Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/bKFX5tHMW-PMBwxvrUYlFcso8E4.roa
File: bKFX5tHMW-PMBwxvrUYlFcso8E4.roa (raw, json)
Hash identifier: +tO9FtrwhuHBnuLx4Pm6ZYBx6XrnXwpe0h1dJPNoIOE=
Subject key identifier: 6C:A1:57:E6:D1:CC:5B:E3:CC:07:0C:6F:AD:46:25:15:CB:28:F0:4E
Certificate issuer: /CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Certificate serial: 0191F4D77E6C4D165A0CC1FC419567E3FC59
Authority key identifier: C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/bKFX5tHMW-PMBwxvrUYlFcso8E4.roa
Signing time: Sun 15 Sep 2024 08:40:48 +0000
ROA not before: Sun 15 Sep 2024 08:40:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48147
IP address blocks: 89.42.136.0/22 maxlen: 24
89.42.136.0/23 maxlen: 24
89.42.136.0/24 maxlen: 24
89.42.137.0/24 maxlen: 24
89.42.138.0/23 maxlen: 24
89.42.138.0/24 maxlen: 24
89.42.139.0/24 maxlen: 24
89.42.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f4:d7:7e:6c:4d:16:5a:0c:c1:fc:41:95:67:e3:fc:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Validity
Not Before: Sep 15 08:40:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6ca157e6d1cc5be3cc070c6fad462515cb28f04e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:1f:f0:dd:1f:92:a5:f9:2e:be:50:c7:90:23:
c4:da:9f:18:55:40:43:a7:18:35:ea:12:2a:e7:eb:
98:86:9c:73:7b:d0:57:1e:71:42:d3:2b:a4:51:6a:
47:22:28:69:43:70:35:95:16:76:54:b1:ac:80:35:
53:0e:60:f1:11:ee:cb:80:ea:2c:95:9f:5a:42:f4:
e9:33:b7:ca:ec:ee:b0:a5:5b:38:45:f6:9c:24:a3:
06:ec:7d:63:90:0e:73:e2:31:22:ed:c7:6c:26:d9:
03:82:30:d1:45:0c:e2:21:b6:34:34:5f:99:82:92:
71:53:d3:db:c2:0d:f2:7c:48:08:29:90:96:e2:4b:
f4:0d:98:6e:61:cd:01:06:04:61:c8:fb:cb:39:44:
f9:fe:18:88:94:93:ac:43:90:e0:1a:84:bf:fd:f2:
b6:a6:2e:7a:80:87:d9:dd:98:a1:1e:ba:47:5d:13:
72:ca:cb:d8:be:60:69:37:25:c7:ec:14:cf:1a:2a:
9b:6b:7b:f4:c5:64:1e:fb:b4:fc:e0:aa:9d:06:14:
64:53:96:9e:f4:a4:3d:06:7c:eb:5d:f8:f1:4c:55:
c7:f5:34:51:50:00:91:65:58:fb:ea:94:97:14:98:
09:ad:11:5d:55:fb:25:0f:4f:26:35:78:0b:e7:bc:
38:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:A1:57:E6:D1:CC:5B:E3:CC:07:0C:6F:AD:46:25:15:CB:28:F0:4E
X509v3 Authority Key Identifier:
keyid:C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/bKFX5tHMW-PMBwxvrUYlFcso8E4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.136.0/22
89.42.196.0/24
Signature Algorithm: sha256WithRSAEncryption
