Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/bOCBzzRvzuJPuu-j2dvPA0mnOUw.roa
File: bOCBzzRvzuJPuu-j2dvPA0mnOUw.roa (raw, json)
Hash identifier: InvZiY5TCPmmHvBaq4Cag3h3swbwKMBYSgXMQxCeJZU=
Subject key identifier: 6C:E0:81:CF:34:6F:CE:E2:4F:BA:EF:A3:D9:DB:CF:03:49:A7:39:4C
Certificate issuer: /CN=07d08df8bc7a383e976dbb03d2a0eb9fe0d786e7
Certificate serial: 019426D9C06E4006CCF3D488A6447E20F1F3
Authority key identifier: 07:D0:8D:F8:BC:7A:38:3E:97:6D:BB:03:D2:A0:EB:9F:E0:D7:86:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/bOCBzzRvzuJPuu-j2dvPA0mnOUw.roa
Signing time: Thu 02 Jan 2025 11:49:52 +0000
ROA not before: Thu 02 Jan 2025 11:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8856
IP address blocks: 195.214.192.0/23 maxlen: 23
195.214.192.0/24 maxlen: 24
195.214.193.0/24 maxlen: 24
195.214.194.0/23 maxlen: 23
195.214.194.0/24 maxlen: 24
195.214.195.0/24 maxlen: 24
212.42.64.0/22 maxlen: 22
212.42.64.0/23 maxlen: 23
212.42.64.0/24 maxlen: 24
212.42.65.0/24 maxlen: 24
212.42.66.0/23 maxlen: 23
212.42.72.0/24 maxlen: 24
212.42.73.0/24 maxlen: 24
212.42.74.0/23 maxlen: 23
212.42.76.0/23 maxlen: 23
212.42.76.0/24 maxlen: 24
212.42.77.0/24 maxlen: 24
212.42.78.0/23 maxlen: 23
212.42.78.0/24 maxlen: 24
212.42.79.0/24 maxlen: 24
212.42.80.0/22 maxlen: 22
212.42.80.0/24 maxlen: 24
212.42.81.0/24 maxlen: 24
212.42.82.0/23 maxlen: 23
212.42.84.0/24 maxlen: 24
212.42.85.0/24 maxlen: 24
212.42.89.0/24 maxlen: 24
212.42.92.0/24 maxlen: 24
212.42.93.0/24 maxlen: 24
212.42.94.0/23 maxlen: 23
212.42.94.0/24 maxlen: 24
212.42.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:c0:6e:40:06:cc:f3:d4:88:a6:44:7e:20:f1:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07d08df8bc7a383e976dbb03d2a0eb9fe0d786e7
Validity
Not Before: Jan 2 11:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ce081cf346fcee24fbaefa3d9dbcf0349a7394c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:0a:1f:94:50:ac:0a:77:4a:41:c1:10:e5:a6:
dc:00:12:47:06:e3:22:01:6d:c2:87:d5:30:0f:0a:
1d:58:ea:d2:50:f7:67:e2:3e:7b:13:39:15:68:36:
37:43:2c:c8:67:b2:88:92:70:3f:ea:95:fc:c9:7d:
ec:74:92:76:6f:14:bb:71:3f:b5:4f:5e:32:1e:5b:
55:49:82:30:a9:3c:2e:94:26:bb:9a:c8:0a:73:2f:
a4:d5:5b:a0:d0:1a:f6:34:77:1c:cd:fc:0a:a7:c5:
07:ee:5f:ed:05:a8:d7:41:d0:7c:97:a1:ad:0e:03:
c0:51:60:83:3b:9f:ff:56:b1:18:c9:72:a5:3b:c6:
11:e4:45:64:fc:b4:77:61:89:83:8a:bc:13:62:d2:
0d:1d:34:5e:78:5d:ce:b1:c3:2e:40:1c:e4:f8:63:
0e:9a:3d:54:4b:16:08:97:2c:b0:d3:58:04:1e:2c:
40:17:f9:aa:ff:80:e8:21:d3:07:1e:e9:6e:fa:4d:
89:44:a4:80:68:8a:65:96:db:de:83:ec:86:73:30:
8e:85:be:34:a2:f0:5c:5f:e6:c1:1c:89:82:0a:de:
44:4b:df:7a:8b:32:fc:8e:99:c8:44:69:ae:ad:33:
09:fd:bb:06:29:1d:f6:9b:6b:6a:f5:08:d7:c2:36:
90:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E0:81:CF:34:6F:CE:E2:4F:BA:EF:A3:D9:DB:CF:03:49:A7:39:4C
X509v3 Authority Key Identifier:
