Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/bgFnmrtXKGvjwpoFeTD_N-miuj8.roa
File: bgFnmrtXKGvjwpoFeTD_N-miuj8.roa (raw, json)
Hash identifier: Ve/ao7RuqEuExM0Z2Y2EOc3CplaSR2qTIiqLpDGLXoQ=
Subject key identifier: 6E:01:67:9A:BB:57:28:6B:E3:C2:9A:05:79:30:FF:37:E9:A2:BA:3F
Certificate issuer: /CN=0526b03c717184c3680817e55e2455f85d73a413
Certificate serial: 0191F1965C4E8EBD03F36F529DE63EA3F420
Authority key identifier: 05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/bgFnmrtXKGvjwpoFeTD_N-miuj8.roa
Signing time: Sat 14 Sep 2024 17:30:48 +0000
ROA not before: Sat 14 Sep 2024 17:30:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49454
IP address blocks: 109.202.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 Nov 2024 17:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f1:96:5c:4e:8e:bd:03:f3:6f:52:9d:e6:3e:a3:f4:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0526b03c717184c3680817e55e2455f85d73a413
Validity
Not Before: Sep 14 17:30:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e01679abb57286be3c29a057930ff37e9a2ba3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:a7:46:b4:17:a1:02:7c:46:47:c5:35:47:11:
60:92:52:f5:57:e8:70:3a:6a:c1:d1:25:f2:d4:62:
11:cb:ad:97:0b:9b:1f:2e:bc:06:24:e6:87:f2:b3:
97:d5:65:1b:1f:a5:b6:d4:bc:18:9a:12:71:f3:fa:
33:86:fa:22:23:d8:67:6b:c5:92:21:5d:9c:49:22:
cd:a9:57:1c:8c:02:3b:0c:b2:3b:54:52:76:0e:55:
e2:1b:fb:5d:b9:24:a6:06:49:f8:2e:ba:e9:6c:d3:
e0:fa:97:ba:28:5e:93:43:8a:d5:85:41:a3:03:26:
8b:5d:cf:a2:59:05:e7:8a:55:e5:a3:e5:3a:a6:c2:
c0:93:56:7c:26:18:fc:54:88:08:2e:10:3e:db:ed:
6d:e4:ee:63:45:96:46:c3:15:7e:fa:e9:2a:8b:9e:
fd:3e:d1:35:e7:1a:35:61:42:f4:6d:e8:7e:c9:4c:
c1:3f:f5:f9:d1:81:5c:f6:ff:46:c4:76:fa:dc:df:
20:4f:6d:68:2e:3a:5d:02:e9:d3:4f:34:b7:14:eb:
6a:82:9a:a9:4e:95:03:08:d5:13:26:05:b7:57:bf:
cd:e0:a6:a4:b8:82:50:e9:3d:b3:df:6a:dd:61:5d:
2a:24:cb:2d:c6:db:97:64:e9:4e:52:18:ce:95:b5:
d8:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:01:67:9A:BB:57:28:6B:E3:C2:9A:05:79:30:FF:37:E9:A2:BA:3F
X509v3 Authority Key Identifier:
keyid:05:26:B0:3C:71:71:84:C3:68:08:17:E5:5E:24:55:F8:5D:73:A4:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BSawPHFxhMNoCBflXiRV-F1zpBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/bgFnmrtXKGvjwpoFeTD_N-miuj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d1/a3383a-04eb-43f8-a953-3bf04a2a93d8/1/BSawPHFxhMNoCBflXiRV-F1zpBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.202.96.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:e6:de:bd:3e:40:b4:c1:91:a6:6b:e5:49:06:b0:92:f7:a7:
56:45:84:0d:5d:7a:06:fd:64:c0:45:aa:d7:ff:60:5e:29:cb:
48:66:58:17:2e:32:24:ac:90:0f:ae:8e:6a:64:05:31:8e:a0:
71:ac:8b:1c:74:0a:c7:4a:90:c7:26:6e:24:dc:a4:05:df:74:
73:9a:0f:bb:44:e6:a8:54:df:0a:39:46:3d:35:15:68:0a:28:
40:69:bf:d6:5e:49:21:65:e9:f3:13:45:8c:1c:80:33:82:a9:
04:d3:62:56:e0:d1:4d:f9:c1:e5:39:ea:99:e1:32:b6:03:43:
6f:59:e8:23:8e:f7:18:a5:5a:9e:da:ad:b5:13:6f:39:f7:8d:
a8:63:d6:dd:76:1b:e0:cf:a7:50:61:98:bd:06:ce:e5:20:fa:
70:99:46:e6:2c:bf:b6:a6:bc:07:39:f2:61:2c:af:b6:45:10:
1e:8b:f5:54:5c:65:a5:5a:94:db:b0:5b:6f:f7:ac:cf:d0:d7:
e5:5e:0c:56:cd:1e:a7:86:0d:e2:15:b2:fe:09:17:51:94:d3:
a4:5b:be:cb:96:b2:14:45:4c:1b:ef:2d:6a:5f:b2:a2:3b:9f:
bc:c1:91:e2:eb:60:5f:18:7a:3b:45:b6:06:9e:0a:5a:9f:58:
60:92:d6:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHxllxOjr0D829SneY+o/QgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MjZiMDNjNzE3MTg0YzM2ODA4MTdlNTVlMjQ1NWY4NWQ3
M2E0MTMwHhcNMjQwOTE0MTczMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTAxNjc5YWJiNTcyODZiZTNjMjlhMDU3OTMwZmYzN2U5YTJiYTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA46dGtBehAnxGR8U1RxFgklL1V+hw
OmrB0SXy1GIRy62XC5sfLrwGJOaH8rOX1WUbH6W21LwYmhJx8/ozhvoiI9hna8WS
IV2cSSLNqVccjAI7DLI7VFJ2DlXiG/tduSSmBkn4LrrpbNPg+pe6KF6TQ4rVhUGj
AyaLXc+iWQXnilXlo+U6psLAk1Z8Jhj8VIgILhA+2+1t5O5jRZZGwxV++ukqi579
PtE15xo1YUL0beh+yUzBP/X50YFc9v9GxHb63N8gT21oLjpdAunTTzS3FOtqgpqp
TpUDCNUTJgW3V7/N4KakuIJQ6T2z32rdYV0qJMstxtuXZOlOUhjOlbXYIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG4BZ5q7Vyhr48KaBXkw/zfporo/MB8GA1UdIwQY
MBaAFAUmsDxxcYTDaAgX5V4kVfhdc6QTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMt
M2JmMDRhMmE5M2Q4LzEvYmdGbm1ydFhLR3Zqd3BvRmVURF9OLW1pdWo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMS9hMzM4M2EtMDRlYi00M2Y4LWE5NTMtM2JmMDRhMmE5M2Q4
LzEvQlNhd1BIRnhoTU5vQ0JmbFhpUlYtRjF6cEJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbcpgMA0G
CSqGSIb3DQEBCwUAA4IBAQCr5t69PkC0wZGma+VJBrCS96dWRYQNXXoG/WTARarX
/2BeKctIZlgXLjIkrJAPro5qZAUxjqBxrIscdArHSpDHJm4k3KQF33Rzmg+7ROao
VN8KOUY9NRVoCihAab/WXkkhZenzE0WMHIAzgqkE02JW4NFN+cHlOeqZ4TK2A0Nv
WegjjvcYpVqe2q21E285942oY9bddhvgz6dQYZi9Bs7lIPpwmUbmLL+2prwHOfJh
LK+2RRAei/VUXGWlWpTbsFtv96zP0NflXgxWzR6nhg3iFbL+CRdRlNOkW77LlrIU
RUwb7y1qX7KiO5+8wZHi62BfGHo7RbYGngpan1hgktab
-----END CERTIFICATE-----
Generated at Sat Nov 16 01:34:29 2024 by rpki-client on console-ams.rpki-client.org