Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bYh4nEtZP51oeHgHeDF5DL4Z8PU.roa
File: bYh4nEtZP51oeHgHeDF5DL4Z8PU.roa (raw, json)
Hash identifier: TwHgsnHA2SpLaD7e2tLjRwvAlGdtLji8SCM4UKjLhDU=
Subject key identifier: 6D:88:78:9C:4B:59:3F:9D:68:78:78:07:78:31:79:0C:BE:19:F0:F5
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC5011C960857AF0868F8515F2B5864D9
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bYh4nEtZP51oeHgHeDF5DL4Z8PU.roa
Signing time: Mon 01 Jan 2024 12:30:33 +0000
ROA not before: Mon 01 Jan 2024 12:30:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 140736
IP address blocks: 193.23.128.0/22 maxlen: 24
213.232.92.0/22 maxlen: 24
185.255.36.0/22 maxlen: 24
188.240.224.0/22 maxlen: 24
91.188.204.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 16:03:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:1c:96:08:57:af:08:68:f8:51:5f:2b:58:64:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d88789c4b593f9d687878077831790cbe19f0f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:cd:d0:c3:d6:49:0a:4d:51:3d:03:5c:bc:69:
81:a3:9f:4d:38:4d:a5:05:46:26:09:bd:24:b1:21:
e5:4f:38:4a:26:c0:35:9a:c1:0f:09:de:98:61:38:
1d:a3:97:47:a3:0f:c6:16:3e:a4:6d:0d:e4:7b:02:
01:e8:e1:45:c1:38:de:d7:22:4f:d6:d0:fb:57:30:
d0:92:b1:a9:95:ac:7d:81:71:2a:d3:f0:31:6c:bd:
9d:96:04:d3:b8:a5:f9:ee:19:40:c1:d6:56:44:96:
41:79:08:2f:da:b8:c4:d6:a7:b2:b8:f9:08:b9:5d:
a7:ba:80:bc:60:94:de:75:1a:e3:69:40:0a:42:70:
13:f9:82:0f:61:6a:fb:e4:c0:10:ed:32:35:c5:22:
ca:f8:2d:53:fe:a5:1e:27:b6:4b:4a:e2:14:de:4b:
a8:bc:12:b7:6a:f1:76:d1:a8:0c:55:4f:16:87:9f:
82:ad:dc:e1:d2:bc:f9:58:c1:d5:75:00:a7:91:ba:
7c:9b:5c:d9:77:3e:9a:31:fa:83:9c:12:51:29:f8:
96:a6:5b:12:54:45:9c:fd:c5:07:ec:6a:a5:a6:59:
75:17:dd:0a:6d:5b:28:15:53:82:60:b9:db:d1:82:
af:12:61:fe:17:92:e0:35:cb:02:8a:ed:94:eb:34:
38:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:88:78:9C:4B:59:3F:9D:68:78:78:07:78:31:79:0C:BE:19:F0:F5
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bYh4nEtZP51oeHgHeDF5DL4Z8PU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.188.204.0/22
185.255.36.0/22
188.240.224.0/22
193.23.128.0/22
213.232.92.0/22
Signature Algorithm: sha256WithRSAEncryption
3a:2c:4d:5a:92:ec:32:50:b1:fe:5b:91:31:12:d3:d1:c9:80:
85:62:0e:60:39:f2:73:8d:66:08:79:34:72:38:91:4a:e6:51:
d7:51:44:62:a4:7d:be:e6:97:71:1d:59:f6:34:ba:e2:73:eb:
14:81:d7:4a:f3:ba:99:27:eb:5e:af:70:3c:1b:b5:93:ab:38:
47:52:dc:aa:bb:de:3f:51:4d:bf:de:d8:92:44:d5:58:18:67:
f6:bd:25:10:50:a1:db:a0:3a:98:bc:68:12:30:5d:a3:d7:e3:
a7:b2:dc:e4:3a:7f:c5:0a:11:a9:65:16:b7:ae:75:96:6e:cf:
ae:7f:cd:ca:c7:73:ab:1e:4f:08:7c:a7:02:36:80:3e:d3:a2:
5a:e8:1d:f1:b3:a9:ec:f9:e4:44:eb:a9:40:b5:25:e9:79:4b:
5c:4a:94:ac:e4:ab:94:0a:7a:36:34:e4:b2:aa:0a:9d:29:71:
de:d2:b1:5a:78:9c:2e:5b:ae:bc:d0:bd:f5:60:4e:84:6e:4a:
81:30:17:c1:2a:5e:0b:48:7c:71:26:98:af:97:ce:d3:6e:18:
2c:da:66:68:0c:23:46:95:a6:2d:ec:54:db:89:3d:a0:cd:2e:
b9:5d:e0:77:89:fa:97:ca:69:6a:6e:2a:98:8d:8d:c8:83:99:
23:77:e3:16
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFARyWCFevCGj4UV8rWGTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDg4Nzg5YzRiNTkzZjlkNjg3ODc4MDc3ODMxNzkwY2JlMTlmMGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz83Qw9ZJCk1RPQNcvGmBo59NOE2l
BUYmCb0ksSHlTzhKJsA1msEPCd6YYTgdo5dHow/GFj6kbQ3kewIB6OFFwTje1yJP
1tD7VzDQkrGplax9gXEq0/AxbL2dlgTTuKX57hlAwdZWRJZBeQgv2rjE1qeyuPkI
uV2nuoC8YJTedRrjaUAKQnAT+YIPYWr75MAQ7TI1xSLK+C1T/qUeJ7ZLSuIU3kuo
vBK3avF20agMVU8Wh5+Crdzh0rz5WMHVdQCnkbp8m1zZdz6aMfqDnBJRKfiWplsS
VEWc/cUH7Gqlpll1F90KbVsoFVOCYLnb0YKvEmH+F5LgNcsCiu2U6zQ4qwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG2IeJxLWT+daHh4B3gxeQy+GfD1MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYlloNG5FdFpQNTFvZUhnSGVERjVETDRaOFBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCW7zMAwQC
uf8kAwQCvPDgAwQCwReAAwQC1ehcMA0GCSqGSIb3DQEBCwUAA4IBAQA6LE1akuwy
ULH+W5ExEtPRyYCFYg5gOfJzjWYIeTRyOJFK5lHXUURipH2+5pdxHVn2NLric+sU
gddK87qZJ+ter3A8G7WTqzhHUtyqu94/UU2/3tiSRNVYGGf2vSUQUKHboDqYvGgS
MF2j1+OnstzkOn/FChGpZRa3rnWWbs+uf83Kx3OrHk8IfKcCNoA+06Ja6B3xs6ns
+eRE66lAtSXpeUtcSpSs5KuUCno2NOSyqgqdKXHe0rFaeJwuW6680L31YE6EbkqB
MBfBKl4LSHxxJpivl87Tbhgs2mZoDCNGlaYt7FTbiT2gzS65XeB3ifqXymlqbiqY
jY3Ig5kjd+MW
-----END CERTIFICATE-----
Generated at Sun May 5 20:04:47 2024 by rpki-client on console-ams.rpki-client.org