Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/BXIqJ4wzgwUSLFM7iYwX3WeeXGA.roa
File: BXIqJ4wzgwUSLFM7iYwX3WeeXGA.roa (raw, json)
Hash identifier: oLQfNztlfNbrrwfkOROu1iddFUovKLW02qw61AzkESc=
Subject key identifier: 05:72:2A:27:8C:33:83:05:12:2C:53:3B:89:8C:17:DD:67:9E:5C:60
Certificate issuer: /CN=dc4e453affe895b6452b84027437c5c00fd37067
Certificate serial: 0192F7DD7FD0A322D647F21F9CF4D54C01C3
Authority key identifier: DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/BXIqJ4wzgwUSLFM7iYwX3WeeXGA.roa
Signing time: Mon 04 Nov 2024 15:49:01 +0000
ROA not before: Mon 04 Nov 2024 15:49:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29650
IP address blocks: 45.139.240.0/22 maxlen: 22
79.140.128.0/20 maxlen: 20
82.195.128.0/19 maxlen: 19
84.51.224.0/21 maxlen: 21
84.51.236.0/22 maxlen: 22
84.51.240.0/20 maxlen: 20
212.78.224.0/20 maxlen: 20
212.78.240.0/23 maxlen: 23
212.78.252.0/22 maxlen: 22
212.84.40.0/21 maxlen: 21
2001:1bd8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f7:dd:7f:d0:a3:22:d6:47:f2:1f:9c:f4:d5:4c:01:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc4e453affe895b6452b84027437c5c00fd37067
Validity
Not Before: Nov 4 15:49:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05722a278c338305122c533b898c17dd679e5c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:eb:0f:2f:86:81:b3:89:97:7f:49:1d:9e:fa:
e3:45:e7:4d:62:17:0d:04:7a:90:32:f8:38:b2:44:
d1:7b:4d:35:cd:ff:14:36:f8:a0:06:76:69:c9:38:
78:a6:fa:95:29:30:18:9b:5b:d8:d4:90:f3:aa:00:
b1:b0:7c:4e:6b:7f:83:70:97:2c:69:ff:58:5e:73:
98:83:9a:27:2d:b3:82:95:7e:f5:dd:fe:ad:b7:e0:
58:cd:5f:9c:37:f8:a4:7e:07:08:09:24:ef:2e:ed:
8d:ea:8a:73:95:a8:e7:50:d0:5a:48:49:0b:39:87:
a6:9b:09:62:30:1a:80:1e:fd:ac:63:ab:76:ec:aa:
fc:57:f2:06:75:08:06:a8:81:ab:70:0e:6c:6d:c2:
4f:1e:c3:e8:2c:55:36:66:76:05:5a:b1:2b:cf:16:
27:dc:26:09:4b:ca:9e:f9:aa:6b:16:0d:27:c6:9c:
f0:3a:41:cc:03:df:97:54:68:fd:15:27:7f:f8:2b:
89:29:c1:20:1e:1d:3e:40:5d:d9:74:64:84:60:e2:
6f:c3:81:ea:fc:51:43:82:20:5f:d5:b1:ea:45:6b:
94:7e:4d:33:ef:ce:4c:ff:8c:f5:e4:20:85:b7:29:
d3:c6:56:f0:83:64:78:64:e2:73:15:70:f6:4d:66:
30:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:72:2A:27:8C:33:83:05:12:2C:53:3B:89:8C:17:DD:67:9E:5C:60
X509v3 Authority Key Identifier:
keyid:DC:4E:45:3A:FF:E8:95:B6:45:2B:84:02:74:37:C5:C0:0F:D3:70:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3E5FOv_olbZFK4QCdDfFwA_TcGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/BXIqJ4wzgwUSLFM7iYwX3WeeXGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/58e655-e713-45d2-958a-1822867e1596/1/3E5FOv_olbZFK4QCdDfFwA_TcGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.240.0/22
79.140.128.0/20
82.195.128.0/19
