Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/BNgBpEt1tZkPxUxApsCywvrSXkQ.roa
File: BNgBpEt1tZkPxUxApsCywvrSXkQ.roa (raw, json)
Hash identifier: WHPuKeNKplj5K17IzJHphieiIxGwbNyA1WQSFi/oV6Y=
Subject key identifier: 04:D8:01:A4:4B:75:B5:99:0F:C5:4C:40:A6:C0:B2:C2:FA:D2:5E:44
Certificate issuer: /CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Certificate serial: 018DE9A43185F8AAF147C70D6FFC2789D84D
Authority key identifier: FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/BNgBpEt1tZkPxUxApsCywvrSXkQ.roa
Signing time: Tue 27 Feb 2024 08:17:48 +0000
ROA not before: Tue 27 Feb 2024 08:17:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41236
IP address blocks: 45.91.6.0/24 maxlen: 24
45.135.224.0/24 maxlen: 24
45.139.71.0/24 maxlen: 24
45.145.18.0/24 maxlen: 24
45.145.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.mft
rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e9:a4:31:85:f8:aa:f1:47:c7:0d:6f:fc:27:89:d8:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff82309a6814678ad72e3f31a4fe0272f40bd986
Validity
Not Before: Feb 27 08:17:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04d801a44b75b5990fc54c40a6c0b2c2fad25e44
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:42:58:5d:49:a7:f4:89:22:36:70:e6:56:24:
29:d0:59:dc:28:13:5e:1e:fe:1c:18:16:da:cc:de:
e5:04:a7:28:04:11:74:70:b3:23:f5:9f:85:b7:cf:
2c:5a:80:2e:e8:c0:6c:2c:6d:42:16:93:c9:3a:78:
2d:37:a1:c0:75:e0:35:33:ee:e2:47:1c:5f:79:b8:
83:9d:c1:de:2d:13:f1:1a:2c:d3:b2:c8:5d:bb:b4:
e5:8e:24:9b:bb:3a:8a:cb:e8:0c:17:01:72:b6:1e:
02:fb:58:90:c2:b7:bd:84:14:90:14:4c:92:84:80:
ca:f9:28:4d:98:7b:8f:7b:05:ff:ee:dc:fb:a1:c5:
a2:eb:bd:2a:4a:b4:ba:39:fd:70:bf:c4:6d:49:ac:
5b:72:55:1b:13:45:c3:74:35:d9:38:d3:cc:6f:56:
26:d3:fa:54:50:ae:92:9e:41:e0:a0:6e:23:88:3a:
a0:a9:33:bf:57:c1:25:78:ba:4f:c0:ac:1d:a4:89:
c8:91:ba:70:7d:ce:ec:c5:54:2a:5f:2a:ec:cd:a6:
80:81:28:ad:75:00:db:c8:7f:75:9a:c8:cb:f7:f6:
23:84:bb:65:76:4e:12:95:5d:b3:ff:ff:5b:07:77:
24:d5:6b:05:52:59:f6:a5:97:20:3a:4e:38:53:b9:
64:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D8:01:A4:4B:75:B5:99:0F:C5:4C:40:A6:C0:B2:C2:FA:D2:5E:44
X509v3 Authority Key Identifier:
keyid:FF:82:30:9A:68:14:67:8A:D7:2E:3F:31:A4:FE:02:72:F4:0B:D9:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/BNgBpEt1tZkPxUxApsCywvrSXkQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/9fa83d-b2a3-45e4-8499-f525816402bd/1/_4IwmmgUZ4rXLj8xpP4CcvQL2YY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.6.0/24
45.135.224.0/24
