Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/884c31-e509-422b-b0a1-af9fc012bd54/1/Bbnls2_6SCo6y919vuOMPU8Z_Tw.roa
File: Bbnls2_6SCo6y919vuOMPU8Z_Tw.roa (raw, json)
Hash identifier: GsHv4RUOismCpiicVdSRNnkPbMoB7WKtTnKpXENBw90=
Subject key identifier: 05:B9:E5:B3:6F:FA:48:2A:3A:CB:DD:7D:BE:E3:8C:3D:4F:19:FD:3C
Certificate issuer: /CN=572b4ed92682d718a8fc4488140027406960795f
Certificate serial: 018CD90934B5D3B80FC0C37098B575AD70FE
Authority key identifier: 57:2B:4E:D9:26:82:D7:18:A8:FC:44:88:14:00:27:40:69:60:79:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VytO2SaC1xio_ESIFAAnQGlgeV8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/884c31-e509-422b-b0a1-af9fc012bd54/1/Bbnls2_6SCo6y919vuOMPU8Z_Tw.roa
Signing time: Fri 05 Jan 2024 09:51:48 +0000
ROA not before: Fri 05 Jan 2024 09:51:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205624
IP address blocks: 185.252.224.0/22 maxlen: 24
185.44.16.0/22 maxlen: 24
185.154.204.0/22 maxlen: 24
94.176.176.0/22 maxlen: 24
152.89.32.0/22 maxlen: 24
185.211.68.0/22 maxlen: 24
185.196.64.0/22 maxlen: 24
37.156.188.0/22 maxlen: 24
185.156.100.0/22 maxlen: 24
2a0d:8800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/884c31-e509-422b-b0a1-af9fc012bd54/1/VytO2SaC1xio_ESIFAAnQGlgeV8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/884c31-e509-422b-b0a1-af9fc012bd54/1/VytO2SaC1xio_ESIFAAnQGlgeV8.mft
rsync://rpki.ripe.net/repository/DEFAULT/VytO2SaC1xio_ESIFAAnQGlgeV8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d9:09:34:b5:d3:b8:0f:c0:c3:70:98:b5:75:ad:70:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=572b4ed92682d718a8fc4488140027406960795f
Validity
Not Before: Jan 5 09:51:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05b9e5b36ffa482a3acbdd7dbee38c3d4f19fd3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fc:40:f8:3d:32:63:c0:86:91:8e:9d:37:42:
b4:d8:d9:88:21:8a:d5:d8:a9:27:fa:a5:51:06:3f:
66:d1:31:99:2d:35:bb:2e:8a:ed:5c:50:a2:e0:1f:
bd:c0:62:44:9b:66:d0:92:de:95:4e:83:49:cf:67:
b9:83:eb:7c:89:fc:a3:27:b2:03:13:3e:0a:5a:07:
ba:97:0a:ba:ab:61:1b:13:2d:78:0d:38:2b:23:b3:
b9:8b:17:7e:87:5a:92:8f:bc:39:71:51:e8:56:31:
b6:e8:80:bf:f4:43:9b:1c:40:d2:27:0f:97:59:1e:
f9:42:fd:e1:1e:25:7d:6f:9a:17:33:1d:4d:1e:3d:
26:66:45:2c:cc:8b:f8:25:87:a8:a3:35:a8:c0:4f:
c7:d6:16:40:66:d7:b2:5a:0a:43:bf:4f:cc:df:38:
5b:f5:77:fa:38:1d:d5:0c:7a:45:a4:84:87:9d:99:
35:1f:43:4d:31:2a:5f:cb:4c:dc:a6:60:42:45:fc:
78:17:ec:ec:f0:00:2b:0a:bb:49:af:43:d0:af:64:
0e:01:63:82:09:d7:4f:46:11:64:4d:80:b6:a2:7b:
55:7d:4d:b7:a0:df:0d:37:c0:a2:bd:c9:90:1e:8b:
c9:16:fe:88:55:30:4c:ee:35:f2:22:28:eb:b0:bb:
49:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:B9:E5:B3:6F:FA:48:2A:3A:CB:DD:7D:BE:E3:8C:3D:4F:19:FD:3C
X509v3 Authority Key Identifier:
keyid:57:2B:4E:D9:26:82:D7:18:A8:FC:44:88:14:00:27:40:69:60:79:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VytO2SaC1xio_ESIFAAnQGlgeV8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/884c31-e509-422b-b0a1-af9fc012bd54/1/Bbnls2_6SCo6y919vuOMPU8Z_Tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/884c31-e509-422b-b0a1-af9fc012bd54/1/VytO2SaC1xio_ESIFAAnQGlgeV8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.188.0/22
