Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/bnipCpFYR8UPqOSEsSrVqsDZtFs.roa
File: bnipCpFYR8UPqOSEsSrVqsDZtFs.roa (raw, json)
Hash identifier: 2AJTMUg1WmRRQZiLHmWaay59arrrPUljH903gzj1Yoo=
Subject key identifier: 6E:78:A9:0A:91:58:47:C5:0F:A8:E4:84:B1:2A:D5:AA:C0:D9:B4:5B
Certificate issuer: /CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Certificate serial: 019118152581B3D6BEDF84DCAC68B61AD8CE
Authority key identifier: B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/bnipCpFYR8UPqOSEsSrVqsDZtFs.roa
Signing time: Sat 03 Aug 2024 11:52:04 +0000
ROA not before: Sat 03 Aug 2024 11:52:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43180
IP address blocks: 45.11.57.0/24 maxlen: 24
45.12.0.0/24 maxlen: 24
45.12.1.0/24 maxlen: 24
45.12.3.0/24 maxlen: 24
91.208.115.0/24 maxlen: 24
176.97.112.0/23 maxlen: 23
176.97.116.0/22 maxlen: 22
176.119.31.0/24 maxlen: 24
185.254.199.0/24 maxlen: 24
194.42.204.0/24 maxlen: 24
195.66.210.0/24 maxlen: 24
195.128.248.0/23 maxlen: 24
2a09:2dc2::/32 maxlen: 32
2a09:2dc3::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:18:15:25:81:b3:d6:be:df:84:dc:ac:68:b6:1a:d8:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b32c9c26df7ccd8ad38d89bd5d49380b93b1e009
Validity
Not Before: Aug 3 11:52:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e78a90a915847c50fa8e484b12ad5aac0d9b45b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:90:02:a3:d1:d1:47:b7:db:62:66:d4:bd:d2:
6e:8c:90:e1:95:1e:44:e9:cc:fa:50:00:4d:90:25:
1a:1b:73:29:f3:0c:8b:dd:e1:21:a8:ed:9c:a9:53:
34:c7:fc:5a:7f:98:fd:1d:cd:ba:b2:5f:83:68:37:
8e:85:da:57:76:79:9e:18:4b:ab:c9:31:49:b6:72:
d8:2f:fc:8a:bf:8d:0c:d7:74:8b:4f:0e:56:64:0b:
6c:e1:4a:30:39:c2:17:37:5f:5a:c9:44:bd:19:11:
9f:e2:8b:11:e2:40:6a:84:d8:12:2a:f7:fa:11:74:
1c:bb:ff:03:ad:e9:a5:1a:29:c3:11:fa:5c:bb:cc:
26:b1:be:22:32:6e:e0:23:32:18:83:7b:46:48:a8:
33:bf:44:a5:38:89:41:f3:00:f9:03:de:d8:9f:44:
78:36:75:ae:e8:5a:05:1f:8a:b5:15:4f:f5:55:76:
2b:ce:7b:71:09:53:e5:88:10:1d:25:fb:da:e1:73:
81:ff:c2:8f:9f:b0:df:0a:36:ee:ee:86:10:3e:8b:
18:bd:82:54:bc:50:b0:71:b3:e7:04:2e:2b:71:b9:
8c:27:fc:76:4f:ea:35:2b:dc:02:0f:61:8d:6e:c2:
74:20:46:aa:d6:37:ad:cd:1e:5e:f1:3a:5f:d7:74:
fa:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:78:A9:0A:91:58:47:C5:0F:A8:E4:84:B1:2A:D5:AA:C0:D9:B4:5B
X509v3 Authority Key Identifier:
keyid:B3:2C:9C:26:DF:7C:CD:8A:D3:8D:89:BD:5D:49:38:0B:93:B1:E0:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/syycJt98zYrTjYm9XUk4C5Ox4Ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/bnipCpFYR8UPqOSEsSrVqsDZtFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/d5da0c-9cf3-4f8b-a562-cb11bc5b2f1b/1/syycJt98zYrTjYm9XUk4C5Ox4Ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.57.0/24
