Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/bmIFkmc46wZv6ewcgJwZwj1cvlM.roa
File: bmIFkmc46wZv6ewcgJwZwj1cvlM.roa (raw, json)
Hash identifier: t+xCiPV9KaRJxGAZeXjb1sny70g09pMUXGWJ9TkswqI=
Subject key identifier: 6E:62:05:92:67:38:EB:06:6F:E9:EC:1C:80:9C:19:C2:3D:5C:BE:53
Certificate issuer: /CN=b143fa703fbee04bbd91ce63a32148b36b8e55aa
Certificate serial: 019425FDEB5FE73DCA7F07DA2B3399322C8E
Authority key identifier: B1:43:FA:70:3F:BE:E0:4B:BD:91:CE:63:A3:21:48:B3:6B:8E:55:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/bmIFkmc46wZv6ewcgJwZwj1cvlM.roa
Signing time: Thu 02 Jan 2025 07:49:45 +0000
ROA not before: Thu 02 Jan 2025 07:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35508
IP address blocks: 79.142.96.0/23 maxlen: 24
85.112.96.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/sUP6cD--4Eu9kc5joyFIs2uOVao.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/sUP6cD--4Eu9kc5joyFIs2uOVao.mft
rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:eb:5f:e7:3d:ca:7f:07:da:2b:33:99:32:2c:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b143fa703fbee04bbd91ce63a32148b36b8e55aa
Validity
Not Before: Jan 2 07:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e6205926738eb066fe9ec1c809c19c23d5cbe53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:35:a1:78:a3:e3:bb:c2:5b:87:5a:f2:de:1b:
2a:a0:46:f4:cc:af:f9:eb:e2:0c:af:79:48:3c:54:
93:7a:fd:a1:84:82:2d:31:fd:1c:4e:07:89:1e:5d:
b5:8d:8a:fb:13:c3:6d:e3:73:06:4d:f1:6e:ea:c2:
c8:f3:3d:d0:cf:84:19:fe:0d:7b:89:ed:15:13:dd:
f9:66:8a:42:0f:d8:f1:a7:13:a2:b9:75:be:57:09:
21:d8:fb:f7:55:9f:58:5f:4f:33:f8:18:bb:75:2a:
1f:68:29:85:a4:ba:f4:fe:27:c2:56:0a:b1:cf:e8:
62:61:38:63:f9:57:8c:ab:5a:57:bd:97:0b:ad:2f:
4e:4a:72:14:cc:2f:8f:7f:ed:23:ef:2a:3d:47:c4:
9c:fb:27:56:29:b2:b3:62:ca:04:7a:12:92:db:c0:
97:72:17:d0:c2:84:df:15:d7:2b:1f:dc:77:4f:e9:
d3:ce:54:47:23:64:e6:d0:ec:ef:a8:ca:b3:4c:6c:
b4:ee:82:47:cd:38:5f:f0:62:9a:af:7a:bc:10:6b:
9a:bd:1c:3d:43:ef:5a:74:55:28:6f:c9:9b:c8:fe:
43:7e:2d:9c:be:df:30:a9:b7:bc:80:bf:4d:a1:ca:
17:d9:42:b1:a5:ee:05:08:f1:ce:fb:cd:70:4a:af:
aa:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:62:05:92:67:38:EB:06:6F:E9:EC:1C:80:9C:19:C2:3D:5C:BE:53
X509v3 Authority Key Identifier:
keyid:B1:43:FA:70:3F:BE:E0:4B:BD:91:CE:63:A3:21:48:B3:6B:8E:55:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sUP6cD--4Eu9kc5joyFIs2uOVao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/bmIFkmc46wZv6ewcgJwZwj1cvlM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/b9342f-5916-4644-b1aa-00d1e7a170a2/1/sUP6cD--4Eu9kc5joyFIs2uOVao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.142.96.0/23
