Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/BrC95qegfOa0TgThzqIEYO52pE4.roa
File: BrC95qegfOa0TgThzqIEYO52pE4.roa (raw, json)
Hash identifier: NQcrpLx6LISXQiUt+m/hCop1708krlvAotMAH3yT+Qo=
Subject key identifier: 06:B0:BD:E6:A7:A0:7C:E6:B4:4E:04:E1:CE:A2:04:60:EE:76:A4:4E
Certificate issuer: /CN=d4d179ce49e5776b92c86c26c20b0b43fd0a6cb6
Certificate serial: 019427B542894EB7EE024C0AA26294F038DC
Authority key identifier: D4:D1:79:CE:49:E5:77:6B:92:C8:6C:26:C2:0B:0B:43:FD:0A:6C:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1NF5zknld2uSyGwmwgsLQ_0KbLY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/BrC95qegfOa0TgThzqIEYO52pE4.roa
Signing time: Thu 02 Jan 2025 15:49:37 +0000
ROA not before: Thu 02 Jan 2025 15:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5485
IP address blocks: 185.124.76.0/22 maxlen: 22
2a06:b0c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/1NF5zknld2uSyGwmwgsLQ_0KbLY.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/1NF5zknld2uSyGwmwgsLQ_0KbLY.mft
rsync://rpki.ripe.net/repository/DEFAULT/1NF5zknld2uSyGwmwgsLQ_0KbLY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 03:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:42:89:4e:b7:ee:02:4c:0a:a2:62:94:f0:38:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d4d179ce49e5776b92c86c26c20b0b43fd0a6cb6
Validity
Not Before: Jan 2 15:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06b0bde6a7a07ce6b44e04e1cea20460ee76a44e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:4d:3d:e0:c1:d9:09:b3:ed:f8:43:fc:38:81:
29:6b:81:8a:4b:f2:97:df:f0:74:72:fa:08:f8:5a:
a3:25:0b:b3:5a:06:ae:ce:1f:c0:a1:f3:a1:b3:30:
72:8a:dd:cb:ee:dd:0a:30:03:27:24:b3:a2:0a:95:
b5:6d:0c:99:a5:ae:8a:df:5a:bc:56:9c:a0:0e:d1:
c0:1e:a0:2e:7a:68:ce:2f:45:d0:b9:31:2c:66:7c:
18:6b:ab:1c:c4:6e:84:9b:f2:e5:97:68:39:3b:8a:
5f:3a:80:66:b2:ef:58:87:e5:a4:cb:e0:88:d7:ce:
dc:fc:41:5c:98:d7:f4:43:13:e5:07:56:17:86:61:
f8:c4:e0:12:90:9a:71:ca:42:67:40:ae:b4:21:90:
e6:07:1a:0c:e7:72:4f:38:fc:5c:ff:2f:5f:cf:c4:
4d:68:4f:c8:5a:9b:d5:b2:c8:67:b4:8d:02:c1:06:
71:42:3d:98:53:f5:fe:a0:d3:b6:c9:34:3a:a0:7a:
ba:53:dd:7c:71:60:3e:53:0e:ae:14:73:cd:8c:32:
8e:63:fd:81:12:00:02:9e:d4:5b:80:22:b0:9b:93:
f3:35:10:ff:59:41:08:a6:7e:c7:37:8a:68:0c:7e:
79:c2:c1:82:2a:e5:6f:25:50:fd:ad:2e:5f:bb:4b:
b9:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:B0:BD:E6:A7:A0:7C:E6:B4:4E:04:E1:CE:A2:04:60:EE:76:A4:4E
X509v3 Authority Key Identifier:
keyid:D4:D1:79:CE:49:E5:77:6B:92:C8:6C:26:C2:0B:0B:43:FD:0A:6C:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1NF5zknld2uSyGwmwgsLQ_0KbLY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/BrC95qegfOa0TgThzqIEYO52pE4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/8b16cc-4db5-4198-924e-4032e190edc3/1/1NF5zknld2uSyGwmwgsLQ_0KbLY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.76.0/22
