Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/bn9LyiamIweLxnnnj8Le8xGslKE.roa
File: bn9LyiamIweLxnnnj8Le8xGslKE.roa (raw, json)
Hash identifier: rgwpkR/sXYvTFob+22wWrVAUPnOgwKHJcNZy8wHX7w4=
Subject key identifier: 6E:7F:4B:CA:26:A6:23:07:8B:C6:79:E7:8F:C2:DE:F3:11:AC:94:A1
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018CC56EF14FC7C228A454BF2EC5A0E98447
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/bn9LyiamIweLxnnnj8Le8xGslKE.roa
Signing time: Mon 01 Jan 2024 14:30:31 +0000
ROA not before: Mon 01 Jan 2024 14:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25369
IP address blocks: 87.246.28.0/22 maxlen: 22
87.246.8.0/22 maxlen: 22
87.246.12.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 23:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f1:4f:c7:c2:28:a4:54:bf:2e:c5:a0:e9:84:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 14:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e7f4bca26a623078bc679e78fc2def311ac94a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:9b:54:53:a5:69:02:1b:47:60:f8:dc:20:94:
8f:b6:65:7d:ad:0d:25:5a:9e:40:11:2d:86:56:b3:
2f:19:f7:fe:90:ca:7f:83:a7:99:a1:81:4d:40:a7:
d0:fe:6b:61:e3:b6:06:b6:08:1b:2d:7c:36:ae:2d:
1b:73:c0:8b:4d:5a:78:c2:de:18:8b:8b:23:44:d9:
09:9a:44:a3:4c:3b:c0:6f:ee:41:c3:04:9b:38:40:
f3:47:39:df:80:4a:e2:b2:f8:7f:ac:4a:a6:1e:5d:
79:d6:f5:41:80:a8:70:4b:78:0d:09:90:27:ac:a5:
de:e6:af:12:cc:5f:ef:e5:dd:9c:a9:48:79:75:6b:
5f:77:bc:b6:82:02:e8:53:67:62:d4:8f:1a:0f:71:
ba:4a:4b:41:03:28:00:c3:59:70:3b:1c:d0:e8:f7:
1e:5b:82:c4:b1:e2:c5:be:d9:aa:9d:00:5a:78:f6:
24:ff:3d:47:d3:82:f0:99:ae:52:88:c4:2b:7b:62:
2e:26:64:90:31:2d:f5:4e:3d:12:a1:57:f7:6b:f8:
9e:f1:06:06:ca:92:8d:9a:e6:98:00:16:8a:30:a1:
80:a7:6f:a5:a6:96:20:7d:1a:b1:13:7f:b6:b2:57:
23:e1:87:37:03:bb:77:7e:3f:b7:a0:32:50:74:11:
72:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:7F:4B:CA:26:A6:23:07:8B:C6:79:E7:8F:C2:DE:F3:11:AC:94:A1
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/bn9LyiamIweLxnnnj8Le8xGslKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.246.8.0/21
87.246.28.0/22
Signature Algorithm: sha256WithRSAEncryption
45:21:ef:6c:59:53:f0:5d:64:44:7b:6b:f4:e7:68:1a:5f:d6:
91:84:b4:9a:13:21:a5:c3:15:6c:d8:3b:f5:cb:74:28:0d:b7:
b0:58:42:b8:9e:99:9c:fa:33:2d:0d:57:b1:1c:b4:40:14:c3:
8c:e8:27:75:a2:e1:e9:58:f1:49:3a:82:7e:e1:5f:97:94:2a:
c8:bd:67:93:ca:f6:5f:49:ff:5c:48:a9:be:ce:6b:8e:19:ff:
f2:d3:e1:1c:fa:d6:01:1b:f5:f3:66:00:bc:82:24:44:58:36:
8d:33:89:9c:77:ee:d5:ef:fb:ad:ca:ff:e7:82:26:62:4f:1e:
bc:4c:f0:23:d4:32:3a:f9:dd:d1:67:9b:fb:74:c0:4e:06:aa:
0c:5e:f8:42:32:1c:f9:4a:19:04:ee:58:68:73:53:78:e6:4c:
f1:41:49:6a:25:bc:df:7b:84:96:d9:ce:1d:0d:63:69:7f:f2:
a3:b7:41:26:1e:33:18:d7:75:af:ab:41:0e:39:12:bb:df:3e:
8d:6b:0d:76:c3:10:45:7f:28:5e:ea:17:81:b7:c4:38:d5:46:
17:a2:85:3f:f5:db:41:25:c0:a9:b9:e1:27:5a:bc:37:d0:d2:
82:9a:97:87:91:47:e5:4d:d7:f7:57:5e:f7:76:cc:e9:7c:1a:
01:a3:e2:83
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbvFPx8IopFS/LsWg6YRHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwMTAxMTQzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTdmNGJjYTI2YTYyMzA3OGJjNjc5ZTc4ZmMyZGVmMzExYWM5NGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5tUU6VpAhtHYPjcIJSPtmV9rQ0l
Wp5AES2GVrMvGff+kMp/g6eZoYFNQKfQ/mth47YGtggbLXw2ri0bc8CLTVp4wt4Y
i4sjRNkJmkSjTDvAb+5BwwSbOEDzRznfgErisvh/rEqmHl151vVBgKhwS3gNCZAn
rKXe5q8SzF/v5d2cqUh5dWtfd7y2ggLoU2di1I8aD3G6SktBAygAw1lwOxzQ6Pce
W4LEseLFvtmqnQBaePYk/z1H04Lwma5SiMQre2IuJmSQMS31Tj0SoVf3a/ie8QYG
ypKNmuaYABaKMKGAp2+lppYgfRqxE3+2slcj4Yc3A7t3fj+3oDJQdBFy0QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG5/S8ompiMHi8Z554/C3vMRrJShMB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvYm45THlpYW1Jd2VMeG5ubmo4TGU4eEdzbEtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDV/YIAwQC
V/YcMA0GCSqGSIb3DQEBCwUAA4IBAQBFIe9sWVPwXWREe2v052gaX9aRhLSaEyGl
wxVs2Dv1y3QoDbewWEK4npmc+jMtDVexHLRAFMOM6Cd1ouHpWPFJOoJ+4V+XlCrI
vWeTyvZfSf9cSKm+zmuOGf/y0+Ec+tYBG/XzZgC8giREWDaNM4mcd+7V7/utyv/n
giZiTx68TPAj1DI6+d3RZ5v7dMBOBqoMXvhCMhz5ShkE7lhoc1N45kzxQUlqJbzf
e4SW2c4dDWNpf/Kjt0EmHjMY13Wvq0EOORK73z6Naw12wxBFfyhe6heBt8Q41UYX
ooU/9dtBJcCpueEnWrw30NKCmpeHkUflTdf3V173dszpfBoBo+KD
-----END CERTIFICATE-----
Generated at Tue Apr 30 09:15:16 2024 by rpki-client on console-fra.rpki-client.org