Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/bGn5E8rrqpY5ta5t3VZl6OMr47c.roa
File: bGn5E8rrqpY5ta5t3VZl6OMr47c.roa (raw, json)
Hash identifier: 2hdJtnM7XRr9Z4WkoeSl5VKEHZugkD3BkPLuArviLv4=
Subject key identifier: 6C:69:F9:13:CA:EB:AA:96:39:B5:AE:6D:DD:56:65:E8:E3:2B:E3:B7
Certificate issuer: /CN=b53ba18d5ceb8e794c8139ce02a791b8501825ef
Certificate serial: 018CC9BBA666BE01D232D00902B750D531F7
Authority key identifier: B5:3B:A1:8D:5C:EB:8E:79:4C:81:39:CE:02:A7:91:B8:50:18:25:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tTuhjVzrjnlMgTnOAqeRuFAYJe8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/bGn5E8rrqpY5ta5t3VZl6OMr47c.roa
Signing time: Tue 02 Jan 2024 10:32:47 +0000
ROA not before: Tue 02 Jan 2024 10:32:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16365
IP address blocks: 212.149.0.0/18 maxlen: 18
212.149.0.0/19 maxlen: 19
195.42.236.0/24 maxlen: 24
195.42.236.0/22 maxlen: 22
195.42.239.0/24 maxlen: 24
212.149.30.0/24 maxlen: 24
212.149.29.0/24 maxlen: 24
212.149.32.0/19 maxlen: 19
2a00:d580:4900::/40 maxlen: 40
2a00:d580::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/tTuhjVzrjnlMgTnOAqeRuFAYJe8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/tTuhjVzrjnlMgTnOAqeRuFAYJe8.mft
rsync://rpki.ripe.net/repository/DEFAULT/tTuhjVzrjnlMgTnOAqeRuFAYJe8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:a6:66:be:01:d2:32:d0:09:02:b7:50:d5:31:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b53ba18d5ceb8e794c8139ce02a791b8501825ef
Validity
Not Before: Jan 2 10:32:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6c69f913caebaa9639b5ae6ddd5665e8e32be3b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:ff:43:e5:46:af:a8:0b:b0:99:02:ca:91:04:
09:ca:fc:45:6d:d8:ba:1e:83:33:d6:35:4f:1f:98:
ab:8b:c1:46:58:4c:fd:af:34:48:2e:ce:90:6a:16:
58:36:65:e7:94:28:65:c6:4f:17:de:8d:2a:ab:ab:
4b:a3:3c:7e:55:28:0d:6a:85:9e:85:0c:9c:ee:e1:
52:9c:06:9f:37:98:28:f8:6a:33:99:01:60:9a:e0:
2e:4c:6a:cb:f4:2b:af:18:3f:25:58:03:20:7f:09:
fc:c6:b0:09:18:de:9c:42:c9:79:24:18:38:b6:f2:
2e:7d:4b:e8:16:2a:2f:d6:98:13:be:8a:51:15:d8:
83:0e:b9:6e:6d:26:e9:9a:40:49:47:70:25:f8:cf:
85:07:18:39:09:ea:c7:59:c1:16:a2:91:76:78:f6:
de:1a:da:0e:6a:a9:77:fa:bc:1b:f7:1c:c6:ec:c5:
9f:86:3f:24:b5:79:b8:8a:df:cf:6e:dd:d9:46:9c:
b7:6c:04:6a:15:82:4c:41:eb:1a:77:9e:d6:31:b3:
f9:75:ba:8e:99:7b:38:74:b5:c2:b8:59:b5:7e:9a:
aa:14:30:c6:7b:a0:3c:2d:d1:6c:e9:50:a3:85:4c:
80:08:32:c8:f6:1e:95:63:e0:59:93:54:41:4c:da:
da:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:69:F9:13:CA:EB:AA:96:39:B5:AE:6D:DD:56:65:E8:E3:2B:E3:B7
X509v3 Authority Key Identifier:
keyid:B5:3B:A1:8D:5C:EB:8E:79:4C:81:39:CE:02:A7:91:B8:50:18:25:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tTuhjVzrjnlMgTnOAqeRuFAYJe8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/bGn5E8rrqpY5ta5t3VZl6OMr47c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e2510d-e573-45d3-9d20-754b60c5b568/1/tTuhjVzrjnlMgTnOAqeRuFAYJe8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.42.236.0/22
