Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/BhmCDxcE0gsUJ8n-5kUDWm_-44o.roa
File: BhmCDxcE0gsUJ8n-5kUDWm_-44o.roa (raw, json)
Hash identifier: /tiZqBXubo3kuYkXe6qdVTzGxoqo7003YeEc2CAhCcU=
Subject key identifier: 06:19:82:0F:17:04:D2:0B:14:27:C9:FE:E6:45:03:5A:6F:FE:E3:8A
Certificate issuer: /CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Certificate serial: 01941F8C16D7535ACD90EFD09F3DD75A187D
Authority key identifier: 1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/BhmCDxcE0gsUJ8n-5kUDWm_-44o.roa
Signing time: Wed 01 Jan 2025 01:47:41 +0000
ROA not before: Wed 01 Jan 2025 01:47:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203666
IP address blocks: 94.45.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.mft
rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:16:d7:53:5a:cd:90:ef:d0:9f:3d:d7:5a:18:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e14eb1eef66c2d349f3f7d7bafa68e49fbfec9c
Validity
Not Before: Jan 1 01:47:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0619820f1704d20b1427c9fee645035a6ffee38a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:f4:a8:62:02:ac:26:76:c7:ba:e6:9c:b7:8c:
32:d9:ea:45:1a:a7:3c:bb:ee:f7:8c:d5:dc:91:b0:
2f:67:83:ff:5d:84:42:d0:1a:d1:82:ac:9f:6a:08:
9b:f6:87:30:a5:0e:ba:2a:84:79:31:d4:29:a8:11:
8a:0a:dd:ce:09:73:cc:3d:6c:82:a8:f1:b1:51:38:
b1:4c:f6:f5:5e:f5:b1:18:91:aa:f2:45:b1:2f:5c:
26:55:4a:d2:b1:3f:c7:72:43:05:c0:a0:c3:3f:53:
42:15:6c:da:d7:c0:45:49:6f:75:d8:61:f5:0e:6e:
83:a8:5d:5f:03:35:77:74:14:59:da:77:5e:bc:16:
f8:8a:a7:a5:d2:6b:de:39:20:30:78:2b:03:83:11:
da:1b:c0:9c:5b:9f:38:67:3a:de:a7:6c:ad:69:a8:
aa:e8:5a:a0:df:c3:67:00:d4:6b:04:53:a0:0d:67:
2f:17:f4:ba:b8:e1:72:f9:5d:65:aa:11:f5:74:52:
96:8a:11:91:0d:54:f9:e3:cc:e7:42:22:ed:45:4e:
07:68:83:e8:5f:4b:ce:54:de:19:38:d4:e3:a7:83:
ab:40:30:50:47:ca:fe:75:29:a3:a7:cc:24:dc:9c:
21:bf:fe:b0:f3:05:1a:34:e2:5a:f0:ec:e9:bf:0c:
90:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:19:82:0F:17:04:D2:0B:14:27:C9:FE:E6:45:03:5A:6F:FE:E3:8A
X509v3 Authority Key Identifier:
keyid:1E:14:EB:1E:EF:66:C2:D3:49:F3:F7:D7:BA:FA:68:E4:9F:BF:EC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/BhmCDxcE0gsUJ8n-5kUDWm_-44o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/333ab1-af9b-434c-8d13-9ca98f4950cf/1/HhTrHu9mwtNJ8_fXuvpo5J-_7Jw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.45.151.0/24
