Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/BBglIPj9OnQncLIgz3C03wtSgzw.roa
File: BBglIPj9OnQncLIgz3C03wtSgzw.roa (raw, json)
Hash identifier: 2+yqjvJR6pHdvh+fpZBcA0khoXtZH95tSoGOqLBZmLc=
Subject key identifier: 04:18:25:20:F8:FD:3A:74:27:70:B2:20:CF:70:B4:DF:0B:52:83:3C
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 01909B8A5BC267250C52EF12DBD6DF85DFD7
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/BBglIPj9OnQncLIgz3C03wtSgzw.roa
Signing time: Wed 10 Jul 2024 07:27:34 +0000
ROA not before: Wed 10 Jul 2024 07:27:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8374
IP address blocks: 5.172.224.0/19 maxlen: 19
31.0.0.0/16 maxlen: 16
37.98.208.0/20 maxlen: 20
37.109.0.0/16 maxlen: 16
37.152.16.0/20 maxlen: 20
37.209.128.0/19 maxlen: 19
37.247.128.0/17 maxlen: 17
37.247.241.0/28 maxlen: 28
37.248.0.0/16 maxlen: 16
46.76.0.0/15 maxlen: 15
78.30.64.0/18 maxlen: 18
84.39.160.0/20 maxlen: 20
87.251.224.0/19 maxlen: 19
92.60.128.0/20 maxlen: 20
93.154.128.0/17 maxlen: 17
151.248.32.0/20 maxlen: 20
185.4.212.0/22 maxlen: 22
188.125.32.0/19 maxlen: 19
193.41.112.0/23 maxlen: 23
212.2.96.0/19 maxlen: 19
2a01:2e0::/28 maxlen: 28
2a01:bb80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:9b:8a:5b:c2:67:25:0c:52:ef:12:db:d6:df:85:df:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Jul 10 07:27:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04182520f8fd3a742770b220cf70b4df0b52833c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:78:e5:28:68:55:79:8a:50:e6:61:18:20:9a:
bb:2d:c3:07:6e:15:81:4e:03:5f:26:25:78:00:6c:
7b:fb:99:e9:16:65:ca:28:2d:91:dd:51:35:df:e6:
51:21:1d:c9:84:32:bf:3e:5e:a2:c1:b0:e5:78:b6:
b3:b3:7b:00:07:39:c0:1b:4b:6e:b8:13:84:a5:ba:
9e:08:65:e2:4a:79:3a:c8:60:a0:6b:36:f9:ca:eb:
5c:fb:1f:3a:97:68:79:55:c0:b6:2f:6b:37:73:ec:
a5:8f:26:9c:02:35:ba:9e:1b:14:13:56:7b:9d:64:
ac:8c:49:3c:a5:56:81:4b:89:96:93:7f:a6:c2:7a:
5e:39:07:d0:06:e0:41:86:71:9d:9e:5b:b0:2b:b6:
72:18:45:40:9c:49:cd:d8:ef:d2:50:da:b0:b9:62:
29:85:95:ff:d9:aa:43:04:14:6a:31:47:6a:1e:bc:
fc:68:19:15:34:3f:61:05:f3:42:89:9b:92:00:f9:
5c:1b:cc:ac:dd:5e:66:4f:f7:c7:0a:02:88:6b:54:
5b:66:fe:63:ca:08:c2:c7:06:1b:6b:69:a3:4d:bf:
82:a5:e2:17:eb:30:67:ea:c5:da:bf:f4:ac:f7:4c:
c2:37:e5:3b:aa:39:4f:6d:61:cf:6c:f0:80:8c:0c:
a4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:18:25:20:F8:FD:3A:74:27:70:B2:20:CF:70:B4:DF:0B:52:83:3C
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/BBglIPj9OnQncLIgz3C03wtSgzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.224.0/19
31.0.0.0/16
37.98.208.0/20
37.109.0.0/16
37.152.16.0/20
37.209.128.0/19
