Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/mBNBPvpQ0ZyKyklOFfh-zOZGjfY.roa
File: mBNBPvpQ0ZyKyklOFfh-zOZGjfY.roa (raw, json)
Hash identifier: /KSNQLTNa7loW014tE7eo3A+ZK7sfCtmbcB6pN7dyog=
Subject key identifier: 98:13:41:3E:FA:50:D1:9C:8A:CA:49:4E:15:F8:7E:CC:E6:46:8D:F6
Certificate issuer: /CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Certificate serial: 0194228E33179698C133728E39F5D11593C1
Authority key identifier: FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/mBNBPvpQ0ZyKyklOFfh-zOZGjfY.roa
Signing time: Wed 01 Jan 2025 15:48:52 +0000
ROA not before: Wed 01 Jan 2025 15:48:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20546
IP address blocks: 5.61.80.0/21 maxlen: 24
62.40.0.0/19 maxlen: 24
80.87.160.0/20 maxlen: 24
185.32.32.0/22 maxlen: 24
195.82.64.0/19 maxlen: 24
195.94.64.0/19 maxlen: 24
195.135.128.0/18 maxlen: 24
195.227.0.0/16 maxlen: 24
212.237.160.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.mft
rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:33:17:96:98:c1:33:72:8e:39:f5:d1:15:93:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc13f7fa237f89d011233bac7328c2219ba7d62c
Validity
Not Before: Jan 1 15:48:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9813413efa50d19c8aca494e15f87ecce6468df6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:b0:71:80:ab:62:ee:8d:bf:01:b1:79:5c:49:
e1:0e:c6:a4:80:9f:82:da:df:ed:e9:cd:b0:c3:9c:
24:a0:ce:00:16:84:60:ab:b2:ee:47:d5:90:79:aa:
1f:51:ad:cf:4a:36:ec:3c:d6:14:f4:f0:b3:8c:74:
23:45:48:77:56:6b:04:93:c5:c0:8b:f1:a7:d8:4b:
4c:97:ab:09:e3:43:91:a5:a3:e7:be:a4:e3:5e:27:
df:f3:d7:5a:9e:1c:e5:c8:23:6b:5d:1a:79:2e:66:
20:71:e9:4a:e7:a1:86:13:11:ed:80:3c:4c:72:02:
db:ab:07:c1:19:b5:80:0f:2d:78:a5:cb:22:2a:c5:
51:21:93:1c:62:94:39:2d:74:59:85:5f:2f:4d:7d:
79:a0:90:26:f2:55:2c:00:ee:6e:5f:aa:3c:a9:76:
f2:9a:b3:91:bb:fc:39:89:4c:40:db:03:c6:2b:3b:
96:4f:a9:41:15:aa:d6:2f:22:62:85:dd:fd:46:94:
fb:87:e2:c1:8e:81:18:c6:de:8e:bc:d2:cb:30:aa:
7b:a5:23:c1:17:7c:7d:21:7b:35:d0:a6:e9:f9:7c:
ec:94:fc:4c:df:23:09:de:3e:0f:0e:0d:fa:0a:d7:
22:a1:29:56:be:11:c1:68:2a:75:3a:64:ea:8d:11:
a6:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:13:41:3E:FA:50:D1:9C:8A:CA:49:4E:15:F8:7E:CC:E6:46:8D:F6
X509v3 Authority Key Identifier:
keyid:FC:13:F7:FA:23:7F:89:D0:11:23:3B:AC:73:28:C2:21:9B:A7:D6:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_BP3-iN_idARIzuscyjCIZun1iw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/mBNBPvpQ0ZyKyklOFfh-zOZGjfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/09af2b-64f7-4c1d-abd4-d07464b9b378/1/_BP3-iN_idARIzuscyjCIZun1iw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.80.0/21
