Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/bxOTocJnEMQaZpcfRu6SqZ9nVWk.roa
File: bxOTocJnEMQaZpcfRu6SqZ9nVWk.roa (raw, json)
Hash identifier: 24LpjnsSFmDuGUExqtfPTVWojNEGWlT3a13WwNuUa60=
Subject key identifier: 6F:13:93:A1:C2:67:10:C4:1A:66:97:1F:46:EE:92:A9:9F:67:55:69
Certificate issuer: /CN=f94df2f8f5a13c645368914e3dbe42a24a36da5d
Certificate serial: 019420D65AE2F4EF4725944BAE369A213B50
Authority key identifier: F9:4D:F2:F8:F5:A1:3C:64:53:68:91:4E:3D:BE:42:A2:4A:36:DA:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-U3y-PWhPGRTaJFOPb5Coko22l0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/bxOTocJnEMQaZpcfRu6SqZ9nVWk.roa
Signing time: Wed 01 Jan 2025 07:48:26 +0000
ROA not before: Wed 01 Jan 2025 07:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34225
IP address blocks: 91.184.32.0/20 maxlen: 20
185.48.92.0/22 maxlen: 22
193.138.164.0/22 maxlen: 22
2001:67c:20e0::/48 maxlen: 48
2a01:198::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/1-U3y-PWhPGRTaJFOPb5Coko22l0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/1-U3y-PWhPGRTaJFOPb5Coko22l0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-U3y-PWhPGRTaJFOPb5Coko22l0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 13:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:5a:e2:f4:ef:47:25:94:4b:ae:36:9a:21:3b:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f94df2f8f5a13c645368914e3dbe42a24a36da5d
Validity
Not Before: Jan 1 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f1393a1c26710c41a66971f46ee92a99f675569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:08:62:cf:c4:d0:56:78:49:42:1c:61:70:34:
f6:46:6e:c9:53:fa:68:06:31:b4:c2:d9:4b:ab:ad:
e9:17:27:3a:56:eb:0b:b8:18:5f:f6:58:6b:f6:08:
64:89:c3:8e:4a:59:cd:65:3f:ea:a3:20:d9:5b:09:
2a:f2:93:b0:e8:76:52:a9:f7:bc:61:21:27:be:84:
59:b0:56:ca:c0:52:d7:ee:6f:17:7d:12:41:0e:35:
b9:c5:da:53:31:16:45:db:15:e7:e5:a9:88:be:35:
ff:74:8c:be:29:14:2c:64:58:1d:d8:4d:16:62:5f:
64:2f:63:52:c1:95:84:01:50:04:9d:8f:30:9f:a0:
65:9a:73:af:84:a4:e2:aa:7f:65:f8:41:f8:2a:19:
11:77:05:f8:bd:18:75:db:4b:86:48:cc:94:67:ca:
4f:cd:7c:68:14:07:8f:c0:db:20:bf:37:d3:27:b6:
c2:5e:eb:12:98:80:b3:36:38:a3:f5:9d:79:49:5a:
08:c8:98:81:e0:29:2d:e5:98:39:3c:82:78:80:4e:
55:8a:8c:5c:dd:8d:d8:07:08:c9:10:19:ff:f7:9c:
0f:61:a4:d8:be:b9:75:9e:c3:3f:71:cc:f8:af:2b:
f5:14:62:77:9f:fa:40:a6:22:b8:ee:4b:92:e4:b4:
db:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:13:93:A1:C2:67:10:C4:1A:66:97:1F:46:EE:92:A9:9F:67:55:69
X509v3 Authority Key Identifier:
keyid:F9:4D:F2:F8:F5:A1:3C:64:53:68:91:4E:3D:BE:42:A2:4A:36:DA:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-U3y-PWhPGRTaJFOPb5Coko22l0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/bxOTocJnEMQaZpcfRu6SqZ9nVWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/1-U3y-PWhPGRTaJFOPb5Coko22l0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.184.32.0/20
