Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/BlllPFfwzBleeaMQKYCQ6F0B17E.roa
File: BlllPFfwzBleeaMQKYCQ6F0B17E.roa (raw, json)
Hash identifier: NVG+8qMR5/CCZ9iBnkVvx5PPkG8viGMGtVWfLcED+Ug=
Subject key identifier: 06:59:65:3C:57:F0:CC:19:5E:79:A3:10:29:80:90:E8:5D:01:D7:B1
Certificate issuer: /CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Certificate serial: 019421443B14422A6A0B0CCBAB3A331E91B9
Authority key identifier: 4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/BlllPFfwzBleeaMQKYCQ6F0B17E.roa
Signing time: Wed 01 Jan 2025 09:48:27 +0000
ROA not before: Wed 01 Jan 2025 09:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8821
IP address blocks: 62.171.0.0/17 maxlen: 17
77.245.176.0/20 maxlen: 20
82.136.64.0/18 maxlen: 18
151.248.128.0/17 maxlen: 17
158.181.96.0/19 maxlen: 19
185.42.244.0/22 maxlen: 22
185.244.112.0/22 maxlen: 22
212.4.64.0/19 maxlen: 19
217.194.48.0/20 maxlen: 20
2a01:760::/29 maxlen: 29
2a01:8b80::/29 maxlen: 29
2a01:8b80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.mft
rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:3b:14:42:2a:6a:0b:0c:cb:ab:3a:33:1e:91:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ac2bc0e3e59332f4be2c58ff25a1861f5fde819
Validity
Not Before: Jan 1 09:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0659653c57f0cc195e79a310298090e85d01d7b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:bd:dd:b4:28:07:a4:60:3f:c4:b9:ba:3b:e5:
0b:94:c5:12:d6:cd:c0:d4:a0:19:9d:99:5c:84:49:
7c:b7:fd:fb:eb:2e:47:ae:90:f2:94:99:18:00:6a:
9d:88:bb:51:0e:46:a5:30:c1:d7:cb:a4:b7:cf:42:
cc:71:21:f4:63:3d:2b:f0:06:bc:b5:14:43:14:2b:
77:ab:93:a3:3a:34:e0:ad:af:59:9f:ca:09:0d:71:
0e:b0:3c:fb:90:dc:29:b1:75:b1:b3:8e:55:8b:1a:
2a:67:b8:14:45:a7:b6:75:04:56:72:c0:b1:f2:4a:
01:b5:d2:7a:17:ea:95:3b:09:40:3a:17:d6:1c:23:
6f:b6:10:ca:b8:58:49:a7:2e:6f:12:7e:28:7c:e2:
6e:fc:c6:19:cc:51:94:30:6a:27:02:4f:65:59:a4:
7e:7c:0b:f3:42:c9:2e:9f:c4:f9:fc:a7:4b:c8:2b:
c2:a6:0f:18:25:e9:bd:ae:b8:26:51:4d:01:33:4d:
c6:cd:d9:ff:c8:0d:ea:a2:f3:cd:3a:d1:58:f2:3c:
a2:40:d3:30:53:e2:58:a6:53:6b:6e:4b:fb:10:82:
79:c2:02:fd:2a:32:5b:2b:6d:d3:83:54:f6:97:d3:
eb:c3:46:65:d8:2c:b4:fc:a7:46:d2:76:79:c8:34:
26:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:59:65:3C:57:F0:CC:19:5E:79:A3:10:29:80:90:E8:5D:01:D7:B1
X509v3 Authority Key Identifier:
keyid:4A:C2:BC:0E:3E:59:33:2F:4B:E2:C5:8F:F2:5A:18:61:F5:FD:E8:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/BlllPFfwzBleeaMQKYCQ6F0B17E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/48afe0-5a18-4d99-91b6-8073dce09628/1/SsK8Dj5ZMy9L4sWP8loYYfX96Bk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.171.0.0/17
77.245.176.0/20
82.136.64.0/18
151.248.128.0/17
158.181.96.0/19
185.42.244.0/22
