Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/7efcdc-f86b-41fd-ad93-ad1378289a13/1/BdIvvSKtoO61Mm09j1q4N44n5dw.roa
File: BdIvvSKtoO61Mm09j1q4N44n5dw.roa (raw, json)
Hash identifier: oHHuSs7VPyUBvVsyfnOsrEQ6A0NkfQzz0U16iFCu/Mw=
Subject key identifier: 05:D2:2F:BD:22:AD:A0:EE:B5:32:6D:3D:8F:5A:B8:37:8E:27:E5:DC
Certificate issuer: /CN=090d50ab0f67887c5f5ed1e887e78dd2f35926fd
Certificate serial: 018CC801BA3DD43A0DD835B62E7875F378E5
Authority key identifier: 09:0D:50:AB:0F:67:88:7C:5F:5E:D1:E8:87:E7:8D:D2:F3:59:26:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CQ1Qqw9niHxfXtHoh-eN0vNZJv0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/7efcdc-f86b-41fd-ad93-ad1378289a13/1/BdIvvSKtoO61Mm09j1q4N44n5dw.roa
Signing time: Tue 02 Jan 2024 02:30:05 +0000
ROA not before: Tue 02 Jan 2024 02:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60479
IP address blocks: 185.17.80.0/24 maxlen: 24
185.17.80.0/22 maxlen: 24
185.17.83.0/24 maxlen: 24
185.17.82.0/24 maxlen: 24
185.17.82.0/23 maxlen: 24
185.17.81.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/7efcdc-f86b-41fd-ad93-ad1378289a13/1/CQ1Qqw9niHxfXtHoh-eN0vNZJv0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/7efcdc-f86b-41fd-ad93-ad1378289a13/1/CQ1Qqw9niHxfXtHoh-eN0vNZJv0.mft
rsync://rpki.ripe.net/repository/DEFAULT/CQ1Qqw9niHxfXtHoh-eN0vNZJv0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 07:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:ba:3d:d4:3a:0d:d8:35:b6:2e:78:75:f3:78:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=090d50ab0f67887c5f5ed1e887e78dd2f35926fd
Validity
Not Before: Jan 2 02:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=05d22fbd22ada0eeb5326d3d8f5ab8378e27e5dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:b2:2f:2c:ce:f8:c7:af:cc:e1:23:4a:f4:32:
1c:33:cf:fd:3a:7c:6f:aa:67:f6:90:52:1d:e3:39:
68:44:16:8a:0a:b5:13:2f:54:65:6d:57:6f:ed:00:
31:0d:f6:cd:d4:cf:2f:e2:d2:01:10:f5:b6:a6:de:
c6:6d:e7:04:e6:45:56:a6:0e:8e:d0:9e:45:f8:4e:
90:0a:1c:19:1d:e3:f3:b2:8f:19:0b:47:8d:48:c5:
66:5d:37:15:f0:a9:a3:0f:65:fa:19:b5:09:e2:b7:
d8:f6:97:16:b3:34:b5:c7:f4:09:56:b6:e5:4f:61:
9a:df:19:51:56:4c:8c:09:84:19:b8:ed:f9:b4:ea:
d9:dd:c8:4c:c7:47:72:6f:fd:eb:41:33:ec:c6:e0:
73:f6:1b:76:08:1a:df:9e:2a:0e:38:64:81:67:51:
3b:89:cb:b5:a5:08:6d:09:12:a0:5e:90:cc:ad:7e:
a5:d8:c3:de:98:8d:0a:29:a2:cc:af:2d:2f:0b:a2:
8f:e8:6d:8c:2f:17:a7:a5:3c:22:e7:70:26:66:82:
53:de:70:45:ab:ce:05:50:7c:dd:5e:9b:d2:fa:0d:
17:c3:06:83:d9:49:3f:20:ed:f5:17:f1:ff:4e:22:
c0:79:f5:94:64:20:92:46:25:f8:6c:3b:11:d7:12:
2a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D2:2F:BD:22:AD:A0:EE:B5:32:6D:3D:8F:5A:B8:37:8E:27:E5:DC
X509v3 Authority Key Identifier:
keyid:09:0D:50:AB:0F:67:88:7C:5F:5E:D1:E8:87:E7:8D:D2:F3:59:26:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CQ1Qqw9niHxfXtHoh-eN0vNZJv0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/7efcdc-f86b-41fd-ad93-ad1378289a13/1/BdIvvSKtoO61Mm09j1q4N44n5dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/7efcdc-f86b-41fd-ad93-ad1378289a13/1/CQ1Qqw9niHxfXtHoh-eN0vNZJv0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.17.80.0/22
Signature Algorithm: sha256WithRSAEncryption
93:95:09:eb:83:d0:0d:7b:78:db:8b:b6:60:eb:13:8d:8d:b7:
ef:54:e3:45:ce:03:7a:4b:e2:68:51:b8:a8:15:9f:6d:a2:d2:
c9:90:ed:5c:ae:f4:8e:36:19:c8:76:6b:95:e0:ea:f2:76:f4:
b8:d4:a5:ec:5d:07:c0:ca:5a:8f:a0:0c:c4:a6:04:0e:15:e9:
21:84:ee:ef:f6:a7:af:a6:f8:fa:9b:39:95:99:7a:10:5c:7c:
89:41:4b:9f:94:19:c9:f7:0e:41:6a:b8:19:b1:11:c3:b2:46:
b8:4d:20:e7:2c:0b:0c:90:e5:15:04:0d:12:42:4d:33:96:f0:
25:99:15:59:2b:bb:b1:2d:aa:55:ba:53:3f:4a:32:a4:f2:0f:
2c:59:9e:c5:d4:d7:1c:eb:8e:58:f9:b4:83:df:13:99:41:ee:
6c:5c:f2:8d:18:61:b5:32:e0:e8:ac:f6:67:9a:0f:b8:57:18:
94:34:8b:68:fd:fb:b1:4e:aa:ad:ea:09:60:33:80:5a:9e:08:
a7:15:de:0a:4e:d0:7e:b2:cf:96:86:22:88:7e:dc:35:59:f0:
e1:50:19:8a:22:f7:09:39:73:19:fd:2b:67:8b:fb:d7:de:d9:
c1:4c:2c:7b:b5:0c:88:95:0a:f6:6b:1c:9b:2c:51:2f:b2:ee:
1e:e1:1d:48
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAbo91DoN2DW2Lnh183jlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MGQ1MGFiMGY2Nzg4N2M1ZjVlZDFlODg3ZTc4ZGQyZjM1
OTI2ZmQwHhcNMjQwMTAyMDIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQyMmZiZDIyYWRhMGVlYjUzMjZkM2Q4ZjVhYjgzNzhlMjdlNWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt7IvLM74x6/M4SNK9DIcM8/9Onxv
qmf2kFId4zloRBaKCrUTL1RlbVdv7QAxDfbN1M8v4tIBEPW2pt7GbecE5kVWpg6O
0J5F+E6QChwZHePzso8ZC0eNSMVmXTcV8KmjD2X6GbUJ4rfY9pcWszS1x/QJVrbl
T2Ga3xlRVkyMCYQZuO35tOrZ3chMx0dyb/3rQTPsxuBz9ht2CBrfnioOOGSBZ1E7
icu1pQhtCRKgXpDMrX6l2MPemI0KKaLMry0vC6KP6G2MLxenpTwi53AmZoJT3nBF
q84FUHzdXpvS+g0XwwaD2Uk/IO31F/H/TiLAefWUZCCSRiX4bDsR1xIqIQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAXSL70iraDutTJtPY9auDeOJ+XcMB8GA1UdIwQY
MBaAFAkNUKsPZ4h8X17R6IfnjdLzWSb9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ExUXF3OW5pSHhmWHRIb2gtZU4wdk5aSnYwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi83ZWZjZGMtZjg2Yi00MWZkLWFkOTMt
YWQxMzc4Mjg5YTEzLzEvQmRJdnZTS3RvTzYxTW0wOWoxcTRONDRuNWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi83ZWZjZGMtZjg2Yi00MWZkLWFkOTMtYWQxMzc4Mjg5YTEz
LzEvQ1ExUXF3OW5pSHhmWHRIb2gtZU4wdk5aSnYwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuRFQMA0G
CSqGSIb3DQEBCwUAA4IBAQCTlQnrg9ANe3jbi7Zg6xONjbfvVONFzgN6S+JoUbio
FZ9totLJkO1crvSONhnIdmuV4OrydvS41KXsXQfAylqPoAzEpgQOFekhhO7v9qev
pvj6mzmVmXoQXHyJQUuflBnJ9w5BargZsRHDska4TSDnLAsMkOUVBA0SQk0zlvAl
mRVZK7uxLapVulM/SjKk8g8sWZ7F1Ncc645Y+bSD3xOZQe5sXPKNGGG1MuDorPZn
mg+4VxiUNIto/fuxTqqt6glgM4BanginFd4KTtB+ss+WhiKIftw1WfDhUBmKIvcJ
OXMZ/Stni/vX3tnBTCx7tQyIlQr2axybLFEvsu4e4R1I
-----END CERTIFICATE-----
Generated at Mon Jul 1 16:15:57 2024 by rpki-client on console-ams.rpki-client.org