Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/Bt_4JQoKWW09UzcyHklVoYfy1H8.roa
File: Bt_4JQoKWW09UzcyHklVoYfy1H8.roa (raw, json)
Hash identifier: UDngKUprodAyqC+NJaWNuzz13odgnIwv1VuYR3RVKQQ=
Subject key identifier: 06:DF:F8:25:0A:0A:59:6D:3D:53:37:32:1E:49:55:A1:87:F2:D4:7F
Certificate issuer: /CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Certificate serial: 018CC50003FF3EB27F45E00A5F7E0BA83786
Authority key identifier: CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/Bt_4JQoKWW09UzcyHklVoYfy1H8.roa
Signing time: Mon 01 Jan 2024 12:29:21 +0000
ROA not before: Mon 01 Jan 2024 12:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202657
IP address blocks: 185.158.64.0/22 maxlen: 32
2a07:aa80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.mft
rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:03:ff:3e:b2:7f:45:e0:0a:5f:7e:0b:a8:37:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8d92ace08011c4d0aec8f22865715bd91a0122
Validity
Not Before: Jan 1 12:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06dff8250a0a596d3d5337321e4955a187f2d47f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:22:ee:94:56:81:d2:6f:25:16:47:7e:df:ae:
ae:a9:2c:6f:0f:5c:ac:1b:b9:78:7e:75:58:da:b3:
d7:78:47:ba:a2:41:4e:fe:5e:e7:15:8b:cf:5c:0f:
86:81:16:5e:74:f5:10:ba:b3:8e:56:29:b8:3f:ff:
6b:9e:22:47:56:55:79:ec:29:53:05:0d:4a:78:ff:
58:4f:84:08:f3:c3:2e:60:09:42:00:93:15:11:c4:
03:28:26:df:08:c9:d5:aa:d2:5f:f2:2d:c5:dc:43:
c9:c9:9e:8b:12:cc:c0:f9:c4:2e:ce:9e:48:a9:14:
80:34:e8:fa:a9:00:53:77:7c:ae:02:0e:7a:f1:aa:
06:4a:f8:e2:f0:33:6d:c2:a2:96:64:64:82:03:76:
f6:70:d0:11:a6:a5:9f:f8:ff:8a:e2:8a:34:fe:5e:
b3:19:b9:7a:de:05:25:a5:7c:ca:ab:f6:50:6c:f3:
77:10:ac:3d:ea:3f:fa:31:a4:7a:a0:ae:1b:12:b7:
81:70:e7:02:50:42:5c:f3:a1:0b:f6:d0:d0:4e:b9:
ee:7e:1a:cd:51:bf:fa:17:16:99:11:80:9b:20:4c:
fd:61:c1:6e:87:27:b6:1b:18:cf:6f:ee:ec:9f:58:
47:62:de:98:39:df:62:9b:5b:e2:3f:f8:73:b3:5d:
50:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:DF:F8:25:0A:0A:59:6D:3D:53:37:32:1E:49:55:A1:87:F2:D4:7F
X509v3 Authority Key Identifier:
keyid:CE:8D:92:AC:E0:80:11:C4:D0:AE:C8:F2:28:65:71:5B:D9:1A:01:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zo2SrOCAEcTQrsjyKGVxW9kaASI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/Bt_4JQoKWW09UzcyHklVoYfy1H8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/143d0b-7755-4250-8a8c-545449e49f73/1/zo2SrOCAEcTQrsjyKGVxW9kaASI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.158.64.0/22
