Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/bvFrvKrvaCDaakttz1fmYTDnGfY.roa
File: bvFrvKrvaCDaakttz1fmYTDnGfY.roa (raw, json)
Hash identifier: YVBgaHnXCywLdaNlFdXqmpzWyVUeg2cz1JQ4q1PPcfU=
Subject key identifier: 6E:F1:6B:BC:AA:EF:68:20:DA:6A:4B:6D:CF:57:E6:61:30:E7:19:F6
Certificate issuer: /CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Certificate serial: 018CC348FA1F4DA3BC278649ED763415F080
Authority key identifier: 5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/bvFrvKrvaCDaakttz1fmYTDnGfY.roa
Signing time: Mon 01 Jan 2024 04:29:48 +0000
ROA not before: Mon 01 Jan 2024 04:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31563
IP address blocks: 195.251.244.0/24 maxlen: 24
195.251.244.0/23 maxlen: 23
195.251.245.0/24 maxlen: 24
195.251.246.0/24 maxlen: 24
2001:648:2420::/48 maxlen: 48
2001:648:2421::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:fa:1f:4d:a3:bc:27:86:49:ed:76:34:15:f0:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a6f9295521df30a158f506ba7cb873ab9529dc3
Validity
Not Before: Jan 1 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ef16bbcaaef6820da6a4b6dcf57e66130e719f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:d0:86:9c:b5:76:79:54:b0:0c:31:2a:74:f8:
60:b3:97:97:d3:88:89:e0:13:ef:3c:e2:9f:6b:32:
fe:fa:fa:59:7d:26:bd:26:13:b8:73:79:b4:5e:7a:
4d:06:a1:d6:99:86:b5:09:0e:94:a8:37:52:06:d3:
6a:bc:c0:cd:10:d4:49:2e:b9:2e:bd:02:b0:61:36:
99:83:e2:10:75:7f:f2:bf:95:ac:1f:d3:2a:02:b7:
db:d9:b1:b1:10:2d:1a:94:d6:25:8b:c9:cd:b2:68:
98:e2:e8:ef:d1:c1:e0:a3:89:c3:c8:51:45:6b:f0:
5f:b0:37:92:f1:3a:f2:b7:c7:3d:54:ca:39:d9:24:
1a:b0:6c:e6:60:80:3b:d7:19:93:6d:53:6c:14:2b:
42:db:ae:13:45:fd:87:68:79:13:77:be:ff:9d:61:
9d:12:4a:de:7c:01:5a:3d:3b:02:a9:16:c4:e2:f3:
f4:6f:86:4f:b0:f7:38:d0:b9:38:bb:6c:2b:06:3a:
1d:86:3c:ca:e4:b8:e0:71:57:ff:8f:cc:f3:3e:f8:
18:d8:b8:a8:25:33:6b:f2:a4:c2:8e:46:21:f3:f6:
50:24:27:53:75:d7:5e:24:79:7c:62:58:84:f1:d5:
86:f1:43:36:ef:d3:5c:f5:34:1c:73:99:cc:b2:ab:
50:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F1:6B:BC:AA:EF:68:20:DA:6A:4B:6D:CF:57:E6:61:30:E7:19:F6
X509v3 Authority Key Identifier:
keyid:5A:6F:92:95:52:1D:F3:0A:15:8F:50:6B:A7:CB:87:3A:B9:52:9D:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wm-SlVId8woVj1Brp8uHOrlSncM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/bvFrvKrvaCDaakttz1fmYTDnGfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/a9f93b-be31-45cf-aa7e-aaa4553d2abd/1/Wm-SlVId8woVj1Brp8uHOrlSncM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.251.244.0-195.251.246.255
