Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9b87d4-e0f9-423d-af9d-de9e27ebb25d/1/BKZFCsn_swwtzhjOMgftk04Yq-8.roa
File: BKZFCsn_swwtzhjOMgftk04Yq-8.roa (raw, json)
Hash identifier: OnkJZQzzpddkNUsfXFWPwoWWiBemmRpfTNdMNxBP6+U=
Subject key identifier: 04:A6:45:0A:C9:FF:B3:0C:2D:CE:18:CE:32:07:ED:93:4E:18:AB:EF
Certificate issuer: /CN=e119535fac3fa48779579bce8fc3b402def2cb44
Certificate serial: 018D2417BB8AB680C60755E895896DA0FAEF
Authority key identifier: E1:19:53:5F:AC:3F:A4:87:79:57:9B:CE:8F:C3:B4:02:DE:F2:CB:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4RlTX6w_pId5V5vOj8O0At7yy0Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9b87d4-e0f9-423d-af9d-de9e27ebb25d/1/BKZFCsn_swwtzhjOMgftk04Yq-8.roa
Signing time: Fri 19 Jan 2024 23:39:11 +0000
ROA not before: Fri 19 Jan 2024 23:39:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202558
IP address blocks: 185.46.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/9b87d4-e0f9-423d-af9d-de9e27ebb25d/1/4RlTX6w_pId5V5vOj8O0At7yy0Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/9b87d4-e0f9-423d-af9d-de9e27ebb25d/1/4RlTX6w_pId5V5vOj8O0At7yy0Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/4RlTX6w_pId5V5vOj8O0At7yy0Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:24:17:bb:8a:b6:80:c6:07:55:e8:95:89:6d:a0:fa:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e119535fac3fa48779579bce8fc3b402def2cb44
Validity
Not Before: Jan 19 23:39:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=04a6450ac9ffb30c2dce18ce3207ed934e18abef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:19:32:23:e2:6a:3c:6b:d1:7b:b9:c0:ef:16:
64:9a:c0:5e:9b:bd:65:72:8a:42:80:40:25:3f:24:
7c:33:3c:17:44:d6:db:b9:b1:6c:a4:08:8f:58:84:
3f:69:dd:94:39:2b:68:ea:b3:45:a7:7b:bf:47:a8:
1b:d7:a1:36:21:63:9d:e1:6d:cd:e4:44:f1:2a:ee:
46:6d:51:b3:98:37:ae:34:ec:d4:3a:33:6d:3a:0a:
96:4e:57:a9:30:33:b0:f7:9a:61:4c:97:35:9e:02:
f1:36:a2:e8:17:db:61:49:e0:1c:1f:ec:54:ac:84:
8a:85:0b:c1:73:57:1a:3f:2b:b1:3c:28:c6:2c:ae:
32:e3:fa:88:fd:0c:0f:15:8f:c2:ee:a0:88:cb:93:
45:21:ce:ba:8e:2e:07:f8:17:e4:e9:4d:e4:68:6d:
37:96:03:99:da:fe:44:54:ac:5b:a0:2e:60:12:be:
7c:59:06:79:62:6b:6c:dd:92:92:ad:54:29:5a:83:
50:ce:44:2f:e6:40:25:68:d6:74:33:78:30:6d:02:
d4:85:92:03:66:89:1d:13:64:da:6e:47:e1:3e:5f:
13:37:3e:79:00:a9:25:9c:8c:e2:0a:32:d4:4a:f7:
89:df:9f:93:a8:07:c7:0e:e7:22:c6:26:1d:b5:ff:
16:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:A6:45:0A:C9:FF:B3:0C:2D:CE:18:CE:32:07:ED:93:4E:18:AB:EF
X509v3 Authority Key Identifier:
keyid:E1:19:53:5F:AC:3F:A4:87:79:57:9B:CE:8F:C3:B4:02:DE:F2:CB:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4RlTX6w_pId5V5vOj8O0At7yy0Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9b87d4-e0f9-423d-af9d-de9e27ebb25d/1/BKZFCsn_swwtzhjOMgftk04Yq-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9b87d4-e0f9-423d-af9d-de9e27ebb25d/1/4RlTX6w_pId5V5vOj8O0At7yy0Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.141.0/24