IPv6:
2a07:aa80::/29
Signature Algorithm: sha256WithRSAEncryption
79:5c:b7:cc:0b:4e:83:34:5d:fd:87:2b:7c:17:66:15:1d:b1:
f3:3e:05:48:9b:3b:96:fb:f1:b1:85:3f:5a:35:21:64:93:56:
a1:41:bc:16:d6:ed:b1:a3:df:73:80:3f:59:3a:57:40:83:de:
6f:a9:12:e1:1a:1a:d2:22:a6:f7:ee:32:6f:83:1a:b6:62:89:
2b:15:51:c2:cd:28:79:96:09:c0:8b:c1:2e:a4:ef:25:a8:65:
01:cd:13:bc:9a:e9:1b:ed:85:be:62:be:5f:9c:96:6b:d8:1d:
fa:bb:5d:89:15:80:26:b7:25:8d:7b:a7:9f:84:9f:db:c3:b3:
cf:d8:f2:8a:c4:a8:2b:6c:e0:16:87:ce:9e:70:d5:41:e8:ea:
e9:9e:31:98:11:bd:b8:32:03:e7:86:af:33:17:a4:87:f4:42:
56:89:35:bf:ff:3e:3e:bb:50:33:51:de:fc:35:f3:c3:db:5c:
2d:fd:f2:02:c4:b2:2f:c9:02:a6:a6:53:bb:f3:fc:db:d9:c5:
a7:19:a8:ba:85:7a:f1:e5:43:ff:52:77:51:db:8e:71:79:6a:
be:68:ef:80:76:7a:3c:ad:a4:5d:03:ad:5a:16:07:c6:ca:c4:
34:d4:fa:f8:73:06:d3:75:96:3b:60:60:92:c4:ef:4e:ec:d7:
f1:d7:eb:0b
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAAP/PrJ/ReAKX34LqDeGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGQ5MmFjZTA4MDExYzRkMGFlYzhmMjI4NjU3MTViZDkx
YTAxMjIwHhcNMjQwMTAxMTIyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmRmZjgyNTBhMGE1OTZkM2Q1MzM3MzIxZTQ5NTVhMTg3ZjJkNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxCLulFaB0m8lFkd+366uqSxvD1ys
G7l4fnVY2rPXeEe6okFO/l7nFYvPXA+GgRZedPUQurOOVim4P/9rniJHVlV57ClT
BQ1KeP9YT4QI88MuYAlCAJMVEcQDKCbfCMnVqtJf8i3F3EPJyZ6LEszA+cQuzp5I
qRSANOj6qQBTd3yuAg568aoGSvji8DNtwqKWZGSCA3b2cNARpqWf+P+K4oo0/l6z
Gbl63gUlpXzKq/ZQbPN3EKw96j/6MaR6oK4bEreBcOcCUEJc86EL9tDQTrnufhrN
Ub/6FxaZEYCbIEz9YcFuhye2GxjPb+7sn1hHYt6YOd9im1viP/hzs11QiwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAbf+CUKClltPVM3Mh5JVaGH8tR/MB8GA1UdIwQY
MBaAFM6NkqzggBHE0K7I8ihlcVvZGgEiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMt
NTQ1NDQ5ZTQ5ZjczLzEvQnRfNEpRb0tXVzA5VXpjeUhrbFZvWWZ5MUg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS8xNDNkMGItNzc1NS00MjUwLThhOGMtNTQ1NDQ5ZTQ5Zjcz
LzEvem8yU3JPQ0FFY1RRcnNqeUtHVnhXOWthQVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZ5AMA0E
AgACMAcDBQMqB6qAMA0GCSqGSIb3DQEBCwUAA4IBAQB5XLfMC06DNF39hyt8F2YV
HbHzPgVImzuW+/GxhT9aNSFkk1ahQbwW1u2xo99zgD9ZOldAg95vqRLhGhrSIqb3
7jJvgxq2YokrFVHCzSh5lgnAi8EupO8lqGUBzRO8mukb7YW+Yr5fnJZr2B36u12J
FYAmtyWNe6efhJ/bw7PP2PKKxKgrbOAWh86ecNVB6OrpnjGYEb24MgPnhq8zF6SH
9EJWiTW//z4+u1AzUd78NfPD21wt/fICxLIvyQKmplO78/zb2cWnGai6hXrx5UP/
UndR245xeWq+aO+Adno8raRdA61aFgfGysQ01Pr4cwbTdZY7YGCSxO9O7Nfx1+sL
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:40:07 2024 by rpki-client on console-ams.rpki-client.org