Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/BYx3Z6bkK08vV2sdMWJpyTQJJAw.roa
File: BYx3Z6bkK08vV2sdMWJpyTQJJAw.roa (raw, json)
Hash identifier: CmYZDN0D/0IVTFxLxmv7FMbmXmEBMFd2CUdlZ7jbfr0=
Subject key identifier: 05:8C:77:67:A6:E4:2B:4F:2F:57:6B:1D:31:62:69:C9:34:09:24:0C
Certificate issuer: /CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Certificate serial: 018F76F605487F385B6041F1A51725DF33FF
Authority key identifier: 0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/BYx3Z6bkK08vV2sdMWJpyTQJJAw.roa
Signing time: Tue 14 May 2024 11:56:25 +0000
ROA not before: Tue 14 May 2024 11:56:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200200
IP address blocks: 188.72.41.0/24 maxlen: 24
188.72.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:76:f6:05:48:7f:38:5b:60:41:f1:a5:17:25:df:33:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5140282591f9912f9639ee1412b6d1dcff0861
Validity
Not Before: May 14 11:56:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=058c7767a6e42b4f2f576b1d316269c93409240c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:96:3e:44:af:72:c3:0b:cf:ea:0e:39:62:bd:
2e:7c:e7:75:2c:94:f4:21:31:f4:27:fd:52:85:7c:
31:e8:e0:22:0a:8f:e3:eb:8c:ee:f3:76:bc:a0:ef:
a9:8b:88:ba:f7:5e:f2:06:73:77:f0:99:0f:c7:b6:
7c:67:34:ff:d5:77:f1:3c:cc:4c:65:b7:0e:71:44:
7d:e3:34:3f:f4:dd:de:a1:d1:2a:df:4f:23:b5:59:
5b:68:dc:bf:fe:e8:19:ee:c3:aa:c6:f2:3c:bf:bd:
c0:23:ad:1c:71:3f:eb:54:5b:72:12:d4:0d:c5:7d:
ab:a4:8c:c6:47:b3:e0:1c:23:66:0f:27:69:30:00:
a7:a8:99:21:95:cc:77:0c:36:6a:51:0f:ab:59:da:
be:a7:70:cb:1a:f2:3b:2d:25:a4:84:7b:5f:5c:3a:
c7:85:7a:d5:2f:c3:56:10:1a:2c:be:55:5c:e6:2e:
65:8e:5c:25:a8:ed:88:13:05:17:6e:99:19:24:b2:
ed:1f:3d:23:09:16:c1:cd:e0:47:57:5a:56:c9:bc:
31:b1:7a:2f:1b:f1:7e:00:72:85:eb:c4:91:18:d2:
86:9c:21:51:be:9c:09:61:77:f9:27:39:c8:6a:53:
23:af:b3:6c:96:81:ce:d7:f9:08:aa:57:81:1e:40:
d4:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:8C:77:67:A6:E4:2B:4F:2F:57:6B:1D:31:62:69:C9:34:09:24:0C
X509v3 Authority Key Identifier:
keyid:0C:51:40:28:25:91:F9:91:2F:96:39:EE:14:12:B6:D1:DC:FF:08:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFFAKCWR-ZEvljnuFBK20dz_CGE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/BYx3Z6bkK08vV2sdMWJpyTQJJAw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/0554a2-d3d9-4fc4-8ed5-de91469d3772/1/DFFAKCWR-ZEvljnuFBK20dz_CGE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.72.41.0/24
188.72.45.0/24
