Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BSMTiyM4pnl9If5voX3KbONrs5w.roa
File: BSMTiyM4pnl9If5voX3KbONrs5w.roa (raw, json)
Hash identifier: uWxXBrcWnzi1eJsm6+Zzg9+sO9uQewGhXuGeqUwQqqk=
Subject key identifier: 05:23:13:8B:23:38:A6:79:7D:21:FE:6F:A1:7D:CA:6C:E3:6B:B3:9C
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 0194266BC8665BCC6EC27CFA3DBDEDF02C54
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BSMTiyM4pnl9If5voX3KbONrs5w.roa
Signing time: Thu 02 Jan 2025 09:49:45 +0000
ROA not before: Thu 02 Jan 2025 09:49:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215355
IP address blocks: 89.251.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:c8:66:5b:cc:6e:c2:7c:fa:3d:bd:ed:f0:2c:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Jan 2 09:49:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0523138b2338a6797d21fe6fa17dca6ce36bb39c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:e6:dd:f5:2b:18:9d:15:d9:fa:8a:21:fd:8f:
27:44:28:37:ca:4b:f7:e0:10:47:da:24:d8:81:6d:
0c:7a:02:f2:26:6c:35:b2:41:d3:10:80:43:e6:47:
9d:39:66:49:26:a2:84:a4:25:af:71:f8:cd:f1:86:
8b:2a:20:5f:ab:54:76:46:e4:75:be:54:33:93:50:
8e:ce:a8:d3:fd:fe:56:76:4d:90:95:3f:50:5d:72:
e6:4c:a9:8f:82:32:dd:7c:08:87:80:16:f1:70:6f:
2e:ec:7a:e9:b4:51:04:e8:bd:e4:67:2a:6a:df:5b:
50:58:d8:04:18:75:cf:4d:73:21:5a:c9:d7:d7:b8:
3f:6e:6b:88:42:7e:23:88:72:38:5e:06:0c:32:af:
ce:d8:76:d3:4b:ac:6c:ec:43:71:6a:0a:12:b7:05:
8b:5e:eb:82:62:89:2e:e6:1a:37:3c:02:be:5f:1e:
e0:9a:e3:78:4c:7c:6a:30:c4:d5:d6:2c:7a:cf:56:
fd:3d:f2:41:b8:85:ba:4c:e8:a7:22:05:18:b1:28:
b3:6e:d6:d2:80:a1:91:4f:f8:3e:25:96:6a:43:44:
a1:eb:50:42:22:c4:85:0b:96:a8:1a:05:4b:d0:24:
b2:79:ca:d6:37:d8:94:d2:6b:c2:5c:cc:f8:a6:60:
b9:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:23:13:8B:23:38:A6:79:7D:21:FE:6F:A1:7D:CA:6C:E3:6B:B3:9C
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/BSMTiyM4pnl9If5voX3KbONrs5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.251.26.0/24
Signature Algorithm: sha256WithRSAEncryption
81:9c:36:03:d7:9b:68:f2:8d:48:1e:c1:f1:71:49:c6:35:2b:
2d:40:ad:46:2d:8f:62:82:b1:ae:fa:f3:d5:23:a3:fb:a5:14:
12:0f:a4:7c:a1:70:8a:b2:9f:91:0c:01:fa:13:38:28:6c:a2:
6a:f7:0c:9c:fc:45:8c:ee:a7:1a:34:1a:61:8a:b8:dd:26:c4:
93:ee:2a:21:a6:de:34:0f:22:13:da:57:b8:8a:29:51:6d:8c:
d0:dc:c5:a0:23:7e:da:f3:8b:98:a9:f8:4c:15:85:08:f2:f7:
a7:cc:77:54:58:72:0a:fe:cb:16:e8:a7:06:a3:a9:af:ed:60:
9f:67:f1:9d:26:05:04:c3:6a:3d:4d:61:67:08:d8:0b:43:ec:
d0:54:7a:34:84:55:eb:a9:ba:ae:43:f3:55:1e:37:0c:99:29:
62:a2:34:ba:ca:73:af:fd:67:c1:44:4a:2e:01:92:29:a0:94:
41:85:b4:91:d3:4b:40:81:c1:72:f6:d1:1c:4d:a4:32:e1:a5:
c7:03:f1:64:e9:30:83:0a:61:31:a9:bb:09:5a:f9:22:e9:c0:
23:78:09:4c:83:c7:42:75:fb:58:72:ba:d0:8b:31:73:51:6d:
f0:79:14:9b:be:fc:5b:19:7a:06:3c:41:cf:66:1e:60:77:77:
dd:3c:cb:93
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQma8hmW8xuwnz6Pb3t8CxUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjUwMTAyMDk0OTQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTIzMTM4YjIzMzhhNjc5N2QyMWZlNmZhMTdkY2E2Y2UzNmJiMzljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArebd9SsYnRXZ+ooh/Y8nRCg3ykv3
4BBH2iTYgW0MegLyJmw1skHTEIBD5kedOWZJJqKEpCWvcfjN8YaLKiBfq1R2RuR1
vlQzk1COzqjT/f5Wdk2QlT9QXXLmTKmPgjLdfAiHgBbxcG8u7HrptFEE6L3kZypq
31tQWNgEGHXPTXMhWsnX17g/bmuIQn4jiHI4XgYMMq/O2HbTS6xs7ENxagoStwWL
XuuCYoku5ho3PAK+Xx7gmuN4THxqMMTV1ix6z1b9PfJBuIW6TOinIgUYsSizbtbS
gKGRT/g+JZZqQ0Sh61BCIsSFC5aoGgVL0CSyecrWN9iU0mvCXMz4pmC5IQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAUjE4sjOKZ5fSH+b6F9ymzja7OcMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvQlNNVGl5TTRwbmw5SWY1dm9YM0tiT05yczV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWfsaMA0G
CSqGSIb3DQEBCwUAA4IBAQCBnDYD15to8o1IHsHxcUnGNSstQK1GLY9igrGu+vPV
I6P7pRQSD6R8oXCKsp+RDAH6EzgobKJq9wyc/EWM7qcaNBphirjdJsST7iohpt40
DyIT2le4iilRbYzQ3MWgI37a84uYqfhMFYUI8venzHdUWHIK/ssW6KcGo6mv7WCf
Z/GdJgUEw2o9TWFnCNgLQ+zQVHo0hFXrqbquQ/NVHjcMmSliojS6ynOv/WfBREou
AZIpoJRBhbSR00tAgcFy9tEcTaQy4aXHA/Fk6TCDCmExqbsJWvki6cAjeAlMg8dC
dftYcrrQizFzUW3weRSbvvxbGXoGPEHPZh5gd3fdPMuT
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:58:37 2025 by rpki-client