Signature Algorithm: sha256WithRSAEncryption
ba:1f:29:97:b6:81:05:52:26:84:45:68:13:1b:3d:b4:43:8d:
b2:11:31:e1:d4:fa:d1:c5:f0:5c:df:97:b7:47:53:7d:6c:85:
9a:85:7a:d5:d8:7f:31:aa:b7:af:b3:6e:07:b9:9c:35:e2:61:
96:d9:08:26:8b:46:c3:f7:37:7e:99:7e:d4:fa:63:90:ed:69:
4b:3c:34:ad:fd:58:15:3f:99:92:35:b6:79:29:d0:3e:f3:7c:
15:68:5d:60:53:b3:7f:19:1c:52:8f:d1:87:b7:63:c1:90:7f:
f6:55:27:37:9f:2c:98:c3:04:4f:c6:14:61:88:ee:d1:80:4e:
94:fe:d2:c9:a1:3a:82:3c:43:79:b0:ea:7d:67:14:99:74:30:
b6:65:b5:26:35:7c:2e:67:1d:f1:41:6a:03:15:8e:13:1b:9a:
60:cc:f9:09:d1:b4:cc:9c:8d:16:fb:c9:b7:10:28:68:af:9c:
a7:48:5f:d8:95:76:c2:f3:1e:42:40:80:ae:ff:91:87:7d:80:
a3:c2:40:a4:b4:7e:6d:1a:c3:d8:b2:d9:f0:81:73:77:08:00:
5c:56:f3:5c:b5:4b:93:84:c7:e2:08:e3:c4:96:ec:2d:a9:47:
54:d4:65:70:28:13:a9:32:75:58:f5:7c:32:83:b0:6c:8a:a9:
8b:47:2b:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQfjBbXU1rNkO/Qnz3XWhh9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlMTRlYjFlZWY2NmMyZDM0OWYzZjdkN2JhZmE2OGU0OWZi
ZmVjOWMwHhcNMjUwMTAxMDE0NzQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjE5ODIwZjE3MDRkMjBiMTQyN2M5ZmVlNjQ1MDM1YTZmZmVlMzhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxfSoYgKsJnbHuuact4wy2epFGqc8
u+73jNXckbAvZ4P/XYRC0BrRgqyfagib9ocwpQ66KoR5MdQpqBGKCt3OCXPMPWyC
qPGxUTixTPb1XvWxGJGq8kWxL1wmVUrSsT/HckMFwKDDP1NCFWza18BFSW912GH1
Dm6DqF1fAzV3dBRZ2ndevBb4iqel0mveOSAweCsDgxHaG8CcW584Zzrep2ytaaiq
6Fqg38NnANRrBFOgDWcvF/S6uOFy+V1lqhH1dFKWihGRDVT548znQiLtRU4HaIPo
X0vOVN4ZONTjp4OrQDBQR8r+dSmjp8wk3Jwhv/6w8wUaNOJa8OzpvwyQrQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAYZgg8XBNILFCfJ/uZFA1pv/uOKMB8GA1UdIwQY
MBaAFB4U6x7vZsLTSfP317r6aOSfv+ycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMt
OWNhOThmNDk1MGNmLzEvQmhtQ0R4Y0UwZ3NVSjhuLTVrVURXbV8tNDRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy8zMzNhYjEtYWY5Yi00MzRjLThkMTMtOWNhOThmNDk1MGNm
LzEvSGhUckh1OW13dE5KOF9mWHV2cG81Si1fN0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXi2XMA0G
CSqGSIb3DQEBCwUAA4IBAQC6HymXtoEFUiaERWgTGz20Q42yETHh1PrRxfBc35e3
R1N9bIWahXrV2H8xqrevs24HuZw14mGW2Qgmi0bD9zd+mX7U+mOQ7WlLPDSt/VgV
P5mSNbZ5KdA+83wVaF1gU7N/GRxSj9GHt2PBkH/2VSc3nyyYwwRPxhRhiO7RgE6U
/tLJoTqCPEN5sOp9ZxSZdDC2ZbUmNXwuZx3xQWoDFY4TG5pgzPkJ0bTMnI0W+8m3
EChor5ynSF/YlXbC8x5CQICu/5GHfYCjwkCktH5tGsPYstnwgXN3CABcVvNctUuT
hMfiCOPEluwtqUdU1GVwKBOpMnVY9Xwyg7BsiqmLRytH
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:09 2025 by rpki-client