Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/BpeNKYzwF3Fgnlnqurb02ZwTcFM.roa
File: BpeNKYzwF3Fgnlnqurb02ZwTcFM.roa (raw, json)
Hash identifier: bCdaiqSQvrbdFhRwyzIn0G2bXIvcsDuxEtfgMevksgM=
Subject key identifier: 06:97:8D:29:8C:F0:17:71:60:9E:59:EA:BA:B6:F4:D9:9C:13:70:53
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018CC56EF280C7C995166718151E79AD3DEA
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/BpeNKYzwF3Fgnlnqurb02ZwTcFM.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44313
IP address blocks: 185.43.58.0/24 maxlen: 24
109.160.100.0/22 maxlen: 22
109.160.113.0/24 maxlen: 24
109.160.122.0/23 maxlen: 23
109.160.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 23:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f2:80:c7:c9:95:16:67:18:15:1e:79:ad:3d:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=06978d298cf01771609e59eabab6f4d99c137053
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e4:cc:a6:21:01:c0:e3:a1:ab:10:91:c1:33:
5c:97:51:08:95:c9:ed:70:c7:90:58:91:1e:c9:c2:
6d:b5:a8:aa:ec:b9:f7:6e:0e:a4:ec:2e:c6:77:e0:
d5:4e:3e:c5:06:d4:cf:49:37:e6:15:4c:90:f5:39:
31:4f:25:94:7f:eb:10:aa:91:57:b3:b7:46:0f:db:
c2:15:95:5e:bc:2d:2e:92:e0:7f:9a:3e:a2:4d:13:
0a:b6:32:4f:7a:40:06:cc:6d:b7:fa:24:f2:73:c4:
28:01:8c:9f:93:c4:f6:45:7f:33:9b:3f:4f:3f:fb:
fa:a1:fb:ca:ab:ef:a7:04:d6:9e:ae:19:ff:a3:8a:
fa:0b:95:ed:3a:19:67:9f:f6:42:e1:1e:47:bd:79:
ba:50:dc:fc:6c:f2:30:42:57:7f:f4:f7:b8:33:54:
56:f3:ce:4e:df:4d:ba:10:3f:33:53:92:b7:83:b1:
a3:0f:cd:07:1c:76:65:37:db:cd:f7:0b:ad:88:b4:
16:fa:01:b7:53:8b:76:98:d9:6e:ad:5b:27:fc:04:
17:4d:8a:5b:56:8c:de:42:ad:0f:f0:9f:83:5f:15:
2e:de:a8:2b:9f:a5:5d:51:29:a4:93:d9:c2:f8:5e:
64:7a:41:70:be:a2:2c:cd:59:d3:e7:f0:08:5e:11:
c5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:97:8D:29:8C:F0:17:71:60:9E:59:EA:BA:B6:F4:D9:9C:13:70:53
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/BpeNKYzwF3Fgnlnqurb02ZwTcFM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.160.100.0/22
109.160.113.0/24
109.160.122.0-109.160.127.255
185.43.58.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:3a:d0:bc:02:2f:1d:1a:a1:bb:ad:6c:28:66:70:94:d0:b8:
61:1f:37:6e:00:e1:38:90:4c:5a:2a:58:8d:11:1a:5f:39:b0:
ad:96:98:e1:ae:80:fa:44:06:66:eb:01:f9:e8:5d:e8:4f:47:
f7:ba:5b:15:19:68:20:32:1e:62:fc:87:c7:29:6e:d6:39:a3:
ed:f4:7b:9c:2e:09:57:b2:7e:41:76:08:f4:e5:16:67:ff:fd:
a9:7c:7b:fd:f0:d8:9b:56:0f:d8:2e:b2:af:06:82:5a:a8:af:
85:a5:de:cb:10:fc:db:54:a5:9a:d3:d2:d7:80:66:11:76:ae:
85:fe:3a:57:b0:44:83:2f:74:57:af:30:87:7c:a0:3a:b4:40:
61:88:3b:ba:ff:08:ad:e1:1d:6a:81:8a:87:e5:03:a1:df:13:
f4:9a:74:4b:4b:e2:7d:bf:d1:82:c5:ec:cc:c8:ac:52:d0:99:
ce:41:dc:99:f7:7e:59:84:6e:fb:8f:10:db:fe:57:23:d9:98:
39:a2:99:74:62:8a:a8:5a:28:f6:c4:0a:77:14:3b:d8:4c:6e:
0a:dd:e4:3f:63:a2:cd:37:55:66:e9:e6:e0:5b:47:5b:7c:c4:
4d:80:51:83:7c:3c:8b:93:20:de:50:f4:d1:1a:7e:eb:3b:90:
b9:53:36:e6
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzFbvKAx8mVFmcYFR55rT3qMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjk3OGQyOThjZjAxNzcxNjA5ZTU5ZWFiYWI2ZjRkOTljMTM3MDUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+TMpiEBwOOhqxCRwTNcl1EIlcnt
cMeQWJEeycJttaiq7Ln3bg6k7C7Gd+DVTj7FBtTPSTfmFUyQ9TkxTyWUf+sQqpFX
s7dGD9vCFZVevC0ukuB/mj6iTRMKtjJPekAGzG23+iTyc8QoAYyfk8T2RX8zmz9P
P/v6ofvKq++nBNaerhn/o4r6C5XtOhlnn/ZC4R5HvXm6UNz8bPIwQld/9Pe4M1RW
885O3026ED8zU5K3g7GjD80HHHZlN9vN9wutiLQW+gG3U4t2mNlurVsn/AQXTYpb
VozeQq0P8J+DXxUu3qgrn6VdUSmkk9nC+F5kekFwvqIszVnT5/AIXhHF1wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAaXjSmM8BdxYJ5Z6rq29NmcE3BTMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvQnBlTktZendGM0ZnbmxucXVyYjAyWndUY0ZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQCbaBkAwQA
baBxMAwDBAFtoHoDBAdtoAADBAC5KzowDQYJKoZIhvcNAQELBQADggEBAA060LwC
Lx0aobutbChmcJTQuGEfN24A4TiQTFoqWI0RGl85sK2WmOGugPpEBmbrAfnoXehP
R/e6WxUZaCAyHmL8h8cpbtY5o+30e5wuCVeyfkF2CPTlFmf//al8e/3w2JtWD9gu
sq8Gglqor4Wl3ssQ/NtUpZrT0teAZhF2roX+OlewRIMvdFevMId8oDq0QGGIO7r/
CK3hHWqBioflA6HfE/SadEtL4n2/0YLF7MzIrFLQmc5B3Jn3flmEbvuPENv+VyPZ
mDmimXRiiqhaKPbECncUO9hMbgrd5D9jos03VWbp5uBbR1t8xE2AUYN8PIuTIN5Q
9NEafus7kLlTNuY=
-----END CERTIFICATE-----
Generated at Tue Apr 30 09:15:16 2024 by rpki-client on console-fra.rpki-client.org