Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/810c11-a105-4db1-a6b5-392b863c9f03/1/BdiPrb-MdoRJx__mrcPeT7vc2Q8.roa
File: BdiPrb-MdoRJx__mrcPeT7vc2Q8.roa (raw, json)
Hash identifier: L5mSTYQLCAjeKVwWgIrg1JxVERMyXDOdyWTyVNu83Wo=
Subject key identifier: 05:D8:8F:AD:BF:8C:76:84:49:C7:FF:E6:AD:C3:DE:4F:BB:DC:D9:0F
Certificate issuer: /CN=ecba774ba82fb0427f766e783e770f4bd96416f9
Certificate serial: 018CC56E2FBB648965F7F1FC15855A4D4DC9
Authority key identifier: EC:BA:77:4B:A8:2F:B0:42:7F:76:6E:78:3E:77:0F:4B:D9:64:16:F9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7Lp3S6gvsEJ_dm54PncPS9lkFvk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/810c11-a105-4db1-a6b5-392b863c9f03/1/BdiPrb-MdoRJx__mrcPeT7vc2Q8.roa
Signing time: Mon 01 Jan 2024 14:29:41 +0000
ROA not before: Mon 01 Jan 2024 14:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21057
IP address blocks: 80.84.128.0/22 maxlen: 22
80.84.139.0/24 maxlen: 24
80.84.138.0/23 maxlen: 23
80.84.137.0/24 maxlen: 24
80.84.141.0/24 maxlen: 24
80.84.140.0/23 maxlen: 23
80.84.140.0/24 maxlen: 24
80.84.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/810c11-a105-4db1-a6b5-392b863c9f03/1/7Lp3S6gvsEJ_dm54PncPS9lkFvk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/810c11-a105-4db1-a6b5-392b863c9f03/1/7Lp3S6gvsEJ_dm54PncPS9lkFvk.mft
rsync://rpki.ripe.net/repository/DEFAULT/7Lp3S6gvsEJ_dm54PncPS9lkFvk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:2f:bb:64:89:65:f7:f1:fc:15:85:5a:4d:4d:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecba774ba82fb0427f766e783e770f4bd96416f9
Validity
Not Before: Jan 1 14:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05d88fadbf8c768449c7ffe6adc3de4fbbdcd90f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:11:ba:b0:18:64:65:f5:a4:2f:d4:28:a6:c6:
0c:34:74:c8:62:5d:37:86:21:ff:c0:31:38:6b:c9:
09:39:e1:ca:9b:41:cf:d6:6a:52:95:11:db:33:ed:
45:fb:bb:fe:76:02:8e:e0:6b:1c:b9:1f:ef:a7:80:
db:8a:e5:ca:83:2c:2c:23:f5:6d:c5:33:bb:a2:df:
d9:af:19:84:4e:04:4d:86:f5:40:7c:06:65:6b:d4:
49:b3:3c:38:04:17:63:3d:ca:a7:d7:6c:9f:4d:05:
76:f5:f9:77:cd:9a:d9:80:99:b9:2f:f2:a7:ca:0f:
04:43:aa:4d:ef:9f:35:f3:0e:bf:51:1b:33:0e:2d:
91:5d:12:d4:f4:da:e1:c6:78:63:b6:3f:b1:17:1a:
64:82:14:eb:53:29:75:2d:65:4b:69:7d:d4:f3:16:
e3:6a:92:86:34:37:f3:c8:ee:8f:5a:2d:09:fc:63:
35:53:b5:9b:b7:a2:27:3a:d0:d8:40:29:12:e3:8f:
bb:7e:41:2e:93:b8:73:97:1e:0d:35:87:31:1c:ed:
8e:e8:19:ad:31:fa:2e:c7:33:17:c2:31:f0:4a:f5:
f1:73:ed:12:88:1d:b7:99:bb:e3:df:65:76:29:b4:
d6:e2:cf:ee:61:7b:a0:38:89:8b:c3:5b:2a:4b:43:
dc:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D8:8F:AD:BF:8C:76:84:49:C7:FF:E6:AD:C3:DE:4F:BB:DC:D9:0F
X509v3 Authority Key Identifier:
keyid:EC:BA:77:4B:A8:2F:B0:42:7F:76:6E:78:3E:77:0F:4B:D9:64:16:F9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7Lp3S6gvsEJ_dm54PncPS9lkFvk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/810c11-a105-4db1-a6b5-392b863c9f03/1/BdiPrb-MdoRJx__mrcPeT7vc2Q8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/810c11-a105-4db1-a6b5-392b863c9f03/1/7Lp3S6gvsEJ_dm54PncPS9lkFvk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.128.0/22
80.84.137.0-80.84.141.255
80.84.148.0/24
Signature Algorithm: sha256WithRSAEncryption
48:20:d6:72:6d:38:43:87:ae:83:df:0c:08:e0:35:fc:30:f1:
50:ee:6a:24:f0:d8:74:c9:36:f7:a9:98:3c:b9:3a:94:d8:b1:
f1:77:3d:35:99:ea:3d:3f:09:ad:37:d7:88:be:78:a9:2e:6d:
e1:eb:16:3c:a0:92:4e:64:a9:65:9c:e8:2d:a6:ea:ff:19:bc:
4d:d9:3c:4e:87:2c:b0:dd:b4:8c:ee:c4:6b:2c:42:e2:fb:ce:
9e:94:21:7c:e2:d7:05:da:c8:51:83:4b:9c:d8:91:91:ab:da:
b0:18:b0:a0:aa:f2:35:63:a3:f9:1e:de:a5:68:4a:e3:68:fb:
c0:5c:06:f1:ba:d2:fc:aa:f4:48:da:3d:dc:de:21:b4:7d:d2:
15:e5:80:85:ca:8a:01:a5:93:77:c5:c8:cb:fc:2e:4a:07:ee:
8f:3e:4e:e4:9e:55:25:e0:c8:98:ac:c5:9d:f0:0f:bf:f8:c3:
7c:49:b5:a6:18:05:4e:e0:01:95:de:7b:15:a9:d3:60:c6:f4:
b5:4a:87:2b:82:01:40:76:8b:33:bf:41:6e:a8:91:aa:70:60:
a1:65:01:18:5f:50:2e:cb:a0:ea:47:8d:56:e6:63:7d:c1:ad:
15:32:5e:7b:f9:24:97:dd:c8:70:d3:43:b5:99:92:b5:ce:72:
d9:a1:f7:fa
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFbi+7ZIll9/H8FYVaTU3JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjYmE3NzRiYTgyZmIwNDI3Zjc2NmU3ODNlNzcwZjRiZDk2
NDE2ZjkwHhcNMjQwMTAxMTQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQ4OGZhZGJmOGM3Njg0NDljN2ZmZTZhZGMzZGU0ZmJiZGNkOTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BG6sBhkZfWkL9QopsYMNHTIYl03
hiH/wDE4a8kJOeHKm0HP1mpSlRHbM+1F+7v+dgKO4GscuR/vp4DbiuXKgywsI/Vt
xTO7ot/ZrxmETgRNhvVAfAZla9RJszw4BBdjPcqn12yfTQV29fl3zZrZgJm5L/Kn
yg8EQ6pN75818w6/URszDi2RXRLU9Nrhxnhjtj+xFxpkghTrUyl1LWVLaX3U8xbj
apKGNDfzyO6PWi0J/GM1U7Wbt6InOtDYQCkS44+7fkEuk7hzlx4NNYcxHO2O6Bmt
MfouxzMXwjHwSvXxc+0SiB23mbvj32V2KbTW4s/uYXugOImLw1sqS0Pc0wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAXYj62/jHaEScf/5q3D3k+73NkPMB8GA1UdIwQY
MBaAFOy6d0uoL7BCf3ZueD53D0vZZBb5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0xwM1M2Z3ZzRUpfZG01NFBuY1BTOWxrRnZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi84MTBjMTEtYTEwNS00ZGIxLWE2YjUt
MzkyYjg2M2M5ZjAzLzEvQmRpUHJiLU1kb1JKeF9fbXJjUGVUN3ZjMlE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi84MTBjMTEtYTEwNS00ZGIxLWE2YjUtMzkyYjg2M2M5ZjAz
LzEvN0xwM1M2Z3ZzRUpfZG01NFBuY1BTOWxrRnZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCUFSAMAwD
BABQVIkDBAFQVIwDBABQVJQwDQYJKoZIhvcNAQELBQADggEBAEgg1nJtOEOHroPf
DAjgNfww8VDuaiTw2HTJNvepmDy5OpTYsfF3PTWZ6j0/Ca0314i+eKkubeHrFjyg
kk5kqWWc6C2m6v8ZvE3ZPE6HLLDdtIzuxGssQuL7zp6UIXzi1wXayFGDS5zYkZGr
2rAYsKCq8jVjo/ke3qVoSuNo+8BcBvG60vyq9EjaPdzeIbR90hXlgIXKigGlk3fF
yMv8LkoH7o8+TuSeVSXgyJisxZ3wD7/4w3xJtaYYBU7gAZXeexWp02DG9LVKhyuC
AUB2izO/QW6okapwYKFlARhfUC7LoOpHjVbmY33BrRUyXnv5JJfdyHDTQ7WZkrXO
ctmh9/o=
-----END CERTIFICATE-----
Generated at Tue May 28 14:29:33 2024 by rpki-client on console-fra.rpki-client.org