Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/BbVA45-G3JaZ9aARBupwivZdtwc.roa
File: BbVA45-G3JaZ9aARBupwivZdtwc.roa (raw, json)
Hash identifier: Olst5gc6kfnLaRGa2S9NliQKizwEJoLwQTKdBrdZ2Z0=
Subject key identifier: 05:B5:40:E3:9F:86:DC:96:99:F5:A0:11:06:EA:70:8A:F6:5D:B7:07
Certificate issuer: /CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Certificate serial: 018CC492E4556CD8B3932D22668F066ABBFD
Authority key identifier: 3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/BbVA45-G3JaZ9aARBupwivZdtwc.roa
Signing time: Mon 01 Jan 2024 10:30:10 +0000
ROA not before: Mon 01 Jan 2024 10:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25400
IP address blocks: 2001:2020::/31 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.mft
rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 22:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:e4:55:6c:d8:b3:93:2d:22:66:8f:06:6a:bb:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ba5b1c09aa31f6713c61b32e558109e47966d42
Validity
Not Before: Jan 1 10:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05b540e39f86dc9699f5a01106ea708af65db707
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6d:02:1e:5c:14:b0:0d:26:7f:33:d3:0f:99:
f9:fd:e1:09:6b:00:d0:7c:ca:f7:08:59:5c:02:ef:
24:d0:9b:c8:79:61:07:42:65:3b:ff:a4:23:9c:6a:
38:18:e7:4c:7d:5c:2a:eb:9e:a7:22:ec:5c:85:00:
5c:ba:c4:3b:43:53:fe:86:0d:a5:70:4b:c7:d3:85:
e7:2e:0d:e5:dc:df:d7:be:5c:96:cf:19:ea:eb:52:
91:a2:11:a3:ed:3d:9b:20:0b:77:4b:0f:37:5f:94:
9f:a9:02:a7:24:a3:95:f3:a3:e0:78:d4:44:f3:58:
94:2e:25:a6:5b:c2:58:fc:5c:79:d9:59:fa:ab:f5:
6a:ed:ac:a8:48:56:ea:54:23:c4:e4:71:5d:30:f7:
f4:d2:b5:e7:f3:8a:b4:47:e7:75:6c:31:6f:d8:6d:
1e:d4:16:39:ef:e0:82:31:5b:05:59:b1:eb:72:20:
47:d0:41:f8:76:59:b8:d5:6d:87:a8:cb:b6:fd:bb:
03:78:7c:a8:5b:37:f0:0c:ff:6c:69:3c:a4:e6:80:
4b:a7:c6:7d:2b:31:fa:ca:2c:ee:cd:3e:0b:3f:7c:
c6:c4:34:d2:f6:ef:f0:36:aa:20:82:ab:4a:2c:5c:
e4:39:49:d2:cb:3e:21:24:c2:66:2a:e7:2d:e1:02:
f7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:B5:40:E3:9F:86:DC:96:99:F5:A0:11:06:EA:70:8A:F6:5D:B7:07
X509v3 Authority Key Identifier:
keyid:3B:A5:B1:C0:9A:A3:1F:67:13:C6:1B:32:E5:58:10:9E:47:96:6D:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O6WxwJqjH2cTxhsy5VgQnkeWbUI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/BbVA45-G3JaZ9aARBupwivZdtwc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/13bd77-d297-4689-bee4-466e9cab7864/1/O6WxwJqjH2cTxhsy5VgQnkeWbUI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:2020::/31
