Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Bxz8kRAhiGTA2SSQY-I5CXPYEXk.roa
File: Bxz8kRAhiGTA2SSQY-I5CXPYEXk.roa (raw, json)
Hash identifier: yahaTG6Ju42N7OrySb2pAQ8raFhOhJhcw4cG0vvzYC4=
Subject key identifier: 07:1C:FC:91:10:21:88:64:C0:D9:24:90:63:E2:39:09:73:D8:11:79
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0194282491370B2BE9008379169DF778C18C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Bxz8kRAhiGTA2SSQY-I5CXPYEXk.roa
Signing time: Thu 02 Jan 2025 17:51:12 +0000
ROA not before: Thu 02 Jan 2025 17:51:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60202
IP address blocks: 87.120.230.0/24 maxlen: 24
87.120.231.0/24 maxlen: 24
94.156.56.0/24 maxlen: 24
94.156.57.0/24 maxlen: 24
94.156.58.0/24 maxlen: 24
94.156.59.0/24 maxlen: 24
94.156.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:24:91:37:0b:2b:e9:00:83:79:16:9d:f7:78:c1:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 17:51:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=071cfc9110218864c0d9249063e2390973d81179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:28:54:5a:be:fa:82:7c:52:92:fc:15:b4:25:
bc:29:36:fd:e1:69:bb:dc:d5:a9:b8:e7:2e:4c:b3:
2c:48:84:d3:cb:e2:73:e8:e2:23:b5:21:0a:89:e3:
51:c7:3d:35:a1:ee:f7:b7:a0:d8:e0:83:aa:d9:fb:
e5:0a:e5:27:e6:05:74:69:b1:6e:a4:b6:6f:69:82:
36:1d:2e:0b:2e:78:e8:94:43:00:df:d2:82:bf:11:
44:75:27:97:3f:fe:a1:e4:80:20:c3:c7:81:cf:37:
60:be:70:da:71:37:a1:09:4a:b6:76:14:85:2f:f2:
c3:55:0b:4e:c8:6e:1b:bd:e8:29:4d:a4:8f:5d:a8:
88:0a:dc:a1:4a:6f:84:ec:73:14:4d:22:f5:ed:4c:
f5:8e:67:e7:8a:62:63:10:d5:9d:1f:5c:e0:74:4a:
b2:b3:a2:8e:d4:df:47:77:46:d8:0f:c0:da:52:71:
bc:8f:ce:af:63:97:f1:e7:33:0a:47:4f:ec:89:bd:
54:bb:ad:c7:ae:ea:cb:2b:90:71:46:0f:73:1b:c6:
31:c7:2e:84:c4:0b:a2:76:4d:fc:4c:be:df:08:7b:
e7:42:bf:bd:da:7e:c3:ee:66:5e:4b:45:6a:14:cf:
a6:6c:07:43:b9:df:40:73:f6:7f:9e:eb:4e:1e:1f:
ac:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:1C:FC:91:10:21:88:64:C0:D9:24:90:63:E2:39:09:73:D8:11:79
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Bxz8kRAhiGTA2SSQY-I5CXPYEXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.230.0/23
94.156.56.0-94.156.60.255
Signature Algorithm: sha256WithRSAEncryption
8f:9c:51:7a:98:50:8e:06:c8:91:ea:40:1b:68:63:7f:64:ba:
21:93:c8:1a:2d:1f:a1:db:a3:76:15:84:3a:08:a9:22:76:50:
2d:68:48:54:74:51:0b:b5:c1:b1:03:93:05:28:0f:7f:90:cc:
db:43:54:19:6a:82:64:2d:e2:43:cf:40:a2:e9:8b:32:d4:7f:
99:0b:85:e6:8f:d1:c7:92:48:d1:4a:1f:6c:68:2b:db:12:04:
94:11:3e:66:e7:34:e6:99:29:12:2b:37:84:6d:43:dd:ae:e2:
8d:25:ff:64:14:59:a0:24:dd:f4:54:f4:71:99:46:62:fc:dd:
ed:df:ec:3b:6a:9e:87:44:fe:aa:e5:42:3c:08:e4:ff:33:d1:
fc:30:c0:38:98:88:9e:18:76:2c:da:f0:da:26:33:3c:57:95:
dd:96:04:fd:c2:fd:55:4d:40:a7:8a:30:a4:b1:e3:28:4d:4b:
d9:6d:df:28:ec:3e:45:c4:1b:26:aa:8f:98:cb:7b:56:1a:c8:
6e:36:c0:07:42:6c:8e:6e:7c:31:40:b3:73:62:12:6e:eb:7f:
13:e7:93:7d:b4:8a:ed:20:8b:19:f5:dc:3a:35:17:16:f4:0e:
93:b3:a2:3e:e1:64:6a:ba:23:89:18:a1:1a:2e:e9:1e:03:c1:
20:83:0f:73
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQoJJE3CyvpAIN5Fp33eMGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMTAyMTc1MTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzFjZmM5MTEwMjE4ODY0YzBkOTI0OTA2M2UyMzkwOTczZDgxMTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsChUWr76gnxSkvwVtCW8KTb94Wm7
3NWpuOcuTLMsSITTy+Jz6OIjtSEKieNRxz01oe73t6DY4IOq2fvlCuUn5gV0abFu
pLZvaYI2HS4LLnjolEMA39KCvxFEdSeXP/6h5IAgw8eBzzdgvnDacTehCUq2dhSF
L/LDVQtOyG4bvegpTaSPXaiICtyhSm+E7HMUTSL17Uz1jmfnimJjENWdH1zgdEqy
s6KO1N9Hd0bYD8DaUnG8j86vY5fx5zMKR0/sib1Uu63HrurLK5BxRg9zG8Yxxy6E
xAuidk38TL7fCHvnQr+92n7D7mZeS0VqFM+mbAdDud9Ac/Z/nutOHh+swwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAcc/JEQIYhkwNkkkGPiOQlz2BF5MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQnh6OGtSQWhpR1RBMlNTUVktSTVDWFBZRVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBV3jmMAwD
BANenDgDBABenDwwDQYJKoZIhvcNAQELBQADggEBAI+cUXqYUI4GyJHqQBtoY39k
uiGTyBotH6Hbo3YVhDoIqSJ2UC1oSFR0UQu1wbEDkwUoD3+QzNtDVBlqgmQt4kPP
QKLpizLUf5kLheaP0ceSSNFKH2xoK9sSBJQRPmbnNOaZKRIrN4RtQ92u4o0l/2QU
WaAk3fRU9HGZRmL83e3f7DtqnodE/qrlQjwI5P8z0fwwwDiYiJ4Ydiza8NomMzxX
ld2WBP3C/VVNQKeKMKSx4yhNS9lt3yjsPkXEGyaqj5jLe1YayG42wAdCbI5ufDFA
s3NiEm7rfxPnk320iu0gixn13Do1Fxb0DpOzoj7hZGq6I4kYoRou6R4DwSCDD3M=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:01:19 2025 by rpki-client