Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/BLwpiB3hxxcOyiDTZaDpJ9Iz9n0.roa
File: BLwpiB3hxxcOyiDTZaDpJ9Iz9n0.roa (raw, json)
Hash identifier: m9RNZ6oNZoLb+AaZ6wcH0QvWSAJjhpvBDH+AqWtHYvo=
Subject key identifier: 04:BC:29:88:1D:E1:C7:17:0E:CA:20:D3:65:A0:E9:27:D2:33:F6:7D
Certificate issuer: /CN=5753c06290a371994d7577318685f5bc4a538d47
Certificate serial: 018CC6B90FD36E9FC990D4885906C8BCD145
Authority key identifier: 57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/BLwpiB3hxxcOyiDTZaDpJ9Iz9n0.roa
Signing time: Mon 01 Jan 2024 20:31:06 +0000
ROA not before: Mon 01 Jan 2024 20:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64411
IP address blocks: 158.172.0.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:0f:d3:6e:9f:c9:90:d4:88:59:06:c8:bc:d1:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5753c06290a371994d7577318685f5bc4a538d47
Validity
Not Before: Jan 1 20:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04bc29881de1c7170eca20d365a0e927d233f67d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:2e:7a:30:11:0d:f1:40:3b:03:4f:4d:6e:5a:
03:9e:e9:8f:8c:e1:6c:9c:9b:56:20:18:d6:8c:c6:
72:fe:95:c7:34:5a:da:9c:d1:b5:f7:62:28:b0:c2:
89:11:3a:3e:17:8d:90:44:22:cb:66:28:fc:5a:e1:
61:e2:9c:c1:1a:50:78:be:15:ca:b9:1b:fa:4e:8f:
ae:bc:35:14:8c:ab:87:2a:3f:0f:91:d8:b5:b9:62:
46:f8:a8:aa:1e:10:92:c1:93:e6:f4:5b:6a:19:ff:
08:d7:ff:12:d7:f8:53:e0:7f:d1:25:5c:85:d2:e2:
9a:5f:cf:ae:79:e8:f0:da:9f:c0:54:73:0e:6e:10:
e8:c1:95:11:05:c2:b1:10:0d:c7:8a:87:51:51:1d:
96:50:1e:3f:97:2f:9b:be:86:01:00:cf:1e:d8:d0:
b0:d2:74:8c:c9:1c:70:68:a4:1c:20:b9:99:dc:aa:
1c:fe:93:79:db:b2:a5:23:a7:c4:e2:2f:54:1a:be:
68:e2:2a:01:b6:84:17:95:ac:6a:08:c8:79:c2:a5:
d5:c1:88:44:5f:24:00:67:26:7d:c6:64:4a:cb:47:
62:16:1c:7c:8c:a0:47:e6:88:31:6a:32:0f:01:3c:
62:70:2c:c7:20:dc:23:d5:b6:e5:61:4d:23:71:e2:
4f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:BC:29:88:1D:E1:C7:17:0E:CA:20:D3:65:A0:E9:27:D2:33:F6:7D
X509v3 Authority Key Identifier:
keyid:57:53:C0:62:90:A3:71:99:4D:75:77:31:86:85:F5:BC:4A:53:8D:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V1PAYpCjcZlNdXcxhoX1vEpTjUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/BLwpiB3hxxcOyiDTZaDpJ9Iz9n0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/b41ab6-b9f3-4b4a-9b7b-1ed10954bd96/1/V1PAYpCjcZlNdXcxhoX1vEpTjUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.172.0.0/21
Signature Algorithm: sha256WithRSAEncryption
