Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/Bp6DKEVd7Uw4LNPRKLzI3kBkw6A.roa
File: Bp6DKEVd7Uw4LNPRKLzI3kBkw6A.roa (raw, json)
Hash identifier: iG4GSY+tZvnB2aCFp0kYD23SaNEpRAPKUUNJ/SCFNd8=
Subject key identifier: 06:9E:83:28:45:5D:ED:4C:38:2C:D3:D1:28:BC:C8:DE:40:64:C3:A0
Certificate issuer: /CN=5262505b488581c2ecd7582a34ece52632e3ef96
Certificate serial: 018CC6B78DA8AB43D62E3C046D8C788694CC
Authority key identifier: 52:62:50:5B:48:85:81:C2:EC:D7:58:2A:34:EC:E5:26:32:E3:EF:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UmJQW0iFgcLs11gqNOzlJjLj75Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/Bp6DKEVd7Uw4LNPRKLzI3kBkw6A.roa
Signing time: Mon 01 Jan 2024 20:29:27 +0000
ROA not before: Mon 01 Jan 2024 20:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200780
IP address blocks: 91.233.66.0/24 maxlen: 24
185.217.200.0/22 maxlen: 22
185.62.224.0/22 maxlen: 22
2a0b:cbc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/UmJQW0iFgcLs11gqNOzlJjLj75Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/UmJQW0iFgcLs11gqNOzlJjLj75Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/UmJQW0iFgcLs11gqNOzlJjLj75Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:8d:a8:ab:43:d6:2e:3c:04:6d:8c:78:86:94:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5262505b488581c2ecd7582a34ece52632e3ef96
Validity
Not Before: Jan 1 20:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=069e8328455ded4c382cd3d128bcc8de4064c3a0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:03:c7:e7:a8:4e:96:22:82:11:46:70:d0:bb:
68:2d:35:c1:df:d8:57:ac:1a:86:04:c3:5a:ac:cd:
9c:23:b6:94:dd:77:0f:2a:9b:de:7a:0c:4f:46:30:
5f:72:5a:b2:5d:43:36:fb:fb:d5:73:8c:c1:81:62:
1d:97:1f:89:ea:74:ac:64:66:2e:cd:f0:a5:ea:bd:
98:1a:d7:53:f2:8e:fd:8c:bc:a2:c0:5e:47:91:b7:
67:df:cd:5c:29:fd:b6:85:54:8c:45:80:d2:b8:3b:
4c:24:02:71:9e:2f:05:83:39:ad:9c:90:cb:f3:51:
55:9c:e5:35:68:1d:9a:12:8c:1b:25:65:83:cf:28:
43:43:18:26:d3:2b:d6:b2:dd:10:81:86:4c:f7:3e:
a6:b3:7a:c3:f6:7e:da:2a:3d:7a:ab:82:90:9d:19:
21:14:a5:b8:6a:76:f7:b5:b4:5c:20:ce:5b:fc:2c:
d7:3a:96:2c:ee:35:a8:86:26:20:d3:57:15:22:16:
cb:b7:9b:56:f7:8a:35:64:9c:c3:9d:e4:91:da:3e:
a5:a8:a2:22:b4:d8:3b:0b:32:10:09:9b:c8:ca:13:
a9:0e:eb:7f:f8:3f:56:86:9e:6b:9b:16:08:84:69:
6f:bf:df:9d:14:eb:05:03:f7:21:68:86:58:18:c1:
fa:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:9E:83:28:45:5D:ED:4C:38:2C:D3:D1:28:BC:C8:DE:40:64:C3:A0
X509v3 Authority Key Identifier:
keyid:52:62:50:5B:48:85:81:C2:EC:D7:58:2A:34:EC:E5:26:32:E3:EF:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UmJQW0iFgcLs11gqNOzlJjLj75Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/Bp6DKEVd7Uw4LNPRKLzI3kBkw6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/dfbaa2-4a27-4f3c-b9fc-fb01436a695f/1/UmJQW0iFgcLs11gqNOzlJjLj75Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.66.0/24
