Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BH7Tbql2if1-XAqnoROR8XoVA_0.roa
File: BH7Tbql2if1-XAqnoROR8XoVA_0.roa (raw, json)
Hash identifier: Hmwq9CPlKn7JisSClaSbrKiGspF/X9HV8s5KtSBUV2k=
Subject key identifier: 04:7E:D3:6E:A9:76:89:FD:7E:5C:0A:A7:A1:13:91:F1:7A:15:03:FD
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC5012C222866058A7F0FAE41228B4129
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BH7Tbql2if1-XAqnoROR8XoVA_0.roa
Signing time: Mon 01 Jan 2024 12:30:37 +0000
ROA not before: Mon 01 Jan 2024 12:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211043
IP address blocks: 45.67.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 01:03:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2c:22:28:66:05:8a:7f:0f:ae:41:22:8b:41:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=047ed36ea97689fd7e5c0aa7a11391f17a1503fd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:d4:c2:30:97:fb:79:a7:3b:d3:71:55:cc:02:
e7:ec:13:44:3c:80:a6:19:71:a4:99:1d:bf:14:3e:
45:3d:e9:a4:36:a3:cb:0b:3a:e3:33:2b:b8:92:25:
a4:63:a8:9f:7d:07:90:19:4d:cc:71:9a:b9:0b:ff:
6c:db:00:e2:5e:ca:68:78:be:33:f4:1d:ca:3c:63:
f9:6c:b5:f2:aa:54:58:e0:59:cd:b7:c8:ab:e6:e4:
20:c9:99:04:29:2d:3e:3d:e1:f0:44:37:84:af:bf:
82:cb:42:32:9f:ab:f6:21:3c:40:9e:4b:bf:e0:9c:
4b:4a:69:df:7e:cf:b3:85:35:fb:c7:4f:6c:74:fa:
8a:8f:a9:16:9a:06:85:86:9b:a5:b4:bd:83:eb:8c:
52:26:f4:cb:62:de:50:a1:c1:06:1a:7b:94:27:d2:
bd:6b:9c:0c:61:e7:b9:3a:df:b9:22:92:73:3a:b3:
6a:20:b0:b0:04:50:a5:7a:f8:18:05:07:05:d9:e5:
45:0d:7a:da:c9:c8:8d:81:bd:05:32:7f:60:10:ad:
82:b9:fa:0d:a8:94:3f:c7:19:87:af:72:83:c7:17:
49:35:a5:a8:a5:99:10:b3:bd:ec:d8:75:a6:dd:9a:
a5:1e:ef:b6:bf:79:dd:c7:2e:15:cc:a4:d4:24:63:
2f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:7E:D3:6E:A9:76:89:FD:7E:5C:0A:A7:A1:13:91:F1:7A:15:03:FD
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BH7Tbql2if1-XAqnoROR8XoVA_0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.98.0/24
Signature Algorithm: sha256WithRSAEncryption
44:cc:69:a5:4a:49:0d:2c:11:07:ac:f6:88:71:13:9e:58:8e:
53:7d:17:98:63:26:3b:6b:13:7e:82:97:d3:41:ef:e5:36:75:
7a:16:ee:4b:2b:0a:96:83:17:47:c4:b4:28:b5:9f:0d:19:17:
85:69:b8:0e:02:a6:7f:11:e9:79:7b:e4:98:7c:87:bf:cc:15:
b7:4d:f6:ad:5b:ab:75:35:b7:d8:d9:b7:d5:54:42:9d:47:fb:
a4:7e:f7:78:f8:f8:cd:08:a3:a0:2b:85:63:46:8b:e1:0a:4b:
cc:1a:b2:26:06:a0:c2:71:f7:04:62:30:0b:b1:79:f5:2d:8c:
5e:d5:1a:93:98:bf:03:e7:7a:20:d8:9c:db:67:78:3a:c9:e9:
d5:6e:3d:b7:d0:ec:d4:b1:d6:1b:af:ce:fc:02:81:63:35:ee:
6b:53:5e:06:2d:b2:dc:54:bb:34:1c:3d:b6:ca:9f:ea:50:5b:
37:ef:ad:e2:1a:e1:ea:35:45:10:32:41:b0:f2:28:dc:61:99:
c2:08:0a:e7:76:24:6c:b5:ae:0f:01:e1:20:02:10:45:c2:78:
24:2f:ec:94:94:6e:28:3b:96:f6:31:83:c0:18:29:30:ce:f8:
0b:74:9b:b8:1c:8e:55:92:15:9a:74:2a:7e:ed:c0:2c:52:62:
25:31:69:d6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFASwiKGYFin8PrkEii0EpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDdlZDM2ZWE5NzY4OWZkN2U1YzBhYTdhMTEzOTFmMTdhMTUwM2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhdTCMJf7eac703FVzALn7BNEPICm
GXGkmR2/FD5FPemkNqPLCzrjMyu4kiWkY6iffQeQGU3McZq5C/9s2wDiXspoeL4z
9B3KPGP5bLXyqlRY4FnNt8ir5uQgyZkEKS0+PeHwRDeEr7+Cy0Iyn6v2ITxAnku/
4JxLSmnffs+zhTX7x09sdPqKj6kWmgaFhpultL2D64xSJvTLYt5QocEGGnuUJ9K9
a5wMYee5Ot+5IpJzOrNqILCwBFClevgYBQcF2eVFDXrayciNgb0FMn9gEK2CufoN
qJQ/xxmHr3KDxxdJNaWopZkQs73s2HWm3ZqlHu+2v3ndxy4VzKTUJGMvxwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAR+026pdon9flwKp6ETkfF6FQP9MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQkg3VGJxbDJpZjEtWEFxbm9ST1I4WG9WQV8wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALUNiMA0G
CSqGSIb3DQEBCwUAA4IBAQBEzGmlSkkNLBEHrPaIcROeWI5TfReYYyY7axN+gpfT
Qe/lNnV6Fu5LKwqWgxdHxLQotZ8NGReFabgOAqZ/Eel5e+SYfIe/zBW3TfatW6t1
NbfY2bfVVEKdR/ukfvd4+PjNCKOgK4VjRovhCkvMGrImBqDCcfcEYjALsXn1LYxe
1RqTmL8D53og2JzbZ3g6yenVbj230OzUsdYbr878AoFjNe5rU14GLbLcVLs0HD22
yp/qUFs3763iGuHqNUUQMkGw8ijcYZnCCArndiRsta4PAeEgAhBFwngkL+yUlG4o
O5b2MYPAGCkwzvgLdJu4HI5VkhWadCp+7cAsUmIlMWnW
-----END CERTIFICATE-----
Generated at Mon May 6 04:43:33 2024 by rpki-client on console-ams.rpki-client.org