Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/BvdnyliMYvBSFQVozirO5N8YP4g.roa
File: BvdnyliMYvBSFQVozirO5N8YP4g.roa (raw, json)
Hash identifier: Rh0h3BjP8F8O++UwsdBwa1G2LCT5uwKB2+uRrgXnVSo=
Subject key identifier: 06:F7:67:CA:58:8C:62:F0:52:15:05:68:CE:2A:CE:E4:DF:18:3F:88
Certificate issuer: /CN=d34ffee7e762f9a06fe2f47e7a1e52d9eba7fafd
Certificate serial: 018CC49301521A0F4D9F8A3453A364B0EF86
Authority key identifier: D3:4F:FE:E7:E7:62:F9:A0:6F:E2:F4:7E:7A:1E:52:D9:EB:A7:FA:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/00_-5-di-aBv4vR-eh5S2eun-v0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/BvdnyliMYvBSFQVozirO5N8YP4g.roa
Signing time: Mon 01 Jan 2024 10:30:17 +0000
ROA not before: Mon 01 Jan 2024 10:30:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208704
IP address blocks: 193.56.184.0/24 maxlen: 24
45.87.176.0/24 maxlen: 24
45.87.179.0/24 maxlen: 24
45.87.178.0/24 maxlen: 24
45.87.177.0/24 maxlen: 24
45.87.176.0/22 maxlen: 22
2a02:f2c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/00_-5-di-aBv4vR-eh5S2eun-v0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/00_-5-di-aBv4vR-eh5S2eun-v0.mft
rsync://rpki.ripe.net/repository/DEFAULT/00_-5-di-aBv4vR-eh5S2eun-v0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:01:52:1a:0f:4d:9f:8a:34:53:a3:64:b0:ef:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d34ffee7e762f9a06fe2f47e7a1e52d9eba7fafd
Validity
Not Before: Jan 1 10:30:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06f767ca588c62f052150568ce2acee4df183f88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:03:e3:00:c2:3e:67:96:0b:5a:ef:1f:f0:6f:
f0:d3:0b:dc:ad:d6:47:7a:dc:c6:e5:c9:72:c7:7e:
8a:47:68:e9:0c:92:bc:c6:98:97:93:a0:c1:11:16:
77:83:98:a6:bc:0a:3f:ed:ae:d8:a7:9c:12:97:5c:
66:f2:4b:47:07:d9:4e:4f:91:25:f6:60:39:18:98:
ec:c3:e4:d1:d4:5b:28:e1:1a:5e:52:63:e3:e7:47:
09:35:b8:91:45:65:5d:f0:26:3f:8c:4b:36:8d:c3:
89:e6:87:b4:76:ba:6b:a9:35:96:44:b9:81:69:39:
39:1d:cf:6d:88:12:58:4f:03:5f:82:69:18:c0:9f:
47:b4:49:59:ee:2c:7d:63:de:a2:e5:f4:59:e8:b6:
f2:bf:63:e8:0c:88:77:b3:40:d5:80:96:f3:95:53:
3a:93:bd:d7:f5:43:b6:bd:24:fc:f3:8a:11:4e:b0:
b1:95:cb:c2:75:e2:8b:fa:c9:3b:c5:bf:a9:7e:8d:
e1:c3:1d:61:80:86:4e:ce:79:8b:b8:98:bc:a3:b1:
44:74:83:33:df:0a:b2:a1:89:07:20:65:ca:db:70:
fb:7e:8d:92:4f:1c:20:04:5c:a9:52:42:93:81:0a:
fb:24:be:a5:c0:20:6e:fb:fe:ed:73:3a:74:03:50:
f9:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:F7:67:CA:58:8C:62:F0:52:15:05:68:CE:2A:CE:E4:DF:18:3F:88
X509v3 Authority Key Identifier:
keyid:D3:4F:FE:E7:E7:62:F9:A0:6F:E2:F4:7E:7A:1E:52:D9:EB:A7:FA:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/00_-5-di-aBv4vR-eh5S2eun-v0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/BvdnyliMYvBSFQVozirO5N8YP4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/1b8d92-e157-4141-82c9-87e1f3866362/1/00_-5-di-aBv4vR-eh5S2eun-v0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.176.0/22
