Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bxaZPkpMV-bKtFkeWjY3C43IIWM.roa
File: bxaZPkpMV-bKtFkeWjY3C43IIWM.roa (raw, json)
Hash identifier: SD91yBu0qHozQtmQmOG8eRmG0xLpqI2Oy5ZXk/zl/Mw=
Subject key identifier: 6F:16:99:3E:4A:4C:57:E6:CA:B4:59:1E:5A:36:37:0B:8D:C8:21:63
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F06718C5E5E9D2936E478E7353ECD3184
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bxaZPkpMV-bKtFkeWjY3C43IIWM.roa
Signing time: Mon 22 Apr 2024 15:34:15 +0000
ROA not before: Mon 22 Apr 2024 15:34:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205544
IP address blocks: 2a09:17c0:b19a::/48 maxlen: 48
2a0f:e440::/29 maxlen: 29
2a13:c700:1::/48 maxlen: 48
2a13:e101:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 10 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:71:8c:5e:5e:9d:29:36:e4:78:e7:35:3e:cd:31:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 22 15:34:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6f16993e4a4c57e6cab4591e5a36370b8dc82163
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:29:46:cc:1f:73:58:e3:52:06:ce:9b:a7:4a:
61:f6:7e:65:fd:54:04:64:a3:bf:f5:04:67:f1:17:
81:4a:32:e2:75:67:2d:95:1a:37:f9:a5:5c:1e:22:
68:7d:86:48:7a:b5:da:95:e5:53:75:03:b1:57:6c:
db:1a:c5:1f:a3:6a:01:5c:87:ee:d9:4d:23:a9:a4:
b2:45:21:4e:0d:eb:7f:a4:27:77:19:c6:96:72:0a:
91:e5:b9:9e:14:81:98:d7:f5:91:2b:eb:38:34:79:
f8:d5:2c:ea:7f:b7:56:4b:87:71:bc:e9:23:f9:70:
52:6e:82:ef:05:9c:d8:0e:14:7f:60:24:2e:33:08:
78:72:aa:99:5d:22:51:bf:ec:87:0d:f9:5a:2c:59:
07:a3:75:cb:02:7f:80:61:39:fe:5b:c8:66:44:5f:
48:a0:70:4a:a7:8e:35:b2:1a:46:11:d7:68:f3:15:
e1:8a:33:43:24:ad:85:8f:c0:2a:02:67:65:67:b8:
31:b9:4d:b0:d3:d1:f4:40:e3:65:7f:f2:8b:33:7d:
bb:39:c5:c0:cf:3d:33:10:be:2b:a1:48:44:c2:01:
a2:30:e4:df:db:8d:42:78:e9:05:f3:a8:24:fd:a5:
02:92:0a:f4:4f:ae:52:54:14:41:89:fc:39:9b:83:
c8:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:16:99:3E:4A:4C:57:E6:CA:B4:59:1E:5A:36:37:0B:8D:C8:21:63
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/bxaZPkpMV-bKtFkeWjY3C43IIWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:17c0:b19a::/48
2a0f:e440::/29
2a13:c700:1::/48
2a13:e101:2::/48
Signature Algorithm: sha256WithRSAEncryption
5e:81:d6:b7:85:e4:5b:50:d4:72:6c:dd:f7:10:2c:a9:2b:47:
0c:55:99:af:bb:a8:3a:2b:a3:2d:89:cd:70:b6:1f:00:62:3c:
e6:6c:70:04:ea:a9:53:04:39:80:b2:96:29:c0:7a:b6:59:cd:
ad:ed:33:98:7d:41:09:5c:74:4d:10:70:a5:1a:77:fe:b0:11:
83:95:d1:1b:c5:a1:6c:4f:88:64:be:b1:60:43:02:26:0b:eb:
b0:3a:32:c7:0b:38:c8:29:99:57:23:28:71:27:c9:ed:98:65:
47:ee:f8:01:6e:43:93:8f:f7:e7:aa:1f:c1:89:d2:d3:69:6c:
ac:01:a7:31:05:d4:9c:c4:6d:e6:56:bb:17:b5:98:0e:37:17:
c6:d6:39:e2:87:36:37:86:94:e7:03:d0:c1:da:7b:a3:c3:70:
5a:1e:9a:14:1b:65:a6:c1:be:91:b9:9f:66:7f:e8:f0:ce:08:
ff:3b:85:de:a0:b6:2c:ee:93:25:11:aa:26:a9:2e:5a:85:ea:
81:59:86:1a:35:c9:44:79:66:d4:62:5c:e0:44:a0:f1:49:bf:
cf:96:61:de:80:a4:e3:49:7d:7b:85:5c:ce:5f:ce:4e:ef:93:
3f:0f:00:75:61:14:aa:ad:4f:6e:ed:f5:07:0c:65:f0:d4:7b:
ce:67:5e:fa
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY8GcYxeXp0pNuR45zU+zTGEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNDIyMTUzNDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjE2OTkzZTRhNGM1N2U2Y2FiNDU5MWU1YTM2MzcwYjhkYzgyMTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqilGzB9zWONSBs6bp0ph9n5l/VQE
ZKO/9QRn8ReBSjLidWctlRo3+aVcHiJofYZIerXaleVTdQOxV2zbGsUfo2oBXIfu
2U0jqaSyRSFODet/pCd3GcaWcgqR5bmeFIGY1/WRK+s4NHn41Szqf7dWS4dxvOkj
+XBSboLvBZzYDhR/YCQuMwh4cqqZXSJRv+yHDflaLFkHo3XLAn+AYTn+W8hmRF9I
oHBKp441shpGEddo8xXhijNDJK2Fj8AqAmdlZ7gxuU2w09H0QONlf/KLM327OcXA
zz0zEL4roUhEwgGiMOTf241CeOkF86gk/aUCkgr0T65SVBRBifw5m4PItwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFG8WmT5KTFfmyrRZHlo2NwuNyCFjMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvYnhhWlBrcE1WLWJLdEZrZVdqWTNDNDNJSVdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwcAKgkXwLGa
AwUDKg/kQAMHACoTxwAAAQMHACoT4QEAAjANBgkqhkiG9w0BAQsFAAOCAQEAXoHW
t4XkW1DUcmzd9xAsqStHDFWZr7uoOiujLYnNcLYfAGI85mxwBOqpUwQ5gLKWKcB6
tlnNre0zmH1BCVx0TRBwpRp3/rARg5XRG8WhbE+IZL6xYEMCJgvrsDoyxws4yCmZ
VyMocSfJ7ZhlR+74AW5Dk4/356ofwYnS02lsrAGnMQXUnMRt5la7F7WYDjcXxtY5
4oc2N4aU5wPQwdp7o8NwWh6aFBtlpsG+kbmfZn/o8M4I/zuF3qC2LO6TJRGqJqku
WoXqgVmGGjXJRHlm1GJc4ESg8Um/z5Zh3oCk40l9e4Vczl/OTu+TPw8AdWEUqq1P
bu31Bwxl8NR7zmde+g==
-----END CERTIFICATE-----
Generated at Thu May 9 11:44:58 2024 by rpki-client on console-fra.rpki-client.org