Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/Bf7OVXQI7NP6BnLconGXvo-6sws.roa
File: Bf7OVXQI7NP6BnLconGXvo-6sws.roa (raw, json)
Hash identifier: JyZurMaiEFvjOy1NMo/RzKa7qogLz+KnFYIZAGu//y8=
Subject key identifier: 05:FE:CE:55:74:08:EC:D3:FA:06:72:DC:A2:71:97:BE:8F:BA:B3:0B
Certificate issuer: /CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Certificate serial: 01964529820440B617830552E2F0D9FF813D
Authority key identifier: C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/Bf7OVXQI7NP6BnLconGXvo-6sws.roa
Signing time: Thu 17 Apr 2025 19:11:10 +0000
ROA not before: Thu 17 Apr 2025 19:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59645
IP address blocks: 193.104.168.0/24 maxlen: 24
195.191.196.0/23 maxlen: 24
195.191.196.0/24 maxlen: 24
195.191.197.0/24 maxlen: 24
2a06:d1c0::/29 maxlen: 29
2a06:d1c0:a761::/48 maxlen: 48
2a06:d1c0:ac5a::/48 maxlen: 48
2a06:d1c0:deac::/48 maxlen: 48
2a06:d1c0:dead::/48 maxlen: 48
2a06:d1c0:deae::/48 maxlen: 48
2a06:d1c0:f761::/48 maxlen: 48
2a06:d1c1::/32 maxlen: 48
2a06:d1c1:a::/48 maxlen: 48
2a06:d1c1:e::/48 maxlen: 48
2a06:d1c1:23::/48 maxlen: 48
2a06:d1c1:30::/44 maxlen: 48
2a06:d1c1:30::/48 maxlen: 48
2a06:d1c1:ac5a::/48 maxlen: 48
2a06:d1c2::/36 maxlen: 48
2a06:d1c7::/48 maxlen: 48
2a06:d1c7:a::/48 maxlen: 48
2a06:d1c7:b::/48 maxlen: 48
2a06:d1c7:d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.mft
rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:45:29:82:04:40:b6:17:83:05:52:e2:f0:d9:ff:81:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c64fa0ad8987149f05534724b45a2f4d5ebf475d
Validity
Not Before: Apr 17 19:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05fece557408ecd3fa0672dca27197be8fbab30b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:ac:c5:e1:73:7c:27:68:5d:57:5a:ec:82:d9:
d1:f3:1a:7c:87:37:b0:eb:dc:48:1c:15:0b:e7:bf:
8b:ba:42:61:4e:42:ce:ff:02:96:93:ea:59:cb:f2:
72:a5:55:0e:62:94:87:e9:94:54:4f:05:50:aa:b1:
f8:ce:08:4e:13:92:db:4b:42:0b:e0:4a:ce:89:1a:
ed:ff:a8:85:47:3e:cd:31:93:b7:67:e2:cb:9b:d8:
e2:5d:6f:1e:f7:4c:13:e6:13:59:98:68:58:08:56:
94:71:da:7f:aa:70:80:ab:81:a4:2b:33:63:33:43:
91:ff:12:c2:32:45:4e:b9:78:56:b3:41:d7:45:de:
d1:c2:96:b6:06:0b:27:63:14:05:c0:70:ca:cb:e7:
b6:61:c2:bd:ab:b6:fe:89:df:5f:da:67:9a:96:f5:
e4:f3:3e:ff:5b:0e:90:cd:7c:d7:78:f7:11:24:4d:
ef:de:40:62:69:99:0e:47:68:40:cb:3f:fe:ff:23:
9f:7f:c8:b3:01:f5:62:96:ec:58:42:6c:3c:2d:58:
9d:aa:37:00:1f:d8:69:01:f6:93:d2:e0:4c:69:a5:
da:e0:39:06:95:37:64:7a:6f:22:c8:1b:6b:77:d1:
3a:2a:95:e6:ef:a9:f4:ec:9d:10:bc:c9:40:60:5f:
79:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:FE:CE:55:74:08:EC:D3:FA:06:72:DC:A2:71:97:BE:8F:BA:B3:0B
X509v3 Authority Key Identifier:
