Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/BASgTDLN-09QsPxBiiHJ4uHVuTg.roa
File: BASgTDLN-09QsPxBiiHJ4uHVuTg.roa (raw, json)
Hash identifier: NZZVppHfLiBC4XcS8Ld6WX+CBjUaxN2wEGTWijMVrF8=
Subject key identifier: 04:04:A0:4C:32:CD:FB:4F:50:B0:FC:41:8A:21:C9:E2:E1:D5:B9:38
Certificate issuer: /CN=b85eadc2ec70b30fa4225ed7fcd5730f0c7bc616
Certificate serial: 018CC94BE754E89CED0EDF0C41E561908987
Authority key identifier: B8:5E:AD:C2:EC:70:B3:0F:A4:22:5E:D7:FC:D5:73:0F:0C:7B:C6:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uF6twuxwsw-kIl7X_NVzDwx7xhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/BASgTDLN-09QsPxBiiHJ4uHVuTg.roa
Signing time: Tue 02 Jan 2024 08:30:43 +0000
ROA not before: Tue 02 Jan 2024 08:30:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208139
IP address blocks: 31.128.244.0/24 maxlen: 24
31.128.245.0/24 maxlen: 24
31.128.251.0/24 maxlen: 24
31.128.249.0/24 maxlen: 24
31.128.250.0/24 maxlen: 24
31.128.248.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/uF6twuxwsw-kIl7X_NVzDwx7xhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/uF6twuxwsw-kIl7X_NVzDwx7xhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/uF6twuxwsw-kIl7X_NVzDwx7xhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4b:e7:54:e8:9c:ed:0e:df:0c:41:e5:61:90:89:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b85eadc2ec70b30fa4225ed7fcd5730f0c7bc616
Validity
Not Before: Jan 2 08:30:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0404a04c32cdfb4f50b0fc418a21c9e2e1d5b938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:50:fe:fc:54:4f:3f:27:64:eb:41:31:b6:7b:
6f:92:63:1b:d3:ae:c6:99:7d:cd:61:d3:b9:94:90:
23:ba:83:df:bc:dc:01:1e:c4:86:39:2f:a6:89:db:
c3:0d:9b:72:52:db:49:c5:40:be:c4:67:60:88:76:
27:e7:5f:5a:c0:01:57:05:90:60:d7:99:20:e6:16:
6b:0a:fd:f1:c7:55:09:0c:8d:89:27:c3:4d:fb:f9:
ae:8b:a0:49:35:09:70:76:28:9d:94:8b:51:48:ed:
2f:f6:18:8b:6d:cb:2c:ee:e2:fc:bf:36:49:20:d6:
b4:cc:b9:47:b4:52:46:4a:86:4a:7c:9e:18:5a:90:
b8:34:38:e2:ca:33:7b:6e:89:da:b5:c0:cc:c8:f2:
de:fe:7a:b8:a6:5a:92:98:ff:2f:98:50:27:32:27:
b1:90:a6:26:98:83:ab:76:9a:fe:c6:58:e4:94:bb:
a2:97:4b:e2:68:c9:68:0f:97:24:05:e7:aa:1b:ab:
b3:51:e4:84:8d:aa:b8:42:9e:e8:62:82:3b:5e:ef:
18:97:e7:23:09:0b:cd:e0:19:77:28:55:fa:24:41:
58:56:c8:20:dc:43:6f:a7:0b:80:3a:4d:b1:ad:83:
27:28:15:57:7e:b5:37:a5:d0:d5:a8:28:70:41:da:
88:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:04:A0:4C:32:CD:FB:4F:50:B0:FC:41:8A:21:C9:E2:E1:D5:B9:38
X509v3 Authority Key Identifier:
keyid:B8:5E:AD:C2:EC:70:B3:0F:A4:22:5E:D7:FC:D5:73:0F:0C:7B:C6:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uF6twuxwsw-kIl7X_NVzDwx7xhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/BASgTDLN-09QsPxBiiHJ4uHVuTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/f07b18-19d7-41f2-af6b-bc7a208a5e2e/1/uF6twuxwsw-kIl7X_NVzDwx7xhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.244.0/23