185.244.112.0/22
212.4.64.0/19
217.194.48.0/20
IPv6:
2a01:760::/29
2a01:8b80::/29
Signature Algorithm: sha256WithRSAEncryption
5e:e5:5a:7b:c5:ff:a8:a3:56:d6:9a:d1:c9:05:3b:c9:71:58:
e5:d8:70:c2:7f:5a:69:4f:81:9c:10:5e:d4:41:0f:2e:a6:92:
d8:4a:18:49:87:82:4b:93:ee:1c:db:0c:e7:70:33:ba:62:e2:
89:ef:f3:63:40:1d:94:3c:ec:76:2c:29:d3:71:ba:47:67:22:
37:26:ca:64:32:c9:51:9e:e0:94:c8:0b:50:62:44:99:9e:0d:
12:e0:07:a5:7a:32:3d:df:69:38:e3:c8:26:f9:7c:4c:95:e0:
c6:be:91:37:08:7d:5d:83:50:28:3c:80:55:10:42:57:94:6b:
73:a3:ba:25:e1:bd:70:ac:95:61:56:bf:ba:c2:dc:d9:bb:96:
76:fb:57:61:49:9c:f8:f6:38:29:98:3f:07:f9:81:d7:14:33:
d5:b9:72:a5:f3:31:f1:9c:e8:e1:07:2d:d7:0a:f5:d0:79:ca:
73:13:e7:9f:22:31:85:01:1f:01:3d:44:3f:8c:78:0f:d9:69:
28:86:78:95:b3:ec:f4:0a:08:da:35:8d:57:20:d0:73:fe:b6:
20:4d:b3:25:f9:39:82:d7:1a:ec:02:29:9f:e1:ac:88:fa:9b:
ad:68:39:40:10:d1:a1:26:12:67:94:25:28:10:04:64:de:bf:
85:7a:95:33
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAZQhRDsUQipqCwzLqzozHpG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhYzJiYzBlM2U1OTMzMmY0YmUyYzU4ZmYyNWExODYxZjVm
ZGU4MTkwHhcNMjUwMTAxMDk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjU5NjUzYzU3ZjBjYzE5NWU3OWEzMTAyOTgwOTBlODVkMDFkN2IxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7L3dtCgHpGA/xLm6O+ULlMUS1s3A
1KAZnZlchEl8t/376y5HrpDylJkYAGqdiLtRDkalMMHXy6S3z0LMcSH0Yz0r8Aa8
tRRDFCt3q5OjOjTgra9Zn8oJDXEOsDz7kNwpsXWxs45VixoqZ7gURae2dQRWcsCx
8koBtdJ6F+qVOwlAOhfWHCNvthDKuFhJpy5vEn4ofOJu/MYZzFGUMGonAk9lWaR+
fAvzQskun8T5/KdLyCvCpg8YJem9rrgmUU0BM03Gzdn/yA3qovPNOtFY8jyiQNMw
U+JYplNrbkv7EIJ5wgL9KjJbK23Tg1T2l9Prw0Zl2Cy0/KdG0nZ5yDQm/wIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFAZZZTxX8MwZXnmjECmAkOhdAdexMB8GA1UdIwQY
MBaAFErCvA4+WTMvS+LFj/JaGGH1/egZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3NLOERqNVpNeTlMNHNXUDhsb1lZZlg5NkJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC80OGFmZTAtNWExOC00ZDk5LTkxYjYt
ODA3M2RjZTA5NjI4LzEvQmxsbFBGZnd6QmxlZWFNUUtZQ1E2RjBCMTdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC80OGFmZTAtNWExOC00ZDk5LTkxYjYtODA3M2RjZTA5NjI4
LzEvU3NLOERqNVpNeTlMNHNXUDhsb1lZZlg5NkJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDA8BAIAATA2AwQHPqsAAwQE
TfWwAwQGUohAAwQHl/iAAwQFnrVgAwQCuSr0AwQCufRwAwQF1ARAAwQE2cIwMBQE
AgACMA4DBQMqAQdgAwUDKgGLgDANBgkqhkiG9w0BAQsFAAOCAQEAXuVae8X/qKNW
1prRyQU7yXFY5dhwwn9aaU+BnBBe1EEPLqaS2EoYSYeCS5PuHNsM53AzumLiie/z
Y0AdlDzsdiwp03G6R2ciNybKZDLJUZ7glMgLUGJEmZ4NEuAHpXoyPd9pOOPIJvl8
TJXgxr6RNwh9XYNQKDyAVRBCV5Rrc6O6JeG9cKyVYVa/usLc2buWdvtXYUmc+PY4
KZg/B/mB1xQz1blypfMx8Zzo4Qct1wr10HnKcxPnnyIxhQEfAT1EP4x4D9lpKIZ4
lbPs9AoI2jWNVyDQc/62IE2zJfk5gtca7AIpn+GsiPqbrWg5QBDRoSYSZ5QlKBAE
ZN6/hXqVMw==
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:46:28 2025 by rpki-client