Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/BhZIIo9ozT0D3WxyAWZaI2jPvtI.roa
File: BhZIIo9ozT0D3WxyAWZaI2jPvtI.roa (raw, json)
Hash identifier: vaRBSF1wMUMa4AYI6n0DKl4C8amf4LyUOCucwqMpsxo=
Subject key identifier: 06:16:48:22:8F:68:CD:3D:03:DD:6C:72:01:66:5A:23:68:CF:BE:D2
Certificate issuer: /CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Certificate serial: 01928BDB854205E6C651778D7B3BCF61F01C
Authority key identifier: 23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/BhZIIo9ozT0D3WxyAWZaI2jPvtI.roa
Signing time: Mon 14 Oct 2024 16:27:52 +0000
ROA not before: Mon 14 Oct 2024 16:27:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28753
IP address blocks: 80.76.36.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.mft
rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8b:db:85:42:05:e6:c6:51:77:8d:7b:3b:cf:61:f0:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23446da7a70bce773ec2bc1655aae30c3c18412c
Validity
Not Before: Oct 14 16:27:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=061648228f68cd3d03dd6c7201665a2368cfbed2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ab:51:2f:c4:bf:fe:59:9a:0f:62:0d:90:bb:
76:f2:4f:a9:71:98:0e:55:4e:b0:16:9f:71:bd:6e:
0d:cd:c8:7c:cd:bb:93:08:a3:17:f3:fe:d5:76:ab:
74:27:3f:3a:23:33:44:31:22:c5:c3:e8:14:8a:38:
bf:ce:c7:42:07:b0:73:e8:bd:1d:4f:d0:73:ef:18:
83:12:33:4b:d4:b7:15:66:79:3b:12:33:72:26:ea:
4a:dc:2e:9a:88:68:72:aa:72:ec:58:15:47:6d:db:
40:e6:4a:b5:31:8a:e5:dc:98:47:9f:59:7b:f9:4d:
d3:aa:89:3f:1e:43:ea:45:30:dc:59:72:08:9e:18:
68:7c:0c:38:0d:c4:4f:f6:e7:de:3d:aa:a5:ec:7b:
ad:65:7a:5e:d7:0b:31:b0:48:89:82:8f:6e:18:72:
80:26:f3:61:c8:24:69:fe:30:b8:ed:18:5b:29:0b:
b4:a0:8c:1f:6f:a5:48:a0:5f:ea:6c:ab:18:c3:26:
de:7c:54:4b:6c:5f:63:78:f3:c8:cd:8d:23:2c:4e:
e9:c6:d0:d4:b2:f5:06:eb:e1:50:6f:b1:81:5a:4e:
08:36:80:73:68:2c:cc:52:b7:a4:42:78:8d:1e:f9:
c2:3d:77:c7:09:58:f9:0c:ac:e3:1e:7f:ed:ea:54:
e8:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:16:48:22:8F:68:CD:3D:03:DD:6C:72:01:66:5A:23:68:CF:BE:D2
X509v3 Authority Key Identifier:
keyid:23:44:6D:A7:A7:0B:CE:77:3E:C2:BC:16:55:AA:E3:0C:3C:18:41:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I0Rtp6cLznc-wrwWVarjDDwYQSw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/BhZIIo9ozT0D3WxyAWZaI2jPvtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f3549f-18f7-48b0-901d-25cc9d6cfbb9/1/I0Rtp6cLznc-wrwWVarjDDwYQSw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.76.36.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:0a:84:c6:f0:76:e3:0f:2c:48:16:b4:f8:97:d6:b5:29:a5:
