Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/bR7N8t6FkReSkGztFMPOWbiknwM.roa
File: bR7N8t6FkReSkGztFMPOWbiknwM.roa (raw, json)
Hash identifier: VvNjKhpxxyOpSEGayXD9KpT4PEe8JxQTzOUgoLVJKrk=
Subject key identifier: 6D:1E:CD:F2:DE:85:91:17:92:90:6C:ED:14:C3:CE:59:B8:A4:9F:03
Certificate issuer: /CN=6d7b79604af1f3908f4817956626353ee6ffc1f4
Certificate serial: 018CC6B9045A7DDC0484D3AECC91684FE794
Authority key identifier: 6D:7B:79:60:4A:F1:F3:90:8F:48:17:95:66:26:35:3E:E6:FF:C1:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXt5YErx85CPSBeVZiY1Pub_wfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/bR7N8t6FkReSkGztFMPOWbiknwM.roa
Signing time: Mon 01 Jan 2024 20:31:03 +0000
ROA not before: Mon 01 Jan 2024 20:31:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197792
IP address blocks: 185.37.184.0/22 maxlen: 22
31.209.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/bXt5YErx85CPSBeVZiY1Pub_wfQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/bXt5YErx85CPSBeVZiY1Pub_wfQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXt5YErx85CPSBeVZiY1Pub_wfQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 04:01:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:04:5a:7d:dc:04:84:d3:ae:cc:91:68:4f:e7:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d7b79604af1f3908f4817956626353ee6ffc1f4
Validity
Not Before: Jan 1 20:31:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d1ecdf2de85911792906ced14c3ce59b8a49f03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:72:8f:07:82:8b:2f:d2:c0:45:ef:84:64:c1:
d9:5b:e2:e6:9d:ed:4e:18:5d:dd:ec:66:7b:25:bc:
9a:f0:ad:8d:96:49:48:c2:1f:ed:f2:0d:8a:88:74:
3a:f4:17:6f:3c:36:10:9f:3e:69:83:60:1a:0a:b7:
84:11:30:38:eb:92:16:30:f8:2a:96:83:5d:cc:9a:
83:52:3b:8c:3e:b3:e1:be:31:9a:d0:90:21:f0:6b:
fb:68:f7:44:ad:98:80:48:32:d4:e7:c9:c4:a3:ba:
ec:09:84:70:38:50:e9:18:7e:5a:fe:92:9f:11:d9:
ac:48:b0:41:b0:13:89:57:77:26:04:c1:02:ac:ce:
50:bd:76:0b:5d:86:00:c2:1f:8b:96:27:65:7c:f0:
97:60:40:c2:b1:01:a5:13:81:4f:5f:9a:dd:13:27:
0a:08:a6:54:0e:18:4f:63:6e:7d:6e:36:e6:2b:a2:
cc:27:1f:e2:dd:b5:cb:f9:be:8c:dd:18:34:35:ee:
80:df:7e:fb:2f:c3:24:8a:cd:84:dd:6b:2a:4c:bc:
6a:bd:ac:09:ac:f2:8f:f0:c6:8b:4d:ea:ed:90:c6:
0f:3e:6b:12:cf:75:03:8e:62:51:cc:9d:5c:e0:6c:
17:b6:f7:ac:5d:41:c1:fc:c7:0e:fc:01:0e:d8:0e:
ab:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:1E:CD:F2:DE:85:91:17:92:90:6C:ED:14:C3:CE:59:B8:A4:9F:03
X509v3 Authority Key Identifier:
keyid:6D:7B:79:60:4A:F1:F3:90:8F:48:17:95:66:26:35:3E:E6:FF:C1:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXt5YErx85CPSBeVZiY1Pub_wfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/bR7N8t6FkReSkGztFMPOWbiknwM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/93a734-3cb7-412c-b45f-275b6e9fbc63/1/bXt5YErx85CPSBeVZiY1Pub_wfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.209.96.0/20