193.56.184.0/24
IPv6:
2a02:f2c0::/29
Signature Algorithm: sha256WithRSAEncryption
2b:66:9f:4b:64:71:83:fb:d1:b1:79:9f:59:9e:8d:21:c9:28:
42:27:b2:0f:c7:85:6b:99:c0:43:8f:0d:16:0b:e1:8f:0c:cd:
de:d1:97:3b:9e:e5:70:ac:4e:5f:72:e0:d0:76:8b:00:f4:6b:
a9:d2:20:7e:7b:26:85:a5:3f:0b:81:15:51:6c:dc:fd:f4:5b:
7f:13:ea:63:3d:6d:75:f9:51:5a:f9:dd:ee:49:68:71:d6:5f:
ef:39:56:19:31:80:34:e5:8c:22:92:14:47:11:fe:80:6f:d8:
d8:5e:41:11:33:86:81:e8:03:f6:06:15:47:e8:08:33:6b:0c:
d1:67:2f:84:95:91:d0:02:90:87:f6:4c:7f:16:38:6c:41:6e:
de:35:0d:c0:20:1f:6d:e8:4a:3f:c0:e9:f2:d1:e4:6b:aa:d9:
4e:b6:2b:56:68:45:a0:81:85:3d:23:7e:6f:35:8b:67:4c:53:
15:1d:cd:7f:e7:e9:f3:56:a6:23:44:f3:47:ed:fd:ad:cc:26:
ac:7e:01:ed:6d:d8:3d:3c:b5:d8:c5:a2:e8:55:17:98:48:79:
b1:73:53:d3:20:4e:cd:7d:7b:70:1d:2f:cb:43:38:4d:1d:b3:
91:4e:fd:c0:1b:ef:8a:83:21:d7:14:4c:3a:5d:85:2b:3d:54:
d5:54:5f:72
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEkwFSGg9Nn4o0U6NksO+GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNGZmZWU3ZTc2MmY5YTA2ZmUyZjQ3ZTdhMWU1MmQ5ZWJh
N2ZhZmQwHhcNMjQwMTAxMTAzMDE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmY3NjdjYTU4OGM2MmYwNTIxNTA1NjhjZTJhY2VlNGRmMTgzZjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAPjAMI+Z5YLWu8f8G/w0wvcrdZH
etzG5clyx36KR2jpDJK8xpiXk6DBERZ3g5imvAo/7a7Yp5wSl1xm8ktHB9lOT5El
9mA5GJjsw+TR1Fso4RpeUmPj50cJNbiRRWVd8CY/jEs2jcOJ5oe0drprqTWWRLmB
aTk5Hc9tiBJYTwNfgmkYwJ9HtElZ7ix9Y96i5fRZ6Lbyv2PoDIh3s0DVgJbzlVM6
k73X9UO2vST884oRTrCxlcvCdeKL+sk7xb+pfo3hwx1hgIZOznmLuJi8o7FEdIMz
3wqyoYkHIGXK23D7fo2STxwgBFypUkKTgQr7JL6lwCBu+/7tczp0A1D5mwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAb3Z8pYjGLwUhUFaM4qzuTfGD+IMB8GA1UdIwQY
MBaAFNNP/ufnYvmgb+L0fnoeUtnrp/r9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDBfLTUtZGktYUJ2NHZSLWVoNVMyZXVuLXYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8xYjhkOTItZTE1Ny00MTQxLTgyYzkt
ODdlMWYzODY2MzYyLzEvQnZkbnlsaU1ZdkJTRlFWb3ppck81TjhZUDRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8xYjhkOTItZTE1Ny00MTQxLTgyYzktODdlMWYzODY2MzYy
LzEvMDBfLTUtZGktYUJ2NHZSLWVoNVMyZXVuLXYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVewAwQA
wTi4MA0EAgACMAcDBQMqAvLAMA0GCSqGSIb3DQEBCwUAA4IBAQArZp9LZHGD+9Gx
eZ9Zno0hyShCJ7IPx4VrmcBDjw0WC+GPDM3e0Zc7nuVwrE5fcuDQdosA9Gup0iB+
eyaFpT8LgRVRbNz99Ft/E+pjPW11+VFa+d3uSWhx1l/vOVYZMYA05YwikhRHEf6A
b9jYXkERM4aB6AP2BhVH6AgzawzRZy+ElZHQApCH9kx/FjhsQW7eNQ3AIB9t6Eo/
wOny0eRrqtlOtitWaEWggYU9I35vNYtnTFMVHc1/5+nzVqYjRPNH7f2tzCasfgHt
bdg9PLXYxaLoVReYSHmxc1PTIE7NfXtwHS/LQzhNHbORTv3AG++KgyHXFEw6XYUr
PVTVVF9y
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:53:33 2024 by rpki-client on console-fra.rpki-client.org