Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/bZgkGI-JSFqalMvIB78Kgxfde4E.roa
File: bZgkGI-JSFqalMvIB78Kgxfde4E.roa (raw, json)
Hash identifier: 3rESgu2XkA7mthRHsKUjR2fdyeRZcCaBFje/TOg6FDU=
Subject key identifier: 6D:98:24:18:8F:89:48:5A:9A:94:CB:C8:07:BF:0A:83:17:DD:7B:81
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018EC0DF3B6A22B68023BA5AF883B8E140AC
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/bZgkGI-JSFqalMvIB78Kgxfde4E.roa
Signing time: Tue 09 Apr 2024 03:20:38 +0000
ROA not before: Tue 09 Apr 2024 03:20:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44812
IP address blocks: 2a09:e5c0::/32 maxlen: 32
2a09:e5c1::/32 maxlen: 32
2a09:e5c2::/32 maxlen: 32
2a09:e5c3::/32 maxlen: 32
2a09:e5c4::/32 maxlen: 32
2a09:e5c5::/32 maxlen: 32
2a09:e5c6::/32 maxlen: 32
2a0e:b140::/29 maxlen: 29
2a10:4103::/32 maxlen: 32
2a10:4104::/32 maxlen: 32
2a11:4b40::/32 maxlen: 32
2a11:4b44::/32 maxlen: 32
2a11:4b45::/32 maxlen: 32
2a11:4b46::/32 maxlen: 32
2a11:4b47::/32 maxlen: 32
2a12:a343::/32 maxlen: 32
2a12:a344::/32 maxlen: 32
2a12:a346::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c0:df:3b:6a:22:b6:80:23:ba:5a:f8:83:b8:e1:40:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Apr 9 03:20:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6d9824188f89485a9a94cbc807bf0a8317dd7b81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:36:1c:e0:69:6d:76:6e:44:90:c4:b5:bc:83:
92:77:07:13:69:7f:6f:b3:b0:a3:79:4e:8b:8c:5e:
c5:d1:bd:7e:21:a1:fb:24:31:e8:b2:d4:31:db:11:
b5:f5:a2:3b:50:aa:bf:28:5a:77:4d:b7:9f:4c:9c:
c2:4f:65:ff:5f:5a:ed:99:96:72:c2:24:c8:e8:12:
10:ee:86:53:02:d2:fa:6a:d2:60:c9:1a:4e:ad:10:
66:0c:27:15:e5:1c:6a:d8:47:0a:5b:79:cf:48:13:
c2:24:d7:b2:b7:7c:fd:08:49:c2:e2:41:13:a5:df:
6d:dd:f4:24:ac:15:79:59:6e:91:9b:b3:e5:b8:b0:
69:1c:dc:fb:b2:42:88:be:ff:5a:24:fd:96:9c:87:
f3:4f:89:7c:50:f1:8a:b6:fa:ef:90:7a:3f:fe:8b:
ed:2a:c6:c9:93:98:53:e7:54:dc:c4:52:14:8b:1a:
af:fe:ca:4d:2a:d2:f9:8d:a0:55:95:bc:e9:a5:2b:
8e:fa:9b:0e:d0:cb:36:6c:39:4f:a7:ea:fe:18:ee:
a1:75:ea:04:4a:75:f2:2a:95:04:9b:58:29:d4:d4:
0e:e1:a8:e6:43:18:5f:ea:fd:95:3a:e4:07:1a:67:
11:c1:b5:77:e6:f4:4c:e3:22:44:44:46:81:24:f0:
55:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:98:24:18:8F:89:48:5A:9A:94:CB:C8:07:BF:0A:83:17:DD:7B:81
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/bZgkGI-JSFqalMvIB78Kgxfde4E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:e5c0::-2a09:e5c6:ffff:ffff:ffff:ffff:ffff:ffff
