Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/sbFNUCEEatjFA8zN2mObxw5H11I.roa
File: sbFNUCEEatjFA8zN2mObxw5H11I.roa (raw, json)
Hash identifier: 1Dg64se94f9BCd076weBFjUBv09xEQOI8IfEjFd51q0=
Subject key identifier: B1:B1:4D:50:21:04:6A:D8:C5:03:CC:CD:DA:63:9B:C7:0E:47:D7:52
Certificate issuer: /CN=51da0066122e6ba294d2b747938d46c74e99f880
Certificate serial: 018CCDFD4B7ED82BD85A32B8AD23AE038B30
Authority key identifier: 51:DA:00:66:12:2E:6B:A2:94:D2:B7:47:93:8D:46:C7:4E:99:F8:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UdoAZhIua6KU0rdHk41Gx06Z-IA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/sbFNUCEEatjFA8zN2mObxw5H11I.roa
Signing time: Wed 03 Jan 2024 06:22:58 +0000
ROA not before: Wed 03 Jan 2024 06:22:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211644
IP address blocks: 91.147.80.0/22 maxlen: 22
91.147.83.0/24 maxlen: 24
185.252.192.0/24 maxlen: 24
2a10:b0c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/UdoAZhIua6KU0rdHk41Gx06Z-IA.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/UdoAZhIua6KU0rdHk41Gx06Z-IA.mft
rsync://rpki.ripe.net/repository/DEFAULT/UdoAZhIua6KU0rdHk41Gx06Z-IA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:cd:fd:4b:7e:d8:2b:d8:5a:32:b8:ad:23:ae:03:8b:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51da0066122e6ba294d2b747938d46c74e99f880
Validity
Not Before: Jan 3 06:22:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b1b14d5021046ad8c503cccdda639bc70e47d752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e3:84:3c:99:13:d6:93:39:51:2a:ac:bf:54:
72:d8:d0:60:7d:ee:c5:c4:6e:ed:bd:10:36:85:bc:
97:50:f4:12:5a:21:0a:f4:7a:c6:b9:8c:a6:4c:13:
53:a8:bf:9e:15:02:9d:f3:61:2f:48:02:7e:d6:be:
e5:b8:ea:ff:36:1d:75:ac:0e:3f:2d:3d:93:25:20:
81:d7:86:77:cb:a9:2e:eb:3e:29:fd:84:77:ec:7c:
b6:e8:f1:16:22:09:8a:0e:a5:78:4a:55:e2:a7:9d:
6a:08:46:e5:6d:a5:8c:90:07:e4:af:35:bc:b9:db:
ae:8f:6c:74:a2:3a:e3:79:0b:91:2e:ab:13:a1:e5:
8d:a2:c3:31:30:01:f6:29:ea:5d:d1:20:43:ee:78:
40:cd:dd:09:43:8c:ab:d0:ad:0b:98:c7:a1:08:48:
4b:01:14:df:32:da:e3:a3:c3:d5:46:18:8c:a7:18:
70:9f:d2:7a:dc:11:82:b8:3a:e6:40:e5:9b:6c:69:
26:db:5d:d1:52:56:df:9c:5a:90:30:09:e4:85:a1:
d5:dc:71:79:7d:4e:1d:1b:39:34:8e:3b:e5:0c:4b:
e1:3a:b9:44:f5:de:c6:97:54:98:8b:68:5d:d2:28:
66:ab:78:36:39:70:2c:49:f6:e2:80:64:43:9e:1c:
f9:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:B1:4D:50:21:04:6A:D8:C5:03:CC:CD:DA:63:9B:C7:0E:47:D7:52
X509v3 Authority Key Identifier:
keyid:51:DA:00:66:12:2E:6B:A2:94:D2:B7:47:93:8D:46:C7:4E:99:F8:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UdoAZhIua6KU0rdHk41Gx06Z-IA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/sbFNUCEEatjFA8zN2mObxw5H11I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/f64eb4-26cc-4056-853b-be48b7925478/1/UdoAZhIua6KU0rdHk41Gx06Z-IA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.80.0/22