37.247.128.0-37.248.255.255
46.76.0.0/15
78.30.64.0/18
84.39.160.0/20
87.251.224.0/19
92.60.128.0/20
93.154.128.0/17
151.248.32.0/20
185.4.212.0/22
188.125.32.0/19
193.41.112.0/23
212.2.96.0/19
IPv6:
2a01:2e0::/28
2a01:bb80::/32
Signature Algorithm: sha256WithRSAEncryption
5e:e0:74:39:52:e3:69:9b:4b:64:af:76:b6:cb:e8:31:c5:a4:
20:f1:48:33:cc:bd:85:8c:2a:27:af:09:c6:98:85:d4:6c:45:
7e:4f:25:ae:33:30:1e:a0:36:8b:35:cd:0f:61:03:b4:26:c6:
f6:fb:d2:fe:25:6e:05:86:a3:3b:28:64:f5:7d:ab:d2:9c:a1:
09:9e:8d:ec:d9:7b:55:57:e0:68:59:75:9e:0c:a3:8c:52:93:
d2:63:b0:37:b7:7c:e7:60:a7:44:68:54:00:b7:b6:3a:ef:7e:
fd:42:c7:0a:53:6f:43:dd:9a:a6:22:5b:8b:07:7b:26:aa:6a:
40:7e:b6:f3:dd:cd:c6:69:e8:3f:b4:fe:4e:4b:2a:d3:bf:2f:
1f:a0:6a:bf:50:22:7b:89:9b:06:9e:2c:c9:fa:ed:8d:63:4c:
73:15:ca:b5:d4:da:09:d7:d7:ce:a8:7a:6b:76:19:b3:44:8d:
fb:80:a2:59:3e:53:6b:44:0d:53:06:6e:07:67:90:91:05:e8:
5f:86:db:be:a0:08:8a:0c:93:48:fa:71:06:a0:8b:08:13:78:
f1:b0:f2:78:a4:ac:be:c5:00:3b:e5:3d:af:f6:15:50:eb:6f:
85:69:77:a0:e2:87:3e:5b:4e:ac:61:47:14:16:91:e7:45:d2:
78:bb:e9:b9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZCbilvCZyUMUu8S29bfhd/XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjQwNzEwMDcyNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDE4MjUyMGY4ZmQzYTc0Mjc3MGIyMjBjZjcwYjRkZjBiNTI4MzNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2HjlKGhVeYpQ5mEYIJq7LcMHbhWB
TgNfJiV4AGx7+5npFmXKKC2R3VE13+ZRIR3JhDK/Pl6iwbDleLazs3sABznAG0tu
uBOEpbqeCGXiSnk6yGCgazb5yutc+x86l2h5VcC2L2s3c+yljyacAjW6nhsUE1Z7
nWSsjEk8pVaBS4mWk3+mwnpeOQfQBuBBhnGdnluwK7ZyGEVAnEnN2O/SUNqwuWIp
hZX/2apDBBRqMUdqHrz8aBkVND9hBfNCiZuSAPlcG8ys3V5mT/fHCgKIa1RbZv5j
ygjCxwYba2mjTb+CpeIX6zBn6sXav/Ss90zCN+U7qjlPbWHPbPCAjAykcwIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFAQYJSD4/Tp0J3CyIM9wtN8LUoM8MB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvQkJnbElQajlPblFuY0xJZ3ozQzAzd3RTZ3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjB2BAIAATBwAwQFBazg
AwMAHwADBAQlYtADAwAlbQMEBCWYEAMEBSXRgDALAwQHJfeAAwMAJfgDAwEuTAME
Bk4eQAMEBFQnoAMEBVf74AMEBFw8gAMEB12agAMEBJf4IAMEArkE1AMEBbx9IAME
AcEpcAMEBdQCYDAUBAIAAjAOAwUEKgEC4AMFACoBu4AwDQYJKoZIhvcNAQELBQAD
ggEBAF7gdDlS42mbS2SvdrbL6DHFpCDxSDPMvYWMKievCcaYhdRsRX5PJa4zMB6g
Nos1zQ9hA7Qmxvb70v4lbgWGozsoZPV9q9KcoQmejezZe1VX4GhZdZ4Mo4xSk9Jj
sDe3fOdgp0RoVAC3tjrvfv1CxwpTb0PdmqYiW4sHeyaqakB+tvPdzcZp6D+0/k5L
KtO/Lx+gar9QInuJmwaeLMn67Y1jTHMVyrXU2gnX186oemt2GbNEjfuAolk+U2tE
DVMGbgdnkJEF6F+G276gCIoMk0j6cQagiwgTePGw8nikrL7FADvlPa/2FVDrb4Vp
d6Dihz5bTqxhRxQWkedF0ni76bk=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:45 2024 by rpki-client on console-ams.rpki-client.org