Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/ac82ec-0e31-461e-a205-1f6010a30ebb/1/BLdCop2O9TvbimROAbT9rbrvBxE.roa
File: BLdCop2O9TvbimROAbT9rbrvBxE.roa (raw, json)
Hash identifier: DdK3Gq6eDbUi+PwWyzQKYuePFottNfpU6xSHiIHDU8I=
Subject key identifier: 04:B7:42:A2:9D:8E:F5:3B:DB:8A:64:4E:01:B4:FD:AD:BA:EF:07:11
Certificate issuer: /CN=b50df65a2fcb9b117a853a6b56854b0718ec3343
Certificate serial: 018CC8715765C92CB02D4DF2618C022328C5
Authority key identifier: B5:0D:F6:5A:2F:CB:9B:11:7A:85:3A:6B:56:85:4B:07:18:EC:33:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tQ32Wi_LmxF6hTprVoVLBxjsM0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/ac82ec-0e31-461e-a205-1f6010a30ebb/1/BLdCop2O9TvbimROAbT9rbrvBxE.roa
Signing time: Tue 02 Jan 2024 04:32:00 +0000
ROA not before: Tue 02 Jan 2024 04:32:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62371
IP address blocks: 194.0.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/ac82ec-0e31-461e-a205-1f6010a30ebb/1/tQ32Wi_LmxF6hTprVoVLBxjsM0M.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/ac82ec-0e31-461e-a205-1f6010a30ebb/1/tQ32Wi_LmxF6hTprVoVLBxjsM0M.mft
rsync://rpki.ripe.net/repository/DEFAULT/tQ32Wi_LmxF6hTprVoVLBxjsM0M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:57:65:c9:2c:b0:2d:4d:f2:61:8c:02:23:28:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b50df65a2fcb9b117a853a6b56854b0718ec3343
Validity
Not Before: Jan 2 04:32:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04b742a29d8ef53bdb8a644e01b4fdadbaef0711
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:26:fc:db:c0:64:d8:2e:78:27:f3:9c:6e:35:
25:0e:99:77:a8:11:14:21:f6:32:6f:d8:18:91:ea:
a8:90:3c:9d:58:2b:c0:83:c6:91:50:31:61:8a:0b:
2e:ad:7c:fe:69:b6:fa:16:e8:a9:32:fd:90:23:8c:
b6:8a:5a:23:7b:0d:32:9c:6f:b7:75:5f:ef:2f:13:
25:e7:43:c9:62:f3:93:31:05:34:d8:4c:8e:bb:d6:
95:07:42:1b:90:10:c6:b0:dc:d0:a0:50:9c:d9:04:
bc:19:3c:ae:88:9d:65:34:43:36:f1:29:3b:38:76:
e5:b4:22:98:dd:14:b5:2b:e3:57:7a:89:72:4d:c7:
24:4a:31:d1:a6:e4:96:79:ff:15:47:5d:e1:b5:c2:
00:a5:ff:51:34:af:bb:fe:75:18:df:3b:91:1c:cc:
86:eb:0d:29:a1:c0:04:6e:6c:7e:52:a2:8b:47:23:
42:23:18:17:2b:2e:ee:d5:eb:26:83:5a:ed:14:50:
2d:dc:d5:f7:84:ca:17:8f:0e:95:38:80:ed:eb:75:
a1:83:eb:9a:69:bc:f0:d6:24:83:09:83:37:0a:e4:
6d:6b:c2:77:b6:c3:97:88:c8:70:0d:dd:14:74:84:
b7:65:96:37:9e:4b:ce:16:35:02:fb:69:4f:9c:a3:
ea:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:B7:42:A2:9D:8E:F5:3B:DB:8A:64:4E:01:B4:FD:AD:BA:EF:07:11
X509v3 Authority Key Identifier:
keyid:B5:0D:F6:5A:2F:CB:9B:11:7A:85:3A:6B:56:85:4B:07:18:EC:33:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tQ32Wi_LmxF6hTprVoVLBxjsM0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/ac82ec-0e31-461e-a205-1f6010a30ebb/1/BLdCop2O9TvbimROAbT9rbrvBxE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/ac82ec-0e31-461e-a205-1f6010a30ebb/1/tQ32Wi_LmxF6hTprVoVLBxjsM0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.0.147.0/24
