Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/buR4NaIGvE-c2GsWiaXmD18GyGg.roa
File: buR4NaIGvE-c2GsWiaXmD18GyGg.roa (raw, json)
Hash identifier: tihymfCDs/+Antuhu3jr7iPR0Shk/iiSupYQSP0uTRA=
Subject key identifier: 6E:E4:78:35:A2:06:BC:4F:9C:D8:6B:16:89:A5:E6:0F:5F:06:C8:68
Certificate issuer: /CN=93202129969576ce357fae26c9c7cf98a8250ea6
Certificate serial: 018F10C491CEB25F289C8B0EE5D0DB6D2A99
Authority key identifier: 93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/buR4NaIGvE-c2GsWiaXmD18GyGg.roa
Signing time: Wed 24 Apr 2024 15:41:08 +0000
ROA not before: Wed 24 Apr 2024 15:41:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6677
IP address blocks: 31.209.192.0/18 maxlen: 18
85.220.0.0/17 maxlen: 17
157.157.0.0/16 maxlen: 16
157.157.2.0/24 maxlen: 24
157.157.4.0/24 maxlen: 24
157.157.136.0/24 maxlen: 24
192.147.34.0/24 maxlen: 24
194.105.224.0/19 maxlen: 19
194.105.224.0/24 maxlen: 24
212.30.192.0/19 maxlen: 19
212.30.212.0/24 maxlen: 24
213.167.128.0/19 maxlen: 19
213.167.150.0/24 maxlen: 24
213.167.152.0/24 maxlen: 24
2001:1a98::/29 maxlen: 29
2001:1a98::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.mft
rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 12:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:c4:91:ce:b2:5f:28:9c:8b:0e:e5:d0:db:6d:2a:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93202129969576ce357fae26c9c7cf98a8250ea6
Validity
Not Before: Apr 24 15:41:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ee47835a206bc4f9cd86b1689a5e60f5f06c868
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0f:11:7e:69:cc:f1:e2:cb:b2:bb:17:ed:12:
65:cb:8a:60:e8:c8:9e:9b:14:45:0b:88:35:11:0a:
d3:7e:d0:ba:03:6a:fa:90:21:73:a3:dd:c1:d0:fa:
7d:06:32:e0:a7:a0:b3:a5:ff:7e:72:35:08:82:b3:
ae:cf:a3:93:8e:11:d7:8e:69:47:49:3d:f4:14:01:
b0:d6:74:62:86:a0:49:79:d6:1c:49:8d:0f:4a:1e:
4d:d1:12:35:2a:5c:84:d3:54:0b:36:2c:60:bd:c5:
44:ca:d8:01:52:86:9c:77:be:3a:e3:ca:25:7f:5e:
95:ea:c5:8d:d3:f5:3e:12:5a:30:cd:64:d1:da:3e:
7e:d2:fd:79:89:80:70:71:95:b8:68:f1:ac:db:b6:
ea:c5:04:87:50:c5:03:31:10:72:06:1b:f0:3f:06:
aa:5c:6d:fc:e7:90:72:36:50:a3:37:0f:79:e5:42:
21:1d:60:7f:c6:05:ee:be:e4:3f:c5:e3:10:ff:9d:
f5:b0:06:c9:ef:93:29:35:93:25:1f:cb:c6:94:ff:
3f:98:dc:17:40:78:f0:e7:e4:ff:68:69:94:49:49:
aa:40:36:a5:47:3a:6b:51:a5:bc:df:08:7f:35:a1:
be:f5:9d:f3:b8:cf:4e:24:a0:0d:6c:7b:54:b7:12:
6b:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:E4:78:35:A2:06:BC:4F:9C:D8:6B:16:89:A5:E6:0F:5F:06:C8:68
X509v3 Authority Key Identifier:
keyid:93:20:21:29:96:95:76:CE:35:7F:AE:26:C9:C7:CF:98:A8:25:0E:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyAhKZaVds41f64mycfPmKglDqY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/buR4NaIGvE-c2GsWiaXmD18GyGg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/d6e796-0e14-45b1-9cf3-5ad58abfbb1f/1/kyAhKZaVds41f64mycfPmKglDqY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.192.0/18
