Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/8ea70c-f5f6-4b27-94ca-3d344c9c26b6/1/bXimWx9ka4smdTtllLNuN99x8hU.roa
File: bXimWx9ka4smdTtllLNuN99x8hU.roa (raw, json)
Hash identifier: e+807gG/TtkFsisLjAGvdR757E2tMh7LTRIDavehq+o=
Subject key identifier: 6D:78:A6:5B:1F:64:6B:8B:26:75:3B:65:94:B3:6E:37:DF:71:F2:15
Certificate issuer: /CN=d81c7962433c2fe0bf62b8c388392995f942b14c
Certificate serial: 018CC2DAFDB31AE2628EE6ABE1DDFAF5787B
Authority key identifier: D8:1C:79:62:43:3C:2F:E0:BF:62:B8:C3:88:39:29:95:F9:42:B1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Bx5YkM8L-C_YrjDiDkplflCsUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/8ea70c-f5f6-4b27-94ca-3d344c9c26b6/1/bXimWx9ka4smdTtllLNuN99x8hU.roa
Signing time: Mon 01 Jan 2024 02:29:40 +0000
ROA not before: Mon 01 Jan 2024 02:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51588
IP address blocks: 194.56.94.0/23 maxlen: 23
194.56.94.0/24 maxlen: 24
194.56.92.0/24 maxlen: 24
194.56.92.0/23 maxlen: 23
194.56.92.0/22 maxlen: 22
194.56.95.0/24 maxlen: 24
2a06:3100::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/8ea70c-f5f6-4b27-94ca-3d344c9c26b6/1/2Bx5YkM8L-C_YrjDiDkplflCsUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/8ea70c-f5f6-4b27-94ca-3d344c9c26b6/1/2Bx5YkM8L-C_YrjDiDkplflCsUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Bx5YkM8L-C_YrjDiDkplflCsUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:fd:b3:1a:e2:62:8e:e6:ab:e1:dd:fa:f5:78:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d81c7962433c2fe0bf62b8c388392995f942b14c
Validity
Not Before: Jan 1 02:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d78a65b1f646b8b26753b6594b36e37df71f215
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:46:a6:42:f0:81:44:1f:69:bd:0d:04:5c:d6:
ca:84:38:08:4f:96:e1:78:6f:62:34:c4:52:bd:8c:
03:3f:05:bf:a3:a1:03:07:8e:fa:27:8c:1a:0f:19:
b2:2d:50:3a:99:f1:53:44:f8:26:7a:6d:8a:2b:cc:
ee:16:84:a7:4d:47:c5:ca:af:9c:3a:69:83:f9:85:
d0:48:59:26:08:12:c7:28:43:76:42:9c:5d:54:b1:
1e:dc:97:c4:b0:6b:c0:50:9b:6c:08:b0:b8:6e:75:
fe:a9:d5:40:59:8a:b7:34:c1:77:c1:b6:38:56:de:
04:8b:52:7f:5a:82:84:01:d6:8d:2f:f6:d4:ac:8e:
ad:f3:65:9b:06:38:b0:9b:30:a1:53:50:8a:a7:0b:
1e:c9:54:36:3f:cc:c3:db:6b:a7:d3:94:4e:9c:5a:
c9:77:57:55:9b:9c:d2:ca:77:33:d6:4c:bb:a8:45:
b7:bf:47:a9:05:c7:d2:6b:48:71:a8:02:84:f8:85:
90:a2:d8:15:31:0d:6a:d3:ae:9e:dd:15:9b:75:81:
01:af:fd:58:14:ad:68:2b:d6:53:35:a5:51:b7:88:
82:36:d8:14:df:58:4f:4d:b3:b0:09:7e:e2:ee:84:
2b:0a:ee:f9:cd:43:51:c7:1c:dd:14:b3:08:bf:79:
36:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:78:A6:5B:1F:64:6B:8B:26:75:3B:65:94:B3:6E:37:DF:71:F2:15
X509v3 Authority Key Identifier:
keyid:D8:1C:79:62:43:3C:2F:E0:BF:62:B8:C3:88:39:29:95:F9:42:B1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Bx5YkM8L-C_YrjDiDkplflCsUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8ea70c-f5f6-4b27-94ca-3d344c9c26b6/1/bXimWx9ka4smdTtllLNuN99x8hU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/8ea70c-f5f6-4b27-94ca-3d344c9c26b6/1/2Bx5YkM8L-C_YrjDiDkplflCsUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.56.92.0/22
IPv6:
2a06:3100::/29
Signature Algorithm: sha256WithRSAEncryption
50:6e:53:61:22:d4:d2:6b:65:52:c3:55:e5:14:3a:d2:c3:56:
8f:ef:de:62:b6:1d:9b:90:16:25:7b:a4:92:5b:e9:fe:c6:a7:
51:95:32:67:d7:f8:3e:4c:92:fe:ac:77:48:cf:0f:56:ae:4f:
c9:96:6e:d5:4a:91:ec:7a:5c:13:e1:19:16:32:e9:26:c6:b4:
4f:38:a7:89:99:49:dc:55:4e:ef:d3:c5:f4:c3:22:69:f2:70:
37:d9:0e:37:91:4b:b2:4d:a2:0f:de:5f:99:f5:f9:d8:c4:55:
79:f9:3c:f2:c0:db:40:02:6d:fc:2b:5c:55:fa:b3:a1:89:25:
1e:1d:42:bf:a2:d5:cc:37:61:33:7d:da:cc:f3:51:fb:c0:4f:
5a:07:a0:99:74:27:23:9d:a4:f0:34:eb:cf:e7:fa:bd:99:73:
0d:d5:d1:e8:10:4f:fa:b6:90:9b:ac:45:04:ae:78:79:1d:a4:
a5:8f:6c:18:51:4e:bc:9a:fd:29:95:67:67:c9:ee:c2:63:a7:
ff:92:87:0e:3d:b7:c6:5e:97:04:58:c9:62:c1:be:16:83:27:
2c:24:4a:51:0c:31:8c:32:cd:e3:76:66:54:b4:51:33:47:2f:
31:35:46:63:aa:f6:d4:ae:ea:d6:f1:43:06:5d:9c:ba:b7:0e:
70:7b:cf:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2v2zGuJijuar4d369Xh7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MWM3OTYyNDMzYzJmZTBiZjYyYjhjMzg4MzkyOTk1Zjk0
MmIxNGMwHhcNMjQwMTAxMDIyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDc4YTY1YjFmNjQ2YjhiMjY3NTNiNjU5NGIzNmUzN2RmNzFmMjE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0amQvCBRB9pvQ0EXNbKhDgIT5bh
eG9iNMRSvYwDPwW/o6EDB476J4waDxmyLVA6mfFTRPgmem2KK8zuFoSnTUfFyq+c
OmmD+YXQSFkmCBLHKEN2QpxdVLEe3JfEsGvAUJtsCLC4bnX+qdVAWYq3NMF3wbY4
Vt4Ei1J/WoKEAdaNL/bUrI6t82WbBjiwmzChU1CKpwseyVQ2P8zD22un05ROnFrJ
d1dVm5zSyncz1ky7qEW3v0epBcfSa0hxqAKE+IWQotgVMQ1q066e3RWbdYEBr/1Y
FK1oK9ZTNaVRt4iCNtgU31hPTbOwCX7i7oQrCu75zUNRxxzdFLMIv3k2rQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG14plsfZGuLJnU7ZZSzbjffcfIVMB8GA1UdIwQY
MBaAFNgceWJDPC/gv2K4w4g5KZX5QrFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJ4NVlrTThMLUNfWXJqRGlEa3BsZmxDc1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84ZWE3MGMtZjVmNi00YjI3LTk0Y2Et
M2QzNDRjOWMyNmI2LzEvYlhpbVd4OWthNHNtZFR0bGxMTnVOOTl4OGhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84ZWE3MGMtZjVmNi00YjI3LTk0Y2EtM2QzNDRjOWMyNmI2
LzEvMkJ4NVlrTThMLUNfWXJqRGlEa3BsZmxDc1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwjhcMA0E
AgACMAcDBQMqBjEAMA0GCSqGSIb3DQEBCwUAA4IBAQBQblNhItTSa2VSw1XlFDrS
w1aP795ith2bkBYle6SSW+n+xqdRlTJn1/g+TJL+rHdIzw9Wrk/Jlm7VSpHselwT
4RkWMukmxrRPOKeJmUncVU7v08X0wyJp8nA32Q43kUuyTaIP3l+Z9fnYxFV5+Tzy
wNtAAm38K1xV+rOhiSUeHUK/otXMN2EzfdrM81H7wE9aB6CZdCcjnaTwNOvP5/q9
mXMN1dHoEE/6tpCbrEUErnh5HaSlj2wYUU68mv0plWdnye7CY6f/kocOPbfGXpcE
WMliwb4WgycsJEpRDDGMMs3jdmZUtFEzRy8xNUZjqvbUrurW8UMGXZy6tw5we8+k
-----END CERTIFICATE-----
Generated at Sat Dec 28 03:00:51 2024 by rpki-client on console-ams.rpki-client.org