Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/Bjp9AN-101v7GM51BOcJGxjGIh8.roa
File: Bjp9AN-101v7GM51BOcJGxjGIh8.roa (raw, json)
Hash identifier: hFvxzsz4oYq14KKlsJs0TSRf8V5EWc22gkn/9dzhp0E=
Subject key identifier: 06:3A:7D:00:DF:B5:D3:5B:FB:18:CE:75:04:E7:09:1B:18:C6:22:1F
Certificate issuer: /CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Certificate serial: 018CC94ADD8551101D72997F2BF6321DB06A
Authority key identifier: 6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/Bjp9AN-101v7GM51BOcJGxjGIh8.roa
Signing time: Tue 02 Jan 2024 08:29:35 +0000
ROA not before: Tue 02 Jan 2024 08:29:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48037
IP address blocks: 144.43.192.0/19 maxlen: 24
144.43.0.0/17 maxlen: 24
144.43.224.0/20 maxlen: 24
144.43.0.0/16 maxlen: 24
144.43.128.0/18 maxlen: 24
144.43.248.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4a:dd:85:51:10:1d:72:99:7f:2b:f6:32:1d:b0:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d069e19e12c104004e8b4b75f8a7789b7e11396
Validity
Not Before: Jan 2 08:29:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=063a7d00dfb5d35bfb18ce7504e7091b18c6221f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:9b:fa:76:6c:df:ec:61:e7:c8:ae:7b:9f:de:
90:02:9b:bb:af:96:30:8d:f6:8d:16:7e:56:a7:6b:
a8:73:09:a2:6a:11:b0:54:f2:fa:0e:0b:59:14:94:
84:ae:e1:b1:c8:c5:8e:b9:66:e8:01:22:1f:22:49:
b6:06:1a:cb:f1:e1:cf:8e:70:2e:21:76:01:c5:9d:
9e:89:e4:a5:a7:a0:ba:33:a2:e8:50:9b:5c:dc:91:
38:c2:f9:1b:34:7a:6f:5c:53:05:d6:36:1f:7b:fe:
98:54:c2:b1:1b:8e:97:94:55:98:03:9a:77:ec:79:
42:1f:ad:c6:f7:0c:5c:34:d7:0f:9f:f5:5a:82:d3:
51:a0:e7:9d:d3:cb:69:f0:a6:63:9e:a6:c2:e7:95:
57:68:78:32:fd:35:57:61:37:7d:d3:97:03:c5:97:
1c:10:0e:47:59:3f:9c:f1:2e:32:a0:6a:ec:47:e7:
a5:cb:91:77:f2:54:3b:08:e3:f7:2c:16:7f:60:ba:
35:43:cd:36:79:ef:df:78:dd:88:18:a3:39:84:b2:
da:8e:d8:4e:91:59:40:41:7b:d4:81:40:35:75:f1:
48:78:21:6b:68:8f:14:d1:c2:77:82:55:5f:d4:c2:
96:ef:45:90:e6:8d:87:4e:74:62:67:47:ce:ef:a8:
a4:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:3A:7D:00:DF:B5:D3:5B:FB:18:CE:75:04:E7:09:1B:18:C6:22:1F
X509v3 Authority Key Identifier:
keyid:6D:06:9E:19:E1:2C:10:40:04:E8:B4:B7:5F:8A:77:89:B7:E1:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/Bjp9AN-101v7GM51BOcJGxjGIh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/cf64f6-0789-43e3-bd6b-7bff296c6b02/1/bQaeGeEsEEAE6LS3X4p3ibfhE5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.43.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b6:06:6f:d8:dd:5b:a9:ec:ae:58:ce:12:eb:22:ef:ce:5b:c0:
c8:ee:a6:c3:f0:87:59:c8:5e:44:4d:e9:54:a7:21:bb:40:06:
ac:6f:c8:fe:37:e1:bb:8f:23:29:55:77:0b:9a:77:06:c2:27:
04:a4:e0:19:9a:c3:8b:55:7b:8e:07:14:80:f1:84:16:8a:09:
8f:4b:f3:8b:0d:d9:ed:57:49:9b:74:5e:ca:f9:a6:0c:30:ac:
b9:1a:2f:83:fb:3c:f5:42:ee:e3:39:18:10:aa:98:e5:b7:ed:
4c:52:6e:59:62:33:c3:6b:f4:17:a1:1f:f9:b2:f5:f4:09:ee:
26:d6:9d:7e:0e:74:b3:01:b7:a8:68:7a:df:00:6a:fd:8d:71:
e4:46:df:10:41:e4:c0:29:66:62:b7:59:a6:fe:3d:5b:1e:07:
d1:3b:a5:9b:dd:d6:75:21:d0:77:b2:94:2b:16:99:e2:86:69:
09:5a:74:77:00:26:7d:80:9c:c7:8d:0e:f1:7e:57:04:97:f5:
76:62:e6:a0:6e:3a:b1:fa:0e:3d:66:b9:94:95:95:1b:35:af:
86:60:69:2e:ae:0c:f9:4d:62:92:ef:c1:a0:df:92:4f:08:37:
da:28:0f:24:ac:83:eb:e0:a4:25:c6:50:8a:a0:fd:15:94:d6:
df:e2:5b:c7
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzJSt2FURAdcpl/K/YyHbBqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkMDY5ZTE5ZTEyYzEwNDAwNGU4YjRiNzVmOGE3Nzg5Yjdl
MTEzOTYwHhcNMjQwMTAyMDgyOTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjNhN2QwMGRmYjVkMzViZmIxOGNlNzUwNGU3MDkxYjE4YzYyMjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiZv6dmzf7GHnyK57n96QApu7r5Yw
jfaNFn5Wp2uocwmiahGwVPL6DgtZFJSEruGxyMWOuWboASIfIkm2BhrL8eHPjnAu
IXYBxZ2eieSlp6C6M6LoUJtc3JE4wvkbNHpvXFMF1jYfe/6YVMKxG46XlFWYA5p3
7HlCH63G9wxcNNcPn/VagtNRoOed08tp8KZjnqbC55VXaHgy/TVXYTd905cDxZcc
EA5HWT+c8S4yoGrsR+ely5F38lQ7COP3LBZ/YLo1Q802ee/feN2IGKM5hLLajthO
kVlAQXvUgUA1dfFIeCFraI8U0cJ3glVf1MKW70WQ5o2HTnRiZ0fO76ikaQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFAY6fQDftdNb+xjOdQTnCRsYxiIfMB8GA1UdIwQY
MBaAFG0GnhnhLBBABOi0t1+Kd4m34ROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmIt
N2JmZjI5NmM2YjAyLzEvQmpwOUFOLTEwMXY3R001MUJPY0pHeGpHSWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jZjY0ZjYtMDc4OS00M2UzLWJkNmItN2JmZjI5NmM2YjAy
LzEvYlFhZUdlRXNFRUFFNkxTM1g0cDNpYmZoRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAkCswDQYJ
KoZIhvcNAQELBQADggEBALYGb9jdW6nsrljOEusi785bwMjupsPwh1nIXkRN6VSn
IbtABqxvyP434buPIylVdwuadwbCJwSk4Bmaw4tVe44HFIDxhBaKCY9L84sN2e1X
SZt0Xsr5pgwwrLkaL4P7PPVC7uM5GBCqmOW37UxSblliM8Nr9BehH/my9fQJ7ibW
nX4OdLMBt6hoet8Aav2NceRG3xBB5MApZmK3Wab+PVseB9E7pZvd1nUh0HeylCsW
meKGaQladHcAJn2AnMeNDvF+VwSX9XZi5qBuOrH6Dj1muZSVlRs1r4ZgaS6uDPlN
YpLvwaDfkk8IN9ooDySsg+vgpCXGUIqg/RWU1t/iW8c=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:35:28 2024 by rpki-client on console-ams.rpki-client.org