45.139.71.0/24
45.145.18.0/23
Signature Algorithm: sha256WithRSAEncryption
65:b8:74:e2:f9:63:e1:e8:26:17:39:98:12:87:e9:b7:9b:f7:
da:91:c4:55:68:03:70:a4:24:d7:29:6d:38:2d:35:0a:6a:36:
2f:bf:7e:14:b1:c2:89:cd:4d:33:9b:87:b5:c0:29:77:a9:0c:
83:d2:04:fe:ac:56:5b:66:91:fd:47:3e:18:e6:59:14:be:dd:
2e:b5:a8:e6:0d:e2:da:d1:df:d6:22:d4:88:4e:17:e2:28:07:
a3:23:55:ed:4a:d0:a7:d9:77:db:00:2e:76:95:3d:1b:6b:7b:
8b:ad:55:84:02:ae:4b:86:e0:68:ee:16:1f:6f:c7:10:2e:25:
71:8b:4a:0b:19:f7:e4:01:61:11:db:cc:fe:08:20:2f:0e:2d:
2a:68:ef:e5:5b:dd:5e:f3:91:ce:5b:d3:4c:4e:95:2b:79:35:
be:f5:de:38:84:e2:2c:d3:6f:97:74:65:07:76:e1:8e:49:70:
ab:98:3f:3b:68:29:2f:42:e8:3e:c3:d9:d6:dd:40:75:eb:0e:
f3:ce:fd:d8:73:d5:66:06:5a:9f:a5:df:8d:1e:d2:94:6f:b6:
30:fc:36:09:52:e9:80:7e:16:7f:75:ea:5f:53:20:23:e4:62:
9c:f2:06:50:83:78:c5:4e:c9:3e:1f:ff:74:2c:ab:37:a0:ac:
80:81:9c:f7
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY3ppDGF+KrxR8cNb/wnidhNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmODIzMDlhNjgxNDY3OGFkNzJlM2YzMWE0ZmUwMjcyZjQw
YmQ5ODYwHhcNMjQwMjI3MDgxNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGQ4MDFhNDRiNzViNTk5MGZjNTRjNDBhNmMwYjJjMmZhZDI1ZTQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkJYXUmn9IkiNnDmViQp0FncKBNe
Hv4cGBbazN7lBKcoBBF0cLMj9Z+Ft88sWoAu6MBsLG1CFpPJOngtN6HAdeA1M+7i
RxxfebiDncHeLRPxGizTsshdu7TljiSbuzqKy+gMFwFyth4C+1iQwre9hBSQFEyS
hIDK+ShNmHuPewX/7tz7ocWi670qSrS6Of1wv8RtSaxbclUbE0XDdDXZONPMb1Ym
0/pUUK6SnkHgoG4jiDqgqTO/V8EleLpPwKwdpInIkbpwfc7sxVQqXyrszaaAgSit
dQDbyH91msjL9/YjhLtldk4SlV2z//9bB3ck1WsFUln2pZcgOk44U7lk+wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFATYAaRLdbWZD8VMQKbAssL60l5EMB8GA1UdIwQY
MBaAFP+CMJpoFGeK1y4/MaT+AnL0C9mGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTkt
ZjUyNTgxNjQwMmJkLzEvQk5nQnBFdDF0WmtQeFV4QXBzQ3l3dnJTWGtRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC85ZmE4M2QtYjJhMy00NWU0LTg0OTktZjUyNTgxNjQwMmJk
LzEvXzRJd21tZ1VaNHJYTGo4eHBQNENjdlFMMllZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVsGAwQA
LYfgAwQALYtHAwQBLZESMA0GCSqGSIb3DQEBCwUAA4IBAQBluHTi+WPh6CYXOZgS
h+m3m/fakcRVaANwpCTXKW04LTUKajYvv34UscKJzU0zm4e1wCl3qQyD0gT+rFZb
ZpH9Rz4Y5lkUvt0utajmDeLa0d/WItSIThfiKAejI1XtStCn2XfbAC52lT0ba3uL
rVWEAq5LhuBo7hYfb8cQLiVxi0oLGffkAWER28z+CCAvDi0qaO/lW91e85HOW9NM
TpUreTW+9d44hOIs02+XdGUHduGOSXCrmD87aCkvQug+w9nW3UB16w7zzv3Yc9Vm
Blqfpd+NHtKUb7Yw/DYJUumAfhZ/depfUyAj5GKc8gZQg3jFTsk+H/90LKs3oKyA
gZz3
-----END CERTIFICATE-----
Generated at Fri Jun 7 21:32:33 2024 by rpki-client on console-fra.rpki-client.org