Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/8qm9bEbxwfNKbG7VK6lFr1L7h68.roa
File: 8qm9bEbxwfNKbG7VK6lFr1L7h68.roa (raw, json)
Hash identifier: 75uVkQx0ihlVy8p/hI6UBtxjUc4hu50c+jP7jjKtmh4=
Subject key identifier: F2:A9:BD:6C:46:F1:C1:F3:4A:6C:6E:D5:2B:A9:45:AF:52:FB:87:AF
Certificate issuer: /CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Certificate serial: 019425FDB7DA1A4B5A890FDFAD6206242A16
Authority key identifier: BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/8qm9bEbxwfNKbG7VK6lFr1L7h68.roa
Signing time: Thu 02 Jan 2025 07:49:32 +0000
ROA not before: Thu 02 Jan 2025 07:49:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41451
IP address blocks: 185.46.172.0/24 maxlen: 24
195.43.80.0/23 maxlen: 23
195.43.80.0/24 maxlen: 24
2a0c:f40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.mft
rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 04:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:b7:da:1a:4b:5a:89:0f:df:ad:62:06:24:2a:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bcfd2da5447d007616ebddc2a70feac5e77c4a8b
Validity
Not Before: Jan 2 07:49:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2a9bd6c46f1c1f34a6c6ed52ba945af52fb87af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:69:d8:1e:b8:dd:5d:6e:5c:ed:82:88:12:55:
60:81:88:32:7f:57:69:43:55:12:09:6a:2f:e6:a3:
f2:37:b9:63:ec:32:41:0e:4e:1b:ef:83:9f:d5:36:
b3:d8:fc:24:75:03:36:85:3e:39:32:66:f4:5f:52:
73:83:74:ad:73:e1:56:b3:38:35:16:57:d3:08:d2:
61:11:6c:6c:94:4a:1c:b7:45:21:73:9c:fb:3e:69:
64:0e:73:41:3e:81:c6:fa:c5:d8:60:3d:d6:b0:3b:
43:c0:bb:9b:6e:2b:c4:48:e7:a7:12:e1:30:fa:39:
1e:4f:44:62:01:32:26:8e:b5:8d:31:18:f7:b1:54:
23:5f:0f:ea:b8:5a:22:e6:c8:44:bf:f9:0b:61:02:
db:38:12:37:93:63:0f:c9:7d:93:a1:d8:44:79:f4:
1f:71:43:43:ca:69:f6:66:f5:19:04:4b:37:30:55:
a7:19:82:34:11:24:31:83:2b:cc:36:66:47:e9:33:
9f:7f:dd:16:16:c8:99:59:4e:dc:05:ad:19:f2:59:
25:48:05:a4:a0:5b:b8:76:5e:43:cb:b1:9f:44:23:
fe:79:b8:a6:19:6b:97:ad:25:76:3e:b7:7c:2e:5d:
78:de:0f:2b:23:04:28:b5:03:b9:4b:0f:56:23:d2:
ee:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:A9:BD:6C:46:F1:C1:F3:4A:6C:6E:D5:2B:A9:45:AF:52:FB:87:AF
X509v3 Authority Key Identifier:
keyid:BC:FD:2D:A5:44:7D:00:76:16:EB:DD:C2:A7:0F:EA:C5:E7:7C:4A:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vP0tpUR9AHYW693Cpw_qxed8Sos.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/8qm9bEbxwfNKbG7VK6lFr1L7h68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/919fff-252f-4720-ade4-bbfe2196c6af/1/vP0tpUR9AHYW693Cpw_qxed8Sos.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.46.172.0/24
