Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bIAmX4LkoZ9D9iCsctDPbZK4F5U.roa
File: bIAmX4LkoZ9D9iCsctDPbZK4F5U.roa (raw, json)
Hash identifier: XiJRsoT3TOhY7sgANwhqUQdfto9uynkkoiXIEY+JmNk=
Subject key identifier: 6C:80:26:5F:82:E4:A1:9F:43:F6:20:AC:72:D0:CF:6D:92:B8:17:95
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 018CCA2B5224A5F80D1D1E8C0FC180980FFD
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bIAmX4LkoZ9D9iCsctDPbZK4F5U.roa
Signing time: Tue 02 Jan 2024 12:34:45 +0000
ROA not before: Tue 02 Jan 2024 12:34:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42495
IP address blocks: 185.115.241.0/24 maxlen: 24
2a06:7242::/48 maxlen: 48
2a06:7242::/43 maxlen: 43
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 20:58:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:52:24:a5:f8:0d:1d:1e:8c:0f:c1:80:98:0f:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jan 2 12:34:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c80265f82e4a19f43f620ac72d0cf6d92b81795
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:17:4b:37:6c:83:01:73:d7:45:2d:3e:51:9d:
11:6b:a4:2d:bc:5d:ef:0d:4f:5f:1d:5e:38:69:dc:
5c:28:67:c7:8c:1b:af:07:98:b8:28:5a:c9:9b:27:
fe:4d:a1:0d:71:b2:aa:1e:83:a3:d1:37:b4:b0:79:
4e:f3:63:0d:d3:10:f2:b3:50:b6:8d:e5:9f:00:dd:
71:ad:ba:62:e1:87:8f:84:5c:97:d0:3c:34:55:b7:
06:33:e2:2d:64:76:db:2e:43:19:67:51:3b:fe:56:
1f:ec:dc:42:67:cf:c3:3f:be:6a:85:d7:0e:83:7f:
da:b5:04:01:1a:5e:ce:7b:bf:aa:7c:00:96:33:32:
0c:28:c7:b9:5b:b3:68:ed:c3:1d:70:b9:bc:45:c9:
f8:fb:98:db:1a:d3:47:ce:4c:88:3f:95:67:b9:b2:
16:d8:ab:e2:3e:bc:f2:c1:eb:32:0b:51:4f:95:c5:
b4:86:63:67:c2:47:10:e5:e6:34:30:52:a7:44:6c:
92:b4:e5:03:ca:06:67:e0:a1:f5:65:68:ec:6a:5a:
a8:21:23:d1:3f:36:31:a9:a6:2c:a3:58:7c:55:6d:
17:fc:e8:89:69:e5:ba:fe:38:ff:e6:98:d5:bc:08:
81:3d:46:46:be:15:ce:53:c4:54:09:15:5d:a2:8b:
57:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:80:26:5F:82:E4:A1:9F:43:F6:20:AC:72:D0:CF:6D:92:B8:17:95
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bIAmX4LkoZ9D9iCsctDPbZK4F5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.115.241.0/24
IPv6:
2a06:7242::/43
Signature Algorithm: sha256WithRSAEncryption
9e:c3:29:0e:3a:55:7d:4b:32:d7:12:cf:bf:f1:ef:82:42:64:
8a:5e:98:f0:53:c8:39:40:12:4f:a7:52:bb:13:92:b7:a8:ff:
0e:02:c2:e2:68:57:f8:32:81:31:a2:35:83:14:99:c5:f8:a2:
55:1b:43:2b:d5:80:1b:ad:6a:b4:66:17:bd:e5:dc:ff:01:74:
e8:a7:7a:f4:fd:8a:b4:05:b4:0b:9f:42:1b:d7:64:65:ae:e6:
93:68:5e:a7:2a:30:85:79:4c:2e:72:13:4d:46:a6:12:fc:9f:
08:b0:83:8a:50:d8:7e:00:d5:70:7e:d6:01:a1:f7:6d:c6:73:
3d:16:78:07:7d:a9:02:63:56:f0:ad:b5:1c:f6:05:57:3c:69:
3b:16:47:5f:cd:4f:e9:0e:97:16:20:d8:6f:f5:d4:26:5e:60:
ad:5a:9f:4c:07:2b:08:72:09:24:4a:db:ec:0c:30:c7:8d:a6:
c8:ff:aa:e3:fb:42:15:61:d0:38:69:1a:88:40:23:72:14:84:
89:79:80:8f:bf:c9:1c:44:da:20:9b:b2:c1:52:f1:e3:49:6a:
0b:52:e1:b5:a8:76:cc:df:c7:6f:b1:09:7c:90:b5:2e:e4:e8:
1f:55:cc:fa:e9:d9:43:8c:7a:64:83:1d:d4:6c:fa:df:1a:63:
68:e3:b0:0d
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzKK1IkpfgNHR6MD8GAmA/9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjQwMTAyMTIzNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzgwMjY1ZjgyZTRhMTlmNDNmNjIwYWM3MmQwY2Y2ZDkyYjgxNzk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBdLN2yDAXPXRS0+UZ0Ra6QtvF3v
DU9fHV44adxcKGfHjBuvB5i4KFrJmyf+TaENcbKqHoOj0Te0sHlO82MN0xDys1C2
jeWfAN1xrbpi4YePhFyX0Dw0VbcGM+ItZHbbLkMZZ1E7/lYf7NxCZ8/DP75qhdcO
g3/atQQBGl7Oe7+qfACWMzIMKMe5W7No7cMdcLm8Rcn4+5jbGtNHzkyIP5VnubIW
2KviPrzywesyC1FPlcW0hmNnwkcQ5eY0MFKnRGyStOUDygZn4KH1ZWjsalqoISPR
PzYxqaYso1h8VW0X/OiJaeW6/jj/5pjVvAiBPUZGvhXOU8RUCRVdootXqQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGyAJl+C5KGfQ/YgrHLQz22SuBeVMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEvYklBbVg0TGtvWjlEOWlDc2N0RFBiWks0RjVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuXPxMA8E
AgACMAkDBwUqBnJCAAAwDQYJKoZIhvcNAQELBQADggEBAJ7DKQ46VX1LMtcSz7/x
74JCZIpemPBTyDlAEk+nUrsTkreo/w4CwuJoV/gygTGiNYMUmcX4olUbQyvVgBut
arRmF73l3P8BdOinevT9irQFtAufQhvXZGWu5pNoXqcqMIV5TC5yE01GphL8nwiw
g4pQ2H4A1XB+1gGh923Gcz0WeAd9qQJjVvCttRz2BVc8aTsWR1/NT+kOlxYg2G/1
1CZeYK1an0wHKwhyCSRK2+wMMMeNpsj/quP7QhVh0DhpGohAI3IUhIl5gI+/yRxE
2iCbssFS8eNJagtS4bWodszfx2+xCXyQtS7k6B9VzPrp2UOMemSDHdRs+t8aY2jj
sA0=
-----END CERTIFICATE-----
Generated at Sun May 5 00:35:58 2024 by rpki-client on console-fra.rpki-client.org