31.128.248.0/22
Signature Algorithm: sha256WithRSAEncryption
21:8b:06:3e:35:1a:4a:99:f2:be:5d:c5:ee:7d:a1:1c:71:dc:
86:30:37:76:44:6d:36:1b:92:c7:56:6c:68:68:78:b6:86:db:
38:86:13:a0:64:27:49:7b:1d:fc:2b:7d:a9:2a:39:be:aa:9d:
d7:48:10:d8:46:c1:3a:b8:14:b2:c6:b8:62:96:96:2f:41:42:
f3:71:14:23:e1:e0:2f:b0:a3:54:6e:0e:04:b1:7b:48:b4:54:
75:db:b4:a0:7c:77:8d:80:e2:26:60:aa:c8:d0:b7:50:d7:6c:
cc:69:3a:a3:b3:71:69:e0:c9:2e:a4:70:1c:2e:80:65:c4:ca:
82:14:22:04:d2:dc:a7:20:fd:b5:35:10:c2:a3:60:4b:f8:03:
49:a9:75:27:dd:25:2c:48:e7:80:68:ae:39:a9:53:b2:2e:ef:
e8:24:c7:15:42:99:b1:b9:58:8a:a3:74:bd:fd:e3:89:dc:8a:
f2:a4:6f:fb:8b:0a:74:fd:80:d2:34:11:99:c0:56:03:90:9f:
f6:c1:52:b8:84:6b:08:3a:c2:f7:ac:0e:33:f6:2e:27:70:0a:
b0:c8:1d:d3:d0:16:dc:a1:1f:11:b3:64:1a:22:22:95:ad:dc:
8a:a9:e3:f7:66:45:fc:8c:d0:c1:5e:b4:3c:16:88:3a:22:59:
b2:a2:d3:56
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJS+dU6JztDt8MQeVhkImHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4NWVhZGMyZWM3MGIzMGZhNDIyNWVkN2ZjZDU3MzBmMGM3
YmM2MTYwHhcNMjQwMTAyMDgzMDQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDA0YTA0YzMyY2RmYjRmNTBiMGZjNDE4YTIxYzllMmUxZDViOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FD+/FRPPydk60ExtntvkmMb067G
mX3NYdO5lJAjuoPfvNwBHsSGOS+midvDDZtyUttJxUC+xGdgiHYn519awAFXBZBg
15kg5hZrCv3xx1UJDI2JJ8NN+/mui6BJNQlwdiidlItRSO0v9hiLbcss7uL8vzZJ
INa0zLlHtFJGSoZKfJ4YWpC4NDjiyjN7bonatcDMyPLe/nq4plqSmP8vmFAnMiex
kKYmmIOrdpr+xljklLuil0viaMloD5ckBeeqG6uzUeSEjaq4Qp7oYoI7Xu8Yl+cj
CQvN4Bl3KFX6JEFYVsgg3ENvpwuAOk2xrYMnKBVXfrU3pdDVqChwQdqI7QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAQEoEwyzftPULD8QYohyeLh1bk4MB8GA1UdIwQY
MBaAFLhercLscLMPpCJe1/zVcw8Me8YWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUY2dHd1eHdzdy1rSWw3WF9OVnpEd3g3eGhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS9mMDdiMTgtMTlkNy00MWYyLWFmNmIt
YmM3YTIwOGE1ZTJlLzEvQkFTZ1RETE4tMDlRc1B4QmlpSEo0dUhWdVRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS9mMDdiMTgtMTlkNy00MWYyLWFmNmItYmM3YTIwOGE1ZTJl
LzEvdUY2dHd1eHdzdy1rSWw3WF9OVnpEd3g3eGhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBH4D0AwQC
H4D4MA0GCSqGSIb3DQEBCwUAA4IBAQAhiwY+NRpKmfK+XcXufaEccdyGMDd2RG02
G5LHVmxoaHi2hts4hhOgZCdJex38K32pKjm+qp3XSBDYRsE6uBSyxrhilpYvQULz
cRQj4eAvsKNUbg4EsXtItFR127SgfHeNgOImYKrI0LdQ12zMaTqjs3Fp4MkupHAc
LoBlxMqCFCIE0tynIP21NRDCo2BL+ANJqXUn3SUsSOeAaK45qVOyLu/oJMcVQpmx
uViKo3S9/eOJ3IrypG/7iwp0/YDSNBGZwFYDkJ/2wVK4hGsIOsL3rA4z9i4ncAqw
yB3T0BbcoR8Rs2QaIiKVrdyKqeP3ZkX8jNDBXrQ8Fog6IlmyotNW
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:33:28 2024 by rpki-client on console-ams.rpki-client.org