Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/Bla5VO18gnOwAGsyi_ag0PlrZc8.roa
File: Bla5VO18gnOwAGsyi_ag0PlrZc8.roa (raw, json)
Hash identifier: bB+354vnCwp35QcIDtKoGUcD5g72kaYCQWv9dkrPEdQ=
Subject key identifier: 06:56:B9:54:ED:7C:82:73:B0:00:6B:32:8B:F6:A0:D0:F9:6B:65:CF
Certificate issuer: /CN=6dbd51576b4a93460a465af35e6bf550f5548894
Certificate serial: 01954C0BD9F7ABFBC40F4A4F5A4C496F3AC8
Authority key identifier: 6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/Bla5VO18gnOwAGsyi_ag0PlrZc8.roa
Signing time: Fri 28 Feb 2025 10:13:19 +0000
ROA not before: Fri 28 Feb 2025 10:13:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209788
IP address blocks: 95.183.44.0/23 maxlen: 24
95.183.46.0/24 maxlen: 24
188.68.80.0/24 maxlen: 24
188.68.90.0/24 maxlen: 24
188.68.91.0/24 maxlen: 24
188.68.92.0/24 maxlen: 24
188.68.93.0/24 maxlen: 24
192.54.76.0/24 maxlen: 24
192.54.77.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:0b:d9:f7:ab:fb:c4:0f:4a:4f:5a:4c:49:6f:3a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6dbd51576b4a93460a465af35e6bf550f5548894
Validity
Not Before: Feb 28 10:13:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0656b954ed7c8273b0006b328bf6a0d0f96b65cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:63:f1:6a:63:d3:13:24:bc:82:2b:be:67:65:
4c:52:9b:8c:73:25:b8:5c:d3:67:39:73:46:ef:02:
b5:a6:fe:83:6d:16:af:4e:00:29:b0:eb:9f:60:c4:
4d:0e:a4:3b:03:4a:07:2f:29:b6:ad:7c:6f:26:e6:
a1:25:e4:d4:10:1b:2e:e2:74:38:01:a4:36:91:2f:
ae:fe:4c:fd:08:c7:17:d6:91:3b:e6:a6:5b:09:c5:
18:70:33:31:18:71:15:7f:54:73:78:ff:6c:3c:34:
d6:d7:46:bb:a8:2c:05:f6:be:fd:23:e5:29:bc:98:
9d:b6:0a:37:b2:f4:5c:50:97:fe:eb:72:29:eb:af:
a3:0a:89:7c:97:ea:1f:eb:1f:4e:71:a7:15:62:be:
ac:e3:7d:41:51:09:8c:30:66:6e:dd:8d:57:2e:25:
6d:06:b3:a0:fa:4c:84:66:e3:af:fa:0f:1f:2b:62:
4c:52:04:a4:ef:b9:ea:9d:21:b6:07:72:45:c5:43:
dd:48:12:14:00:8b:80:d3:fc:1a:36:5a:e3:fb:50:
15:f6:05:eb:14:52:35:b3:4e:50:6c:54:7b:18:34:
bf:e2:9b:81:0f:91:10:90:7a:9d:53:a5:f1:dc:96:
fc:63:90:7c:bb:f4:cd:45:c2:ab:39:91:4c:36:df:
e8:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:56:B9:54:ED:7C:82:73:B0:00:6B:32:8B:F6:A0:D0:F9:6B:65:CF
X509v3 Authority Key Identifier:
keyid:6D:BD:51:57:6B:4A:93:46:0A:46:5A:F3:5E:6B:F5:50:F5:54:88:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/Bla5VO18gnOwAGsyi_ag0PlrZc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/81/8ff537-71e0-403b-979e-1ef7ef17fa43/1/bb1RV2tKk0YKRlrzXmv1UPVUiJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.183.44.0-95.183.46.255