195.43.80.0/23
IPv6:
2a0c:f40::/32
Signature Algorithm: sha256WithRSAEncryption
49:2c:b2:df:2f:1c:65:ed:8a:7c:74:5c:88:4f:1f:c7:7e:4d:
c0:64:a1:69:33:a8:b1:cd:65:16:7b:78:12:a6:47:09:a6:39:
f0:4d:b1:cd:6f:0a:1f:69:bb:d6:88:1c:88:9a:4a:b4:0e:a4:
12:f7:fd:b1:bc:53:49:8d:7f:5c:5c:f2:0e:ee:f7:e0:b0:1d:
6c:3e:4d:2c:1e:54:2d:72:bf:34:f5:4b:fd:3b:5d:59:5e:83:
3c:e3:5f:4a:4b:21:0c:4b:64:1e:5a:45:11:16:cf:73:5d:b0:
2a:5d:33:27:a5:bc:26:4b:ba:5c:2d:b9:c8:bc:16:6f:43:ad:
76:2b:a2:d7:33:52:3b:29:33:47:aa:53:ba:13:99:26:a6:09:
62:96:ef:30:a0:dd:51:f5:87:d2:57:d8:e2:a7:ce:c0:f2:00:
3a:fe:b5:6a:ac:19:54:fe:c3:55:c0:83:1e:2f:f5:12:2e:f8:
ce:1a:76:c6:7c:a8:f2:af:ed:dc:cc:d3:4a:7e:35:9a:26:2c:
cf:3a:a7:2b:b5:15:ef:47:f6:f6:0f:d3:6b:17:3c:b8:28:50:
a8:1e:ec:d3:cb:7d:38:95:ce:d0:63:2d:e9:78:8d:85:61:eb:
5f:74:ac:9c:f5:be:5e:c2:a5:92:75:28:73:9e:fa:25:1d:b1:
02:fc:6f:34
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQl/bfaGktaiQ/frWIGJCoWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjZmQyZGE1NDQ3ZDAwNzYxNmViZGRjMmE3MGZlYWM1ZTc3
YzRhOGIwHhcNMjUwMTAyMDc0OTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmE5YmQ2YzQ2ZjFjMWYzNGE2YzZlZDUyYmE5NDVhZjUyZmI4N2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGnYHrjdXW5c7YKIElVggYgyf1dp
Q1USCWov5qPyN7lj7DJBDk4b74Of1Taz2PwkdQM2hT45Mmb0X1Jzg3Stc+FWszg1
FlfTCNJhEWxslEoct0Uhc5z7PmlkDnNBPoHG+sXYYD3WsDtDwLubbivESOenEuEw
+jkeT0RiATImjrWNMRj3sVQjXw/quFoi5shEv/kLYQLbOBI3k2MPyX2TodhEefQf
cUNDymn2ZvUZBEs3MFWnGYI0ESQxgyvMNmZH6TOff90WFsiZWU7cBa0Z8lklSAWk
oFu4dl5Dy7GfRCP+ebimGWuXrSV2Prd8Ll143g8rIwQotQO5Sw9WI9Lu4wIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPKpvWxG8cHzSmxu1SupRa9S+4evMB8GA1UdIwQY
MBaAFLz9LaVEfQB2FuvdwqcP6sXnfEqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQt
YmJmZTIxOTZjNmFmLzEvOHFtOWJFYnh3Zk5LYkc3Vks2bEZyMUw3aDY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS85MTlmZmYtMjUyZi00NzIwLWFkZTQtYmJmZTIxOTZjNmFm
LzEvdlAwdHBVUjlBSFlXNjkzQ3B3X3F4ZWQ4U29zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAuS6sAwQB
wytQMA0EAgACMAcDBQAqDA9AMA0GCSqGSIb3DQEBCwUAA4IBAQBJLLLfLxxl7Yp8
dFyITx/Hfk3AZKFpM6ixzWUWe3gSpkcJpjnwTbHNbwofabvWiByImkq0DqQS9/2x
vFNJjX9cXPIO7vfgsB1sPk0sHlQtcr809Uv9O11ZXoM8419KSyEMS2QeWkURFs9z
XbAqXTMnpbwmS7pcLbnIvBZvQ612K6LXM1I7KTNHqlO6E5kmpglilu8woN1R9YfS
V9jip87A8gA6/rVqrBlU/sNVwIMeL/USLvjOGnbGfKjyr+3czNNKfjWaJizPOqcr
tRXvR/b2D9NrFzy4KFCoHuzTy304lc7QYy3peI2FYetfdKyc9b5ewqWSdShznvol
HbEC/G80
-----END CERTIFICATE-----
Generated at Tue Apr 22 14:22:01 2025 by rpki-client