Signature Algorithm: sha256WithRSAEncryption
28:95:cd:3f:4d:d6:0d:b1:56:a6:2c:6f:c3:5d:74:54:6d:54:
fc:a2:40:1e:89:7e:6a:0f:e3:b0:48:2e:4c:5f:29:91:76:f3:
88:eb:98:7c:0f:86:7f:3c:73:7d:12:8a:9b:fe:56:1e:58:83:
11:e5:4b:6f:42:ed:4e:82:2f:94:04:dc:23:c4:2e:8b:e8:4b:
1a:39:95:52:b5:b5:12:4c:ce:97:8f:35:aa:93:4f:0e:1e:3f:
29:75:4b:b7:9d:4c:d5:f4:ba:40:13:70:00:a9:0b:5c:28:7c:
e5:53:44:17:ad:a5:35:65:34:ad:58:d9:f4:49:5c:af:a2:77:
38:9d:2c:e7:22:fe:7b:23:94:4e:7b:f5:5c:46:f6:b1:f8:c7:
65:c2:dd:60:63:3e:ec:c3:8f:4f:bd:fe:0c:f3:0f:e6:94:1c:
d2:e1:cd:1d:c4:28:72:2a:ba:bd:62:fd:9e:e6:e2:7b:77:75:
af:0d:9b:26:94:c3:a0:aa:cd:df:5a:a2:55:b1:73:52:ef:9e:
68:d7:c7:f1:6c:07:0c:4d:ec:00:76:ec:ee:de:53:70:2d:aa:
2e:99:0f:a4:6d:a0:80:e4:28:d5:fc:f1:ca:73:5f:bf:57:0a:
9e:c2:4a:99:32:71:fe:12:b4:14:f3:95:b5:24:df:f7:71:7f:
c0:e7:3a:2a
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzEkuRVbNizky0iZo8Garv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiYTViMWMwOWFhMzFmNjcxM2M2MWIzMmU1NTgxMDllNDc5
NjZkNDIwHhcNMjQwMTAxMTAzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWI1NDBlMzlmODZkYzk2OTlmNWEwMTEwNmVhNzA4YWY2NWRiNzA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk20CHlwUsA0mfzPTD5n5/eEJawDQ
fMr3CFlcAu8k0JvIeWEHQmU7/6QjnGo4GOdMfVwq656nIuxchQBcusQ7Q1P+hg2l
cEvH04XnLg3l3N/XvlyWzxnq61KRohGj7T2bIAt3Sw83X5SfqQKnJKOV86PgeNRE
81iULiWmW8JY/Fx52Vn6q/Vq7ayoSFbqVCPE5HFdMPf00rXn84q0R+d1bDFv2G0e
1BY57+CCMVsFWbHrciBH0EH4dlm41W2HqMu2/bsDeHyoWzfwDP9saTyk5oBLp8Z9
KzH6yizuzT4LP3zGxDTS9u/wNqoggqtKLFzkOUnSyz4hJMJmKuct4QL3CwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFAW1QOOfhtyWmfWgEQbqcIr2XbcHMB8GA1UdIwQY
MBaAFDulscCaox9nE8YbMuVYEJ5Hlm1CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQt
NDY2ZTljYWI3ODY0LzEvQmJWQTQ1LUczSmFaOWFBUkJ1cHdpdlpkdHdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC8xM2JkNzctZDI5Ny00Njg5LWJlZTQtNDY2ZTljYWI3ODY0
LzEvTzZXeHdKcWpIMmNUeGhzeTVWZ1Fua2VXYlVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUBIAEgIDAN
BgkqhkiG9w0BAQsFAAOCAQEAKJXNP03WDbFWpixvw110VG1U/KJAHol+ag/jsEgu
TF8pkXbziOuYfA+GfzxzfRKKm/5WHliDEeVLb0LtToIvlATcI8Qui+hLGjmVUrW1
EkzOl481qpNPDh4/KXVLt51M1fS6QBNwAKkLXCh85VNEF62lNWU0rVjZ9Elcr6J3
OJ0s5yL+eyOUTnv1XEb2sfjHZcLdYGM+7MOPT73+DPMP5pQc0uHNHcQociq6vWL9
nubie3d1rw2bJpTDoKrN31qiVbFzUu+eaNfH8WwHDE3sAHbs7t5TcC2qLpkPpG2g
gOQo1fzxynNfv1cKnsJKmTJx/hK0FPOVtSTf93F/wOc6Kg==
-----END CERTIFICATE-----
Generated at Mon May 20 05:46:21 2024 by rpki-client on console-ams.rpki-client.org