Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/B_g1Zpvp6UozZQZ_MVBhQ_SkpXw.roa
File: B_g1Zpvp6UozZQZ_MVBhQ_SkpXw.roa (raw, json)
Hash identifier: /TF1QQov+gXyLw2EA7vl3XGNcreyYXHWI6RDXBOxd+c=
Subject key identifier: 07:F8:35:66:9B:E9:E9:4A:33:65:06:7F:31:50:61:43:F4:A4:A5:7C
Certificate issuer: /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial: 019247291942087D0B24DCC1E78995B01E61
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/B_g1Zpvp6UozZQZ_MVBhQ_SkpXw.roa
Signing time: Tue 01 Oct 2024 08:18:48 +0000
ROA not before: Tue 01 Oct 2024 08:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 82.21.0.0/16 maxlen: 16
82.22.0.0/16 maxlen: 16
82.23.0.0/16 maxlen: 16
82.24.0.0/16 maxlen: 16
82.25.0.0/16 maxlen: 16
82.26.0.0/16 maxlen: 16
82.27.0.0/16 maxlen: 16
82.29.0.0/16 maxlen: 16
193.39.32.0/20 maxlen: 20
193.193.96.0/20 maxlen: 20
212.43.160.0/19 maxlen: 19
213.147.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Oct 2024 14:44:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:47:29:19:42:08:7d:0b:24:dc:c1:e7:89:95:b0:1e:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Validity
Not Before: Oct 1 08:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07f835669be9e94a3365067f31506143f4a4a57c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:43:d2:50:da:80:0b:d2:41:d7:88:13:d8:c9:
6a:a6:87:39:0a:82:db:7f:71:46:16:17:fe:7a:c3:
f9:72:a9:4e:03:8b:57:da:93:95:b7:0a:08:bf:29:
4c:bf:7b:28:a3:3e:62:6e:f4:4c:ee:fd:fb:bd:05:
c8:aa:be:c7:96:e0:b3:c7:66:5e:a4:1e:6d:5a:5a:
17:c1:a6:10:49:f1:37:d9:00:dd:2c:12:34:9b:96:
fe:0c:3f:46:14:5a:1c:17:48:10:6b:63:0a:2d:32:
93:5c:3f:cc:09:5e:d6:92:4f:f6:95:a3:13:5d:70:
dd:6b:3f:0d:d8:f9:88:c0:3a:0c:d0:01:c9:34:ad:
16:ac:44:28:a7:a3:f7:f4:e0:cb:13:bc:eb:9f:ba:
27:53:bd:d4:51:be:7c:62:da:d9:a8:03:a3:6e:ed:
9e:7d:80:58:87:f6:bc:72:71:83:28:a6:f2:aa:a0:
06:57:0f:4b:19:62:64:4f:29:27:92:37:88:2f:41:
24:ea:2e:c2:91:5b:5f:53:3b:17:ab:d4:58:ec:45:
96:a9:cc:ce:c0:e2:17:15:c2:bb:18:4c:79:b7:67:
05:6e:0d:ff:8a:97:49:dd:a7:65:65:3e:19:f3:9b:
44:12:2e:86:0e:4e:e1:dc:fd:c9:5e:48:a4:b5:81:
de:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:F8:35:66:9B:E9:E9:4A:33:65:06:7F:31:50:61:43:F4:A4:A5:7C
X509v3 Authority Key Identifier:
keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/B_g1Zpvp6UozZQZ_MVBhQ_SkpXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.0.0-82.27.255.255
82.29.0.0/16
193.39.32.0/20
193.193.96.0/20
212.43.160.0/19
213.147.224.0/19