212.149.0.0/18
IPv6:
2a00:d580::/32
Signature Algorithm: sha256WithRSAEncryption
5e:4a:86:5f:cc:e7:35:e9:b3:ff:04:5a:01:bb:c1:ac:26:66:
5e:7c:dc:e3:4f:43:f7:63:2b:55:e7:ab:ac:ac:ad:de:01:6d:
e3:4c:65:14:1e:e7:0d:bf:00:e7:5e:54:d8:ed:dd:fd:34:52:
8a:cc:3e:b5:23:a5:54:e3:83:68:2f:50:32:b0:98:58:63:2c:
4e:33:76:15:2b:e1:89:c5:67:e1:02:7f:f5:d9:71:3b:91:52:
ef:93:1f:23:0d:9a:18:6a:18:00:9c:a0:b1:c0:d8:f2:00:25:
58:31:c4:51:5c:8d:de:32:5b:97:93:22:06:81:47:6f:ce:05:
49:06:3c:21:0e:4d:a8:9b:e2:1f:cc:3b:54:06:6f:14:8a:af:
e6:52:ec:b2:0e:6b:62:92:19:6d:f5:a7:60:b4:ce:af:fa:a9:
ef:8a:75:74:be:a1:9e:ce:81:9a:f3:0c:fc:59:23:3b:ad:05:
d0:de:94:9c:aa:c5:3d:fa:a0:8e:7d:cc:c8:22:fc:a2:dc:09:
57:76:6e:83:f8:1d:d6:a0:99:7b:41:93:d3:f1:d9:48:8f:97:
3a:d4:3f:eb:75:bd:18:87:9d:a6:67:ea:51:86:9f:b1:8a:0a:
ca:1f:f4:3b:54:c9:e9:d2:13:60:d8:c6:4c:6b:b9:96:91:ed:
33:b2:65:99
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzJu6ZmvgHSMtAJArdQ1TH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1M2JhMThkNWNlYjhlNzk0YzgxMzljZTAyYTc5MWI4NTAx
ODI1ZWYwHhcNMjQwMTAyMTAzMjQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzY5ZjkxM2NhZWJhYTk2MzliNWFlNmRkZDU2NjVlOGUzMmJlM2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/9D5UavqAuwmQLKkQQJyvxFbdi6
HoMz1jVPH5iri8FGWEz9rzRILs6QahZYNmXnlChlxk8X3o0qq6tLozx+VSgNaoWe
hQyc7uFSnAafN5go+GozmQFgmuAuTGrL9CuvGD8lWAMgfwn8xrAJGN6cQsl5JBg4
tvIufUvoFiov1pgTvopRFdiDDrlubSbpmkBJR3Al+M+FBxg5CerHWcEWopF2ePbe
GtoOaql3+rwb9xzG7MWfhj8ktXm4it/Pbt3ZRpy3bARqFYJMQesad57WMbP5dbqO
mXs4dLXCuFm1fpqqFDDGe6A8LdFs6VCjhUyACDLI9h6VY+BZk1RBTNrazQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGxp+RPK66qWObWubd1WZejjK+O3MB8GA1UdIwQY
MBaAFLU7oY1c6455TIE5zgKnkbhQGCXvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFR1aGpWenJqbmxNZ1RuT0FxZVJ1RkFZSmU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9lMjUxMGQtZTU3My00NWQzLTlkMjAt
NzU0YjYwYzViNTY4LzEvYkduNUU4cnJxcFk1dGE1dDNWWmw2T01yNDdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9lMjUxMGQtZTU3My00NWQzLTlkMjAtNzU0YjYwYzViNTY4
LzEvdFR1aGpWenJqbmxNZ1RuT0FxZVJ1RkFZSmU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwyrsAwQG
1JUAMA0EAgACMAcDBQAqANWAMA0GCSqGSIb3DQEBCwUAA4IBAQBeSoZfzOc16bP/
BFoBu8GsJmZefNzjT0P3YytV56usrK3eAW3jTGUUHucNvwDnXlTY7d39NFKKzD61
I6VU44NoL1AysJhYYyxOM3YVK+GJxWfhAn/12XE7kVLvkx8jDZoYahgAnKCxwNjy
ACVYMcRRXI3eMluXkyIGgUdvzgVJBjwhDk2om+IfzDtUBm8Uiq/mUuyyDmtikhlt
9adgtM6v+qnvinV0vqGezoGa8wz8WSM7rQXQ3pScqsU9+qCOfczIIvyi3AlXdm6D
+B3WoJl7QZPT8dlIj5c61D/rdb0Yh52mZ+pRhp+xigrKH/Q7VMnp0hNg2MZMa7mW
ke0zsmWZ
-----END CERTIFICATE-----
Generated at Sat Jun 8 01:21:12 2024 by rpki-client on console-ams.rpki-client.org