keyid:07:D0:8D:F8:BC:7A:38:3E:97:6D:BB:03:D2:A0:EB:9F:E0:D7:86:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/bOCBzzRvzuJPuu-j2dvPA0mnOUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/031818-0463-4bab-bb56-51485fe222db/1/B9CN-Lx6OD6XbbsD0qDrn-DXhuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.214.192.0/22
212.42.64.0/22
212.42.72.0-212.42.85.255
212.42.89.0/24
212.42.92.0/22
Signature Algorithm: sha256WithRSAEncryption
39:2e:13:3a:83:63:33:be:fe:4d:d7:60:43:63:78:65:ef:4a:
83:d0:37:eb:e7:d7:3d:69:8d:c9:b1:b5:7a:55:91:d4:25:76:
3e:26:3e:e3:6e:82:ed:f7:c3:fb:d1:2c:a4:ff:5e:bd:9a:81:
46:d3:f2:87:f0:56:6d:2d:49:97:cb:4b:1d:61:4a:28:e4:41:
ea:b6:11:f5:50:34:56:00:7f:87:f0:eb:2c:5e:7f:66:60:80:
9d:19:33:6f:64:63:ef:f9:fc:56:a6:2d:fd:15:44:35:60:5b:
4d:5a:07:e8:8c:5d:7c:85:f1:d4:a3:0a:3e:ed:31:96:4f:79:
c0:24:f2:1d:8a:97:61:46:9d:13:d7:cb:b1:0f:14:e9:96:2e:
85:94:b6:33:18:8c:be:48:69:a6:fd:d4:a1:c6:aa:ac:e8:04:
53:9a:88:4e:3b:3b:e6:66:be:64:17:77:ae:7f:f8:d2:22:5d:
01:42:7f:3c:37:1c:b5:2e:82:af:25:5b:db:93:07:f5:a1:c7:
eb:7c:33:73:4c:2a:c4:b9:44:de:6f:e2:37:46:f2:e9:e3:ce:
de:7c:65:fb:b6:a8:ce:ef:31:0c:8f:77:ee:58:f0:39:08:67:
0a:00:7d:ae:a5:49:d2:23:66:02:02:43:f2:94:b2:76:b3:eb:
e6:43:78:6d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZQm2cBuQAbM89SIpkR+IPHzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZDA4ZGY4YmM3YTM4M2U5NzZkYmIwM2QyYTBlYjlmZTBk
Nzg2ZTcwHhcNMjUwMTAyMTE0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2UwODFjZjM0NmZjZWUyNGZiYWVmYTNkOWRiY2YwMzQ5YTczOTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkgoflFCsCndKQcEQ5abcABJHBuMi
AW3Ch9UwDwodWOrSUPdn4j57EzkVaDY3QyzIZ7KIknA/6pX8yX3sdJJ2bxS7cT+1
T14yHltVSYIwqTwulCa7msgKcy+k1Vug0Br2NHcczfwKp8UH7l/tBajXQdB8l6Gt
DgPAUWCDO5//VrEYyXKlO8YR5EVk/LR3YYmDirwTYtINHTReeF3OscMuQBzk+GMO
mj1USxYIlyyw01gEHixAF/mq/4DoIdMHHulu+k2JRKSAaIplltveg+yGczCOhb40
ovBcX+bBHImCCt5ES996izL8jpnIRGmurTMJ/bsGKR32m2tq9QjXwjaQiwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFGzggc80b87iT7rvo9nbzwNJpzlMMB8GA1UdIwQY
MBaAFAfQjfi8ejg+l227A9Kg65/g14bnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlDTi1MeDZPRDZYYmJzRDBxRHJuLURYaHVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8wMzE4MTgtMDQ2My00YmFiLWJiNTYt
NTE0ODVmZTIyMmRiLzEvYk9DQnp6UnZ6dUpQdXUtajJkdlBBMG1uT1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8wMzE4MTgtMDQ2My00YmFiLWJiNTYtNTE0ODVmZTIyMmRi
LzEvQjlDTi1MeDZPRDZYYmJzRDBxRHJuLURYaHVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCw9bAAwQC
1CpAMAwDBAPUKkgDBAHUKlQDBADUKlkDBALUKlwwDQYJKoZIhvcNAQELBQADggEB
ADkuEzqDYzO+/k3XYENjeGXvSoPQN+vn1z1pjcmxtXpVkdQldj4mPuNugu33w/vR
LKT/Xr2agUbT8ofwVm0tSZfLSx1hSijkQeq2EfVQNFYAf4fw6yxef2ZggJ0ZM29k
Y+/5/FamLf0VRDVgW01aB+iMXXyF8dSjCj7tMZZPecAk8h2Kl2FGnRPXy7EPFOmW
LoWUtjMYjL5Iaab91KHGqqzoBFOaiE47O+ZmvmQXd65/+NIiXQFCfzw3HLUugq8l
W9uTB/Whx+t8M3NMKsS5RN5v4jdG8unjzt58Zfu2qM7vMQyPd+5Y8DkIZwoAfa6l
SdIjZgICQ/KUsnaz6+ZDeG0=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:45:12 2025 by rpki-client