Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/BcXx__eN4BOxMuEupABLCKXfBSE.roa
File: BcXx__eN4BOxMuEupABLCKXfBSE.roa (raw, json)
Hash identifier: j75x+Hv2zaT9qHXlJ/qfTrvv1E93mv5UgxrMhGTbYGw=
Subject key identifier: 05:C5:F1:FF:F7:8D:E0:13:B1:32:E1:2E:A4:00:4B:08:A5:DF:05:21
Certificate issuer: /CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Certificate serial: 018CC348994F0BAA4BB63B885CE594AF2357
Authority key identifier: DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/BcXx__eN4BOxMuEupABLCKXfBSE.roa
Signing time: Mon 01 Jan 2024 04:29:24 +0000
ROA not before: Mon 01 Jan 2024 04:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48943
IP address blocks: 213.235.196.0/24 maxlen: 24
213.235.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 13:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:99:4f:0b:aa:4b:b6:3b:88:5c:e5:94:af:23:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=db9d197fbbee2a1dccb4f55722a8210d3105b042
Validity
Not Before: Jan 1 04:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05c5f1fff78de013b132e12ea4004b08a5df0521
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c3:51:86:3c:89:d8:cf:48:d9:9f:68:ff:87:
a3:de:52:68:b7:52:b5:b4:e5:c1:5b:28:37:74:5e:
1a:74:45:20:37:d3:07:b7:52:05:2e:5e:79:e1:43:
1a:41:39:47:e7:53:34:82:f4:3e:ed:2c:3b:d5:76:
58:a0:e6:44:b9:6d:18:26:8b:1a:c4:bc:7b:fc:65:
65:8a:7c:9b:b8:6a:12:93:c6:d2:c6:b8:6f:08:56:
a2:29:1a:3d:ee:3c:87:de:8f:50:c2:1a:6d:23:63:
45:f0:70:46:85:f8:a8:fc:bc:0b:8d:cf:2c:71:a6:
b8:5b:07:11:6d:cd:16:42:e0:ab:f1:f5:e7:c4:94:
cc:07:d2:f2:0b:0d:c2:01:78:a0:30:37:5b:8d:23:
0d:e5:d2:2e:35:0b:7f:94:e5:15:d7:08:e4:ac:4a:
b5:84:4e:e3:3e:7b:5e:48:95:12:6d:2d:fc:1a:0b:
3a:cb:c9:75:17:78:4b:86:75:2b:3a:95:c5:05:ce:
b3:71:0e:67:2a:43:a6:66:73:f7:ec:5c:3a:18:07:
f3:7f:b3:9f:42:0f:44:9a:37:db:c7:a2:ab:79:f9:
97:2e:27:21:51:94:14:36:85:5f:9d:eb:d7:a6:15:
ef:62:96:22:95:0f:0b:a3:08:40:d3:3a:03:2c:88:
a6:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C5:F1:FF:F7:8D:E0:13:B1:32:E1:2E:A4:00:4B:08:A5:DF:05:21
X509v3 Authority Key Identifier:
keyid:DB:9D:19:7F:BB:EE:2A:1D:CC:B4:F5:57:22:A8:21:0D:31:05:B0:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/250Zf7vuKh3MtPVXIqghDTEFsEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/BcXx__eN4BOxMuEupABLCKXfBSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/09d137-477b-4efe-a3d3-4b23956fbd86/1/250Zf7vuKh3MtPVXIqghDTEFsEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.235.196.0/24