89:75:7d:f1:65:ac:f7:55:46:07:d8:e9:69:ed:5f:43:ae:0a:
5c:d1:ba:6b:a7:e8:d5:62:e5:eb:9b:d5:49:54:35:4b:bf:d9:
29:69:41:d3:5e:6f:88:0b:d0:37:a1:16:d0:17:73:8f:18:83:
d9:a2:8e:1e:64:7d:c9:81:0f:05:97:e5:61:a5:02:d2:27:b4:
7e:b3:00:d0:3a:59:58:3b:3f:9e:7d:b6:cd:7f:bf:e2:68:d1:
a7:28:fe:07:86:ca:25:bc:5a:3a:ee:46:df:c5:21:64:86:b4:
a7:26:7a:b0:75:a6:62:4b:b4:d4:88:03:23:6c:07:ad:15:c6:
30:c2:65:e4:e5:85:d0:aa:ca:db:fc:4c:f9:ca:fb:6a:58:bc:
e1:61:4c:38:91:8d:fa:f4:33:8a:37:56:7b:39:6e:30:f0:fb:
a5:86:cd:15:25:b6:06:65:90:94:aa:fb:3a:e5:23:e5:a0:b9:
f7:0d:83:fe:17:0b:ee:58:8f:76:57:2b:70:62:43:06:12:aa:
eb:32:47:c6:26:e0:5f:e6:54:45:9f:9e:87:eb:0c:35:4f:28:
72:4d:20:50:cf:9f:06:83:f4:b9:a7:68:5a:76:ba:08:8f:5c:
56:f3:1e:f9:9b:4b:95:d7:2a:18:89:27:8c:38:20:06:a9:77:
2b:53:fc:a4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuQ/Tbp/JkNSIWQbIvNFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NTNjMDYyOTBhMzcxOTk0ZDc1NzczMTg2ODVmNWJjNGE1
MzhkNDcwHhcNMjQwMTAxMjAzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGJjMjk4ODFkZTFjNzE3MGVjYTIwZDM2NWEwZTkyN2QyMzNmNjdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAly56MBEN8UA7A09NbloDnumPjOFs
nJtWIBjWjMZy/pXHNFranNG192IosMKJETo+F42QRCLLZij8WuFh4pzBGlB4vhXK
uRv6To+uvDUUjKuHKj8Pkdi1uWJG+KiqHhCSwZPm9FtqGf8I1/8S1/hT4H/RJVyF
0uKaX8+ueejw2p/AVHMObhDowZURBcKxEA3HiodRUR2WUB4/ly+bvoYBAM8e2NCw
0nSMyRxwaKQcILmZ3Koc/pN527KlI6fE4i9UGr5o4ioBtoQXlaxqCMh5wqXVwYhE
XyQAZyZ9xmRKy0diFhx8jKBH5ogxajIPATxicCzHINwj1bblYU0jceJPGwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAS8KYgd4ccXDsog02Wg6SfSM/Z9MB8GA1UdIwQY
MBaAFFdTwGKQo3GZTXV3MYaF9bxKU41HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2It
MWVkMTA5NTRiZDk2LzEvQkx3cGlCM2h4eGNPeWlEVFphRHBKOUl6OW4wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9iNDFhYjYtYjlmMy00YjRhLTliN2ItMWVkMTA5NTRiZDk2
LzEvVjFQQVlwQ2pjWmxOZFhjeGhvWDF2RXBUalVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDnqwAMA0G
CSqGSIb3DQEBCwUAA4IBAQCJdX3xZaz3VUYH2Olp7V9Drgpc0bprp+jVYuXrm9VJ
VDVLv9kpaUHTXm+IC9A3oRbQF3OPGIPZoo4eZH3JgQ8Fl+VhpQLSJ7R+swDQOllY
Oz+efbbNf7/iaNGnKP4HhsolvFo67kbfxSFkhrSnJnqwdaZiS7TUiAMjbAetFcYw
wmXk5YXQqsrb/Ez5yvtqWLzhYUw4kY369DOKN1Z7OW4w8Pulhs0VJbYGZZCUqvs6
5SPloLn3DYP+FwvuWI92VytwYkMGEqrrMkfGJuBf5lRFn56H6ww1TyhyTSBQz58G
g/S5p2hadroIj1xW8x75m0uV1yoYiSeMOCAGqXcrU/yk
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:11:45 2024 by rpki-client on console-fra.rpki-client.org