185.48.92.0/22
193.138.164.0/22
IPv6:
2001:67c:20e0::/48
2a01:198::/32
Signature Algorithm: sha256WithRSAEncryption
40:dd:c3:33:f5:8b:d6:f7:10:3e:21:df:b0:1c:dc:6e:c9:61:
5e:4b:42:31:22:24:80:b1:a2:fb:53:5c:79:7d:c5:da:e6:44:
bb:3d:fb:d1:96:f8:f8:70:39:20:a3:5a:42:5f:02:74:cc:ab:
c0:9e:4b:ee:2a:87:9b:6f:a1:00:cc:ff:df:c6:15:45:38:47:
2f:72:6b:86:63:f0:0e:4f:e5:b8:5b:5f:52:8c:2e:0d:16:5f:
b9:68:6e:f9:b6:93:87:4b:9a:6f:43:f1:aa:b7:75:19:0a:61:
f9:6e:68:0f:ce:7a:77:13:7e:39:73:c0:26:67:8e:d8:80:c4:
a3:48:33:00:c1:04:f1:9a:20:fa:3f:dd:00:9d:e8:0b:12:ef:
95:84:61:f7:88:a9:4b:e9:c3:48:bd:4f:22:3a:f0:c3:d2:b7:
8c:81:b8:c6:87:fc:1c:37:2c:8a:89:cd:52:49:9c:e4:da:93:
72:9b:99:15:80:56:da:47:46:51:82:fe:be:df:93:da:19:3c:
58:21:73:37:7c:c0:5b:11:2c:51:a8:8c:b3:d4:da:8a:b7:10:
6c:07:1f:7b:f1:f7:4e:37:03:4b:07:6b:c1:9a:3b:17:43:f4:
77:81:08:61:87:5a:13:cc:dc:0e:e7:c5:c5:73:21:14:6f:39:
25:11:fa:f8
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZQg1lri9O9HJZRLrjaaITtQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NGRmMmY4ZjVhMTNjNjQ1MzY4OTE0ZTNkYmU0MmEyNGEz
NmRhNWQwHhcNMjUwMTAxMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjEzOTNhMWMyNjcxMGM0MWE2Njk3MWY0NmVlOTJhOTlmNjc1NTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvghiz8TQVnhJQhxhcDT2Rm7JU/po
BjG0wtlLq63pFyc6VusLuBhf9lhr9ghkicOOSlnNZT/qoyDZWwkq8pOw6HZSqfe8
YSEnvoRZsFbKwFLX7m8XfRJBDjW5xdpTMRZF2xXn5amIvjX/dIy+KRQsZFgd2E0W
Yl9kL2NSwZWEAVAEnY8wn6BlmnOvhKTiqn9l+EH4KhkRdwX4vRh120uGSMyUZ8pP
zXxoFAePwNsgvzfTJ7bCXusSmICzNjij9Z15SVoIyJiB4Ckt5Zg5PIJ4gE5Vioxc
3Y3YBwjJEBn/95wPYaTYvrl1nsM/ccz4ryv1FGJ3n/pApiK47kuS5LTbvQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFG8Tk6HCZxDEGmaXH0bukqmfZ1VpMB8GA1UdIwQY
MBaAFPlN8vj1oTxkU2iRTj2+QqJKNtpdMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1VM3ktUFdoUEdSVGFKRk9QYjVDb2tvMjJsMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIvZmQ4MDc0LTIyM2EtNGI1Mi1iZWRk
LTY2YmRmZmE4YmRjMS8xL2J4T1RvY0puRU1RYVpwY2ZSdTZTcVo5blZXay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmIvZmQ4MDc0LTIyM2EtNGI1Mi1iZWRkLTY2YmRmZmE4YmRj
MS8xLzEtVTN5LVBXaFBHUlRhSkZPUGI1Q29rbzIybDAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwQwYIKwYBBQUHAQcBAf8ENDAyMBgEAgABMBIDBARbuCAD
BAK5MFwDBALBiqQwFgQCAAIwEAMHACABBnwg4AMFACoBAZgwDQYJKoZIhvcNAQEL
BQADggEBAEDdwzP1i9b3ED4h37Ac3G7JYV5LQjEiJICxovtTXHl9xdrmRLs9+9GW
+PhwOSCjWkJfAnTMq8CeS+4qh5tvoQDM/9/GFUU4Ry9ya4Zj8A5P5bhbX1KMLg0W
X7lobvm2k4dLmm9D8aq3dRkKYfluaA/OencTfjlzwCZnjtiAxKNIMwDBBPGaIPo/
3QCd6AsS75WEYfeIqUvpw0i9TyI68MPSt4yBuMaH/Bw3LIqJzVJJnOTak3KbmRWA
VtpHRlGC/r7fk9oZPFghczd8wFsRLFGojLPU2oq3EGwHH3vx9043A0sHa8GaOxdD
9HeBCGGHWhPM3A7nxcVzIRRvOSUR+vg=
-----END CERTIFICATE-----
Generated at Sat Apr 12 22:48:07 2025 by rpki-client