Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/bJzXB4Egfy965SkYaz2mANcyGVk.roa
File: bJzXB4Egfy965SkYaz2mANcyGVk.roa (raw, json)
Hash identifier: xYRbxLQNkMqj0AkdAHdMwnudOMSEza8BRXp0F9gfq+I=
Subject key identifier: 6C:9C:D7:07:81:20:7F:2F:7A:E5:29:18:6B:3D:A6:00:D7:32:19:59
Certificate issuer: /CN=18886007da1730b0770d8604db73d12fd264f3f9
Certificate serial: 018DF53DA3E2AEA312D38E3FEEF91A59C508
Authority key identifier: 18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/bJzXB4Egfy965SkYaz2mANcyGVk.roa
Signing time: Thu 29 Feb 2024 14:21:14 +0000
ROA not before: Thu 29 Feb 2024 14:21:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47594
IP address blocks: 213.171.1.0/24 maxlen: 24
213.171.2.0/24 maxlen: 24
213.171.11.0/24 maxlen: 24
213.171.13.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/GIhgB9oXMLB3DYYE23PRL9Jk8_k.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/GIhgB9oXMLB3DYYE23PRL9Jk8_k.mft
rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 08:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f5:3d:a3:e2:ae:a3:12:d3:8e:3f:ee:f9:1a:59:c5:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18886007da1730b0770d8604db73d12fd264f3f9
Validity
Not Before: Feb 29 14:21:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c9cd70781207f2f7ae529186b3da600d7321959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:ad:4c:cd:59:6a:94:94:da:8f:84:d3:2c:06:
a3:31:81:68:32:b1:bb:fd:54:87:bc:a3:a9:72:f4:
b5:db:44:f9:a5:af:f0:3d:f7:6c:07:94:69:4c:e2:
49:11:8b:cb:18:ad:7e:f8:5a:3d:4b:53:0d:f7:20:
2a:0c:e6:5e:cb:aa:35:f4:2d:f0:2d:b3:04:6c:c1:
69:28:fd:f3:82:44:0e:c8:e3:47:57:2d:ef:a4:4f:
37:ae:4b:ed:c2:46:80:0b:9c:38:8f:ab:7b:5a:0b:
c0:72:5f:ea:42:f5:28:b6:19:13:8f:40:02:11:d3:
f8:49:a9:2a:30:37:f7:e6:ac:3d:36:24:73:47:f4:
38:83:79:16:ca:70:0e:9c:9d:ba:15:91:54:6a:bf:
3e:12:89:83:52:09:96:0d:a5:90:e7:de:84:e4:1c:
78:96:87:58:60:15:ad:26:a1:01:c0:8a:d6:9f:08:
f8:0b:fc:d2:9e:39:75:76:64:da:9c:c2:54:99:31:
46:6f:31:bf:47:38:b4:71:cf:0d:86:28:3b:c9:54:
c3:e4:62:8a:18:45:dd:84:91:ea:ab:26:0c:70:8c:
67:c8:13:95:93:cc:ec:1d:8f:fa:bd:32:b0:0d:f8:
af:10:4a:69:8e:3d:52:28:eb:25:e7:7e:5e:84:4e:
bb:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:9C:D7:07:81:20:7F:2F:7A:E5:29:18:6B:3D:A6:00:D7:32:19:59
X509v3 Authority Key Identifier:
keyid:18:88:60:07:DA:17:30:B0:77:0D:86:04:DB:73:D1:2F:D2:64:F3:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GIhgB9oXMLB3DYYE23PRL9Jk8_k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/bJzXB4Egfy965SkYaz2mANcyGVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/293328-9245-403b-8a4a-169c836bd6b0/1/GIhgB9oXMLB3DYYE23PRL9Jk8_k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.171.1.0-213.171.2.255
