Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bsBMUZB_3wwWuue_72Jr1pBXhVs.roa
File: bsBMUZB_3wwWuue_72Jr1pBXhVs.roa (raw, json)
Hash identifier: KnukYJym/rZ0nodODW3A4oHTo7jVmYNSU5au/7EQyRc=
Subject key identifier: 6E:C0:4C:51:90:7F:DF:0C:16:BA:E7:BF:EF:62:6B:D6:90:57:85:5B
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0195368D478B11D6A2F25BFC100075AEFEBC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bsBMUZB_3wwWuue_72Jr1pBXhVs.roa
Signing time: Mon 24 Feb 2025 06:03:03 +0000
ROA not before: Mon 24 Feb 2025 06:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214339
IP address blocks: 94.156.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:36:8d:47:8b:11:d6:a2:f2:5b:fc:10:00:75:ae:fe:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 24 06:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ec04c51907fdf0c16bae7bfef626bd69057855b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ef:dc:b2:8a:d6:31:cb:1f:b9:fd:4f:d0:7a:
6a:36:e9:c4:02:40:7d:e5:15:13:6a:aa:eb:fb:d0:
ea:58:39:11:dd:52:77:65:a4:95:fa:91:e1:95:80:
f0:4b:9e:2f:0c:8b:2a:8b:75:29:9e:e0:a8:24:ae:
40:81:1a:d8:5b:0e:d6:e6:b1:51:d9:36:92:a2:b7:
0e:93:ee:3a:05:46:4a:62:86:7a:4f:55:be:71:38:
bb:12:a5:e4:3b:10:11:b3:10:95:5c:45:18:b2:93:
1c:53:58:17:15:ed:ff:63:21:4f:ad:e5:cc:f1:3d:
33:db:fc:09:a5:45:5c:8e:ed:a4:50:8b:a9:1a:b3:
90:a3:98:b9:47:e0:ae:ff:89:cf:b1:5d:e9:bc:16:
ce:32:97:06:18:1c:60:63:a7:59:3a:dc:04:7b:67:
9e:47:43:ee:25:cd:aa:2c:de:16:e9:f6:49:f8:b2:
4a:df:e4:9b:98:c6:ea:ca:0a:04:6c:41:88:30:b8:
d8:b4:90:eb:65:77:08:26:13:6f:2c:b6:13:35:e6:
be:0c:5b:83:99:2c:1a:5d:e6:75:78:a4:00:f0:dc:
23:0d:af:78:7a:d1:1f:1b:96:47:96:89:57:f6:82:
7d:05:64:01:cd:44:ec:05:12:a3:9f:33:27:d5:b7:
03:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:C0:4C:51:90:7F:DF:0C:16:BA:E7:BF:EF:62:6B:D6:90:57:85:5B
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/bsBMUZB_3wwWuue_72Jr1pBXhVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.156.61.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:2d:d8:6a:c0:fd:3b:b9:cd:1b:df:2f:4f:3a:a0:64:68:5f:
37:41:1e:81:e9:48:18:2c:7f:e4:d2:e0:73:32:ad:3f:13:78:
07:0f:63:4b:58:22:d9:f5:b4:fe:9f:79:d3:f4:49:e0:b1:36:
36:f1:bd:db:50:d8:13:5a:4a:4e:30:ea:0f:0a:3a:12:cd:6f:
67:59:fd:4e:fa:a1:73:a2:6d:ae:fb:cd:83:6e:84:eb:25:46:
6d:8d:3f:e4:f0:91:f3:30:c1:f0:3c:1e:da:d4:da:24:62:4b:
e4:56:59:16:2b:b9:44:ab:ba:f9:3b:6d:34:30:7f:70:2e:18:
71:0c:0a:7e:b0:77:8e:5e:ca:87:18:db:fd:d1:ea:af:22:77:
01:3a:ec:d3:c0:45:56:3e:68:b5:4f:7f:86:b5:2e:e6:33:60:
a1:45:f7:97:75:db:1d:b7:11:80:06:04:6b:5d:08:3c:1c:6b:
12:7f:86:c1:d8:fd:fb:e8:00:a2:80:6d:78:3c:c5:e0:89:f5:
ec:44:9c:b5:ae:09:00:12:80:a5:de:c4:7a:7e:3f:0c:82:07:
15:ac:47:c5:5b:9e:04:c5:6d:61:74:cc:e9:5b:88:1e:f2:25:
91:f5:c0:b9:d1:ec:f9:27:40:04:82:f6:0a:dd:a2:3a:d2:23:
4a:42:aa:50
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZU2jUeLEdai8lv8EAB1rv68MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjI0MDYwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWMwNGM1MTkwN2ZkZjBjMTZiYWU3YmZlZjYyNmJkNjkwNTc4NTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+/csorWMcsfuf1P0HpqNunEAkB9
5RUTaqrr+9DqWDkR3VJ3ZaSV+pHhlYDwS54vDIsqi3UpnuCoJK5AgRrYWw7W5rFR
2TaSorcOk+46BUZKYoZ6T1W+cTi7EqXkOxARsxCVXEUYspMcU1gXFe3/YyFPreXM
8T0z2/wJpUVcju2kUIupGrOQo5i5R+Cu/4nPsV3pvBbOMpcGGBxgY6dZOtwEe2ee
R0PuJc2qLN4W6fZJ+LJK3+SbmMbqygoEbEGIMLjYtJDrZXcIJhNvLLYTNea+DFuD
mSwaXeZ1eKQA8NwjDa94etEfG5ZHlolX9oJ9BWQBzUTsBRKjnzMn1bcDuQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG7ATFGQf98MFrrnv+9ia9aQV4VbMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvYnNCTVVaQl8zd3dXdXVlXzcySnIxcEJYaFZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXpw9MA0G
CSqGSIb3DQEBCwUAA4IBAQCcLdhqwP07uc0b3y9POqBkaF83QR6B6UgYLH/k0uBz
Mq0/E3gHD2NLWCLZ9bT+n3nT9EngsTY28b3bUNgTWkpOMOoPCjoSzW9nWf1O+qFz
om2u+82DboTrJUZtjT/k8JHzMMHwPB7a1NokYkvkVlkWK7lEq7r5O200MH9wLhhx
DAp+sHeOXsqHGNv90eqvIncBOuzTwEVWPmi1T3+GtS7mM2ChRfeXddsdtxGABgRr
XQg8HGsSf4bB2P376ACigG14PMXgifXsRJy1rgkAEoCl3sR6fj8MggcVrEfFW54E
xW1hdMzpW4ge8iWR9cC50ez5J0AEgvYK3aI60iNKQqpQ
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:58:37 2025 by rpki-client