Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/bvGIb4I9tPNSFQAgMarPZLbQdco.roa
File: bvGIb4I9tPNSFQAgMarPZLbQdco.roa (raw, json)
Hash identifier: z2ND/X4p7VMdJla0AX/t4QpyjiykeGek/GP7iei/AGM=
Subject key identifier: 6E:F1:88:6F:82:3D:B4:F3:52:15:00:20:31:AA:CF:64:B6:D0:75:CA
Certificate issuer: /CN=fc44297e9271c6edf064915f6180ae12690dda8b
Certificate serial: 019420D6567644CFEFCCEB4C1BD4C2C18B27
Authority key identifier: FC:44:29:7E:92:71:C6:ED:F0:64:91:5F:61:80:AE:12:69:0D:DA:8B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/bvGIb4I9tPNSFQAgMarPZLbQdco.roa
Signing time: Wed 01 Jan 2025 07:48:25 +0000
ROA not before: Wed 01 Jan 2025 07:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203206
IP address blocks: 213.169.150.0/24 maxlen: 24
213.169.152.0/24 maxlen: 24
213.169.153.0/24 maxlen: 24
213.169.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/_EQpfpJxxu3wZJFfYYCuEmkN2os.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/_EQpfpJxxu3wZJFfYYCuEmkN2os.mft
rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:56:76:44:cf:ef:cc:eb:4c:1b:d4:c2:c1:8b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc44297e9271c6edf064915f6180ae12690dda8b
Validity
Not Before: Jan 1 07:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ef1886f823db4f35215002031aacf64b6d075ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:e2:5f:e1:ea:fc:78:7e:ba:05:37:2a:22:a7:
b1:ed:0f:9e:8a:d5:98:99:51:c4:a9:d6:0d:2c:55:
b8:77:06:0e:52:43:68:fd:4e:76:37:6b:2c:65:c4:
05:dd:04:8f:8c:8f:94:18:a5:1a:49:bb:79:1c:e9:
26:03:77:be:36:1e:f5:17:cb:56:23:e9:43:30:e6:
95:3e:40:2e:56:56:1e:d6:2c:2c:5c:be:1c:c3:10:
49:77:95:3e:68:1a:d9:32:ec:46:e6:59:f9:7f:52:
18:96:26:5e:c1:6c:c0:d4:ba:5f:8a:19:21:cd:27:
83:74:e4:61:6f:9f:8c:06:ba:b6:e4:b8:3a:a7:46:
15:fe:5c:ac:e0:5d:51:78:48:9c:91:85:24:be:c9:
2e:1b:f0:e5:30:0a:fb:c1:bf:9b:aa:11:72:d8:05:
5b:6d:38:0d:3d:08:9b:bd:ad:dc:d3:e2:8f:e2:12:
89:6d:ca:5c:df:77:21:f0:dd:03:8c:cd:94:c0:26:
b7:62:5b:f9:e2:30:fc:2b:3e:5b:13:b7:ac:e5:d8:
14:57:c6:93:0f:ff:42:2e:77:9a:72:93:bb:82:ee:
41:29:81:44:49:41:aa:24:8f:8d:80:90:a0:0e:34:
13:94:d1:c2:21:0d:58:d9:c5:f9:25:76:4a:8f:05:
1e:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F1:88:6F:82:3D:B4:F3:52:15:00:20:31:AA:CF:64:B6:D0:75:CA
X509v3 Authority Key Identifier:
keyid:FC:44:29:7E:92:71:C6:ED:F0:64:91:5F:61:80:AE:12:69:0D:DA:8B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_EQpfpJxxu3wZJFfYYCuEmkN2os.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/bvGIb4I9tPNSFQAgMarPZLbQdco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/7cb179-ad2c-4824-a1e5-ae07f32e4102/1/_EQpfpJxxu3wZJFfYYCuEmkN2os.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.169.150.0/24
