Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/BdszuQfrMcIWvk2eVFsysxeMeLM.roa
File: BdszuQfrMcIWvk2eVFsysxeMeLM.roa (raw, json)
Hash identifier: 4AP7OYZP7qdGZLyHsH8r2IVNFS5zbmqYA4BooCxn8uo=
Subject key identifier: 05:DB:33:B9:07:EB:31:C2:16:BE:4D:9E:54:5B:32:B3:17:8C:78:B3
Certificate issuer: /CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Certificate serial: 01914B432E1056F496211F240D1E43A62446
Authority key identifier: 47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/BdszuQfrMcIWvk2eVFsysxeMeLM.roa
Signing time: Tue 13 Aug 2024 10:22:59 +0000
ROA not before: Tue 13 Aug 2024 10:22:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29286
IP address blocks: 128.140.128.0/20 maxlen: 20
185.23.96.0/23 maxlen: 23
185.23.99.0/24 maxlen: 24
213.180.228.0/24 maxlen: 24
213.180.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4b:43:2e:10:56:f4:96:21:1f:24:0d:1e:43:a6:24:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47e94ccb7b601da0ca09469f60f653640fed8c1c
Validity
Not Before: Aug 13 10:22:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05db33b907eb31c216be4d9e545b32b3178c78b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:80:a0:76:9b:fb:74:30:76:85:f9:fc:8f:04:
80:1c:d7:ea:6e:37:63:36:24:a0:c3:fe:6a:45:de:
76:3b:d6:a0:fd:c3:d3:1d:47:b3:42:2a:13:85:12:
fc:a2:0f:33:d3:4e:87:38:3e:11:bf:40:44:58:6f:
a4:b2:9e:b1:27:ac:4b:dd:7f:04:76:22:19:ca:83:
55:08:63:73:fc:d4:0b:05:7c:22:a0:7e:40:75:b5:
4d:6b:c8:4b:56:de:ab:5e:ce:b2:df:d1:aa:f4:f5:
43:a3:66:f0:37:69:30:8d:cc:d3:82:28:fb:e9:ea:
3d:cf:b1:bc:f6:eb:11:6a:37:62:97:a2:73:8e:48:
5b:74:24:b8:6a:2c:26:ec:33:05:91:6c:d1:6e:64:
2a:8e:87:77:fa:4a:30:cc:37:1f:df:d0:aa:93:56:
8a:9b:4e:a2:c4:38:eb:a8:3b:a1:2c:d1:73:01:dc:
df:ba:33:61:93:49:c1:e5:d4:49:dd:c0:9c:f2:54:
3c:23:ac:c7:eb:a4:c9:24:cf:fa:e7:6b:63:ee:4b:
71:76:23:bf:6e:2c:c7:78:45:cb:34:37:29:89:1f:
31:24:ff:59:14:0c:a6:91:5f:c3:04:ff:c4:c7:36:
04:51:43:46:e5:29:52:ca:30:20:ab:ed:8e:5e:f6:
38:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DB:33:B9:07:EB:31:C2:16:BE:4D:9E:54:5B:32:B3:17:8C:78:B3
X509v3 Authority Key Identifier:
keyid:47:E9:4C:CB:7B:60:1D:A0:CA:09:46:9F:60:F6:53:64:0F:ED:8C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R-lMy3tgHaDKCUafYPZTZA_tjBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/BdszuQfrMcIWvk2eVFsysxeMeLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/9e29dc-cec9-49e2-bce4-bd90a3f06e16/1/R-lMy3tgHaDKCUafYPZTZA_tjBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.140.128.0/20
185.23.96.0/23
