Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/d125fd-c39c-4272-8cad-6c2ffb4b61e6/1/BZoH1_MGfs62LzRMTExfqyAJjBo.roa
File: BZoH1_MGfs62LzRMTExfqyAJjBo.roa (raw, json)
Hash identifier: +8k+okRmC+N3bG1eFNSapYERk1Ocfq1EBRJmM1qQSQQ=
Subject key identifier: 05:9A:07:D7:F3:06:7E:CE:B6:2F:34:4C:4C:4C:5F:AB:20:09:8C:1A
Certificate issuer: /CN=e6dae3efe0a36797da43cbd58f6dff99c3bbdd8d
Certificate serial: 018CC3B6ABB7C30CB954DC3D3E1BDC231A87
Authority key identifier: E6:DA:E3:EF:E0:A3:67:97:DA:43:CB:D5:8F:6D:FF:99:C3:BB:DD:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5trj7-CjZ5faQ8vVj23_mcO73Y0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/d125fd-c39c-4272-8cad-6c2ffb4b61e6/1/BZoH1_MGfs62LzRMTExfqyAJjBo.roa
Signing time: Mon 01 Jan 2024 06:29:37 +0000
ROA not before: Mon 01 Jan 2024 06:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15474
IP address blocks: 130.208.0.0/16 maxlen: 16
2a00:c88::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/d125fd-c39c-4272-8cad-6c2ffb4b61e6/1/5trj7-CjZ5faQ8vVj23_mcO73Y0.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/d125fd-c39c-4272-8cad-6c2ffb4b61e6/1/5trj7-CjZ5faQ8vVj23_mcO73Y0.mft
rsync://rpki.ripe.net/repository/DEFAULT/5trj7-CjZ5faQ8vVj23_mcO73Y0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ab:b7:c3:0c:b9:54:dc:3d:3e:1b:dc:23:1a:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6dae3efe0a36797da43cbd58f6dff99c3bbdd8d
Validity
Not Before: Jan 1 06:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=059a07d7f3067eceb62f344c4c4c5fab20098c1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:5a:94:41:57:2a:b4:9c:20:7e:7a:de:13:4a:
65:86:72:94:0b:0d:d7:b6:37:47:e2:a1:9d:3f:26:
3d:15:ca:cc:f5:11:2b:b6:ea:3c:31:2b:e9:60:d9:
9b:b8:15:b1:e0:4d:cb:3a:e4:07:f5:de:9d:48:69:
08:69:aa:7f:a7:e8:b1:e8:f2:4f:a1:ec:1e:3a:8e:
bf:74:fb:9c:81:1b:e5:fd:99:83:11:1b:e7:81:73:
25:8c:6f:0e:0f:b6:a0:64:b4:a2:a7:05:dc:33:cd:
fa:a3:7c:32:9a:95:8f:8b:8b:af:86:a7:5c:a5:7e:
72:23:fa:d7:e4:0b:5b:bb:2a:b8:63:81:bb:97:cf:
da:a4:59:c8:9f:a5:9b:53:88:9a:e7:3f:7b:2a:5b:
64:03:c3:65:06:89:b4:6e:af:6a:53:68:37:ed:a7:
73:40:a4:25:03:b8:66:e6:c7:70:92:74:96:43:60:
ea:9d:d0:34:16:af:98:7e:b0:68:4b:5a:52:dc:db:
64:e6:9a:4d:c8:dd:25:a0:8d:a2:ac:84:3d:45:d7:
10:85:79:c3:22:12:18:35:23:16:86:ae:77:00:2f:
aa:c8:9f:d6:d0:19:b0:3a:4d:bd:a4:16:47:ad:2f:
24:36:ba:00:fd:39:28:7a:17:24:a3:0a:3b:35:9f:
24:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:9A:07:D7:F3:06:7E:CE:B6:2F:34:4C:4C:4C:5F:AB:20:09:8C:1A
X509v3 Authority Key Identifier:
keyid:E6:DA:E3:EF:E0:A3:67:97:DA:43:CB:D5:8F:6D:FF:99:C3:BB:DD:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5trj7-CjZ5faQ8vVj23_mcO73Y0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d125fd-c39c-4272-8cad-6c2ffb4b61e6/1/BZoH1_MGfs62LzRMTExfqyAJjBo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/d125fd-c39c-4272-8cad-6c2ffb4b61e6/1/5trj7-CjZ5faQ8vVj23_mcO73Y0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.208.0.0/16
