Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/bcGdBLzypONzaNMAWbhUyUaxSl4.roa
File: bcGdBLzypONzaNMAWbhUyUaxSl4.roa (raw, json)
Hash identifier: P+eJlZ30nV6WMLo9uI/+bOSlHASicE38WtvV80h88sg=
Subject key identifier: 6D:C1:9D:04:BC:F2:A4:E3:73:68:D3:00:59:B8:54:C9:46:B1:4A:5E
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 018F9FCCEFD474C42E0EF64D17B9BA76F541
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/bcGdBLzypONzaNMAWbhUyUaxSl4.roa
Signing time: Wed 22 May 2024 10:15:58 +0000
ROA not before: Wed 22 May 2024 10:15:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8966
IP address blocks: 5.195.70.0/24 maxlen: 24
5.195.166.0/23 maxlen: 24
5.195.166.0/24 maxlen: 24
5.195.167.0/24 maxlen: 24
5.195.172.0/24 maxlen: 24
5.195.173.0/24 maxlen: 24
5.195.174.0/24 maxlen: 24
5.195.175.0/24 maxlen: 24
5.195.208.0/24 maxlen: 24
5.195.223.0/24 maxlen: 24
31.219.177.0/24 maxlen: 24
31.219.177.0/25 maxlen: 25
31.219.177.128/25 maxlen: 25
31.219.179.0/24 maxlen: 24
31.219.180.0/24 maxlen: 24
194.170.165.0/24 maxlen: 24
194.170.186.0/24 maxlen: 24
195.229.0.0/19 maxlen: 19
195.229.0.0/24 maxlen: 24
195.229.1.0/24 maxlen: 24
195.229.2.0/24 maxlen: 24
195.229.3.0/24 maxlen: 24
195.229.4.0/24 maxlen: 24
195.229.5.0/24 maxlen: 24
195.229.6.0/24 maxlen: 24
195.229.12.0/24 maxlen: 24
195.229.27.0/24 maxlen: 24
195.229.31.0/24 maxlen: 24
195.229.34.0/24 maxlen: 24
2001:8f8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:9f:cc:ef:d4:74:c4:2e:0e:f6:4d:17:b9:ba:76:f5:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: May 22 10:15:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6dc19d04bcf2a4e37368d30059b854c946b14a5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:46:31:25:90:44:64:ef:31:18:d1:ef:30:e3:
48:a6:ea:35:c1:93:b2:49:db:2d:a6:db:fe:9d:06:
64:54:6a:d0:91:3e:ee:c1:ef:96:9a:e8:1d:97:f8:
e2:fb:fa:a4:f2:08:11:a9:3a:ee:4c:7c:f8:b4:90:
e8:41:8d:37:4d:c0:1a:7b:7e:38:1a:06:04:32:ac:
c8:c3:b8:bc:f8:fc:ba:1e:e5:cc:5a:92:86:9a:84:
c3:e0:e5:9c:83:50:08:a7:d6:1b:56:0f:3c:ba:29:
ff:70:6d:63:ac:66:e1:67:ec:3f:71:20:ba:f1:75:
be:c8:3d:1a:a2:4f:d8:1b:4f:35:6f:05:2c:4e:aa:
22:fb:80:c0:e4:ae:b8:74:64:f8:3f:a6:93:de:8a:
1a:14:14:85:a4:49:1a:ae:1c:c1:1e:db:22:73:42:
00:fa:4f:c8:9d:3d:97:98:db:2f:33:ef:7e:38:53:
3f:bb:a5:d9:09:fb:b1:db:13:94:49:c8:6b:c1:cb:
db:07:74:5a:89:1e:35:2f:7f:1f:4c:6b:ec:a6:f5:
b8:28:b3:d2:d2:d7:aa:7b:58:90:ca:73:73:ff:c2:
6a:6e:9d:60:e2:13:ed:ea:17:8b:51:15:45:bc:ba:
39:65:ce:fe:68:35:93:fd:21:6e:7a:3a:a4:78:87:
b6:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C1:9D:04:BC:F2:A4:E3:73:68:D3:00:59:B8:54:C9:46:B1:4A:5E