188.68.80.0/24
188.68.90.0-188.68.93.255
192.54.76.0/23
Signature Algorithm: sha256WithRSAEncryption
88:fa:b9:5f:a4:5c:10:eb:90:aa:b9:f0:90:42:89:38:d4:bc:
59:25:9d:70:79:a0:56:ed:f7:14:d3:09:c3:20:93:3a:98:cd:
33:e8:9e:69:8a:90:3b:33:8a:0f:b4:4b:1a:da:52:fb:c1:27:
06:31:c1:44:3f:0d:18:76:6b:b2:5a:1c:8c:fd:3d:de:6c:ff:
fb:88:3d:b9:cc:30:e0:73:2c:e8:e0:7e:5e:9f:2f:a8:42:29:
3f:77:50:4f:e0:4d:1b:45:51:63:67:71:a5:35:b7:9a:24:5b:
83:f3:10:a9:22:ab:77:0b:38:9a:6e:d9:87:fe:4c:e7:e2:37:
df:94:2d:94:1d:78:91:20:5a:cb:41:0d:9d:1f:bf:36:5c:38:
7d:c1:59:41:34:2b:6a:d2:e1:fa:c8:8e:f6:17:18:1a:f2:cf:
c0:b0:34:c8:aa:97:39:d1:67:0b:d5:80:fa:16:b0:76:e9:c9:
55:17:44:1b:58:20:cd:f2:0d:42:29:5a:14:b8:aa:b2:a5:7f:
1a:43:01:7f:86:81:7b:61:2a:07:71:8c:13:19:12:d2:0c:d1:
68:79:b9:e8:36:8c:f6:0d:66:00:0a:38:05:b6:10:0c:15:19:
b4:96:71:c8:02:91:fd:bb:c4:00:af:6e:04:7e:3d:2b:fc:33:
eb:23:fc:97
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZVMC9n3q/vED0pPWkxJbzrIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkYmQ1MTU3NmI0YTkzNDYwYTQ2NWFmMzVlNmJmNTUwZjU1
NDg4OTQwHhcNMjUwMjI4MTAxMzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjU2Yjk1NGVkN2M4MjczYjAwMDZiMzI4YmY2YTBkMGY5NmI2NWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqWPxamPTEyS8giu+Z2VMUpuMcyW4
XNNnOXNG7wK1pv6DbRavTgApsOufYMRNDqQ7A0oHLym2rXxvJuahJeTUEBsu4nQ4
AaQ2kS+u/kz9CMcX1pE75qZbCcUYcDMxGHEVf1RzeP9sPDTW10a7qCwF9r79I+Up
vJidtgo3svRcUJf+63Ip66+jCol8l+of6x9OcacVYr6s431BUQmMMGZu3Y1XLiVt
BrOg+kyEZuOv+g8fK2JMUgSk77nqnSG2B3JFxUPdSBIUAIuA0/waNlrj+1AV9gXr
FFI1s05QbFR7GDS/4puBD5EQkHqdU6Xx3Jb8Y5B8u/TNRcKrOZFMNt/o8QIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFAZWuVTtfIJzsABrMov2oND5a2XPMB8GA1UdIwQY
MBaAFG29UVdrSpNGCkZa815r9VD1VIiUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUt
MWVmN2VmMTdmYTQzLzEvQmxhNVZPMThnbk93QUdzeWlfYWcwUGxyWmM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MS84ZmY1MzctNzFlMC00MDNiLTk3OWUtMWVmN2VmMTdmYTQz
LzEvYmIxUlYydEtrMFlLUmxyelhtdjFVUFZVaUpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAJftywD
BABfty4DBAC8RFAwDAMEAbxEWgMEAbxEXAMEAcA2TDANBgkqhkiG9w0BAQsFAAOC
AQEAiPq5X6RcEOuQqrnwkEKJONS8WSWdcHmgVu33FNMJwyCTOpjNM+ieaYqQOzOK
D7RLGtpS+8EnBjHBRD8NGHZrslocjP093mz/+4g9ucww4HMs6OB+Xp8vqEIpP3dQ
T+BNG0VRY2dxpTW3miRbg/MQqSKrdws4mm7Zh/5M5+I335QtlB14kSBay0ENnR+/
Nlw4fcFZQTQratLh+siO9hcYGvLPwLA0yKqXOdFnC9WA+hawdunJVRdEG1ggzfIN
QilaFLiqsqV/GkMBf4aBe2EqB3GMExkS0gzRaHm56DaM9g1mAAo4BbYQDBUZtJZx
yAKR/bvEAK9uBH49K/wz6yP8lw==
-----END CERTIFICATE-----
Generated at Tue Apr 22 20:06:03 2025 by rpki-client