Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/BghQntOMen5t4YlxTMl79L2LwSI.roa
File: BghQntOMen5t4YlxTMl79L2LwSI.roa (raw, json)
Hash identifier: 0uYvi1Am+vtZ1BKBgjfue31nyEJh3RNoX7jscezheAE=
Subject key identifier: 06:08:50:9E:D3:8C:7A:7E:6D:E1:89:71:4C:C9:7B:F4:BD:8B:C1:22
Certificate issuer: /CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Certificate serial: 018CCA287F394B3951BE81E2985FCE3A4792
Authority key identifier: E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/BghQntOMen5t4YlxTMl79L2LwSI.roa
Signing time: Tue 02 Jan 2024 12:31:40 +0000
ROA not before: Tue 02 Jan 2024 12:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56414
IP address blocks: 194.26.217.0/24 maxlen: 24
2a12:7807::/32 maxlen: 32
2a12:7800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 07:02:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:7f:39:4b:39:51:be:81:e2:98:5f:ce:3a:47:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bf3a72cad6f4b3dc305b4cbe31087051d983f6
Validity
Not Before: Jan 2 12:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0608509ed38c7a7e6de189714cc97bf4bd8bc122
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:b1:6c:09:a0:76:42:1a:fa:e7:34:a1:ba:76:
5d:a6:63:62:90:c2:61:f7:e3:99:47:15:9c:d3:86:
c7:ad:01:82:9f:d4:b2:53:e1:18:e1:a9:b1:6c:63:
f5:67:1c:13:35:71:a9:dc:0a:20:f3:e6:92:f1:19:
b8:de:86:9e:2a:23:50:b7:e6:1e:aa:d5:9f:ce:56:
5e:e7:5c:67:63:48:54:c6:90:81:8b:0c:b5:ab:3c:
da:77:cb:df:13:fb:61:e2:ff:6c:14:42:2a:a3:f1:
65:66:95:4e:3d:8e:cd:d5:24:b4:ab:82:67:4b:59:
3f:43:fc:01:a8:67:05:2f:39:80:3c:94:4c:c8:b1:
63:d4:4b:7f:d3:a6:f0:1c:b7:e2:7e:13:6c:a1:fa:
72:8d:be:7f:9c:af:d6:9e:16:ab:8e:10:d9:fe:0f:
2f:cc:29:87:ab:77:ab:00:44:a4:df:fc:13:68:ed:
61:e1:4f:22:a9:62:d9:4a:71:bd:b2:9e:63:e4:ba:
b4:26:e4:42:71:89:5b:1c:55:f0:2d:48:30:8c:eb:
9f:8d:90:cf:7d:f8:c6:61:9b:15:bf:b8:ec:5e:ed:
c5:b7:ad:e8:39:d3:f6:5e:34:90:94:e8:52:82:a5:
e4:5c:14:fa:f2:a2:7d:84:bc:53:48:45:5c:30:23:
0d:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:08:50:9E:D3:8C:7A:7E:6D:E1:89:71:4C:C9:7B:F4:BD:8B:C1:22
X509v3 Authority Key Identifier:
keyid:E5:BF:3A:72:CA:D6:F4:B3:DC:30:5B:4C:BE:31:08:70:51:D9:83:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b86csrW9LPcMFtMvjEIcFHZg_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/BghQntOMen5t4YlxTMl79L2LwSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/2313b8-de02-4228-900a-09be9db11f66/1/5b86csrW9LPcMFtMvjEIcFHZg_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.217.0/24
IPv6:
2a12:7800::/32