keyid:C6:4F:A0:AD:89:87:14:9F:05:53:47:24:B4:5A:2F:4D:5E:BF:47:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xk-grYmHFJ8FU0cktFovTV6_R10.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/Bf7OVXQI7NP6BnLconGXvo-6sws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/24015f-091c-4c5d-b5c1-bcf77026939d/1/xk-grYmHFJ8FU0cktFovTV6_R10.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.104.168.0/24
195.191.196.0/23
IPv6:
2a06:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
30:e3:7e:30:bc:1e:a0:dc:8e:da:d4:3d:3c:a1:12:8e:66:0c:
56:97:a2:5e:c3:79:f4:60:ac:c1:9f:3d:e5:a4:20:49:96:da:
71:c9:5b:be:82:e6:ed:6e:ce:cf:24:fe:de:9f:e6:6c:e1:21:
cc:2a:22:c2:42:cd:a9:32:cc:a6:fd:f2:f1:fb:b8:d4:a5:35:
79:1d:f7:5e:a9:b5:88:ee:3c:d7:1d:fe:25:d5:c3:f3:2b:38:
be:e1:9c:a3:49:fb:c4:bd:84:19:81:0e:df:18:df:2f:58:a9:
c4:77:f5:e8:7c:9f:79:08:1c:d8:f2:49:5e:de:1e:e0:45:5a:
5a:d7:a0:ee:fd:fe:79:dd:46:d5:8c:0f:ca:b4:c5:41:92:c4:
d8:2e:e6:fc:11:1d:74:c4:d7:db:ae:3e:18:d1:42:96:82:11:
2f:11:0c:df:9a:bc:8e:8e:21:9e:f8:94:eb:f4:54:4d:43:73:
39:50:80:49:29:42:a6:f4:a3:a6:82:c7:ba:ed:4c:00:d5:68:
a8:1e:e6:38:48:23:94:6d:4f:a6:a7:bf:7e:9d:2b:46:95:56:
10:09:8a:d3:75:70:a9:3a:2a:2c:ab:ea:89:d3:a7:7b:37:66:
e7:64:e6:7e:bd:1e:b2:ea:00:80:c8:3f:df:c6:0e:a5:47:ff:
1d:49:0d:1d
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZZFKYIEQLYXgwVS4vDZ/4E9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NGZhMGFkODk4NzE0OWYwNTUzNDcyNGI0NWEyZjRkNWVi
ZjQ3NWQwHhcNMjUwNDE3MTkxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWZlY2U1NTc0MDhlY2QzZmEwNjcyZGNhMjcxOTdiZThmYmFiMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqzF4XN8J2hdV1rsgtnR8xp8hzew
69xIHBUL57+LukJhTkLO/wKWk+pZy/JypVUOYpSH6ZRUTwVQqrH4zghOE5LbS0IL
4ErOiRrt/6iFRz7NMZO3Z+LLm9jiXW8e90wT5hNZmGhYCFaUcdp/qnCAq4GkKzNj
M0OR/xLCMkVOuXhWs0HXRd7Rwpa2BgsnYxQFwHDKy+e2YcK9q7b+id9f2mealvXk
8z7/Ww6QzXzXePcRJE3v3kBiaZkOR2hAyz/+/yOff8izAfViluxYQmw8LVidqjcA
H9hpAfaT0uBMaaXa4DkGlTdkem8iyBtrd9E6KpXm76n07J0QvMlAYF95xwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAX+zlV0COzT+gZy3KJxl76PurMLMB8GA1UdIwQY
MBaAFMZPoK2JhxSfBVNHJLRaL01ev0ddMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEt
YmNmNzcwMjY5MzlkLzEvQmY3T1ZYUUk3TlA2Qm5MY29uR1h2by02c3dzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8yNDAxNWYtMDkxYy00YzVkLWI1YzEtYmNmNzcwMjY5Mzlk
LzEveGstZ3JZbUhGSjhGVTBja3RGb3ZUVjZfUjEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwWioAwQB
w7/EMA0EAgACMAcDBQMqBtHAMA0GCSqGSIb3DQEBCwUAA4IBAQAw434wvB6g3I7a
1D08oRKOZgxWl6Jew3n0YKzBnz3lpCBJltpxyVu+gubtbs7PJP7en+Zs4SHMKiLC
Qs2pMsym/fLx+7jUpTV5HfdeqbWI7jzXHf4l1cPzKzi+4ZyjSfvEvYQZgQ7fGN8v
WKnEd/XofJ95CBzY8kle3h7gRVpa16Du/f553UbVjA/KtMVBksTYLub8ER10xNfb
rj4Y0UKWghEvEQzfmryOjiGe+JTr9FRNQ3M5UIBJKUKm9KOmgse67UwA1WioHuY4
SCOUbU+mp79+nStGlVYQCYrTdXCpOiosq+qJ06d7N2bnZOZ+vR6y6gCAyD/fxg6l
R/8dSQ0d
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:02:11 2025 by rpki-client