Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/bU4gNI_T4esO01Cni2GOLh3Xvyg.roa
File: bU4gNI_T4esO01Cni2GOLh3Xvyg.roa (raw, json)
Hash identifier: RcGv0B75y2PP4iWQlpd4oO7n3zwRl4CWqJjCji5XWN0=
Subject key identifier: 6D:4E:20:34:8F:D3:E1:EB:0E:D3:50:A7:8B:61:8E:2E:1D:D7:BF:28
Certificate issuer: /CN=6ff362c0765afb7b9804b6d819470007b01f262e
Certificate serial: 018CC56EBE82C9DB530EFEEDAA527F10172A
Authority key identifier: 6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/bU4gNI_T4esO01Cni2GOLh3Xvyg.roa
Signing time: Mon 01 Jan 2024 14:30:18 +0000
ROA not before: Mon 01 Jan 2024 14:30:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31399
IP address blocks: 141.113.232.0/21 maxlen: 21
141.113.240.0/21 maxlen: 21
141.113.248.0/21 maxlen: 21
141.113.204.0/22 maxlen: 22
141.113.200.0/22 maxlen: 22
141.113.208.0/21 maxlen: 21
141.113.216.0/21 maxlen: 21
141.113.224.0/21 maxlen: 21
141.113.16.0/21 maxlen: 21
141.113.24.0/22 maxlen: 22
141.113.36.0/22 maxlen: 22
141.113.32.0/22 maxlen: 22
141.113.32.0/21 maxlen: 21
141.113.40.0/21 maxlen: 21
141.113.48.0/21 maxlen: 21
141.113.56.0/21 maxlen: 21
141.113.64.0/21 maxlen: 21
53.0.0.0/8 maxlen: 8
141.113.0.0/21 maxlen: 21
141.113.8.0/21 maxlen: 21
53.3.144.0/21 maxlen: 21
141.113.120.0/21 maxlen: 21
141.113.72.0/21 maxlen: 21
141.113.88.0/22 maxlen: 22
141.113.96.0/21 maxlen: 21
141.113.104.0/21 maxlen: 21
141.113.112.0/21 maxlen: 21
2a03:9e40::/29 maxlen: 29
2a03:9e42::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:be:82:c9:db:53:0e:fe:ed:aa:52:7f:10:17:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ff362c0765afb7b9804b6d819470007b01f262e
Validity
Not Before: Jan 1 14:30:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d4e20348fd3e1eb0ed350a78b618e2e1dd7bf28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:22:50:70:8a:a9:b5:66:c2:42:94:7c:eb:2e:
7f:76:fd:4f:a5:10:1c:09:24:a5:19:b4:72:ae:a3:
0e:ae:ac:80:65:84:b9:5e:f8:9d:b7:2c:f3:e3:52:
c0:c2:74:b8:4a:13:f9:19:f2:8d:32:07:6c:f1:59:
3d:dc:f7:d5:2f:78:0c:aa:68:95:8d:73:64:cc:64:
56:41:b3:0d:e3:6f:0a:7d:aa:a1:cb:b4:66:58:74:
a1:82:9c:e3:45:4f:da:53:a3:d7:90:84:7c:d1:a9:
ed:b3:7b:f8:2a:09:da:27:96:d7:58:02:f2:7d:1c:
84:22:d3:54:0f:93:36:92:fa:4e:df:f0:4a:fd:52:
28:c1:ac:50:4f:64:54:ea:81:dd:1b:66:a2:f7:81:
dc:b1:d3:1a:9b:19:dd:ff:ab:4d:c5:a2:d7:01:13:
7b:da:16:12:4a:7d:96:5c:86:ff:9a:fb:8a:95:ff:
9a:56:f6:60:82:b7:b4:c3:d4:69:af:f6:ae:b1:98:
f4:e1:f3:9e:4e:b7:ac:f6:d2:8e:e8:22:10:89:71:
45:3a:ec:f3:ed:3d:1f:6c:6b:85:58:a9:27:38:9b:
7b:64:10:2d:09:33:22:5a:c6:48:05:5c:4d:bd:af:
0f:33:d7:e0:83:30:de:af:d4:0d:73:8f:9c:ac:55:
2e:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:4E:20:34:8F:D3:E1:EB:0E:D3:50:A7:8B:61:8E:2E:1D:D7:BF:28
X509v3 Authority Key Identifier:
keyid:6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/bU4gNI_T4esO01Cni2GOLh3Xvyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
53.0.0.0/8
141.113.0.0-141.113.27.255
141.113.32.0-141.113.79.255
141.113.88.0/22
141.113.96.0/19
141.113.200.0-141.113.255.255
IPv6:
2a03:9e40::/29
Signature Algorithm: sha256WithRSAEncryption
64:f0:6b:b7:70:c9:59:13:ba:9c:7d:4f:e9:f8:ce:84:fa:e1:
42:8b:b5:fa:93:b1:9d:3b:58:c5:dd:44:41:b4:88:e7:77:be:
ad:ea:bf:ac:e5:24:fc:b6:67:fb:6e:2d:15:96:6b:19:fd:d2:
ca:db:fd:ee:11:94:70:63:66:64:63:82:44:4c:00:f7:d2:f0:
a0:1c:90:d4:82:a2:2a:b5:26:1e:72:2e:93:9f:05:d9:4a:3b:
a6:57:f5:da:46:2d:66:2e:29:14:9c:cd:6d:20:22:30:a5:83:
49:bc:af:85:ce:1b:f9:0d:16:ec:1e:c3:38:88:bc:3d:3d:49:
d2:a6:ec:e7:fa:71:9d:b7:9f:da:b3:36:02:1f:83:5a:ee:a1:
dd:10:32:a7:61:2b:c7:6a:fa:08:2b:b8:02:2c:6c:bc:73:4c:
a6:97:9c:7e:1f:ce:8f:39:39:72:bc:a2:a4:0c:70:82:90:d1:
03:15:6b:a4:7a:73:07:87:cb:bc:59:fa:aa:00:7d:62:f3:60:
b9:95:2c:fd:bd:4c:bc:b7:f4:6c:23:94:d9:08:e0:f9:ae:44:
b8:f4:b6:a7:68:6f:e1:2a:7c:b0:71:03:55:52:8c:4d:44:80:
b7:68:5a:60:09:4b:ec:3f:75:57:1e:25:c0:ff:42:26:b8:46:
75:7f:75:52
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAYzFbr6CydtTDv7tqlJ/EBcqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZjM2MmMwNzY1YWZiN2I5ODA0YjZkODE5NDcwMDA3YjAx
ZjI2MmUwHhcNMjQwMTAxMTQzMDE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDRlMjAzNDhmZDNlMWViMGVkMzUwYTc4YjYxOGUyZTFkZDdiZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgyJQcIqptWbCQpR86y5/dv1PpRAc
CSSlGbRyrqMOrqyAZYS5Xvidtyzz41LAwnS4ShP5GfKNMgds8Vk93PfVL3gMqmiV
jXNkzGRWQbMN428Kfaqhy7RmWHShgpzjRU/aU6PXkIR80ants3v4KgnaJ5bXWALy
fRyEItNUD5M2kvpO3/BK/VIowaxQT2RU6oHdG2ai94HcsdMamxnd/6tNxaLXARN7
2hYSSn2WXIb/mvuKlf+aVvZggre0w9Rpr/ausZj04fOeTres9tKO6CIQiXFFOuzz
7T0fbGuFWKknOJt7ZBAtCTMiWsZIBVxNva8PM9fggzDer9QNc4+crFUuFwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFG1OIDSP0+HrDtNQp4thji4d178oMB8GA1UdIwQY
MBaAFG/zYsB2Wvt7mAS22BlHAAewHyYuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEt
ZGFmZDc0NzYzZDIzLzEvYlU0Z05JX1Q0ZXNPMDFDbmkyR09MaDNYdnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEtZGFmZDc0NzYzZDIz
LzEvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwIANTALAwMA
jXEDBAKNcRgwDAMEBY1xIAMEBI1xQAMEAo1xWAMEBY1xYDALAwQDjXHIAwMBjXAw
DQQCAAIwBwMFAyoDnkAwDQYJKoZIhvcNAQELBQADggEBAGTwa7dwyVkTupx9T+n4
zoT64UKLtfqTsZ07WMXdREG0iOd3vq3qv6zlJPy2Z/tuLRWWaxn90srb/e4RlHBj
ZmRjgkRMAPfS8KAckNSCoiq1Jh5yLpOfBdlKO6ZX9dpGLWYuKRSczW0gIjClg0m8
r4XOG/kNFuwewziIvD09SdKm7Of6cZ23n9qzNgIfg1ruod0QMqdhK8dq+ggruAIs
bLxzTKaXnH4fzo85OXK8oqQMcIKQ0QMVa6R6cweHy7xZ+qoAfWLzYLmVLP29TLy3
9GwjlNkI4PmuRLj0tqdob+EqfLBxA1VSjE1EgLdoWmAJS+w/dVceJcD/Qia4RnV/
dVI=
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:39:16 2024 by rpki-client on console-fra.rpki-client.org