Signature Algorithm: sha256WithRSAEncryption
16:db:f3:d5:ee:5b:e3:16:4f:12:1b:a9:11:2c:e9:e6:86:57:
45:57:9e:31:26:49:9a:fe:3b:06:3c:20:80:b0:49:1f:a4:e9:
a3:9f:f9:9f:f9:b2:cf:f4:3b:ae:eb:85:bc:e4:12:9e:5e:5f:
79:d9:75:65:6b:d7:38:bc:94:3a:ac:06:54:c9:66:a2:98:6b:
59:1d:ef:8c:6c:e9:7e:56:37:c8:f3:8a:ae:a1:a9:e9:0b:25:
2a:42:50:26:11:83:fe:ed:22:e1:ee:31:d6:3e:9f:35:7b:57:
17:f3:60:40:2d:47:55:cb:8e:2c:af:78:62:f4:64:e1:2d:b4:
6a:b4:a3:e3:7b:f2:02:bc:59:83:ba:ef:d4:0b:93:e9:34:2f:
47:23:d9:5d:c8:5f:77:bd:7a:15:0b:b1:ca:49:dd:f2:9c:f5:
b8:de:a1:7f:5d:46:aa:1a:05:e8:57:a2:09:d9:ac:76:f1:e7:
a5:10:be:85:2b:c5:de:54:0e:b0:88:5f:f2:20:da:6e:9f:ba:
97:2c:d5:ef:5b:4e:fc:3c:cc:0e:30:60:d2:f9:2e:85:e0:27:
2f:16:2c:98:d8:96:90:2d:71:8a:01:4e:8d:c0:7f:1a:52:12:
7f:53:1d:c2:06:c8:ae:0a:6d:8c:82:dd:34:49:e0:d6:a6:d5:
86:93:2b:5b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY929gVIfzhbYEHxpRcl3zP/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNTE0MDI4MjU5MWY5OTEyZjk2MzllZTE0MTJiNmQxZGNm
ZjA4NjEwHhcNMjQwNTE0MTE1NjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNThjNzc2N2E2ZTQyYjRmMmY1NzZiMWQzMTYyNjljOTM0MDkyNDBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt5Y+RK9ywwvP6g45Yr0ufOd1LJT0
ITH0J/1ShXwx6OAiCo/j64zu83a8oO+pi4i6917yBnN38JkPx7Z8ZzT/1XfxPMxM
ZbcOcUR94zQ/9N3eodEq308jtVlbaNy//ugZ7sOqxvI8v73AI60ccT/rVFtyEtQN
xX2rpIzGR7PgHCNmDydpMACnqJkhlcx3DDZqUQ+rWdq+p3DLGvI7LSWkhHtfXDrH
hXrVL8NWEBosvlVc5i5ljlwlqO2IEwUXbpkZJLLtHz0jCRbBzeBHV1pWybwxsXov
G/F+AHKF68SRGNKGnCFRvpwJYXf5JznIalMjr7NsloHO1/kIqleBHkDUGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAWMd2em5CtPL1drHTFiack0CSQMMB8GA1UdIwQY
MBaAFAxRQCglkfmRL5Y57hQSttHc/whhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUt
ZGU5MTQ2OWQzNzcyLzEvQll4M1o2YmtLMDh2VjJzZE1XSnB5VFFKSkF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy8wNTU0YTItZDNkOS00ZmM0LThlZDUtZGU5MTQ2OWQzNzcy
LzEvREZGQUtDV1ItWkV2bGpudUZCSzIwZHpfQ0dFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAvEgpAwQA
vEgtMA0GCSqGSIb3DQEBCwUAA4IBAQAW2/PV7lvjFk8SG6kRLOnmhldFV54xJkma
/jsGPCCAsEkfpOmjn/mf+bLP9Duu64W85BKeXl952XVla9c4vJQ6rAZUyWaimGtZ
He+MbOl+VjfI84quoanpCyUqQlAmEYP+7SLh7jHWPp81e1cX82BALUdVy44sr3hi
9GThLbRqtKPje/ICvFmDuu/UC5PpNC9HI9ldyF93vXoVC7HKSd3ynPW43qF/XUaq
GgXoV6IJ2ax28eelEL6FK8XeVA6wiF/yINpun7qXLNXvW078PMwOMGDS+S6F4Ccv
FiyY2JaQLXGKAU6NwH8aUhJ/Ux3CBsiuCm2Mgt00SeDWptWGkytb
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:35:44 2024 by rpki-client on console-ams.rpki-client.org