Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/PS_BNSlev41-NWxeFfBavbqfOhY.roa
File: PS_BNSlev41-NWxeFfBavbqfOhY.roa (raw, json)
Hash identifier: Nw4ibBErWHKQuotVKXiXBD1aU6aOy/AqNL4p5Lx6M4M=
Subject key identifier: 3D:2F:C1:35:29:5E:BF:8D:7E:35:6C:5E:15:F0:5A:BD:BA:9F:3A:16
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 019425FDD5B3088FC8258005DFFAD1BC0D33
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/PS_BNSlev41-NWxeFfBavbqfOhY.roa
Signing time: Thu 02 Jan 2025 07:49:39 +0000
ROA not before: Thu 02 Jan 2025 07:49:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 185.197.135.0/24 maxlen: 24
2a06:e881:650f::/48 maxlen: 48
2a06:e881:7340::/42 maxlen: 48
2a06:e881:73ef::/48 maxlen: 48
2a06:e881:73ff::/48 maxlen: 48
2a06:e881:9200::/45 maxlen: 48
2a06:e881:9208::/45 maxlen: 48
2a06:e881:9600::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:d5:b3:08:8f:c8:25:80:05:df:fa:d1:bc:0d:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 07:49:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d2fc135295ebf8d7e356c5e15f05abdba9f3a16
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:24:5e:dd:d5:c5:1a:b0:59:d2:5d:de:d3:b4:
6b:6f:6a:8d:21:84:4d:6d:1e:d9:23:4a:15:84:7b:
6f:5c:92:be:41:74:b6:8c:dd:4c:d1:9a:88:62:50:
84:77:d4:52:60:2f:eb:0b:0b:2b:e7:84:a0:ea:01:
d8:52:e0:4c:ad:c1:d3:41:ca:3d:28:bf:5b:a3:1b:
fb:36:13:1d:c6:79:92:4b:b6:de:88:c9:db:07:84:
14:a7:19:13:a1:48:a7:d3:7c:65:35:e2:ec:80:64:
c7:cf:e8:fc:85:b1:da:67:1b:99:58:f2:b9:33:00:
cf:ea:3b:b7:63:76:1e:38:90:10:e3:80:c5:50:f3:
7b:f9:20:6c:26:9e:b3:0f:3b:fd:cd:58:01:8f:51:
78:f9:ac:44:38:37:2f:02:0e:c5:51:5f:cf:82:e8:
a2:c3:47:da:38:42:99:3f:f2:fc:98:89:c6:f8:70:
2c:14:95:b4:63:c1:56:69:13:94:86:58:59:01:9e:
50:23:5d:c9:97:86:e1:31:bb:65:f8:23:7c:0f:94:
fa:e0:aa:50:cb:12:3f:e8:25:3a:33:78:b2:43:82:
f2:a6:98:ef:54:9a:06:d3:d5:6f:25:f6:cd:ab:6d:
4f:c0:36:d8:f0:8a:7f:7a:4d:ff:ff:85:7a:4c:74:
90:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:2F:C1:35:29:5E:BF:8D:7E:35:6C:5E:15:F0:5A:BD:BA:9F:3A:16
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/PS_BNSlev41-NWxeFfBavbqfOhY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.135.0/24
IPv6:
2a06:e881:650f::/48
2a06:e881:7340::/42
2a06:e881:73ef::/48
2a06:e881:73ff::/48
2a06:e881:9200::/44
2a06:e881:9600::/48
Signature Algorithm: sha256WithRSAEncryption
98:8c:61:60:3c:92:a9:5a:5e:a5:02:9b:35:dd:29:e3:e0:09:
65:8d:48:b3:3b:63:89:2e:c1:fa:d9:85:d4:63:d6:58:03:70:
30:6f:ff:6a:f7:19:50:3a:50:8d:c5:0b:30:7e:df:23:9a:87:
50:fc:70:04:77:cc:bc:5b:03:83:51:97:66:af:fa:31:f0:61:
be:ad:4e:86:a2:d4:b3:a5:0d:ef:82:5c:06:05:b8:0a:81:df:
be:48:54:3b:06:a4:b5:b4:de:e9:e6:09:05:f1:2b:66:67:8f:
5e:d0:db:5a:13:a8:83:10:e8:0b:21:5a:42:4c:9b:4a:ca:04:
b9:bb:46:83:7d:f0:6a:e1:87:3a:ca:d4:f5:c9:a5:40:94:30:
4f:47:da:f6:90:f4:71:d1:89:b0:5f:0c:29:c9:6c:75:47:42:
70:7a:3b:37:c7:3e:f6:da:b4:c5:e1:94:d7:32:07:57:02:3b:
61:0d:59:31:3b:9e:76:92:ba:40:2b:8e:8d:29:86:05:42:2a:
5a:fc:5e:cc:66:f5:9e:d5:90:a2:77:0e:29:97:f1:40:08:3a:
1f:42:b5:24:b1:39:0c:75:45:66:27:1c:90:f9:ea:dc:6a:bf:
ff:b6:36:5a:ce:92:d3:69:f3:59:6e:8f:84:e4:50:e1:56:60:
a4:22:c2:ca
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZQl/dWzCI/IJYAF3/rRvA0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjUwMTAyMDc0OTM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDJmYzEzNTI5NWViZjhkN2UzNTZjNWUxNWYwNWFiZGJhOWYzYTE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtyRe3dXFGrBZ0l3e07Rrb2qNIYRN
bR7ZI0oVhHtvXJK+QXS2jN1M0ZqIYlCEd9RSYC/rCwsr54Sg6gHYUuBMrcHTQco9
KL9boxv7NhMdxnmSS7beiMnbB4QUpxkToUin03xlNeLsgGTHz+j8hbHaZxuZWPK5
MwDP6ju3Y3YeOJAQ44DFUPN7+SBsJp6zDzv9zVgBj1F4+axEODcvAg7FUV/Pguii
w0faOEKZP/L8mInG+HAsFJW0Y8FWaROUhlhZAZ5QI13Jl4bhMbtl+CN8D5T64KpQ
yxI/6CU6M3iyQ4LyppjvVJoG09VvJfbNq21PwDbY8Ip/ek3//4V6THSQfwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFD0vwTUpXr+NfjVsXhXwWr26nzoWMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvUFNfQk5TbGV2NDEtTld4ZUZmQmF2YnFmT2hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDAMBAIAATAGAwQAucWHMDwE
AgACMDYDBwAqBuiBZQ8DBwYqBuiBc0ADBwAqBuiBc+8DBwAqBuiBc/8DBwQqBuiB
kgADBwAqBuiBlgAwDQYJKoZIhvcNAQELBQADggEBAJiMYWA8kqlaXqUCmzXdKePg
CWWNSLM7Y4kuwfrZhdRj1lgDcDBv/2r3GVA6UI3FCzB+3yOah1D8cAR3zLxbA4NR
l2av+jHwYb6tToai1LOlDe+CXAYFuAqB375IVDsGpLW03unmCQXxK2Znj17Q21oT
qIMQ6AshWkJMm0rKBLm7RoN98GrhhzrK1PXJpUCUME9H2vaQ9HHRibBfDCnJbHVH
QnB6OzfHPvbatMXhlNcyB1cCO2ENWTE7nnaSukArjo0phgVCKlr8Xsxm9Z7VkKJ3
DimX8UAIOh9CtSSxOQx1RWYnHJD56txqv/+2NlrOktNp81luj4TkUOFWYKQiwso=
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:20:56 2025 by rpki-client