IPv6:
2a06:b0c0::/29
Signature Algorithm: sha256WithRSAEncryption
29:70:f9:ea:4f:7a:dd:a3:a7:9e:7d:39:9e:7f:bc:d3:49:7d:
63:33:13:79:d1:90:9c:da:bf:f6:41:0b:9f:83:5e:b0:49:15:
53:e6:d0:f0:52:45:99:43:28:34:66:0a:cf:1f:a4:c3:b4:7e:
b9:ee:52:0d:05:04:f0:8f:f5:68:e8:39:7c:f9:47:4b:b1:c9:
81:86:be:1d:e5:a8:7a:20:f8:bd:df:8d:43:41:74:03:d2:23:
b3:e2:0b:c8:3b:30:27:22:54:bb:45:a3:59:82:35:ba:89:64:
05:c0:1c:dd:a3:fa:55:bd:fe:3f:b2:f1:28:c5:13:21:60:9a:
7a:a5:9d:4f:b5:bb:dc:d9:d0:4b:5e:6a:cf:9b:7d:a1:0b:86:
9a:38:03:9b:c4:ee:3c:2a:d0:34:50:f1:fb:2b:95:19:a3:d5:
2a:b5:d4:be:fd:b9:0c:f5:d1:f1:68:17:05:1c:85:cf:82:09:
56:ae:e6:7a:8b:9b:48:69:9d:74:aa:8f:3b:27:63:5f:e8:71:
e1:68:19:15:c7:b2:e3:f2:fc:5c:7a:77:d9:d8:06:e5:23:0b:
ae:52:80:40:8c:ae:af:f8:25:38:1e:25:ae:6a:32:0f:80:bd:
7d:03:5b:01:85:61:7d:82:82:19:a0:ec:bc:46:15:eb:00:b3:
f2:a7:5a:df
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQntUKJTrfuAkwKomKU8DjcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0ZDE3OWNlNDllNTc3NmI5MmM4NmMyNmMyMGIwYjQzZmQw
YTZjYjYwHhcNMjUwMTAyMTU0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmIwYmRlNmE3YTA3Y2U2YjQ0ZTA0ZTFjZWEyMDQ2MGVlNzZhNDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0094MHZCbPt+EP8OIEpa4GKS/KX
3/B0cvoI+FqjJQuzWgauzh/AofOhszByit3L7t0KMAMnJLOiCpW1bQyZpa6K31q8
VpygDtHAHqAuemjOL0XQuTEsZnwYa6scxG6Em/Lll2g5O4pfOoBmsu9Yh+Wky+CI
187c/EFcmNf0QxPlB1YXhmH4xOASkJpxykJnQK60IZDmBxoM53JPOPxc/y9fz8RN
aE/IWpvVsshntI0CwQZxQj2YU/X+oNO2yTQ6oHq6U918cWA+Uw6uFHPNjDKOY/2B
EgACntRbgCKwm5PzNRD/WUEIpn7HN4poDH55wsGCKuVvJVD9rS5fu0u5vQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAawveanoHzmtE4E4c6iBGDudqROMB8GA1UdIwQY
MBaAFNTRec5J5XdrkshsJsILC0P9Cmy2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMU5GNXprbmxkMnVTeUd3bXdnc0xRXzBLYkxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi84YjE2Y2MtNGRiNS00MTk4LTkyNGUt
NDAzMmUxOTBlZGMzLzEvQnJDOTVxZWdmT2EwVGdUaHpxSUVZTzUycEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi84YjE2Y2MtNGRiNS00MTk4LTkyNGUtNDAzMmUxOTBlZGMz
LzEvMU5GNXprbmxkMnVTeUd3bXdnc0xRXzBLYkxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuXxMMA0E
AgACMAcDBQMqBrDAMA0GCSqGSIb3DQEBCwUAA4IBAQApcPnqT3rdo6eefTmef7zT
SX1jMxN50ZCc2r/2QQufg16wSRVT5tDwUkWZQyg0ZgrPH6TDtH657lINBQTwj/Vo
6Dl8+UdLscmBhr4d5ah6IPi9341DQXQD0iOz4gvIOzAnIlS7RaNZgjW6iWQFwBzd
o/pVvf4/svEoxRMhYJp6pZ1Ptbvc2dBLXmrPm32hC4aaOAObxO48KtA0UPH7K5UZ
o9UqtdS+/bkM9dHxaBcFHIXPgglWruZ6i5tIaZ10qo87J2Nf6HHhaBkVx7Lj8vxc
enfZ2AblIwuuUoBAjK6v+CU4HiWuajIPgL19A1sBhWF9goIZoOy8RhXrALPyp1rf
-----END CERTIFICATE-----
Generated at Tue Apr 22 11:37:52 2025 by rpki-client