IPv6:
2001:648:2420::/47
Signature Algorithm: sha256WithRSAEncryption
44:66:72:4b:cd:c9:e9:aa:17:ee:22:df:be:3c:28:b2:ab:a3:
23:b9:71:ab:f2:75:7c:06:01:b7:2c:a7:ab:b5:b6:ef:81:e4:
73:a4:f4:88:13:25:eb:69:32:55:45:d2:2a:b2:11:f8:81:df:
3b:16:7c:be:75:68:c0:43:17:ca:0f:69:96:50:e6:3d:ca:b3:
f1:e6:e0:1e:d8:8b:00:94:06:45:5d:08:35:d8:b4:50:4e:f8:
ae:f3:b3:38:4f:f9:1a:b2:f7:f8:4a:a1:fa:fc:b5:9a:dc:72:
5a:18:2f:e9:0b:07:9f:8c:95:73:83:2d:92:0e:de:48:ca:f6:
b8:5e:f3:06:f4:50:45:75:44:9b:28:35:f4:d1:8d:dc:e3:61:
55:d3:84:5c:b9:08:31:b0:d1:70:4e:c1:be:10:16:d2:4a:0e:
0a:31:1a:77:f8:43:2b:07:f2:fe:8e:f1:17:26:70:45:9e:a0:
11:3b:14:06:34:61:cc:e9:cb:b3:72:bb:5a:d4:a4:56:42:2c:
0e:41:6a:94:ab:ff:a6:2e:3d:6e:f1:9c:70:85:df:c7:1d:da:
0a:af:a8:cd:70:bd:11:bb:e0:40:76:7e:55:58:4c:3b:10:f6:
e8:e8:ae:05:9d:4a:f1:67:76:60:86:aa:d3:8d:d6:a0:4d:98:
32:54:92:8b
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzDSPofTaO8J4ZJ7XY0FfCAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNmY5Mjk1NTIxZGYzMGExNThmNTA2YmE3Y2I4NzNhYjk1
MjlkYzMwHhcNMjQwMTAxMDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWYxNmJiY2FhZWY2ODIwZGE2YTRiNmRjZjU3ZTY2MTMwZTcxOWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhNCGnLV2eVSwDDEqdPhgs5eX04iJ
4BPvPOKfazL++vpZfSa9JhO4c3m0XnpNBqHWmYa1CQ6UqDdSBtNqvMDNENRJLrku
vQKwYTaZg+IQdX/yv5WsH9MqArfb2bGxEC0alNYli8nNsmiY4ujv0cHgo4nDyFFF
a/BfsDeS8Tryt8c9VMo52SQasGzmYIA71xmTbVNsFCtC264TRf2HaHkTd77/nWGd
EkrefAFaPTsCqRbE4vP0b4ZPsPc40Lk4u2wrBjodhjzK5LjgcVf/j8zzPvgY2Lio
JTNr8qTCjkYh8/ZQJCdTdddeJHl8YliE8dWG8UM279Nc9TQcc5nMsqtQuwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFG7xa7yq72gg2mpLbc9X5mEw5xn2MB8GA1UdIwQY
MBaAFFpvkpVSHfMKFY9Qa6fLhzq5Up3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2Ut
YWFhNDU1M2QyYWJkLzEvYnZGcnZLcnZhQ0RhYWt0dHoxZm1ZVERuR2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hOWY5M2ItYmUzMS00NWNmLWFhN2UtYWFhNDU1M2QyYWJk
LzEvV20tU2xWSWQ4d29WajFCcnA4dUhPcmxTbmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAUBAIAATAOMAwDBALD+/QD
BADD+/YwDwQCAAIwCQMHASABBkgkIDANBgkqhkiG9w0BAQsFAAOCAQEARGZyS83J
6aoX7iLfvjwosqujI7lxq/J1fAYBtyynq7W274Hkc6T0iBMl62kyVUXSKrIR+IHf
OxZ8vnVowEMXyg9pllDmPcqz8ebgHtiLAJQGRV0INdi0UE74rvOzOE/5GrL3+Eqh
+vy1mtxyWhgv6QsHn4yVc4Mtkg7eSMr2uF7zBvRQRXVEmyg19NGN3ONhVdOEXLkI
MbDRcE7BvhAW0koOCjEad/hDKwfy/o7xFyZwRZ6gETsUBjRhzOnLs3K7WtSkVkIs
DkFqlKv/pi49bvGccIXfxx3aCq+ozXC9EbvgQHZ+VVhMOxD26OiuBZ1K8Wd2YIaq
043WoE2YMlSSiw==
-----END CERTIFICATE-----
Generated at Mon Jul 1 11:33:26 2024 by rpki-client on console-fra.rpki-client.org