213.235.234.0/24
Signature Algorithm: sha256WithRSAEncryption
76:13:c3:52:9b:f7:0d:eb:fb:c0:df:39:21:ad:21:e1:29:43:
1d:36:5f:7f:4b:32:8e:40:32:2b:d0:fd:89:92:25:de:3f:34:
8f:cc:e5:cb:cd:6c:c8:76:89:05:9d:7d:e2:cd:52:a5:a9:18:
64:91:80:b2:4a:4b:b0:f3:b4:9c:6e:96:e5:2a:c4:06:8d:cb:
cc:85:e3:80:b6:d7:1d:e4:56:a4:dd:22:53:ef:1c:6a:0c:7c:
bb:58:4c:4e:98:a1:f1:44:26:98:32:66:03:61:b5:a7:78:20:
68:19:ba:b9:37:bd:0e:79:cf:a6:16:db:3b:27:c5:51:80:f7:
dd:1b:66:86:90:07:d3:b0:59:0d:1d:e3:f5:cc:cf:7f:f6:18:
f1:f4:cd:4b:91:fb:8e:7c:7f:8f:8a:81:83:b3:8c:89:19:16:
76:8b:47:d6:4e:6e:5f:c4:1f:85:63:f0:6a:04:63:ee:71:ac:
3d:9d:52:23:45:9e:ea:38:54:0e:95:0f:03:c4:5d:01:eb:38:
e1:23:ae:9a:f3:29:c5:e7:0d:1b:a4:9f:47:8f:67:a5:b5:a9:
91:db:10:d4:21:ed:56:bc:bf:5f:ed:03:9a:82:65:7d:60:e8:
c2:0f:a4:57:26:35:79:25:c2:eb:70:20:3e:dd:2c:2a:24:37:
52:01:01:2c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSJlPC6pLtjuIXOWUryNXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRiOWQxOTdmYmJlZTJhMWRjY2I0ZjU1NzIyYTgyMTBkMzEw
NWIwNDIwHhcNMjQwMTAxMDQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWM1ZjFmZmY3OGRlMDEzYjEzMmUxMmVhNDAwNGIwOGE1ZGYwNTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8NRhjyJ2M9I2Z9o/4ej3lJot1K1
tOXBWyg3dF4adEUgN9MHt1IFLl554UMaQTlH51M0gvQ+7Sw71XZYoOZEuW0YJosa
xLx7/GVlinybuGoSk8bSxrhvCFaiKRo97jyH3o9QwhptI2NF8HBGhfio/LwLjc8s
caa4WwcRbc0WQuCr8fXnxJTMB9LyCw3CAXigMDdbjSMN5dIuNQt/lOUV1wjkrEq1
hE7jPnteSJUSbS38Ggs6y8l1F3hLhnUrOpXFBc6zcQ5nKkOmZnP37Fw6GAfzf7Of
Qg9Emjfbx6KrefmXLichUZQUNoVfnevXphXvYpYilQ8LowhA0zoDLIimYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAXF8f/3jeATsTLhLqQASwil3wUhMB8GA1UdIwQY
MBaAFNudGX+77iodzLT1VyKoIQ0xBbBCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMt
NGIyMzk1NmZiZDg2LzEvQmNYeF9fZU40Qk94TXVFdXBBQkxDS1hmQlNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8wOWQxMzctNDc3Yi00ZWZlLWEzZDMtNGIyMzk1NmZiZDg2
LzEvMjUwWmY3dnVLaDNNdFBWWElxZ2hEVEVGc0VJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQA1evEAwQA
1evqMA0GCSqGSIb3DQEBCwUAA4IBAQB2E8NSm/cN6/vA3zkhrSHhKUMdNl9/SzKO
QDIr0P2JkiXePzSPzOXLzWzIdokFnX3izVKlqRhkkYCySkuw87ScbpblKsQGjcvM
heOAttcd5Fak3SJT7xxqDHy7WExOmKHxRCaYMmYDYbWneCBoGbq5N70Oec+mFts7
J8VRgPfdG2aGkAfTsFkNHeP1zM9/9hjx9M1LkfuOfH+PioGDs4yJGRZ2i0fWTm5f
xB+FY/BqBGPucaw9nVIjRZ7qOFQOlQ8DxF0B6zjhI66a8ynF5w0bpJ9Hj2eltamR
2xDUIe1WvL9f7QOagmV9YOjCD6RXJjV5JcLrcCA+3SwqJDdSAQEs
-----END CERTIFICATE-----
Generated at Wed May 15 16:42:51 2024 by rpki-client on console-fra.rpki-client.org