:9d:f1:8b:1b:da:f4:df:5f:96:22:31:3f:88:c2:74:8b:
52:6b:b0:3f:bf:8c:a9:23:7d:07:92:5e:9e:d1:ab:24:22:be:
8f:0a:c1:1a
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzIb6atWE7vaofMHs/nYp5eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTA4NzM3MWMwNTVjMGZkMTZiM2Q3MTYyMzM2MjViNGEyZjYwZTM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLrE5voEBkXLIpwBfBbmrwdD9/Ox
nMcSSwPe36GJsZI8UvWhakFc9bVbGvwwvPT/bxl3VFMBkHKpgEHA3cS6rfM50zgG
cEYYT3rbJIVkzEoBqPk9IHvAAxYzfbo9euRthlTKLQ7IZhRZdRBTuEexqvksBsbS
uL+t/FokcrRAqz1XlIP+C02w0WIE1NGP+SeNdYu6pVsqbkdI6mjZX1KFmirvkT/x
W1MXlQAEZGCmlHQ7U/oHako7NrWjTJ7u7JW/jWZPIKMqhPMJabnoFrgme0aHRXnR
CRhmjM5plFw905m2hnoiV8KdW0xEwvYPDu6t/gCDOv+/95BBl3F+8q9WdwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFG4Ic3HAVcD9FrPXFiM2JbSi9g43MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvYmdoemNjQlZ3UDBXczljV0l6WWx0S0wyRGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQALVznAwQA
LYJ2AwQALYTBAwQALZVoAwQAwiKsMBQEAgACMA4DBQEqB+NAAwUAKgfjRDANBgkq
hkiG9w0BAQsFAAOCAQEAMBtMTPoz+7LqNgQJJkXXI3ZttqYw6SJkO1zzhuyC5QJG
XvXNhup2E//AyXaNwWPvQs9gL1+R2iSH4eObQI30tEKO619QrLrakXobrg5ScGjH
JQKgAN6u5f2O+avcAUTXturOh6MMIQvUq8x0ndpeQucqo3ZKzCeoKNGsvoPJ37qu
Jk+IV+TStbfBEhKB1yjgPHxuNMYnW7b8RHGw8MjYfzHP7mBvZqJJHU87gBOGhxQB
uIKfsGXv+YcFRY9sfe6gIhc9O62Unh6hliIFqQZnVsOu7NasgjHW8Ged8Ysb2vTf
X5YiMT+IwnSLUmuwP7+MqSN9B5JentGrJCK+jwrBGg==
-----END CERTIFICATE-----
Generated at Fri May 17 09:43:55 2024 by rpki-client on console-ams.rpki-client.org