Signature Algorithm: sha256WithRSAEncryption
43:36:e0:59:8c:8c:2b:6a:8c:b4:58:be:2e:44:d4:94:c0:35:
4a:b6:4f:10:dd:68:10:5e:dd:b4:87:02:be:d1:18:79:a2:3c:
76:52:31:27:53:63:9e:4a:5d:45:13:5b:bc:ee:cc:fd:01:4c:
75:98:59:91:f1:9b:39:49:9d:42:03:a1:3f:6d:3c:58:9a:86:
49:b3:a7:fa:53:82:27:69:fa:9c:07:fe:4c:77:54:34:ae:bc:
b1:ed:f4:89:5e:89:52:3b:7f:76:7b:d0:86:0d:b2:85:e1:02:
b8:5d:0a:f4:34:0b:83:73:d0:bf:f1:50:8d:31:2f:82:d0:e1:
c7:e2:83:7a:b1:8e:cb:56:4f:9a:5c:04:b6:60:1f:b9:35:32:
24:1d:a9:37:21:f3:24:eb:02:99:24:7e:b1:54:7c:94:e7:be:
4e:3f:17:51:d9:bd:89:42:b7:92:f6:8a:ed:df:00:06:8a:12:
53:05:ae:66:36:c5:71:2a:d2:20:72:ff:69:62:59:4e:18:e8:
0e:b2:ae:bd:4e:e6:49:f1:4e:86:aa:ad:1b:79:4c:6c:cc:90:
ca:0a:d9:67:73:f3:0e:35:89:e0:54:70:47:5b:d7:3b:22:8a:
ee:7e:32:cb:1c:5d:f9:49:44:4d:4f:87:6f:f6:04:ca:bd:88:
f0:9a:7a:c5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0kF7uKtoDGB1XolYltoPrvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMTk1MzVmYWMzZmE0ODc3OTU3OWJjZThmYzNiNDAyZGVm
MmNiNDQwHhcNMjQwMTE5MjMzOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGE2NDUwYWM5ZmZiMzBjMmRjZTE4Y2UzMjA3ZWQ5MzRlMThhYmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRkyI+JqPGvRe7nA7xZkmsBem71l
copCgEAlPyR8MzwXRNbbubFspAiPWIQ/ad2UOSto6rNFp3u/R6gb16E2IWOd4W3N
5ETxKu5GbVGzmDeuNOzUOjNtOgqWTlepMDOw95phTJc1ngLxNqLoF9thSeAcH+xU
rISKhQvBc1caPyuxPCjGLK4y4/qI/QwPFY/C7qCIy5NFIc66ji4H+Bfk6U3kaG03
lgOZ2v5EVKxboC5gEr58WQZ5Ymts3ZKSrVQpWoNQzkQv5kAlaNZ0M3gwbQLUhZID
ZokdE2TabkfhPl8TNz55AKklnIziCjLUSveJ35+TqAfHDucixiYdtf8WtwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFASmRQrJ/7MMLc4YzjIH7ZNOGKvvMB8GA1UdIwQY
MBaAFOEZU1+sP6SHeVebzo/DtALe8stEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFJsVFg2d19wSWQ1VjV2T2o4TzBBdDd5eTBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85Yjg3ZDQtZTBmOS00MjNkLWFmOWQt
ZGU5ZTI3ZWJiMjVkLzEvQktaRkNzbl9zd3d0emhqT01nZnRrMDRZcS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85Yjg3ZDQtZTBmOS00MjNkLWFmOWQtZGU5ZTI3ZWJiMjVk
LzEvNFJsVFg2d19wSWQ1VjV2T2o4TzBBdDd5eTBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuS6NMA0G
CSqGSIb3DQEBCwUAA4IBAQBDNuBZjIwraoy0WL4uRNSUwDVKtk8Q3WgQXt20hwK+
0Rh5ojx2UjEnU2OeSl1FE1u87sz9AUx1mFmR8Zs5SZ1CA6E/bTxYmoZJs6f6U4In
afqcB/5Md1Q0rryx7fSJXolSO392e9CGDbKF4QK4XQr0NAuDc9C/8VCNMS+C0OHH
4oN6sY7LVk+aXAS2YB+5NTIkHak3IfMk6wKZJH6xVHyU575OPxdR2b2JQreS9ort
3wAGihJTBa5mNsVxKtIgcv9pYllOGOgOsq69TuZJ8U6Gqq0beUxszJDKCtlnc/MO
NYngVHBHW9c7IorufjLLHF35SURNT4dv9gTKvYjwmnrF
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:39:07 2024 by rpki-client on console-ams.rpki-client.org