94.176.176.0/22
152.89.32.0/22
185.44.16.0/22
185.154.204.0/22
185.156.100.0/22
185.196.64.0/22
185.211.68.0/22
185.252.224.0/22
IPv6:
2a0d:8800::/29
Signature Algorithm: sha256WithRSAEncryption
b1:23:fe:8a:b3:ed:22:be:50:46:08:4f:71:80:7f:d9:27:b9:
b6:2d:e3:15:aa:d4:45:96:e7:89:b7:9f:1a:e0:3a:9e:88:ea:
79:31:f8:91:9f:10:5c:21:c2:99:f2:28:34:c5:25:cd:bf:b0:
68:88:25:de:44:dc:c3:6c:22:e9:fc:ce:59:7c:9d:f1:c9:de:
39:13:3f:1e:49:82:f0:18:fd:d4:1f:19:3a:27:91:1a:3a:6f:
1f:8d:f5:6b:30:d0:29:a8:62:ad:5c:8a:c7:99:55:10:c9:30:
ef:ac:f3:60:af:07:db:6a:0a:36:53:c6:6b:e8:ff:26:95:80:
61:08:05:3b:96:23:d2:10:26:e8:cb:7c:4a:da:7b:83:74:84:
ac:6d:38:08:74:de:26:4b:77:e7:8a:37:a9:ce:f3:a1:e6:a0:
5e:d8:b5:a6:60:80:03:42:ac:7f:df:d8:29:d9:06:75:06:49:
35:d8:b2:05:0c:ba:72:23:f5:b4:73:0e:22:0d:e2:a0:36:d1:
f7:2b:52:2e:6d:53:25:d8:7f:a6:87:bc:06:bd:ee:92:a0:7d:
a0:05:f4:cf:f0:38:8c:2e:3b:11:f5:92:3c:88:30:7b:31:7a:
13:e7:d4:30:04:d8:1b:5b:09:82:10:ae:37:3d:77:b6:81:a6:
e1:00:a1:ee
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzZCTS107gPwMNwmLV1rXD+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MmI0ZWQ5MjY4MmQ3MThhOGZjNDQ4ODE0MDAyNzQwNjk2
MDc5NWYwHhcNMjQwMTA1MDk1MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWI5ZTViMzZmZmE0ODJhM2FjYmRkN2RiZWUzOGMzZDRmMTlmZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/xA+D0yY8CGkY6dN0K02NmIIYrV
2Kkn+qVRBj9m0TGZLTW7LortXFCi4B+9wGJEm2bQkt6VToNJz2e5g+t8ifyjJ7ID
Ez4KWge6lwq6q2EbEy14DTgrI7O5ixd+h1qSj7w5cVHoVjG26IC/9EObHEDSJw+X
WR75Qv3hHiV9b5oXMx1NHj0mZkUszIv4JYeoozWowE/H1hZAZteyWgpDv0/M3zhb
9Xf6OB3VDHpFpISHnZk1H0NNMSpfy0zcpmBCRfx4F+zs8AArCrtJr0PQr2QOAWOC
CddPRhFkTYC2ontVfU23oN8NN8CivcmQHovJFv6IVTBM7jXyIijrsLtJZQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFAW55bNv+kgqOsvdfb7jjD1PGf08MB8GA1UdIwQY
MBaAFFcrTtkmgtcYqPxEiBQAJ0BpYHlfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnl0TzJTYUMxeGlvX0VTSUZBQW5RR2xnZVY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84ODRjMzEtZTUwOS00MjJiLWIwYTEt
YWY5ZmMwMTJiZDU0LzEvQmJubHMyXzZTQ282eTkxOXZ1T01QVThaX1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84ODRjMzEtZTUwOS00MjJiLWIwYTEtYWY5ZmMwMTJiZDU0
LzEvVnl0TzJTYUMxeGlvX0VTSUZBQW5RR2xnZVY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQCJZy8AwQC
XrCwAwQCmFkgAwQCuSwQAwQCuZrMAwQCuZxkAwQCucRAAwQCudNEAwQCufzgMA0E
AgACMAcDBQMqDYgAMA0GCSqGSIb3DQEBCwUAA4IBAQCxI/6Ks+0ivlBGCE9xgH/Z
J7m2LeMVqtRFlueJt58a4DqeiOp5MfiRnxBcIcKZ8ig0xSXNv7BoiCXeRNzDbCLp
/M5ZfJ3xyd45Ez8eSYLwGP3UHxk6J5EaOm8fjfVrMNApqGKtXIrHmVUQyTDvrPNg
rwfbago2U8Zr6P8mlYBhCAU7liPSECboy3xK2nuDdISsbTgIdN4mS3fnijepzvOh
5qBe2LWmYIADQqx/39gp2QZ1Bkk12LIFDLpyI/W0cw4iDeKgNtH3K1IubVMl2H+m
h7wGve6SoH2gBfTP8DiMLjsR9ZI8iDB7MXoT59QwBNgbWwmCEK43PXe2gabhAKHu
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:29:27 2024 by rpki-client on console-ams.rpki-client.org