f2:bb:20:33:7b:bc:09:22:a4:b4:37:74:bb:23:a9:96:cd:dd:
b5:23:58:5c:db:94:9d:03:ab:27:eb:60:46:ec:0d:a7:88:af:
a8:0b:4f:c0:e8:2f:5c:fb:6f:41:dd:f5:79:bf:34:ce:a8:62:
81:f5:e5:88:5e:3c:58:ff:01:f6:f5:a2:ab:38:55:de:d0:cd:
07:35:ff:97:81:d2:37:e0:f8:45:d2:9a:9c:17:9e:f8:05:66:
68:d4:c9:b1:73:f7:10:48:fd:72:5d:04:f4:51:1f:22:93:da:
a4:47:11:9d:41:99:e1:03:39:7e:86:c5:3e:ad:c5:b6:27:ff:
2b:e2:be:b0:39:43:d6:88:f4:11:04:2f:cc:5a:1c:19:67:52:
6d:92:46:15:01:cd:14:fe:69:7e:66:e4:2b:9c:1d:1b:81:bf:
8b:da:91:e8:09:2d:7f:37:88:08:51:ef:35:53:de:79:4e:68:
ce:01:b0:4d:bf:ec:16:06:54:1e:62:12:87:7e:64:35:da:64:
56:ec:99:81:10:de:d8:40:c4:b6:78:3f:94:74:f2:d1:50:99:
59:90:12:8b:7a:0b:71:0b:5d:75:f2:1d:fd:f0:82:f7:87:ce:
30:0c:69:83
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKL24VCBebGUXeNezvPYfAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzNDQ2ZGE3YTcwYmNlNzczZWMyYmMxNjU1YWFlMzBjM2Mx
ODQxMmMwHhcNMjQxMDE0MTYyNzUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE2NDgyMjhmNjhjZDNkMDNkZDZjNzIwMTY2NWEyMzY4Y2ZiZWQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqtRL8S//lmaD2INkLt28k+pcZgO
VU6wFp9xvW4Nzch8zbuTCKMX8/7Vdqt0Jz86IzNEMSLFw+gUiji/zsdCB7Bz6L0d
T9Bz7xiDEjNL1LcVZnk7EjNyJupK3C6aiGhyqnLsWBVHbdtA5kq1MYrl3JhHn1l7
+U3Tqok/HkPqRTDcWXIInhhofAw4DcRP9ufePaql7HutZXpe1wsxsEiJgo9uGHKA
JvNhyCRp/jC47RhbKQu0oIwfb6VIoF/qbKsYwybefFRLbF9jePPIzY0jLE7pxtDU
svUG6+FQb7GBWk4INoBzaCzMUrekQniNHvnCPXfHCVj5DKzjHn/t6lToAwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYWSCKPaM09A91scgFmWiNoz77SMB8GA1UdIwQY
MBaAFCNEbaenC853PsK8FlWq4ww8GEEsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQt
MjVjYzlkNmNmYmI5LzEvQmhaSUlvOW96VDBEM1d4eUFXWmFJMmpQdnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mMzU0OWYtMThmNy00OGIwLTkwMWQtMjVjYzlkNmNmYmI5
LzEvSTBSdHA2Y0x6bmMtd3J3V1ZhcmpERHdZUVN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUEwkMA0G
CSqGSIb3DQEBCwUAA4IBAQCqCoTG8HbjDyxIFrT4l9a1KaXyuyAze7wJIqS0N3S7
I6mWzd21I1hc25SdA6sn62BG7A2niK+oC0/A6C9c+29B3fV5vzTOqGKB9eWIXjxY
/wH29aKrOFXe0M0HNf+XgdI34PhF0pqcF574BWZo1Mmxc/cQSP1yXQT0UR8ik9qk
RxGdQZnhAzl+hsU+rcW2J/8r4r6wOUPWiPQRBC/MWhwZZ1JtkkYVAc0U/ml+ZuQr
nB0bgb+L2pHoCS1/N4gIUe81U955TmjOAbBNv+wWBlQeYhKHfmQ12mRW7JmBEN7Y
QMS2eD+UdPLRUJlZkBKLegtxC1118h398IL3h84wDGmD
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:39:46 2024 by rpki-client on console-ams.rpki-client.org