2a12:7807::/32
Signature Algorithm: sha256WithRSAEncryption
87:d4:59:21:98:7e:cf:d2:c8:ba:1e:d0:9b:81:df:72:ea:84:
62:12:7d:2b:08:0f:65:00:41:f6:33:11:70:93:10:15:0f:11:
c0:bd:20:53:24:d8:b8:39:fd:22:1d:60:47:df:81:87:ef:0f:
75:40:1c:22:25:79:15:ea:14:5f:16:76:63:53:dd:d7:d2:45:
28:bd:47:33:aa:6e:0f:22:38:8a:fe:4f:6e:60:56:04:0f:3b:
54:46:7e:03:b2:b0:d7:f2:58:69:e6:92:f4:c7:7f:66:28:b2:
10:1e:f1:9e:14:1d:51:d7:a6:75:d2:20:c7:38:ea:17:f3:06:
95:d2:36:91:65:9d:4a:70:1b:0a:95:4f:2c:62:01:5d:c2:ff:
d8:54:d1:cc:71:bb:07:32:90:59:c3:7d:73:d2:4a:a3:04:c4:
cb:49:0d:25:ed:fd:cb:1a:09:4c:fe:a6:6a:da:1d:08:36:fc:
8c:11:d8:3f:db:50:c1:81:e6:7e:cc:b6:0f:a7:59:4b:94:3a:
4e:66:1e:b9:e6:19:8e:24:5a:7a:0e:bf:68:c4:93:19:bb:fd:
7d:81:33:5e:c7:8e:be:79:88:72:ec:57:15:15:87:69:c5:12:
12:7d:51:81:df:f6:00:99:f3:15:54:cb:bc:7d:48:6b:82:6e:
e7:b3:14:f9
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzKKH85SzlRvoHimF/OOkeSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmYzYTcyY2FkNmY0YjNkYzMwNWI0Y2JlMzEwODcwNTFk
OTgzZjYwHhcNMjQwMTAyMTIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjA4NTA5ZWQzOGM3YTdlNmRlMTg5NzE0Y2M5N2JmNGJkOGJjMTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArrFsCaB2Qhr65zShunZdpmNikMJh
9+OZRxWc04bHrQGCn9SyU+EY4amxbGP1ZxwTNXGp3Aog8+aS8Rm43oaeKiNQt+Ye
qtWfzlZe51xnY0hUxpCBiwy1qzzad8vfE/th4v9sFEIqo/FlZpVOPY7N1SS0q4Jn
S1k/Q/wBqGcFLzmAPJRMyLFj1Et/06bwHLfifhNsofpyjb5/nK/WnharjhDZ/g8v
zCmHq3erAESk3/wTaO1h4U8iqWLZSnG9sp5j5Lq0JuRCcYlbHFXwLUgwjOufjZDP
ffjGYZsVv7jsXu3Ft63oOdP2XjSQlOhSgqXkXBT68qJ9hLxTSEVcMCMNYQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFAYIUJ7TjHp+beGJcUzJe/S9i8EiMB8GA1UdIwQY
MBaAFOW/OnLK1vSz3DBbTL4xCHBR2YP2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEt
MDliZTlkYjExZjY2LzEvQmdoUW50T01lbjV0NFlseFRNbDc5TDJMd1NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC8yMzEzYjgtZGUwMi00MjI4LTkwMGEtMDliZTlkYjExZjY2
LzEvNWI4NmNzclc5TFBjTUZ0TXZqRUljRkhaZ19ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAMBAIAATAGAwQAwhrZMBQE
AgACMA4DBQAqEngAAwUAKhJ4BzANBgkqhkiG9w0BAQsFAAOCAQEAh9RZIZh+z9LI
uh7Qm4HfcuqEYhJ9KwgPZQBB9jMRcJMQFQ8RwL0gUyTYuDn9Ih1gR9+Bh+8PdUAc
IiV5FeoUXxZ2Y1Pd19JFKL1HM6puDyI4iv5PbmBWBA87VEZ+A7Kw1/JYaeaS9Md/
ZiiyEB7xnhQdUdemddIgxzjqF/MGldI2kWWdSnAbCpVPLGIBXcL/2FTRzHG7BzKQ
WcN9c9JKowTEy0kNJe39yxoJTP6matodCDb8jBHYP9tQwYHmfsy2D6dZS5Q6TmYe
ueYZjiRaeg6/aMSTGbv9fYEzXseOvnmIcuxXFRWHacUSEn1Rgd/2AJnzFVTLvH1I
a4Ju57MU+Q==
-----END CERTIFICATE-----
Generated at Mon May 20 15:57:38 2024 by rpki-client on console-ams.rpki-client.org