Signature Algorithm: sha256WithRSAEncryption
ca:82:ca:0d:2a:95:e1:e2:10:76:12:53:5f:f7:69:ee:06:2d:
ef:ed:55:22:c3:31:11:eb:6c:1c:fb:9e:e0:f1:1b:50:92:88:
b2:ee:17:ee:7b:6d:5f:ff:49:17:68:09:1c:27:fb:43:a3:81:
5a:ef:38:14:09:c7:e0:1b:a5:b8:33:e4:08:9d:f2:4f:02:31:
e5:d5:b1:74:5f:29:e8:72:38:f8:f4:47:62:b6:9b:d0:12:7d:
0b:04:0e:94:24:27:fc:d2:e7:a6:e7:4a:38:a3:aa:ec:07:b0:
c3:3d:f1:b5:e6:3f:cb:5d:c3:85:8c:c5:5d:d7:ef:16:15:73:
bb:18:92:a3:5c:12:90:f6:75:c5:0a:ed:ae:bf:9e:34:4b:13:
60:e7:dd:e9:40:41:63:ca:18:3b:88:97:8b:6f:2d:b2:85:f0:
a1:0b:cc:d4:47:e6:4a:1b:01:4a:c9:47:5c:65:4f:2f:72:96:
5c:c7:08:0f:e0:81:f8:60:7b:fa:85:6d:82:ec:9c:ea:0e:e4:
8f:05:f4:bc:29:7a:c9:63:61:e2:59:01:87:4f:7f:d6:be:da:
c6:94:4f:13:6d:4b:9c:fe:ab:41:85:71:aa:d6:8f:5a:2a:91:
82:86:12:db:47:7e:8b:8f:ba:cd:e6:7c:5e:70:fa:33:92:d4:
de:67:1f:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcVdlySywLU3yYYwCIyjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1MGRmNjVhMmZjYjliMTE3YTg1M2E2YjU2ODU0YjA3MThl
YzMzNDMwHhcNMjQwMTAyMDQzMjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGI3NDJhMjlkOGVmNTNiZGI4YTY0NGUwMWI0ZmRhZGJhZWYwNzExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyyb828Bk2C54J/OcbjUlDpl3qBEU
IfYyb9gYkeqokDydWCvAg8aRUDFhigsurXz+abb6FuipMv2QI4y2ilojew0ynG+3
dV/vLxMl50PJYvOTMQU02EyOu9aVB0IbkBDGsNzQoFCc2QS8GTyuiJ1lNEM28Sk7
OHbltCKY3RS1K+NXeolyTcckSjHRpuSWef8VR13htcIApf9RNK+7/nUY3zuRHMyG
6w0pocAEbmx+UqKLRyNCIxgXKy7u1esmg1rtFFAt3NX3hMoXjw6VOIDt63Whg+ua
abzw1iSDCYM3CuRta8J3tsOXiMhwDd0UdIS3ZZY3nkvOFjUC+2lPnKPqYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAS3QqKdjvU724pkTgG0/a267wcRMB8GA1UdIwQY
MBaAFLUN9lovy5sReoU6a1aFSwcY7DNDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFEzMldpX0xteEY2aFRwclZvVkxCeGpzTTBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi9hYzgyZWMtMGUzMS00NjFlLWEyMDUt
MWY2MDEwYTMwZWJiLzEvQkxkQ29wMk85VHZiaW1ST0FiVDlyYnJ2QnhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi9hYzgyZWMtMGUzMS00NjFlLWEyMDUtMWY2MDEwYTMwZWJi
LzEvdFEzMldpX0xteEY2aFRwclZvVkxCeGpzTTBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgCTMA0G
CSqGSIb3DQEBCwUAA4IBAQDKgsoNKpXh4hB2ElNf92nuBi3v7VUiwzER62wc+57g
8RtQkoiy7hfue21f/0kXaAkcJ/tDo4Fa7zgUCcfgG6W4M+QInfJPAjHl1bF0Xyno
cjj49EditpvQEn0LBA6UJCf80uem50o4o6rsB7DDPfG15j/LXcOFjMVd1+8WFXO7
GJKjXBKQ9nXFCu2uv540SxNg593pQEFjyhg7iJeLby2yhfChC8zUR+ZKGwFKyUdc
ZU8vcpZcxwgP4IH4YHv6hW2C7JzqDuSPBfS8KXrJY2HiWQGHT3/WvtrGlE8TbUuc
/qtBhXGq1o9aKpGChhLbR36Lj7rN5nxecPozktTeZx+v
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:20:18 2024 by rpki-client on console-ams.rpki-client.org