53:4f:a6:f3:ff:e5:5f:d7:4d:59:c1:5c:33:46:6a:58:f6:cc:
33:8e:91:af:19:ee:54:c5:6e:36:c4:60:1e:b5:de:56:ab:b2:
5a:95:a0:bb:48:d3:bc:79:cc:69:1d:7a:04:0f:4f:c4:6a:c7:
b3:de:5f:ec:a1:40:58:da:df:0c:12:b6:d2:4f:5e:5e:0e:b6:
00:c7:be:68:c5:c0:60:5c:fc:7b:d4:2d:cf:f4:ac:20:9f:81:
cb:ee:ab:4a:53:d0:96:3d:0b:97:29:5d:f2:4d:bf:cd:80:ca:
06:c0:2c:5b:6a:62:94:de:a8:57:f0:10:5e:6b:1f:a5:0c:8e:
3e:df:9d:4b:55:39:9a:2f:53:c5:cd:0b:2b:5b:80:2e:79:79:
0f:e4:a8:cd:27:9e:83:46:5f:db:7e:27:af:11:96:ab:9f:5d:
86:11:35:3e:37:b4:a7:67:73:8c:05:3f:1a:77:42:12:4c:87:
50:a0:93:ca:32:69:b5:5b:fa:c7:ea:e8:ac:0e:04:64:eb:f5:
7c:3d:37:cc:1b:9d:c4:87:b1:9e:35:03:7b:23:a1:27:67:aa:
36:48:57:ed:10:c4:ae:45:d8:67:f7:9e:a9:f1:26:a2:26:6f:
cc:a5:e1:bc:15:39:06:3c:6b:de:ff:89:c4:07:17:9e:27:0e:
d7:6d:bd:dc
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZH0135sTRZaDMH8QZVn4/xZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZTFjOGM2NWM4NmU4ZDI2ZGRiZWI2ODY1OGEzOWE3YThl
Mjc4NjYwHhcNMjQwOTE1MDg0MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2ExNTdlNmQxY2M1YmUzY2MwNzBjNmZhZDQ2MjUxNWNiMjhmMDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqB/w3R+SpfkuvlDHkCPE2p8YVUBD
pxg16hIq5+uYhpxze9BXHnFC0yukUWpHIihpQ3A1lRZ2VLGsgDVTDmDxEe7LgOos
lZ9aQvTpM7fK7O6wpVs4RfacJKMG7H1jkA5z4jEi7cdsJtkDgjDRRQziIbY0NF+Z
gpJxU9Pbwg3yfEgIKZCW4kv0DZhuYc0BBgRhyPvLOUT5/hiIlJOsQ5DgGoS//fK2
pi56gIfZ3ZihHrpHXRNyysvYvmBpNyXH7BTPGiqba3v0xWQe+7T84KqdBhRkU5ae
9KQ9BnzrXfjxTFXH9TRRUACRZVj76pSXFJgJrRFdVfslD08mNXgL57w4BwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGyhV+bRzFvjzAcMb61GJRXLKPBOMB8GA1UdIwQY
MBaAFMbhyMZchujSbdvraGWKOaeo4nhmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEt
Y2U1ZTAxZTcxYzkxLzEvYktGWDV0SE1XLVBNQnd4dnJVWWxGY3NvOEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEtY2U1ZTAxZTcxYzkx
LzEveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSqIAwQA
WSrEMA0GCSqGSIb3DQEBCwUAA4IBAQBTT6bz/+Vf101ZwVwzRmpY9swzjpGvGe5U
xW42xGAetd5Wq7JalaC7SNO8ecxpHXoED0/Easez3l/soUBY2t8MErbST15eDrYA
x75oxcBgXPx71C3P9Kwgn4HL7qtKU9CWPQuXKV3yTb/NgMoGwCxbamKU3qhX8BBe
ax+lDI4+351LVTmaL1PFzQsrW4AueXkP5KjNJ56DRl/bfievEZarn12GETU+N7Sn
Z3OMBT8ad0ISTIdQoJPKMmm1W/rH6uisDgRk6/V8PTfMG53Eh7GeNQN7I6EnZ6o2
SFftEMSuRdhn956p8SaiJm/MpeG8FTkGPGve/4nEBxeeJw7Xbb3c
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:00:29 2024 by rpki-client on console-fra.rpki-client.org