Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/bouhLrz3htaAbR4z2VdcALdtNX4.roa
File: bouhLrz3htaAbR4z2VdcALdtNX4.roa (raw, json)
Hash identifier: cZsi2HweVBH6QtoHJXl52HlOe07OzY76ZO0fC7PMG9w=
Subject key identifier: 6E:8B:A1:2E:BC:F7:86:D6:80:6D:1E:33:D9:57:5C:00:B7:6D:35:7E
Certificate issuer: /CN=722a8c1d311895016108ffbd14575c77cc28773a
Certificate serial: 018CC56EF6A63472A1D60C7FD6EAD8C568AB
Authority key identifier: 72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/bouhLrz3htaAbR4z2VdcALdtNX4.roa
Signing time: Mon 01 Jan 2024 14:30:32 +0000
ROA not before: Mon 01 Jan 2024 14:30:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205352
IP address blocks: 87.246.51.0/24 maxlen: 24
87.246.50.0/24 maxlen: 24
87.246.52.0/23 maxlen: 23
87.246.56.0/22 maxlen: 22
109.160.92.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.mft
rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 23:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:f6:a6:34:72:a1:d6:0c:7f:d6:ea:d8:c5:68:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=722a8c1d311895016108ffbd14575c77cc28773a
Validity
Not Before: Jan 1 14:30:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6e8ba12ebcf786d6806d1e33d9575c00b76d357e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:5e:68:3a:0a:89:fc:b6:3d:f1:d4:e0:82:64:
6b:9f:aa:df:b3:b4:5b:a1:b8:34:4b:c0:95:9d:85:
90:76:7e:a2:f3:56:78:70:7e:d3:3b:30:ed:18:4d:
92:62:13:d6:79:d7:d7:4d:17:fc:86:36:c6:56:ee:
a2:2a:db:6f:9d:e4:5d:29:15:1b:4a:03:25:d3:e9:
fc:ff:4e:f8:d7:df:eb:4b:89:12:c2:92:00:0d:ec:
64:e6:a4:4d:0d:fd:f4:c7:23:47:cd:3c:25:c8:d7:
68:fe:24:03:db:df:52:ba:68:0d:98:c2:3a:e9:14:
3d:19:44:2e:34:92:93:ee:7e:91:ae:d0:60:f0:a8:
6a:d7:b3:1c:e9:6d:f3:5c:6b:ca:a4:9e:df:a5:6e:
2c:d6:4a:10:ce:c0:e3:b6:d7:90:fd:48:66:8e:34:
6e:13:d2:e0:b1:74:e5:2c:fe:db:bf:14:41:39:53:
08:d0:69:27:53:85:bb:f8:66:6d:c3:fe:05:00:9c:
3a:fb:ae:d2:52:7b:b5:4f:f3:92:7f:64:46:22:73:
9a:7c:04:e7:96:52:a0:e3:d3:b8:2b:37:c1:b7:65:
4d:25:44:be:64:a5:5a:11:50:e6:61:5b:62:3f:00:
61:83:59:b3:64:02:1d:9e:61:9c:59:70:e7:48:70:
94:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:8B:A1:2E:BC:F7:86:D6:80:6D:1E:33:D9:57:5C:00:B7:6D:35:7E
X509v3 Authority Key Identifier:
keyid:72:2A:8C:1D:31:18:95:01:61:08:FF:BD:14:57:5C:77:CC:28:77:3A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ciqMHTEYlQFhCP-9FFdcd8wodzo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/bouhLrz3htaAbR4z2VdcALdtNX4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/b1f6ee-c4ef-4355-af36-a558ee65431f/1/ciqMHTEYlQFhCP-9FFdcd8wodzo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.246.50.0-87.246.53.255