213.169.152.0/23
213.169.155.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:51:2b:71:b4:19:e4:14:b8:cc:09:1c:30:ce:4b:64:e5:03:
15:c5:23:94:e9:8e:16:88:67:c2:11:a7:d6:54:34:43:27:34:
64:b6:1e:31:b7:a0:44:f4:80:6d:6d:d4:36:60:ce:15:a3:93:
c4:ac:27:a8:0d:8e:20:23:07:e0:36:83:e0:cf:5e:4b:df:37:
34:68:ff:67:6d:08:41:a4:57:af:27:a3:5e:b8:fc:15:a1:1e:
c5:1a:51:2d:27:d4:08:e6:34:1c:a5:d6:fb:71:9c:54:b0:ac:
2e:0a:f6:98:5c:fe:23:9f:f3:4c:57:8a:b4:3e:bf:4d:c8:8e:
b9:03:6d:75:88:b8:8f:88:94:23:3e:d4:fa:85:62:c8:32:39:
2e:c9:7e:af:03:37:b6:73:55:62:a3:64:2a:02:7b:17:fa:9b:
37:a1:f6:4f:e7:bb:ee:86:7f:ba:88:1b:90:33:8f:10:96:eb:
ba:c0:e6:cd:0a:e2:d5:aa:b7:86:ef:b7:35:83:26:69:cf:07:
92:fa:60:dc:64:44:8a:39:04:a0:1f:4b:e5:d3:68:6c:ae:e8:
fd:9d:23:96:bd:cf:f3:8c:50:27:96:3a:bd:47:c1:4a:86:b0:
12:d0:17:4f:a2:e7:1b:91:8f:0f:87:03:1e:db:6b:9f:1b:c5:
b7:47:00:c1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQg1lZ2RM/vzOtMG9TCwYsnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjNDQyOTdlOTI3MWM2ZWRmMDY0OTE1ZjYxODBhZTEyNjkw
ZGRhOGIwHhcNMjUwMTAxMDc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWYxODg2ZjgyM2RiNGYzNTIxNTAwMjAzMWFhY2Y2NGI2ZDA3NWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3OJf4er8eH66BTcqIqex7Q+eitWY
mVHEqdYNLFW4dwYOUkNo/U52N2ssZcQF3QSPjI+UGKUaSbt5HOkmA3e+Nh71F8tW
I+lDMOaVPkAuVlYe1iwsXL4cwxBJd5U+aBrZMuxG5ln5f1IYliZewWzA1Lpfihkh
zSeDdORhb5+MBrq25Lg6p0YV/lys4F1ReEickYUkvskuG/DlMAr7wb+bqhFy2AVb
bTgNPQibva3c0+KP4hKJbcpc33ch8N0DjM2UwCa3Ylv54jD8Kz5bE7es5dgUV8aT
D/9CLneacpO7gu5BKYFESUGqJI+NgJCgDjQTlNHCIQ1Y2cX5JXZKjwUeAwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG7xiG+CPbTzUhUAIDGqz2S20HXKMB8GA1UdIwQY
MBaAFPxEKX6Sccbt8GSRX2GArhJpDdqLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0VRcGZwSnh4dTN3WkpGZllZQ3VFbWtOMm9zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi83Y2IxNzktYWQyYy00ODI0LWExZTUt
YWUwN2YzMmU0MTAyLzEvYnZHSWI0STl0UE5TRlFBZ01hclBaTGJRZGNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi83Y2IxNzktYWQyYy00ODI0LWExZTUtYWUwN2YzMmU0MTAy
LzEvX0VRcGZwSnh4dTN3WkpGZllZQ3VFbWtOMm9zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQA1amWAwQB
1amYAwQA1ambMA0GCSqGSIb3DQEBCwUAA4IBAQC9UStxtBnkFLjMCRwwzktk5QMV
xSOU6Y4WiGfCEafWVDRDJzRkth4xt6BE9IBtbdQ2YM4Vo5PErCeoDY4gIwfgNoPg
z15L3zc0aP9nbQhBpFevJ6NeuPwVoR7FGlEtJ9QI5jQcpdb7cZxUsKwuCvaYXP4j
n/NMV4q0Pr9NyI65A211iLiPiJQjPtT6hWLIMjkuyX6vAze2c1Vio2QqAnsX+ps3
ofZP57vuhn+6iBuQM48Qluu6wObNCuLVqreG77c1gyZpzweS+mDcZESKOQSgH0vl
02hsruj9nSOWvc/zjFAnljq9R8FKhrAS0BdPoucbkY8PhwMe22ufG8W3RwDB
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:31:18 2025 by rpki-client