213.171.11.0/24
213.171.13.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:54:2b:eb:3d:75:2d:9c:35:aa:2f:d8:15:d1:b3:dc:23:da:
b8:0c:2e:aa:f3:73:92:0d:af:0a:2d:06:8e:d0:ca:a2:3a:dd:
ba:9b:99:4f:d6:4b:7e:ec:02:79:c4:6b:6f:97:1f:88:6b:04:
6d:cf:f3:29:9f:1b:39:8f:19:a6:4e:6d:e8:69:da:07:49:0b:
37:48:f8:e5:68:63:05:a6:7b:7c:db:41:f1:91:06:2a:f5:cf:
6a:eb:8c:71:fa:7a:de:1a:41:9c:e2:bb:7f:c5:cf:d4:4f:c1:
67:fe:17:01:5c:eb:92:ec:ba:96:53:6e:f2:7e:59:f4:9c:5c:
0d:35:d0:5f:e6:6c:b9:26:d4:7e:69:6a:f9:12:1a:31:c5:55:
44:60:8a:69:d5:81:f0:16:e3:02:9e:93:b7:ad:77:87:4e:b4:
05:8e:db:82:e7:a0:ed:32:8e:0a:d3:69:54:29:d2:46:40:95:
ba:a9:bb:af:d8:e2:40:32:15:32:4c:d3:12:93:e4:1a:ff:bb:
42:73:72:b8:39:f6:3f:1d:3a:82:24:3c:68:11:25:d4:3a:9a:
3d:77:a1:96:c1:c2:4a:6b:f3:d1:a7:75:ae:5d:aa:2d:ec:28:
57:0d:ee:4e:4c:00:16:15:96:8f:9a:6f:8a:6a:59:a8:70:cb:
68:62:c9:79
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY31PaPirqMS044/7vkaWcUIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ODg2MDA3ZGExNzMwYjA3NzBkODYwNGRiNzNkMTJmZDI2
NGYzZjkwHhcNMjQwMjI5MTQyMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzljZDcwNzgxMjA3ZjJmN2FlNTI5MTg2YjNkYTYwMGQ3MzIxOTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtK1MzVlqlJTaj4TTLAajMYFoMrG7
/VSHvKOpcvS120T5pa/wPfdsB5RpTOJJEYvLGK1++Fo9S1MN9yAqDOZey6o19C3w
LbMEbMFpKP3zgkQOyONHVy3vpE83rkvtwkaAC5w4j6t7WgvAcl/qQvUothkTj0AC
EdP4SakqMDf35qw9NiRzR/Q4g3kWynAOnJ26FZFUar8+EomDUgmWDaWQ596E5Bx4
lodYYBWtJqEBwIrWnwj4C/zSnjl1dmTanMJUmTFGbzG/Rzi0cc8Nhig7yVTD5GKK
GEXdhJHqqyYMcIxnyBOVk8zsHY/6vTKwDfivEEppjj1SKOsl535ehE67wwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGyc1weBIH8veuUpGGs9pgDXMhlZMB8GA1UdIwQY
MBaAFBiIYAfaFzCwdw2GBNtz0S/SZPP5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEt
MTY5YzgzNmJkNmIwLzEvYkp6WEI0RWdmeTk2NVNrWWF6Mm1BTmN5R1ZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTMzMjgtOTI0NS00MDNiLThhNGEtMTY5YzgzNmJkNmIw
LzEvR0loZ0I5b1hNTEIzRFlZRTIzUFJMOUprOF9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADVqwED
BADVqwIDBADVqwsDBADVqw0wDQYJKoZIhvcNAQELBQADggEBAHpUK+s9dS2cNaov
2BXRs9wj2rgMLqrzc5INrwotBo7QyqI63bqbmU/WS37sAnnEa2+XH4hrBG3P8ymf
GzmPGaZObehp2gdJCzdI+OVoYwWme3zbQfGRBir1z2rrjHH6et4aQZziu3/Fz9RP
wWf+FwFc65LsupZTbvJ+WfScXA010F/mbLkm1H5pavkSGjHFVURgimnVgfAW4wKe
k7etd4dOtAWO24LnoO0yjgrTaVQp0kZAlbqpu6/Y4kAyFTJM0xKT5Br/u0Jzcrg5
9j8dOoIkPGgRJdQ6mj13oZbBwkpr89Gnda5dqi3sKFcN7k5MABYVlo+ab4pqWahw
y2hiyXk=
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:46:58 2024 by rpki-client on console-ams.rpki-client.org