84.51.224.0/21
84.51.236.0-84.51.255.255
212.78.224.0-212.78.241.255
212.78.252.0/22
212.84.40.0/21
IPv6:
2001:1bd8::/32
Signature Algorithm: sha256WithRSAEncryption
11:a9:67:36:f1:c3:ab:dc:b6:ea:d2:2a:7d:7e:70:a0:99:82:
8f:93:50:a6:0b:01:e3:1d:15:dd:6a:a4:4f:37:5a:7c:55:7f:
ff:47:3f:e9:b1:44:ce:f6:8c:9e:a3:41:c6:c5:35:fc:be:60:
61:a3:48:7a:1a:2f:60:e3:75:1b:b9:2d:99:34:ca:66:db:97:
d0:ba:d9:d5:dd:b3:b7:26:44:86:67:c6:6b:7f:e6:0c:8d:dd:
dd:1f:44:6b:42:62:20:0c:0f:47:cf:f5:85:73:8a:4a:09:7e:
47:41:58:a6:2c:da:ce:fd:aa:10:f4:5f:93:20:16:53:af:25:
ed:ac:8d:59:e2:81:21:b4:e4:0e:59:ac:08:cd:f3:a7:0b:d6:
e7:08:f6:77:f4:a4:82:b1:09:bd:af:14:2c:a5:5e:29:06:ad:
d9:fa:94:e1:78:bf:85:f5:7e:b4:17:b8:a9:16:33:6d:b9:63:
15:47:f0:86:d3:19:77:33:d1:f5:a9:95:2c:15:07:fa:03:ef:
f0:60:e2:1f:87:9d:16:b8:e0:68:74:00:f8:24:75:8e:e1:d5:
f5:5a:f9:ce:50:f1:4b:7b:34:dd:e2:ba:d0:67:bb:b5:64:35:
b8:a6:0e:57:6b:a4:6c:a8:10:9a:a6:b3:ef:18:c5:da:cb:37:
e6:f2:fd:0c
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZL33X/QoyLWR/IfnPTVTAHDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNGU0NTNhZmZlODk1YjY0NTJiODQwMjc0MzdjNWMwMGZk
MzcwNjcwHhcNMjQxMTA0MTU0OTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTcyMmEyNzhjMzM4MzA1MTIyYzUzM2I4OThjMTdkZDY3OWU1YzYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmOsPL4aBs4mXf0kdnvrjRedNYhcN
BHqQMvg4skTRe001zf8UNvigBnZpyTh4pvqVKTAYm1vY1JDzqgCxsHxOa3+DcJcs
af9YXnOYg5onLbOClX713f6tt+BYzV+cN/ikfgcICSTvLu2N6opzlajnUNBaSEkL
OYemmwliMBqAHv2sY6t27Kr8V/IGdQgGqIGrcA5sbcJPHsPoLFU2ZnYFWrErzxYn
3CYJS8qe+aprFg0nxpzwOkHMA9+XVGj9FSd/+CuJKcEgHh0+QF3ZdGSEYOJvw4Hq
/FFDgiBf1bHqRWuUfk0z785M/4z15CCFtynTxlbwg2R4ZOJzFXD2TWYw5QIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFAVyKieMM4MFEixTO4mMF91nnlxgMB8GA1UdIwQY
MBaAFNxORTr/6JW2RSuEAnQ3xcAP03BnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEt
MTgyMjg2N2UxNTk2LzEvQlhJcUo0d3pnd1VTTEZNN2lZd1gzV2VlWEdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS81OGU2NTUtZTcxMy00NWQyLTk1OGEtMTgyMjg2N2UxNTk2
LzEvM0U1Rk92X29sYlpGSzRRQ2REZkZ3QV9UY0djLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBFBAIAATA/AwQCLYvwAwQE
T4yAAwQFUsOAAwQDVDPgMAsDBAJUM+wDAwJUMDAMAwQF1E7gAwQB1E7wAwQC1E78
AwQD1FQoMA0EAgACMAcDBQAgARvYMA0GCSqGSIb3DQEBCwUAA4IBAQARqWc28cOr
3Lbq0ip9fnCgmYKPk1CmCwHjHRXdaqRPN1p8VX//Rz/psUTO9oyeo0HGxTX8vmBh
o0h6Gi9g43UbuS2ZNMpm25fQutnV3bO3JkSGZ8Zrf+YMjd3dH0RrQmIgDA9Hz/WF
c4pKCX5HQVimLNrO/aoQ9F+TIBZTryXtrI1Z4oEhtOQOWawIzfOnC9bnCPZ39KSC
sQm9rxQspV4pBq3Z+pTheL+F9X60F7ipFjNtuWMVR/CG0xl3M9H1qZUsFQf6A+/w
YOIfh50WuOBodAD4JHWO4dX1WvnOUPFLezTd4rrQZ7u1ZDW4pg5Xa6RsqBCaprPv
GMXayzfm8v0M
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:38:25 2024 by rpki-client on console-fra.rpki-client.org