Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/BjsuLgGQNhMD4InbUJY9wvy3euM.roa
File: BjsuLgGQNhMD4InbUJY9wvy3euM.roa (raw, json)
Hash identifier: HQnpHX6hfakLbQoTyAQapgMmds3GLNhUneOg7VrLXNA=
Subject key identifier: 06:3B:2E:2E:01:90:36:13:03:E0:89:DB:50:96:3D:C2:FC:B7:7A:E3
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 01941F8C41B3D7F1F910CB83EE25DEEAA536
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/BjsuLgGQNhMD4InbUJY9wvy3euM.roa
Signing time: Wed 01 Jan 2025 01:47:52 +0000
ROA not before: Wed 01 Jan 2025 01:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210542
IP address blocks: 88.218.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:41:b3:d7:f1:f9:10:cb:83:ee:25:de:ea:a5:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Jan 1 01:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=063b2e2e0190361303e089db50963dc2fcb77ae3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4a:81:41:ff:69:e1:5b:91:63:8c:8e:90:11:
b0:e1:29:4b:fd:30:17:e6:7a:32:7a:ac:79:0a:48:
d2:4a:ac:39:a2:9c:80:2e:48:9d:0f:15:e2:cb:4e:
71:2a:59:29:20:e9:3b:7b:40:60:6e:49:f5:8e:db:
c4:0c:f5:1d:9c:bc:5d:52:1f:4a:15:4d:21:46:48:
42:22:15:cf:77:98:fb:7a:1f:ed:8b:84:86:16:c4:
2b:89:43:72:5b:5e:04:4e:c5:d6:bf:38:4b:26:34:
a6:34:ab:3f:74:b6:35:56:3c:46:27:76:d7:bf:0f:
cf:5b:7a:36:41:d8:b2:0c:12:e7:39:45:28:4f:00:
d5:46:a8:b5:0e:29:33:1f:d7:eb:51:64:2e:d6:95:
32:42:0c:b5:d2:b2:8b:e3:e9:d0:72:79:90:6a:e0:
91:6c:c9:35:94:b6:6e:70:44:f8:53:2a:06:ce:57:
00:38:56:be:5c:55:a8:ae:ea:c8:7f:24:e5:d2:6b:
78:7e:11:a2:23:8c:93:23:af:95:31:c5:f3:e7:ac:
a4:a0:2a:fa:d1:a6:6e:df:2a:ce:c1:64:8f:e9:5c:
85:ae:12:7b:ff:1d:fc:66:57:5f:74:15:74:d2:72:
1e:be:80:8f:ba:5e:ee:d3:92:1d:3e:a5:45:34:d7:
78:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:3B:2E:2E:01:90:36:13:03:E0:89:DB:50:96:3D:C2:FC:B7:7A:E3
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/BjsuLgGQNhMD4InbUJY9wvy3euM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.218.40.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:69:26:bf:c1:fe:97:5f:14:a8:c0:7d:27:f1:0b:a9:07:72:
3f:96:f6:64:36:dd:98:48:33:4d:d9:8a:e7:91:a1:dc:c6:0f:
c9:80:98:5e:8d:8e:43:92:b0:7b:5d:f1:ab:e3:e8:70:86:0f:
9a:13:99:47:d1:d9:c8:64:f4:2b:23:c5:9b:f8:d7:10:70:46:
ea:a6:10:42:6e:60:75:e5:1c:1b:71:9e:4d:34:57:df:f3:40:
3b:7b:8c:c4:35:ea:6c:d4:10:f7:d1:22:4d:4a:38:f8:ed:58:
c3:fb:b5:8a:e9:dd:89:62:af:44:cc:0e:cc:4f:78:5d:15:56:
1a:5c:04:21:8c:65:14:df:a6:78:6c:5f:d8:54:1a:d4:d5:22:
6f:29:6b:62:64:7c:13:cd:db:f9:95:ef:5c:8b:65:52:af:b3:
25:8b:27:39:e4:50:ef:e9:0a:b6:51:e6:5b:3c:fd:41:13:6a:
19:76:77:74:9f:af:6b:53:f2:1d:48:b1:d1:d3:84:df:bb:ce:
ad:0a:06:69:1e:3e:09:6a:bd:b8:d0:95:fb:f1:04:9b:8e:58:
4c:37:99:1f:4b:fe:1b:fa:9b:8a:82:cd:50:df:74:6c:f2:eb:
a2:ef:26:0c:48:00:65:74:3b:93:c5:52:96:f6:91:b8:9e:9e:
b6:ee:92:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjEGz1/H5EMuD7iXe6qU2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjUwMTAxMDE0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjNiMmUyZTAxOTAzNjEzMDNlMDg5ZGI1MDk2M2RjMmZjYjc3YWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkqBQf9p4VuRY4yOkBGw4SlL/TAX
5noyeqx5CkjSSqw5opyALkidDxXiy05xKlkpIOk7e0Bgbkn1jtvEDPUdnLxdUh9K
FU0hRkhCIhXPd5j7eh/ti4SGFsQriUNyW14ETsXWvzhLJjSmNKs/dLY1VjxGJ3bX
vw/PW3o2QdiyDBLnOUUoTwDVRqi1DikzH9frUWQu1pUyQgy10rKL4+nQcnmQauCR
bMk1lLZucET4UyoGzlcAOFa+XFWorurIfyTl0mt4fhGiI4yTI6+VMcXz56ykoCr6
0aZu3yrOwWSP6VyFrhJ7/x38ZldfdBV00nIevoCPul7u05IdPqVFNNd4TwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAY7Li4BkDYTA+CJ21CWPcL8t3rjMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvQmpzdUxnR1FOaE1ENEluYlVKWTl3dnkzZXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWNooMA0G
CSqGSIb3DQEBCwUAA4IBAQCLaSa/wf6XXxSowH0n8QupB3I/lvZkNt2YSDNN2Yrn
kaHcxg/JgJhejY5DkrB7XfGr4+hwhg+aE5lH0dnIZPQrI8Wb+NcQcEbqphBCbmB1
5RwbcZ5NNFff80A7e4zENeps1BD30SJNSjj47VjD+7WK6d2JYq9EzA7MT3hdFVYa
XAQhjGUU36Z4bF/YVBrU1SJvKWtiZHwTzdv5le9ci2VSr7Mliyc55FDv6Qq2UeZb
PP1BE2oZdnd0n69rU/IdSLHR04Tfu86tCgZpHj4Jar240JX78QSbjlhMN5kfS/4b
+puKgs1Q33Rs8uui7yYMSABldDuTxVKW9pG4np627pIE
-----END CERTIFICATE-----
Generated at Thu Apr 10 18:39:20 2025 by rpki-client