Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/bfd1UQk-YppLck1tc7BlmoKdeG8.roa
File: bfd1UQk-YppLck1tc7BlmoKdeG8.roa (raw, json)
Hash identifier: In2v/jrZDLXjkLRY+ZK+DM8EpVcI1vkklt7kcq7mBYU=
Subject key identifier: 6D:F7:75:51:09:3E:62:9A:4B:72:4D:6D:73:B0:65:9A:82:9D:78:6F
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 018E03430929C0CE5E0AB041653EC90FCB28
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/bfd1UQk-YppLck1tc7BlmoKdeG8.roa
Signing time: Sun 03 Mar 2024 07:41:48 +0000
ROA not before: Sun 03 Mar 2024 07:41:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43395
IP address blocks: 81.12.64.0/23 maxlen: 23
81.12.65.0/24 maxlen: 24
81.12.66.0/24 maxlen: 24
81.12.90.0/23 maxlen: 23
87.107.31.0/24 maxlen: 24
87.107.32.0/23 maxlen: 23
87.107.85.0/24 maxlen: 24
87.107.142.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:03:43:09:29:c0:ce:5e:0a:b0:41:65:3e:c9:0f:cb:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: Mar 3 07:41:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6df77551093e629a4b724d6d73b0659a829d786f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:c1:9f:93:dc:3b:4c:d1:7e:fb:1a:8c:91:85:
a6:67:df:50:8a:35:34:cd:74:cf:3c:4d:cd:b0:2a:
b8:ab:ab:ba:8b:74:52:f6:42:cb:17:7f:1e:89:c9:
13:34:22:8e:28:19:c3:ae:f3:cf:73:90:df:11:33:
18:74:98:f4:3b:80:2b:9e:31:31:69:ba:12:af:6e:
c1:dd:9b:86:a4:7a:43:1b:77:a1:1a:72:ea:7b:7a:
fa:d9:c5:17:ca:3c:33:b9:38:2f:f5:37:9f:98:26:
5b:21:12:00:2c:48:8e:42:45:f4:5a:b9:bd:50:e6:
59:5f:27:8a:3e:74:c9:06:dd:e5:0c:c2:c4:fb:2c:
1b:fd:18:9f:a1:e1:01:c4:9e:69:35:91:1c:39:b3:
29:ce:23:bd:55:4a:4e:43:f9:58:6b:68:cd:26:a8:
76:75:27:51:0b:20:b0:75:32:94:bf:39:70:43:5a:
f5:df:c0:f2:f5:33:f1:b1:8b:c8:b5:62:3d:6c:2e:
f9:7b:f3:41:8a:75:4a:27:92:a6:87:e9:ac:11:f1:
7e:8e:15:b2:4b:a4:a0:d8:5c:7e:99:21:04:e2:73:
72:d3:d1:b5:7d:e3:53:97:de:32:41:26:bc:13:3a:
63:fd:dc:20:3c:c9:d7:6e:de:eb:2e:7e:4f:60:2a:
80:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:F7:75:51:09:3E:62:9A:4B:72:4D:6D:73:B0:65:9A:82:9D:78:6F
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/bfd1UQk-YppLck1tc7BlmoKdeG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.12.64.0-81.12.66.255
81.12.90.0/23
87.107.31.0-87.107.33.255
87.107.85.0/24
87.107.142.0/23
Signature Algorithm: sha256WithRSAEncryption
2c:fe:ea:84:2e:3a:2d:60:90:94:04:6f:50:c6:83:8d:22:0a:
71:b3:0d:21:e7:f8:7f:8b:4c:84:11:a0:1e:71:75:8e:47:5d:
fb:71:98:a6:29:7e:ca:98:1f:69:35:56:d7:06:1c:98:cc:ee:
cc:ec:09:f8:e1:26:f6:7d:49:a4:b0:ce:07:c5:0d:8a:67:25:
ed:bc:93:34:4a:b1:c5:30:72:70:b2:a6:bc:df:86:1e:ba:14:
63:fa:84:da:38:7b:46:61:bb:a8:7a:02:dc:71:4d:40:ab:26:
57:b7:7e:93:ea:6e:e7:5b:4e:d3:7e:6f:3e:84:36:6e:7b:c7:
94:4d:51:4f:39:c0:6b:28:3d:c1:3c:88:fb:c4:e4:b8:e3:53:
9f:bc:2b:53:8a:ae:c2:45:75:9f:38:cd:c3:2e:1d:9c:e1:99:
9c:06:4c:fb:4c:16:5e:89:79:9a:30:56:b0:f2:c1:de:01:2a:
fd:98:b3:13:a1:5c:ad:a6:24:43:ff:92:58:ec:46:17:4d:2d:
36:20:0d:7a:05:a9:86:5a:33:6b:0a:6b:34:0c:d8:23:59:dc:
bd:2e:1b:d4:3b:1d:22:ac:25:c4:87:71:9f:96:7a:86:f8:29:
5b:a8:70:3d:a8:d5:c0:30:7a:84:08:cd:b9:b6:b0:5b:8b:cd:
16:d5:8f:c0
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAY4DQwkpwM5eCrBBZT7JD8soMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjQwMzAzMDc0MTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGY3NzU1MTA5M2U2MjlhNGI3MjRkNmQ3M2IwNjU5YTgyOWQ3ODZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8Gfk9w7TNF++xqMkYWmZ99QijU0
zXTPPE3NsCq4q6u6i3RS9kLLF38eickTNCKOKBnDrvPPc5DfETMYdJj0O4ArnjEx
aboSr27B3ZuGpHpDG3ehGnLqe3r62cUXyjwzuTgv9TefmCZbIRIALEiOQkX0Wrm9
UOZZXyeKPnTJBt3lDMLE+ywb/RifoeEBxJ5pNZEcObMpziO9VUpOQ/lYa2jNJqh2
dSdRCyCwdTKUvzlwQ1r138Dy9TPxsYvItWI9bC75e/NBinVKJ5Kmh+msEfF+jhWy
S6Sg2Fx+mSEE4nNy09G1feNTl94yQSa8Ezpj/dwgPMnXbt7rLn5PYCqAbwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFG33dVEJPmKaS3JNbXOwZZqCnXhvMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvYmZkMVVRay1ZcHBMY2sxdGM3Qmxtb0tkZUc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuMAwDBAZRDEAD
BABRDEIDBAFRDFowDAMEAFdrHwMEAVdrIAMEAFdrVQMEAVdrjjANBgkqhkiG9w0B
AQsFAAOCAQEALP7qhC46LWCQlARvUMaDjSIKcbMNIef4f4tMhBGgHnF1jkdd+3GY
pil+ypgfaTVW1wYcmMzuzOwJ+OEm9n1JpLDOB8UNimcl7byTNEqxxTBycLKmvN+G
HroUY/qE2jh7RmG7qHoC3HFNQKsmV7d+k+pu51tO035vPoQ2bnvHlE1RTznAayg9
wTyI+8TkuONTn7wrU4quwkV1nzjNwy4dnOGZnAZM+0wWXol5mjBWsPLB3gEq/Ziz
E6FcraYkQ/+SWOxGF00tNiANegWphlozawprNAzYI1ncvS4b1DsdIqwlxIdxn5Z6
hvgpW6hwPajVwDB6hAjNubawW4vNFtWPwA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:20:33 2024 by rpki-client on console-ams.rpki-client.org