185.23.99.0/24
213.180.228.0/24
213.180.252.0/22
Signature Algorithm: sha256WithRSAEncryption
ab:49:a1:d2:b0:14:d5:a6:26:5b:b0:bd:8d:18:fb:0e:84:c6:
0a:ef:b2:99:4a:8f:ac:b3:ff:dd:bb:e0:74:e0:f0:dc:de:74:
c9:fa:1f:90:f9:e1:06:b9:25:4f:6d:5c:c1:27:cc:de:d9:f3:
7d:3c:52:f0:7f:b4:26:44:f6:4c:73:36:90:09:12:22:7c:d2:
30:ee:cf:a3:56:85:a4:b9:9c:09:bb:43:98:47:e4:ce:f0:18:
09:07:de:18:46:29:d0:d9:41:03:76:02:84:0b:38:a5:45:3a:
d3:3d:25:4a:65:b0:14:f0:e6:f9:7e:7f:7f:a7:a1:e9:e8:07:
ec:03:d4:bb:36:84:dd:89:20:8d:5f:2f:1b:e4:cc:f9:5b:96:
24:c8:10:1c:a8:2f:b0:55:8f:79:4c:cd:c4:e7:5e:04:b9:4b:
74:74:36:97:81:2c:28:40:0c:f2:56:57:50:4b:46:17:ac:fa:
52:c2:d7:39:41:94:ef:90:1c:50:70:be:bb:0d:6a:2a:52:b0:
b0:82:78:b4:71:e5:e3:b6:17:b0:c9:19:97:45:1a:bf:0c:56:
b9:e5:b5:0f:d3:49:0c:e5:f4:d9:9c:bc:b2:d4:3b:4e:0b:0f:
b6:df:8a:c5:2b:63:ba:a5:b3:a7:53:8f:89:db:88:da:7a:7a:
f1:dd:6a:6d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZFLQy4QVvSWIR8kDR5DpiRGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3ZTk0Y2NiN2I2MDFkYTBjYTA5NDY5ZjYwZjY1MzY0MGZl
ZDhjMWMwHhcNMjQwODEzMTAyMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWRiMzNiOTA3ZWIzMWMyMTZiZTRkOWU1NDViMzJiMzE3OGM3OGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4Cgdpv7dDB2hfn8jwSAHNfqbjdj
NiSgw/5qRd52O9ag/cPTHUezQioThRL8og8z006HOD4Rv0BEWG+ksp6xJ6xL3X8E
diIZyoNVCGNz/NQLBXwioH5AdbVNa8hLVt6rXs6y39Gq9PVDo2bwN2kwjczTgij7
6eo9z7G89usRajdil6JzjkhbdCS4aiwm7DMFkWzRbmQqjod3+kowzDcf39Cqk1aK
m06ixDjrqDuhLNFzAdzfujNhk0nB5dRJ3cCc8lQ8I6zH66TJJM/652tj7ktxdiO/
bizHeEXLNDcpiR8xJP9ZFAymkV/DBP/ExzYEUUNG5SlSyjAgq+2OXvY4JQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFAXbM7kH6zHCFr5NnlRbMrMXjHizMB8GA1UdIwQY
MBaAFEfpTMt7YB2gyglGn2D2U2QP7YwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQt
YmQ5MGEzZjA2ZTE2LzEvQmRzenVRZnJNY0lXdmsyZVZGc3lzeGVNZUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC85ZTI5ZGMtY2VjOS00OWUyLWJjZTQtYmQ5MGEzZjA2ZTE2
LzEvUi1sTXkzdGdIYURLQ1VhZllQWlRaQV90akJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQEgIyAAwQB
uRdgAwQAuRdjAwQA1bTkAwQC1bT8MA0GCSqGSIb3DQEBCwUAA4IBAQCrSaHSsBTV
piZbsL2NGPsOhMYK77KZSo+ss//du+B04PDc3nTJ+h+Q+eEGuSVPbVzBJ8ze2fN9
PFLwf7QmRPZMczaQCRIifNIw7s+jVoWkuZwJu0OYR+TO8BgJB94YRinQ2UEDdgKE
CzilRTrTPSVKZbAU8Ob5fn9/p6Hp6AfsA9S7NoTdiSCNXy8b5Mz5W5YkyBAcqC+w
VY95TM3E514EuUt0dDaXgSwoQAzyVldQS0YXrPpSwtc5QZTvkBxQcL67DWoqUrCw
gni0ceXjthewyRmXRRq/DFa55bUP00kM5fTZnLyy1DtOCw+234rFK2O6pbOnU4+J
24jaenrx3Wpt
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:15:40 2024 by rpki-client on console-fra.rpki-client.org