185.252.192.0/24
IPv6:
2a10:b0c0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:79:ff:1c:8d:d6:fa:29:92:9b:40:6d:70:98:24:1e:3c:b3:
f8:0b:18:db:06:a8:49:f8:09:d4:5a:7f:c0:b0:ae:c7:22:7a:
80:b8:64:1b:31:7f:b7:a5:58:77:39:95:c4:82:35:c6:72:cb:
2e:2b:95:09:e9:f1:1f:54:03:f0:99:48:a7:10:ab:37:98:7f:
6f:fa:03:32:9f:fc:f9:80:17:dc:05:1d:73:f6:dc:95:46:38:
0f:33:7c:6e:19:f2:8b:7b:71:be:4b:ac:56:ed:06:9e:49:3e:
79:82:aa:61:dc:69:81:ca:d7:e8:16:16:a6:fe:54:96:d5:54:
ed:ef:a9:c9:e0:19:25:1e:c7:1c:a4:17:6a:77:d0:d3:59:8c:
12:db:74:40:40:37:5d:c4:7b:b9:d9:35:ba:5b:56:02:a1:27:
32:b5:d7:29:7b:52:a1:54:44:40:a8:05:62:32:8f:7a:db:9e:
fa:25:bb:43:ad:97:a1:cb:4c:1c:82:94:84:b4:0d:c7:a5:13:
23:c1:71:4b:cd:6c:d2:16:0b:07:81:e4:9e:72:9a:46:38:63:
9d:85:da:34:cd:c3:6e:32:6f:76:70:3f:c2:7e:e7:6d:f7:f6:
bb:91:56:e9:98:c0:bc:57:a0:d8:fc:05:44:24:12:b8:9e:a7:
0f:26:7a:d2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzN/Ut+2CvYWjK4rSOuA4swMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxZGEwMDY2MTIyZTZiYTI5NGQyYjc0NzkzOGQ0NmM3NGU5
OWY4ODAwHhcNMjQwMTAzMDYyMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMWIxNGQ1MDIxMDQ2YWQ4YzUwM2NjY2RkYTYzOWJjNzBlNDdkNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOOEPJkT1pM5USqsv1Ry2NBgfe7F
xG7tvRA2hbyXUPQSWiEK9HrGuYymTBNTqL+eFQKd82EvSAJ+1r7luOr/Nh11rA4/
LT2TJSCB14Z3y6ku6z4p/YR37Hy26PEWIgmKDqV4SlXip51qCEblbaWMkAfkrzW8
uduuj2x0ojrjeQuRLqsToeWNosMxMAH2Kepd0SBD7nhAzd0JQ4yr0K0LmMehCEhL
ARTfMtrjo8PVRhiMpxhwn9J63BGCuDrmQOWbbGkm213RUlbfnFqQMAnkhaHV3HF5
fU4dGzk0jjvlDEvhOrlE9d7Gl1SYi2hd0ihmq3g2OXAsSfbigGRDnhz5ywIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLGxTVAhBGrYxQPMzdpjm8cOR9dSMB8GA1UdIwQY
MBaAFFHaAGYSLmuilNK3R5ONRsdOmfiAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWRvQVpoSXVhNktVMHJkSGs0MUd4MDZaLUlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9mNjRlYjQtMjZjYy00MDU2LTg1M2It
YmU0OGI3OTI1NDc4LzEvc2JGTlVDRUVhdGpGQTh6TjJtT2J4dzVIMTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9mNjRlYjQtMjZjYy00MDU2LTg1M2ItYmU0OGI3OTI1NDc4
LzEvVWRvQVpoSXVhNktVMHJkSGs0MUd4MDZaLUlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW5NQAwQA
ufzAMA0EAgACMAcDBQAqELDAMA0GCSqGSIb3DQEBCwUAA4IBAQAcef8cjdb6KZKb
QG1wmCQePLP4CxjbBqhJ+AnUWn/AsK7HInqAuGQbMX+3pVh3OZXEgjXGcssuK5UJ
6fEfVAPwmUinEKs3mH9v+gMyn/z5gBfcBR1z9tyVRjgPM3xuGfKLe3G+S6xW7Qae
ST55gqph3GmBytfoFham/lSW1VTt76nJ4BklHsccpBdqd9DTWYwS23RAQDddxHu5
2TW6W1YCoScytdcpe1KhVERAqAViMo962576JbtDrZehy0wcgpSEtA3HpRMjwXFL
zWzSFgsHgeSecppGOGOdhdo0zcNuMm92cD/Cfudt9/a7kVbpmMC8V6DY/AVEJBK4
nqcPJnrS
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:55:19 2024 by rpki-client on console-ams.rpki-client.org