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/bcGdBLzypONzaNMAWbhUyUaxSl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.195.70.0/24
5.195.166.0/23
5.195.172.0/22
5.195.208.0/24
5.195.223.0/24
31.219.177.0/24
31.219.179.0-31.219.180.255
194.170.165.0/24
194.170.186.0/24
195.229.0.0/19
195.229.34.0/24
IPv6:
2001:8f8::/32
Signature Algorithm: sha256WithRSAEncryption
22:30:85:19:39:42:b5:20:56:0a:57:f3:57:8d:c8:81:91:c2:
be:00:df:15:8e:eb:8e:e5:f2:f7:6a:36:fc:1d:99:33:cd:9a:
bd:a6:bf:6d:5d:ba:79:31:f8:b5:d4:aa:4d:24:41:df:c7:2b:
00:5c:05:eb:7f:ea:93:f3:89:0a:4b:91:d3:ae:f2:d5:29:84:
7e:3a:24:a2:ea:1d:0c:4b:b6:3d:0c:06:2d:94:52:a4:61:b0:
49:76:3c:0e:de:ed:d3:f4:de:74:59:7e:a6:80:2c:90:b8:4d:
9f:1f:bc:35:bb:82:d1:b6:22:42:1f:63:b1:d1:14:a9:d1:61:
56:93:a8:b6:1a:df:9c:be:f1:81:93:b6:46:f8:0b:8f:6a:3d:
f9:86:33:54:45:cf:e4:70:e2:6f:f7:45:1f:27:0b:03:5c:19:
94:c6:ee:80:e9:2f:66:f9:42:21:9a:83:d4:7c:14:a6:26:c3:
c9:19:90:d0:e0:17:bc:1a:73:b7:63:61:84:e7:7c:bc:a3:88:
95:6d:d1:7d:0a:fd:0b:03:8d:80:38:f6:91:9f:e9:0d:99:ba:
5c:35:0d:7c:2c:5f:94:36:2c:c8:bf:60:91:ce:54:57:98:98:
f3:7f:75:b0:b4:9e:59:60:e0:b7:2f:c3:9c:31:e3:ac:53:f7:
dd:6d:0a:a8
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAY+fzO/UdMQuDvZNF7m6dvVBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjQwNTIyMTAxNTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGMxOWQwNGJjZjJhNGUzNzM2OGQzMDA1OWI4NTRjOTQ2YjE0YTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4UYxJZBEZO8xGNHvMONIpuo1wZOy
Sdstptv+nQZkVGrQkT7uwe+Wmugdl/ji+/qk8ggRqTruTHz4tJDoQY03TcAae344
GgYEMqzIw7i8+Py6HuXMWpKGmoTD4OWcg1AIp9YbVg88uin/cG1jrGbhZ+w/cSC6
8XW+yD0aok/YG081bwUsTqoi+4DA5K64dGT4P6aT3ooaFBSFpEkarhzBHtsic0IA
+k/InT2XmNsvM+9+OFM/u6XZCfux2xOUSchrwcvbB3RaiR41L38fTGvspvW4KLPS
0teqe1iQynNz/8Jqbp1g4hPt6heLURVFvLo5Zc7+aDWT/SFuejqkeIe2kQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFG3BnQS88qTjc2jTAFm4VMlGsUpeMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvYmNHZEJMenlwT056YU5NQVdiaFV5VWF4U2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQABcNGAwQB
BcOmAwQCBcOsAwQABcPQAwQABcPfAwQAH9uxMAwDBAAf27MDBAAf27QDBADCqqUD
BADCqroDBAXD5QADBADD5SIwDQQCAAIwBwMFACABCPgwDQYJKoZIhvcNAQELBQAD
ggEBACIwhRk5QrUgVgpX81eNyIGRwr4A3xWO647l8vdqNvwdmTPNmr2mv21dunkx
+LXUqk0kQd/HKwBcBet/6pPziQpLkdOu8tUphH46JKLqHQxLtj0MBi2UUqRhsEl2
PA7e7dP03nRZfqaALJC4TZ8fvDW7gtG2IkIfY7HRFKnRYVaTqLYa35y+8YGTtkb4
C49qPfmGM1RFz+Rw4m/3RR8nCwNcGZTG7oDpL2b5QiGag9R8FKYmw8kZkNDgF7wa
c7djYYTnfLyjiJVt0X0K/QsDjYA49pGf6Q2Zulw1DXwsX5Q2LMi/YJHOVFeYmPN/
dbC0nllg4Lcvw5wx46xT991tCqg=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:02:38 2024 by rpki-client on console-ams.rpki-client.org