IPv6:
2a00:c88::/32
Signature Algorithm: sha256WithRSAEncryption
13:d4:93:9d:3b:1d:2c:42:66:db:cd:6f:e3:8b:c6:dc:ef:04:
88:84:72:1c:54:b7:d6:e1:2a:36:cc:8f:78:65:99:8f:45:28:
fb:60:ae:b0:b1:20:3c:c9:f6:57:f0:f0:3f:8c:6d:06:11:f1:
9c:7f:29:00:ac:16:0f:d6:cf:b2:f4:13:78:c9:19:51:53:01:
88:6d:36:e7:30:06:6f:db:9f:20:4b:a7:a5:f0:08:66:d8:09:
4a:ce:6b:94:b6:d2:bb:77:5a:3d:8d:2f:8e:1f:3c:0f:dc:29:
58:21:f2:70:dc:b3:d3:10:73:61:03:db:dc:7d:af:81:7d:61:
17:04:b3:12:84:00:62:02:b2:bb:f7:7a:c6:8c:03:e9:80:0a:
1b:d1:74:4a:e6:4a:7c:c2:3b:ed:ad:55:c5:91:dc:e6:b2:e3:
bc:2f:9f:aa:c5:f9:24:7c:75:16:57:02:0a:a2:1a:14:b5:77:
77:11:fc:df:75:ad:5f:34:00:72:58:6e:90:fb:96:3b:ee:b8:
ce:ee:62:d9:ac:e1:95:7a:fe:50:4b:b2:56:db:85:dc:0b:56:
1b:aa:ad:f0:3c:69:a6:94:8e:36:96:53:27:18:f2:59:ce:5d:
64:ce:c5:b9:d8:a7:69:69:dc:b7:37:e3:a1:1d:ce:26:f1:df:
e4:da:91:01
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzDtqu3wwy5VNw9PhvcIxqHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2ZGFlM2VmZTBhMzY3OTdkYTQzY2JkNThmNmRmZjk5YzNi
YmRkOGQwHhcNMjQwMTAxMDYyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTlhMDdkN2YzMDY3ZWNlYjYyZjM0NGM0YzRjNWZhYjIwMDk4YzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1qUQVcqtJwgfnreE0plhnKUCw3X
tjdH4qGdPyY9FcrM9RErtuo8MSvpYNmbuBWx4E3LOuQH9d6dSGkIaap/p+ix6PJP
oeweOo6/dPucgRvl/ZmDERvngXMljG8OD7agZLSipwXcM836o3wympWPi4uvhqdc
pX5yI/rX5Atbuyq4Y4G7l8/apFnIn6WbU4ia5z97KltkA8NlBom0bq9qU2g37adz
QKQlA7hm5sdwknSWQ2DqndA0Fq+YfrBoS1pS3Ntk5ppNyN0loI2irIQ9RdcQhXnD
IhIYNSMWhq53AC+qyJ/W0BmwOk29pBZHrS8kNroA/Tkoehckowo7NZ8kLwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAWaB9fzBn7Oti80TExMX6sgCYwaMB8GA1UdIwQY
MBaAFOba4+/go2eX2kPL1Y9t/5nDu92NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXRyajctQ2paNWZhUTh2VmoyM19tY083M1kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9kMTI1ZmQtYzM5Yy00MjcyLThjYWQt
NmMyZmZiNGI2MWU2LzEvQlpvSDFfTUdmczYyTHpSTVRFeGZxeUFKakJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9kMTI1ZmQtYzM5Yy00MjcyLThjYWQtNmMyZmZiNGI2MWU2
LzEvNXRyajctQ2paNWZhUTh2VmoyM19tY083M1kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDALBAIAATAFAwMAgtAwDQQC
AAIwBwMFACoADIgwDQYJKoZIhvcNAQELBQADggEBABPUk507HSxCZtvNb+OLxtzv
BIiEchxUt9bhKjbMj3hlmY9FKPtgrrCxIDzJ9lfw8D+MbQYR8Zx/KQCsFg/Wz7L0
E3jJGVFTAYhtNucwBm/bnyBLp6XwCGbYCUrOa5S20rt3Wj2NL44fPA/cKVgh8nDc
s9MQc2ED29x9r4F9YRcEsxKEAGICsrv3esaMA+mAChvRdErmSnzCO+2tVcWR3Oay
47wvn6rF+SR8dRZXAgqiGhS1d3cR/N91rV80AHJYbpD7ljvuuM7uYtms4ZV6/lBL
slbbhdwLVhuqrfA8aaaUjjaWUycY8lnOXWTOxbnYp2lp3Lc346Edzibx3+TakQE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:12:07 2024 by rpki-client on console-fra.rpki-client.org