85.220.0.0/17
157.157.0.0/16
192.147.34.0/24
194.105.224.0/19
212.30.192.0/19
213.167.128.0/19
IPv6:
2001:1a98::/29
Signature Algorithm: sha256WithRSAEncryption
64:4c:0d:75:41:a6:f3:e0:44:74:0d:14:94:21:2d:4c:21:08:
16:cb:0c:2d:66:4e:ba:86:07:33:80:36:e2:99:7d:d2:1e:f4:
d8:63:a3:41:eb:4b:4e:55:af:49:7a:9f:19:ac:78:69:4e:f5:
4c:51:07:7b:d7:1e:dd:d0:48:a4:03:73:6d:65:95:3a:4f:ca:
37:44:ac:69:eb:63:cb:5c:5b:80:cc:f4:ec:92:7e:8f:88:75:
cb:8a:d9:30:fe:d2:e7:68:14:56:e0:79:75:b8:19:4e:a1:4c:
99:0a:d4:d9:ac:23:4f:50:3b:02:24:c9:3c:c2:19:c6:94:28:
c0:d0:e7:d8:01:40:8c:18:b3:83:21:f5:02:0c:ff:d8:49:b9:
b1:7e:6e:a3:ab:d3:11:7b:77:0b:56:5c:b2:7f:9b:92:e1:d7:
54:5b:a1:7b:71:5e:d7:5f:ff:1c:2b:0a:03:0c:71:5d:e2:e1:
79:8f:ca:6a:e3:cd:ce:70:0a:e1:5d:56:58:db:71:a5:bb:4d:
28:9c:94:f6:36:fc:c2:b6:7d:0e:14:7c:1a:fb:6d:b6:04:00:
20:1e:d3:a2:a7:80:e0:bf:72:e2:86:7b:de:5f:ee:39:08:2b:
11:62:bf:cf:48:45:08:68:02:24:8f:65:3a:e4:f1:bb:7a:2b:
cd:be:3c:83
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY8QxJHOsl8onIsO5dDbbSqZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjAyMTI5OTY5NTc2Y2UzNTdmYWUyNmM5YzdjZjk4YTgy
NTBlYTYwHhcNMjQwNDI0MTU0MTA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWU0NzgzNWEyMDZiYzRmOWNkODZiMTY4OWE1ZTYwZjVmMDZjODY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjA8RfmnM8eLLsrsX7RJly4pg6Mie
mxRFC4g1EQrTftC6A2r6kCFzo93B0Pp9BjLgp6Czpf9+cjUIgrOuz6OTjhHXjmlH
ST30FAGw1nRihqBJedYcSY0PSh5N0RI1KlyE01QLNixgvcVEytgBUoacd74648ol
f16V6sWN0/U+ElowzWTR2j5+0v15iYBwcZW4aPGs27bqxQSHUMUDMRByBhvwPwaq
XG3855ByNlCjNw955UIhHWB/xgXuvuQ/xeMQ/531sAbJ75MpNZMlH8vGlP8/mNwX
QHjw5+T/aGmUSUmqQDalRzprUaW83wh/NaG+9Z3zuM9OJKANbHtUtxJrSQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFG7keDWiBrxPnNhrFoml5g9fBshoMB8GA1UdIwQY
MBaAFJMgISmWlXbONX+uJsnHz5ioJQ6mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMt
NWFkNThhYmZiYjFmLzEvYnVSNE5hSUd2RS1jMkdzV2lhWG1EMThHeUdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS9kNmU3OTYtMGUxNC00NWIxLTljZjMtNWFkNThhYmZiYjFm
LzEva3lBaEtaYVZkczQxZjY0bXljZlBtS2dsRHFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQGH9HAAwQH
VdwAAwMAnZ0DBADAkyIDBAXCaeADBAXUHsADBAXVp4AwDQQCAAIwBwMFAyABGpgw
DQYJKoZIhvcNAQELBQADggEBAGRMDXVBpvPgRHQNFJQhLUwhCBbLDC1mTrqGBzOA
NuKZfdIe9Nhjo0HrS05Vr0l6nxmseGlO9UxRB3vXHt3QSKQDc21llTpPyjdErGnr
Y8tcW4DM9OySfo+IdcuK2TD+0udoFFbgeXW4GU6hTJkK1NmsI09QOwIkyTzCGcaU
KMDQ59gBQIwYs4Mh9QIM/9hJubF+bqOr0xF7dwtWXLJ/m5Lh11RboXtxXtdf/xwr
CgMMcV3i4XmPymrjzc5wCuFdVljbcaW7TSiclPY2/MK2fQ4UfBr7bbYEACAe06Kn
gOC/cuKGe95f7jkIKxFiv89IRQhoAiSPZTrk8bt6K82+PIM=
-----END CERTIFICATE-----
Generated at Mon Jul 1 18:47:50 2024 by rpki-client on console-fra.rpki-client.org