62.40.0.0/19
80.87.160.0/20
185.32.32.0/22
195.82.64.0/19
195.94.64.0/19
195.135.128.0/18
195.227.0.0/16
212.237.160.0/21
Signature Algorithm: sha256WithRSAEncryption
33:61:b1:66:d7:92:c7:45:6c:33:fb:79:e9:d9:1c:91:55:2b:
96:14:2e:05:03:ee:5d:bd:fd:16:bf:a8:13:bf:b9:cf:e2:fe:
1f:20:b4:66:59:3f:92:b7:44:c2:bf:f3:ef:b8:dd:28:0d:87:
d3:6d:30:4d:50:b4:77:82:4e:4d:9a:d4:73:02:c5:aa:8e:66:
dd:d4:5b:64:f9:af:3d:f5:d0:8f:ad:fc:e2:7d:82:dd:60:ca:
86:5f:89:07:6e:75:ff:50:5e:b2:d1:fe:05:60:9b:2b:44:8d:
01:3d:a4:f0:f3:08:56:6b:01:46:45:7f:bb:3e:83:a6:03:d5:
d6:31:13:65:d6:eb:38:b7:12:4f:90:48:d2:e7:10:0c:a0:90:
ed:3b:63:b2:71:7b:77:9f:c6:92:03:51:e6:c7:aa:fb:e7:18:
d5:b1:02:e1:2b:58:a9:8c:ba:6e:1a:35:ff:35:cd:65:28:84:
61:67:f6:db:70:0c:bf:ed:64:89:e5:cd:80:f4:30:1d:3d:85:
67:a5:e9:2a:bf:c5:00:fb:f7:c9:71:3e:47:33:66:5f:a2:6c:
79:79:a7:04:1c:86:82:cd:4c:e4:07:c3:46:6c:d3:a0:63:ba:
35:0c:3e:8d:cb:9c:6b:1d:b4:08:c2:9e:41:5c:67:e7:08:a6:
12:ab:22:14
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZQijjMXlpjBM3KOOfXRFZPBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMTNmN2ZhMjM3Zjg5ZDAxMTIzM2JhYzczMjhjMjIxOWJh
N2Q2MmMwHhcNMjUwMTAxMTU0ODUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODEzNDEzZWZhNTBkMTljOGFjYTQ5NGUxNWY4N2VjY2U2NDY4ZGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9LBxgKti7o2/AbF5XEnhDsakgJ+C
2t/t6c2ww5wkoM4AFoRgq7LuR9WQeaofUa3PSjbsPNYU9PCzjHQjRUh3VmsEk8XA
i/Gn2EtMl6sJ40ORpaPnvqTjXiff89danhzlyCNrXRp5LmYgcelK56GGExHtgDxM
cgLbqwfBGbWADy14pcsiKsVRIZMcYpQ5LXRZhV8vTX15oJAm8lUsAO5uX6o8qXby
mrORu/w5iUxA2wPGKzuWT6lBFarWLyJihd39RpT7h+LBjoEYxt6OvNLLMKp7pSPB
F3x9IXs10Kbp+XzslPxM3yMJ3j4PDg36CtcioSlWvhHBaCp1OmTqjRGmEwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFJgTQT76UNGcispJThX4fszmRo32MB8GA1UdIwQY
MBaAFPwT9/ojf4nQESM7rHMowiGbp9YsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQt
ZDA3NDY0YjliMzc4LzEvbUJOQlB2cFEwWnlLeWtsT0ZmaC16T1pHamZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8wOWFmMmItNjRmNy00YzFkLWFiZDQtZDA3NDY0YjliMzc4
LzEvX0JQMy1pTl9pZEFSSXp1c2N5akNJWnVuMWl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTA7BAIAATA1AwQDBT1QAwQF
PigAAwQEUFegAwQCuSAgAwQFw1JAAwQFw15AAwQGw4eAAwMAw+MDBAPU7aAwDQYJ
KoZIhvcNAQELBQADggEBADNhsWbXksdFbDP7eenZHJFVK5YULgUD7l29/Ra/qBO/
uc/i/h8gtGZZP5K3RMK/8++43SgNh9NtME1QtHeCTk2a1HMCxaqOZt3UW2T5rz31
0I+t/OJ9gt1gyoZfiQdudf9QXrLR/gVgmytEjQE9pPDzCFZrAUZFf7s+g6YD1dYx
E2XW6zi3Ek+QSNLnEAygkO07Y7Jxe3efxpIDUebHqvvnGNWxAuErWKmMum4aNf81
zWUohGFn9ttwDL/tZInlzYD0MB09hWel6Sq/xQD798lxPkczZl+ibHl5pwQchoLN
TOQHw0Zs06BjujUMPo3LnGsdtAjCnkFcZ+cIphKrIhQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:32:37 2025 by rpki-client