Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/BgdBM1O2op-e-XL-d2yTtpSg010.roa
File: BgdBM1O2op-e-XL-d2yTtpSg010.roa (raw, json)
Hash identifier: 2D+ypKKqfHydcUZD9McptvPeRoF2GK5hRLNXZr5sbnw=
Subject key identifier: 06:07:41:33:53:B6:A2:9F:9E:F9:72:FE:77:6C:93:B6:94:A0:D3:5D
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B4F9FF91874BA194B6041A61ABF3F
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/BgdBM1O2op-e-XL-d2yTtpSg010.roa
Signing time: Tue 02 Jan 2024 12:34:45 +0000
ROA not before: Tue 02 Jan 2024 12:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35387
IP address blocks: 45.136.1.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:4f:9f:f9:18:74:ba:19:4b:60:41:a6:1a:bf:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0607413353b6a29f9ef972fe776c93b694a0d35d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:f6:02:ba:f9:fb:c3:1a:31:fd:e2:f5:bf:a2:
3f:f9:e1:c8:0f:19:2b:22:18:1f:8d:72:93:94:10:
7e:8f:e9:70:74:c4:f7:d3:44:f0:51:1e:bd:f9:e6:
36:d2:14:89:cc:c9:e1:df:e9:ad:1b:c5:3b:db:8a:
a5:1c:35:ea:36:dc:26:33:01:8f:e6:6c:1a:cd:b7:
c0:f8:c1:2d:72:71:76:60:74:99:ab:86:0b:76:8c:
b5:bf:1e:93:e7:66:33:e1:b2:b7:f2:35:9a:fa:98:
f0:e6:25:d2:84:44:33:05:38:c8:fe:92:b8:bd:7e:
5b:ca:a9:50:d5:bb:c6:16:33:24:9c:09:9a:60:89:
dc:f9:76:cd:6c:15:b7:3b:24:2d:c0:1a:7d:31:d8:
e0:e5:2e:61:d9:49:23:41:18:ed:df:b2:fc:b3:19:
a5:f3:39:8d:de:cc:0e:d7:86:dd:18:8f:20:14:7a:
bf:70:21:16:03:25:7a:0a:1e:8b:9f:02:90:e0:cd:
b7:1f:59:95:77:4e:97:52:69:85:30:b1:0f:e2:e3:
48:ee:17:e5:96:6e:ba:57:aa:c7:38:17:f0:85:15:
21:3f:7b:29:40:ce:70:5a:52:a6:2f:62:77:06:16:
ad:4b:b9:47:6f:8d:40:e3:5a:a5:a3:31:fd:e0:5e:
2e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:07:41:33:53:B6:A2:9F:9E:F9:72:FE:77:6C:93:B6:94:A0:D3:5D
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/BgdBM1O2op-e-XL-d2yTtpSg010.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.1.0-45.136.3.255
Signature Algorithm: sha256WithRSAEncryption
5d:02:8a:77:75:93:a0:7a:09:aa:df:bd:38:5e:28:81:2d:65:
55:f8:d0:4b:f4:63:03:36:6d:d1:ad:d3:83:c8:42:7e:a1:f4:
73:dd:2b:d7:92:05:8e:2f:d7:9e:4d:f5:e5:2b:e5:9c:84:84:
ae:61:a2:bd:ae:fd:93:bd:62:ff:26:cc:4a:2b:57:7e:fe:68:
f7:14:cf:40:cc:cd:c2:3b:52:19:97:f7:cc:2d:f9:f7:27:72:
97:e7:84:d2:46:13:4f:17:49:d1:10:31:b8:2f:c4:82:de:52:
09:00:ca:51:b8:f1:fb:b2:22:c3:8b:7f:5b:12:fe:b0:79:ba:
1a:2b:41:3a:fd:e7:f8:1f:cb:64:a7:2f:a9:04:51:85:eb:e3:
0c:63:6d:10:a2:d5:b7:40:50:66:91:9e:86:05:10:44:d0:c7:
d3:c5:60:f6:f5:0f:09:66:12:56:fc:3b:fd:4e:ff:04:b2:30:
37:37:56:52:01:b4:58:f6:3d:ed:94:4c:de:98:e2:60:95:fb:
92:10:e4:40:e9:2c:a8:f6:65:57:66:95:96:fd:2a:15:ea:6a:
23:7f:85:8c:82:00:ce:a9:da:87:82:88:b0:fe:4e:7f:91:9c:
1b:69:5c:99:1c:5d:da:f9:7d:06:b3:cd:70:64:7c:35:24:96:
ae:ce:f1:0b
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzKK0+f+Rh0uhlLYEGmGr8/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjA3NDEzMzUzYjZhMjlmOWVmOTcyZmU3NzZjOTNiNjk0YTBkMzVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtPYCuvn7wxox/eL1v6I/+eHIDxkr
IhgfjXKTlBB+j+lwdMT300TwUR69+eY20hSJzMnh3+mtG8U724qlHDXqNtwmMwGP
5mwazbfA+MEtcnF2YHSZq4YLdoy1vx6T52Yz4bK38jWa+pjw5iXShEQzBTjI/pK4
vX5byqlQ1bvGFjMknAmaYInc+XbNbBW3OyQtwBp9Mdjg5S5h2UkjQRjt37L8sxml
8zmN3swO14bdGI8gFHq/cCEWAyV6Ch6LnwKQ4M23H1mVd06XUmmFMLEP4uNI7hfl
lm66V6rHOBfwhRUhP3spQM5wWlKmL2J3BhatS7lHb41A41qlozH94F4uAwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFAYHQTNTtqKfnvly/ndsk7aUoNNdMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvQmdkQk0xTzJvcC1lLVhMLWQyeVR0cFNnMDEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAAtiAED
BAItiAAwDQYJKoZIhvcNAQELBQADggEBAF0Cind1k6B6CarfvTheKIEtZVX40Ev0
YwM2bdGt04PIQn6h9HPdK9eSBY4v155N9eUr5ZyEhK5hor2u/ZO9Yv8mzEorV37+
aPcUz0DMzcI7UhmX98wt+fcncpfnhNJGE08XSdEQMbgvxILeUgkAylG48fuyIsOL
f1sS/rB5uhorQTr95/gfy2SnL6kEUYXr4wxjbRCi1bdAUGaRnoYFEETQx9PFYPb1
DwlmElb8O/1O/wSyMDc3VlIBtFj2Pe2UTN6Y4mCV+5IQ5EDpLKj2ZVdmlZb9KhXq
aiN/hYyCAM6p2oeCiLD+Tn+RnBtpXJkcXdr5fQazzXBkfDUklq7O8Qs=
-----END CERTIFICATE-----
Generated at Sun May 5 00:29:07 2024 by rpki-client on console-ams.rpki-client.org