185.62.224.0/22
185.217.200.0/22
IPv6:
2a0b:cbc0::/29
Signature Algorithm: sha256WithRSAEncryption
34:35:3a:ae:b6:95:06:1f:92:d8:9f:7d:7c:1c:16:ee:cb:4f:
0c:34:27:44:7d:f6:c5:c6:8d:bc:e2:10:1a:f6:16:19:cf:99:
d9:9e:3c:99:0a:92:a8:2c:05:8d:fd:2a:0d:b0:08:5a:c5:c3:
96:15:dd:ae:bd:86:48:7f:4b:5c:31:ce:2d:70:77:c9:33:71:
91:0e:46:c6:2e:e3:26:e0:03:18:34:80:c7:82:a7:63:4b:fa:
d2:52:8f:65:e6:c0:1e:e5:f9:8c:a2:a4:c1:5e:62:4c:27:aa:
32:de:e7:67:66:b6:a2:1b:fd:7a:57:f5:42:6a:0f:ea:16:cb:
ca:0f:81:b8:de:79:d9:5b:b9:25:b1:a6:32:3a:51:ab:8f:b4:
da:03:98:24:51:21:d8:c9:40:db:62:98:2b:05:d0:ab:4c:b2:
2b:6b:b1:68:59:df:bb:00:da:ee:c2:38:a5:ca:86:0e:2b:04:
ff:6f:1a:2a:97:46:06:4f:dd:85:ac:a6:47:0f:62:79:c2:43:
80:f1:3a:67:5a:45:32:19:85:0f:30:0f:f1:cb:92:b2:4c:f0:
83:a0:18:be:b9:d0:70:a6:14:88:ad:d5:b2:9c:fa:23:ef:16:
4a:68:8f:95:7a:10:e6:68:0f:d8:3a:80:d3:25:ec:f9:db:99:
a3:46:50:00
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGt42oq0PWLjwEbYx4hpTMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNjI1MDViNDg4NTgxYzJlY2Q3NTgyYTM0ZWNlNTI2MzJl
M2VmOTYwHhcNMjQwMTAxMjAyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjllODMyODQ1NWRlZDRjMzgyY2QzZDEyOGJjYzhkZTQwNjRjM2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwPH56hOliKCEUZw0LtoLTXB39hX
rBqGBMNarM2cI7aU3XcPKpveegxPRjBfclqyXUM2+/vVc4zBgWIdlx+J6nSsZGYu
zfCl6r2YGtdT8o79jLyiwF5Hkbdn381cKf22hVSMRYDSuDtMJAJxni8FgzmtnJDL
81FVnOU1aB2aEowbJWWDzyhDQxgm0yvWst0QgYZM9z6ms3rD9n7aKj16q4KQnRkh
FKW4anb3tbRcIM5b/CzXOpYs7jWohiYg01cVIhbLt5tW94o1ZJzDneSR2j6lqKIi
tNg7CzIQCZvIyhOpDut/+D9Whp5rmxYIhGlvv9+dFOsFA/chaIZYGMH6jwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFAaegyhFXe1MOCzT0Si8yN5AZMOgMB8GA1UdIwQY
MBaAFFJiUFtIhYHC7NdYKjTs5SYy4++WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVW1KUVcwaUZnY0xzMTFncU5PemxKakxqNzVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9kZmJhYTItNGEyNy00ZjNjLWI5ZmMt
ZmIwMTQzNmE2OTVmLzEvQnA2REtFVmQ3VXc0TE5QUktMekkza0JrdzZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9kZmJhYTItNGEyNy00ZjNjLWI5ZmMtZmIwMTQzNmE2OTVm
LzEvVW1KUVcwaUZnY0xzMTFncU5PemxKakxqNzVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+lCAwQC
uT7gAwQCudnIMA0EAgACMAcDBQMqC8vAMA0GCSqGSIb3DQEBCwUAA4IBAQA0NTqu
tpUGH5LYn318HBbuy08MNCdEffbFxo284hAa9hYZz5nZnjyZCpKoLAWN/SoNsAha
xcOWFd2uvYZIf0tcMc4tcHfJM3GRDkbGLuMm4AMYNIDHgqdjS/rSUo9l5sAe5fmM
oqTBXmJMJ6oy3udnZraiG/16V/VCag/qFsvKD4G43nnZW7klsaYyOlGrj7TaA5gk
USHYyUDbYpgrBdCrTLIra7FoWd+7ANruwjilyoYOKwT/bxoql0YGT92FrKZHD2J5
wkOA8TpnWkUyGYUPMA/xy5KyTPCDoBi+udBwphSIrdWynPoj7xZKaI+VehDmaA/Y
OoDTJez525mjRlAA
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:04:23 2024 by rpki-client on console-ams.rpki-client.org