185.37.184.0/22
Signature Algorithm: sha256WithRSAEncryption
81:7d:c4:e4:44:33:41:13:0f:03:6f:33:9a:c4:aa:dc:23:c5:
bd:bb:3d:e9:b5:cc:c8:15:fe:7a:5c:e1:ff:08:5c:24:83:9f:
e3:c1:3a:3f:66:f8:10:14:bf:45:4d:cb:af:6d:a6:b3:39:b6:
fb:b8:19:5d:03:cf:ee:a8:70:4a:ad:b2:84:36:72:4e:99:a3:
17:be:ef:c1:57:4a:65:25:5f:7b:2c:25:ea:d5:8d:62:27:1e:
3e:a3:0d:b1:a2:34:19:75:85:67:ac:45:d7:4d:ea:59:b5:0c:
2a:f3:a2:7b:43:ce:66:e1:67:9f:dc:6d:12:7c:33:95:a3:9e:
e2:ed:b0:e8:ca:79:49:14:83:01:af:a5:75:00:36:f9:81:ad:
0f:e3:67:2a:d5:38:46:ad:a5:47:8c:e0:85:88:e3:8c:d7:99:
d4:cd:34:73:fa:72:0f:60:ea:0f:34:57:c6:af:07:ec:25:14:
04:b6:dd:c1:83:f6:1c:8b:8e:dc:4c:90:e4:a4:fa:18:9e:4d:
fe:ff:1a:41:e8:c6:57:dd:ab:29:8c:a8:cb:14:ff:12:b9:8c:
77:ad:bf:1d:53:b6:23:8b:21:0e:c2:2c:9b:ff:0c:f8:12:4b:
9e:8d:29:7d:6f:3b:a5:1b:c3:60:1d:2c:5a:b3:44:4d:6a:7c:
0c:b0:77:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuQRafdwEhNOuzJFoT+eUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkN2I3OTYwNGFmMWYzOTA4ZjQ4MTc5NTY2MjYzNTNlZTZm
ZmMxZjQwHhcNMjQwMTAxMjAzMTAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDFlY2RmMmRlODU5MTE3OTI5MDZjZWQxNGMzY2U1OWI4YTQ5ZjAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjnKPB4KLL9LARe+EZMHZW+Lmne1O
GF3d7GZ7Jbya8K2NlklIwh/t8g2KiHQ69BdvPDYQnz5pg2AaCreEETA465IWMPgq
loNdzJqDUjuMPrPhvjGa0JAh8Gv7aPdErZiASDLU58nEo7rsCYRwOFDpGH5a/pKf
EdmsSLBBsBOJV3cmBMECrM5QvXYLXYYAwh+LlidlfPCXYEDCsQGlE4FPX5rdEycK
CKZUDhhPY259bjbmK6LMJx/i3bXL+b6M3Rg0Ne6A3377L8Mkis2E3WsqTLxqvawJ
rPKP8MaLTertkMYPPmsSz3UDjmJRzJ1c4GwXtvesXUHB/McO/AEO2A6riQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG0ezfLehZEXkpBs7RTDzlm4pJ8DMB8GA1UdIwQY
MBaAFG17eWBK8fOQj0gXlWYmNT7m/8H0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlh0NVlFcng4NUNQU0JlVlppWTFQdWJfd2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85M2E3MzQtM2NiNy00MTJjLWI0NWYt
Mjc1YjZlOWZiYzYzLzEvYlI3Tjh0NkZrUmVTa0d6dEZNUE9XYmlrbndNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85M2E3MzQtM2NiNy00MTJjLWI0NWYtMjc1YjZlOWZiYzYz
LzEvYlh0NVlFcng4NUNQU0JlVlppWTFQdWJfd2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEH9FgAwQC
uSW4MA0GCSqGSIb3DQEBCwUAA4IBAQCBfcTkRDNBEw8DbzOaxKrcI8W9uz3ptczI
Ff56XOH/CFwkg5/jwTo/ZvgQFL9FTcuvbaazObb7uBldA8/uqHBKrbKENnJOmaMX
vu/BV0plJV97LCXq1Y1iJx4+ow2xojQZdYVnrEXXTepZtQwq86J7Q85m4Wef3G0S
fDOVo57i7bDoynlJFIMBr6V1ADb5ga0P42cq1ThGraVHjOCFiOOM15nUzTRz+nIP
YOoPNFfGrwfsJRQEtt3Bg/Yci47cTJDkpPoYnk3+/xpB6MZX3aspjKjLFP8SuYx3
rb8dU7YjiyEOwiyb/wz4EkuejSl9bzulG8NgHSxas0RNanwMsHeD
-----END CERTIFICATE-----
Generated at Tue Jun 18 12:17:22 2024 by rpki-client on console-ams.rpki-client.org