85.112.96.0/23
Signature Algorithm: sha256WithRSAEncryption
a7:98:7f:ce:9e:d7:bb:1f:ef:65:d8:73:d6:a3:c8:45:55:f2:
c4:67:0a:32:ee:35:1b:0f:d5:fc:b6:7b:75:6d:10:00:bc:c1:
d7:8c:49:69:4f:b7:1f:3b:26:cf:e8:2e:ff:6e:8a:6e:2c:ab:
c6:36:c7:93:25:ba:c1:47:3d:78:50:c1:22:b1:6d:dc:e8:b0:
34:8e:73:1e:8a:e0:04:15:03:58:d1:ce:12:8d:97:5c:65:93:
12:42:62:84:2f:d9:64:b4:1f:9b:07:f5:4b:af:73:81:cb:2d:
76:3d:72:d0:27:4c:40:77:0c:f0:29:db:54:ee:cc:94:b4:dc:
17:1a:b1:04:85:a2:c8:a2:96:33:06:51:c6:c7:c5:29:fd:89:
92:d1:3f:d1:32:9e:de:95:c1:bf:6b:fb:70:ed:79:78:d9:28:
6e:35:e1:46:a6:aa:b1:e8:de:3b:dc:bd:8f:5c:32:f9:16:90:
81:0c:4e:2f:01:78:b9:08:90:a7:d9:53:d9:95:07:f5:13:7b:
0e:8c:a4:36:de:21:5d:5d:a7:8f:5b:2a:5f:b5:82:37:a1:73:
81:e0:5d:0a:49:a5:48:f0:6a:3d:fc:74:cc:b4:df:41:cb:1c:
0d:52:ce:9e:7b:f4:29:1e:97:29:75:99:54:c7:cc:dd:ab:2a:
86:07:f3:ae
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/etf5z3KfwfaKzOZMiyOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNDNmYTcwM2ZiZWUwNGJiZDkxY2U2M2EzMjE0OGIzNmI4
ZTU1YWEwHhcNMjUwMTAyMDc0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTYyMDU5MjY3MzhlYjA2NmZlOWVjMWM4MDljMTljMjNkNWNiZTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuDWheKPju8Jbh1ry3hsqoEb0zK/5
6+IMr3lIPFSTev2hhIItMf0cTgeJHl21jYr7E8Nt43MGTfFu6sLI8z3Qz4QZ/g17
ie0VE935ZopCD9jxpxOiuXW+Vwkh2Pv3VZ9YX08z+Bi7dSofaCmFpLr0/ifCVgqx
z+hiYThj+VeMq1pXvZcLrS9OSnIUzC+Pf+0j7yo9R8Sc+ydWKbKzYsoEehKS28CX
chfQwoTfFdcrH9x3T+nTzlRHI2Tm0OzvqMqzTGy07oJHzThf8GKar3q8EGuavRw9
Q+9adFUob8mbyP5Dfi2cvt8wqbe8gL9NocoX2UKxpe4FCPHO+81wSq+qiQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG5iBZJnOOsGb+nsHICcGcI9XL5TMB8GA1UdIwQY
MBaAFLFD+nA/vuBLvZHOY6MhSLNrjlWqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1VQNmNELS00RXU5a2M1am95RklzMnVPVmFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS9iOTM0MmYtNTkxNi00NjQ0LWIxYWEt
MDBkMWU3YTE3MGEyLzEvYm1JRmttYzQ2d1p2NmV3Y2dKd1p3ajFjdmxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS9iOTM0MmYtNTkxNi00NjQ0LWIxYWEtMDBkMWU3YTE3MGEy
LzEvc1VQNmNELS00RXU5a2M1am95RklzMnVPVmFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBT45gAwQB
VXBgMA0GCSqGSIb3DQEBCwUAA4IBAQCnmH/Onte7H+9l2HPWo8hFVfLEZwoy7jUb
D9X8tnt1bRAAvMHXjElpT7cfOybP6C7/bopuLKvGNseTJbrBRz14UMEisW3c6LA0
jnMeiuAEFQNY0c4SjZdcZZMSQmKEL9lktB+bB/VLr3OByy12PXLQJ0xAdwzwKdtU
7syUtNwXGrEEhaLIopYzBlHGx8Up/YmS0T/RMp7elcG/a/tw7Xl42ShuNeFGpqqx
6N473L2PXDL5FpCBDE4vAXi5CJCn2VPZlQf1E3sOjKQ23iFdXaePWypftYI3oXOB
4F0KSaVI8Go9/HTMtN9ByxwNUs6ee/QpHpcpdZlUx8zdqyqGB/Ou
-----END CERTIFICATE-----
Generated at Wed Apr 9 08:33:57 2025 by rpki-client