Signature Algorithm: sha256WithRSAEncryption
57:24:89:54:93:04:f7:06:b8:98:7b:86:f2:07:14:e9:bc:1a:
86:09:78:27:a7:51:c0:58:1e:8d:66:89:36:37:36:ef:0c:00:
eb:13:67:14:9e:af:4d:21:f6:02:19:74:6c:6b:83:86:4f:56:
90:e5:b6:b1:39:c6:7d:6a:16:a0:bb:9f:e8:84:98:f2:40:2c:
2b:97:c9:b2:00:7d:87:b7:84:f8:55:f6:7c:75:77:07:8d:2d:
5f:f1:18:23:7e:28:c2:95:74:12:63:c5:58:20:a7:85:eb:6f:
f6:2b:3b:1d:44:65:5b:29:4f:07:7e:c6:8d:3f:ab:e6:4e:4c:
37:5c:3d:96:89:7e:89:29:84:48:a3:ce:84:24:68:b2:3f:54:
08:ed:3e:83:60:07:ea:f7:26:36:ee:ae:a4:16:6d:56:c7:1b:
b7:77:3c:4b:78:cc:99:2e:e7:a6:d6:8b:36:75:f7:1f:8e:84:
2e:bb:15:41:77:9f:fb:cd:71:54:be:2a:63:5e:fb:26:83:9d:
0a:29:70:70:8f:f4:e8:e6:6f:3f:63:71:8e:8f:d0:84:f5:cc:
ef:50:c6:81:f1:a3:6f:96:2a:62:d8:75:58:e1:77:cc:3c:fa:
2c:79:3a:2e:ed:18:af:b0:2c:ef:e3:41:da:f6:02:02:25:b7:
8c:8a:30:b4
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZJHKRlCCH0LJNzB54mVsB5hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzA3ZDI5ZjU1NDNmMjFlYTMwMDliOTUyM2ZlNzFiOGYx
MzY5Y2EwHhcNMjQxMDAxMDgxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2Y4MzU2NjliZTllOTRhMzM2NTA2N2YzMTUwNjE0M2Y0YTRhNTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp0PSUNqAC9JB14gT2Mlqpoc5CoLb
f3FGFhf+esP5cqlOA4tX2pOVtwoIvylMv3sooz5ibvRM7v37vQXIqr7HluCzx2Ze
pB5tWloXwaYQSfE32QDdLBI0m5b+DD9GFFocF0gQa2MKLTKTXD/MCV7Wkk/2laMT
XXDdaz8N2PmIwDoM0AHJNK0WrEQop6P39ODLE7zrn7onU73UUb58YtrZqAOjbu2e
fYBYh/a8cnGDKKbyqqAGVw9LGWJkTyknkjeIL0Ek6i7CkVtfUzsXq9RY7EWWqczO
wOIXFcK7GEx5t2cFbg3/ipdJ3adlZT4Z85tEEi6GDk7h3P3JXkiktYHePwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFAf4NWab6elKM2UGfzFQYUP0pKV8MB8GA1UdIwQY
MBaAFBYwfSn1VD8h6jAJuVI/5xuPE2nKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2Yt
NGNmZTQwZjA3YTZiLzEvQl9nMVpwdnA2VW96WlFaX01WQmhRX1NrcFh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2YtNGNmZTQwZjA3YTZi
LzEvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAvBAIAATApMAoDAwBSFQMD
AlIYAwMAUh0DBATBJyADBATBwWADBAXUK6ADBAXVk+AwDQYJKoZIhvcNAQELBQAD
ggEBAFckiVSTBPcGuJh7hvIHFOm8GoYJeCenUcBYHo1miTY3Nu8MAOsTZxSer00h
9gIZdGxrg4ZPVpDltrE5xn1qFqC7n+iEmPJALCuXybIAfYe3hPhV9nx1dweNLV/x
GCN+KMKVdBJjxVggp4Xrb/YrOx1EZVspTwd+xo0/q+ZOTDdcPZaJfokphEijzoQk
aLI/VAjtPoNgB+r3JjburqQWbVbHG7d3PEt4zJku56bWizZ19x+OhC67FUF3n/vN
cVS+KmNe+yaDnQopcHCP9Ojmbz9jcY6P0IT1zO9QxoHxo2+WKmLYdVjhd8w8+ix5
Oi7tGK+wLO/jQdr2AgIlt4yKMLQ=
-----END CERTIFICATE-----
Generated at Tue Oct 22 18:58:29 2024 by rpki-client on console-fra.rpki-client.org