2a0e:b140::/29
2a10:4103::-2a10:4104:ffff:ffff:ffff:ffff:ffff:ffff
2a11:4b40::/32
2a11:4b44::/30
2a12:a343::-2a12:a344:ffff:ffff:ffff:ffff:ffff:ffff
2a12:a346::/32
Signature Algorithm: sha256WithRSAEncryption
31:92:53:fa:b5:b2:78:4f:73:28:7f:a0:81:a0:f7:d5:07:40:
ca:54:29:0f:41:2a:d7:c4:43:f6:1d:59:24:9b:37:24:e0:2d:
a1:a6:7b:38:27:7c:ac:be:0c:4b:7d:a7:49:9c:2e:2e:ca:6b:
68:33:4d:9d:31:39:73:51:3b:1e:65:7c:ad:58:21:37:2a:1f:
f2:3b:b0:c1:22:f7:e3:16:e0:4e:c8:1a:3e:cb:b1:10:ac:98:
50:b1:2e:3a:dd:15:79:8d:e1:ad:4c:78:71:b9:c9:5d:0c:b9:
87:c2:05:99:f2:5a:64:f2:c2:f8:83:a5:db:fe:22:c8:0a:12:
8b:c2:30:fb:90:d8:a6:8c:cb:8b:bf:fe:43:ce:ce:a8:af:e3:
f2:e0:69:e2:72:23:43:5f:eb:93:98:02:a2:ca:ba:97:c3:f7:
52:f7:83:22:6e:59:7f:ef:ab:55:da:84:8c:cf:cb:06:9a:10:
49:46:71:48:7e:68:70:0f:33:7c:e9:89:c3:8b:80:54:f5:e3:
3f:ab:fe:b7:20:13:eb:07:5a:f3:15:68:99:29:b8:ac:81:85:
50:67:b2:91:8c:f0:25:da:0b:91:fd:75:76:e9:ea:28:10:5c:
ca:59:5f:5c:99:e5:b7:d9:93:93:f9:db:94:c3:d1:68:3a:93:
84:d6:90:dd
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY7A3ztqIraAI7pa+IO44UCsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNDA5MDMyMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDk4MjQxODhmODk0ODVhOWE5NGNiYzgwN2JmMGE4MzE3ZGQ3YjgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTYc4Gltdm5EkMS1vIOSdwcTaX9v
s7CjeU6LjF7F0b1+IaH7JDHostQx2xG19aI7UKq/KFp3TbefTJzCT2X/X1rtmZZy
wiTI6BIQ7oZTAtL6atJgyRpOrRBmDCcV5Rxq2EcKW3nPSBPCJNeyt3z9CEnC4kET
pd9t3fQkrBV5WW6Rm7PluLBpHNz7skKIvv9aJP2WnIfzT4l8UPGKtvrvkHo//ovt
KsbJk5hT51TcxFIUixqv/spNKtL5jaBVlbzppSuO+psO0Ms2bDlPp+r+GO6hdeoE
SnXyKpUEm1gp1NQO4ajmQxhf6v2VOuQHGmcRwbV35vRM4yJEREaBJPBV+QIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFG2YJBiPiUhampTLyAe/CoMX3XuBMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvYlpna0dJLUpTRnFhbE12SUI3OEtneGZkZTRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAAjBMMA4DBQYqCeXA
AwUAKgnlxgMFAyoOsUAwDgMFACoQQQMDBQAqEEEEAwUAKhFLQAMFAioRS0QwDgMF
ACoSo0MDBQAqEqNEAwUAKhKjRjANBgkqhkiG9w0BAQsFAAOCAQEAMZJT+rWyeE9z
KH+ggaD31QdAylQpD0Eq18RD9h1ZJJs3JOAtoaZ7OCd8rL4MS32nSZwuLspraDNN
nTE5c1E7HmV8rVghNyof8juwwSL34xbgTsgaPsuxEKyYULEuOt0VeY3hrUx4cbnJ
XQy5h8IFmfJaZPLC+IOl2/4iyAoSi8Iw+5DYpozLi7/+Q87OqK/j8uBp4nIjQ1/r
k5gCosq6l8P3UveDIm5Zf++rVdqEjM/LBpoQSUZxSH5ocA8zfOmJw4uAVPXjP6v+
tyAT6wda8xVomSm4rIGFUGeykYzwJdoLkf11dunqKBBcyllfXJnlt9mTk/nblMPR
aDqThNaQ3Q==
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:31:53 2024 by rpki-client on console-fra.rpki-client.org