45.12.0.0/23
45.12.3.0/24
91.208.115.0/24
176.97.112.0/23
176.97.116.0/22
176.119.31.0/24
185.254.199.0/24
194.42.204.0/24
195.66.210.0/24
195.128.248.0/23
IPv6:
2a09:2dc2::/31
Signature Algorithm: sha256WithRSAEncryption
60:5a:bd:b1:7f:9a:bf:47:e7:ed:55:dc:4c:40:2b:1b:51:89:
24:44:82:68:15:ea:ef:19:e2:c5:22:10:1a:22:85:ae:9c:7f:
8c:48:c2:d8:a7:88:49:19:cd:aa:ae:ed:d2:5c:43:75:9a:5f:
5b:ee:03:f3:8d:9d:dc:56:2f:03:3f:ef:a4:9b:a3:ae:e2:82:
cd:a9:c9:58:92:de:dd:7a:75:a5:21:77:5b:67:e2:fc:98:11:
91:83:d1:9f:8b:27:5e:57:63:9d:c4:82:07:47:fc:08:74:a5:
fb:08:87:c5:24:18:64:a7:55:b8:d7:e8:76:76:3c:62:16:42:
b1:89:e9:ea:31:32:f8:de:d2:1f:06:61:0f:89:61:18:0c:35:
de:b2:f6:e1:a2:e0:46:e6:ef:4a:fb:af:10:a8:ab:8d:15:07:
b3:89:47:96:d2:28:6e:e4:eb:74:5d:80:d8:15:56:ae:43:bf:
76:fb:c1:4c:4a:dc:3e:1d:19:7a:4a:6b:d7:8e:68:f5:4c:af:
f6:37:cf:f7:55:11:f8:2e:86:83:70:54:2f:77:a5:7d:fc:42:
42:dc:d8:e6:af:47:9a:99:b9:91:56:1e:c5:66:70:5c:18:d2:
be:fe:b2:4a:f8:56:23:48:46:80:99:7d:ad:e3:eb:fd:30:86:
29:ca:0f:c8
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZEYFSWBs9a+34TcrGi2GtjOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMmM5YzI2ZGY3Y2NkOGFkMzhkODliZDVkNDkzODBiOTNi
MWUwMDkwHhcNMjQwODAzMTE1MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTc4YTkwYTkxNTg0N2M1MGZhOGU0ODRiMTJhZDVhYWMwZDliNDViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAupACo9HRR7fbYmbUvdJujJDhlR5E
6cz6UABNkCUaG3Mp8wyL3eEhqO2cqVM0x/xaf5j9Hc26sl+DaDeOhdpXdnmeGEur
yTFJtnLYL/yKv40M13SLTw5WZAts4UowOcIXN19ayUS9GRGf4osR4kBqhNgSKvf6
EXQcu/8DremlGinDEfpcu8wmsb4iMm7gIzIYg3tGSKgzv0SlOIlB8wD5A97Yn0R4
NnWu6FoFH4q1FU/1VXYrzntxCVPliBAdJfva4XOB/8KPn7DfCjbu7oYQPosYvYJU
vFCwcbPnBC4rcbmMJ/x2T+o1K9wCD2GNbsJ0IEaq1jetzR5e8Tpf13T6dQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFG54qQqRWEfFD6jkhLEq1arA2bRbMB8GA1UdIwQY
MBaAFLMsnCbffM2K042JvV1JOAuTseAJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjIt
Y2IxMWJjNWIyZjFiLzEvYm5pcENwRllSOFVQcU9TRXNTclZxc0RadEZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC9kNWRhMGMtOWNmMy00ZjhiLWE1NjItY2IxMWJjNWIyZjFi
LzEvc3l5Y0p0OTh6WXJUalltOVhVazRDNU94NEFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQALQs5AwQB
LQwAAwQALQwDAwQAW9BzAwQBsGFwAwQCsGF0AwQAsHcfAwQAuf7HAwQAwirMAwQA
w0LSAwQBw4D4MA0EAgACMAcDBQEqCS3CMA0GCSqGSIb3DQEBCwUAA4IBAQBgWr2x
f5q/R+ftVdxMQCsbUYkkRIJoFervGeLFIhAaIoWunH+MSMLYp4hJGc2qru3SXEN1
ml9b7gPzjZ3cVi8DP++km6Ou4oLNqclYkt7denWlIXdbZ+L8mBGRg9GfiydeV2Od
xIIHR/wIdKX7CIfFJBhkp1W41+h2djxiFkKxienqMTL43tIfBmEPiWEYDDXesvbh
ouBG5u9K+68QqKuNFQeziUeW0ihu5Ot0XYDYFVauQ792+8FMStw+HRl6SmvXjmj1
TK/2N8/3VRH4LoaDcFQvd6V9/EJC3Njmr0eambmRVh7FZnBcGNK+/rJK+FYjSEaA
mX2t4+v9MIYpyg/I
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:25:00 2024 by rpki-client on console-fra.rpki-client.org