87.246.56.0/22
109.160.92.0/22
Signature Algorithm: sha256WithRSAEncryption
5d:6c:a0:08:83:b8:df:df:9e:d4:be:ff:48:4f:2d:8d:0e:53:
d6:c6:56:db:16:b1:df:a1:71:fa:17:f0:20:95:8e:ed:af:22:
67:ab:ec:79:5e:e4:f7:67:f2:38:c5:cb:74:b4:4d:95:fe:e3:
c2:77:c3:6f:fd:ba:b6:a9:c1:6f:f0:2a:8b:6d:d6:7e:1e:57:
d9:dd:2b:57:45:be:05:07:b4:3e:3e:80:9b:68:c0:b3:44:6b:
ba:fb:90:ae:80:04:e5:6a:be:ce:fc:f9:2c:0f:ab:98:bc:b0:
64:ad:fe:33:ec:06:a0:17:61:38:b3:94:bf:74:ac:f9:34:f5:
45:7d:13:99:87:91:96:28:1b:ea:f4:e0:d6:cf:02:ef:87:e4:
05:a3:99:49:dc:b7:dd:4c:ec:76:0b:dc:6f:fa:bf:83:0f:0e:
d6:7a:62:fe:77:7f:f1:e3:da:9d:43:a0:73:b2:f0:79:c9:44:
72:84:bf:c2:40:32:56:a4:e6:69:ca:74:0b:68:6b:08:b1:08:
4b:e4:28:75:18:6e:8a:bb:fc:04:c0:52:5f:5d:cb:cf:a3:60:
75:de:dd:f6:99:f6:06:0c:7d:e8:8f:2d:fa:dd:d2:e5:10:90:
67:60:fe:ac:f1:3a:e2:e5:20:b3:27:a7:dd:45:21:e2:aa:04:
34:7a:de:1f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFbvamNHKh1gx/1urYxWirMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyMmE4YzFkMzExODk1MDE2MTA4ZmZiZDE0NTc1Yzc3Y2My
ODc3M2EwHhcNMjQwMTAxMTQzMDMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZThiYTEyZWJjZjc4NmQ2ODA2ZDFlMzNkOTU3NWMwMGI3NmQzNTdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmF5oOgqJ/LY98dTggmRrn6rfs7Rb
obg0S8CVnYWQdn6i81Z4cH7TOzDtGE2SYhPWedfXTRf8hjbGVu6iKttvneRdKRUb
SgMl0+n8/07419/rS4kSwpIADexk5qRNDf30xyNHzTwlyNdo/iQD299SumgNmMI6
6RQ9GUQuNJKT7n6RrtBg8Khq17Mc6W3zXGvKpJ7fpW4s1koQzsDjtteQ/UhmjjRu
E9LgsXTlLP7bvxRBOVMI0GknU4W7+GZtw/4FAJw6+67SUnu1T/OSf2RGInOafATn
llKg49O4KzfBt2VNJUS+ZKVaEVDmYVtiPwBhg1mzZAIdnmGcWXDnSHCU3wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG6LoS6894bWgG0eM9lXXAC3bTV+MB8GA1UdIwQY
MBaAFHIqjB0xGJUBYQj/vRRXXHfMKHc6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYt
YTU1OGVlNjU0MzFmLzEvYm91aExyejNodGFBYlI0ejJWZGNBTGR0Tlg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9iMWY2ZWUtYzRlZi00MzU1LWFmMzYtYTU1OGVlNjU0MzFm
LzEvY2lxTUhURVlsUUZoQ1AtOUZGZGNkOHdvZHpvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAFX9jID
BAFX9jQDBAJX9jgDBAJtoFwwDQYJKoZIhvcNAQELBQADggEBAF1soAiDuN/fntS+
/0hPLY0OU9bGVtsWsd+hcfoX8CCVju2vImer7Hle5Pdn8jjFy3S0TZX+48J3w2/9
urapwW/wKott1n4eV9ndK1dFvgUHtD4+gJtowLNEa7r7kK6ABOVqvs78+SwPq5i8
sGSt/jPsBqAXYTizlL90rPk09UV9E5mHkZYoG+r04NbPAu+H5AWjmUnct91M7HYL
3G/6v4MPDtZ6Yv53f/Hj2p1DoHOy8HnJRHKEv8JAMlak5mnKdAtoawixCEvkKHUY
boq7/ATAUl9dy8+jYHXe3faZ9gYMfeiPLfrd0uUQkGdg/qzxOuLlILMnp91FIeKq
BDR63h8=
-----END CERTIFICATE-----
Generated at Tue Apr 30 06:35:53 2024 by rpki-client on console-fra.rpki-client.org