Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/bjlUEqaZF5EwCSDk_Sxf_mEHztc.roa
File: bjlUEqaZF5EwCSDk_Sxf_mEHztc.roa (raw, json)
Hash identifier: RU5KJnOEEBCQibHDxtY5+aLGfLDV7MxXDGkjvgxmqg8=
Subject key identifier: 6E:39:54:12:A6:99:17:91:30:09:20:E4:FD:2C:5F:FE:61:07:CE:D7
Certificate issuer: /CN=535761913f575c411c992322ebb06cd2f37f02a2
Certificate serial: 0194206865D0998E7E88590D289F4A7B6FCA
Authority key identifier: 53:57:61:91:3F:57:5C:41:1C:99:23:22:EB:B0:6C:D2:F3:7F:02:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U1dhkT9XXEEcmSMi67Bs0vN_AqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/bjlUEqaZF5EwCSDk_Sxf_mEHztc.roa
Signing time: Wed 01 Jan 2025 05:48:20 +0000
ROA not before: Wed 01 Jan 2025 05:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5520
IP address blocks: 134.95.0.0/16 maxlen: 16
185.240.116.0/22 maxlen: 22
2a00:a200::/29 maxlen: 29
2a00:a200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/U1dhkT9XXEEcmSMi67Bs0vN_AqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/U1dhkT9XXEEcmSMi67Bs0vN_AqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/U1dhkT9XXEEcmSMi67Bs0vN_AqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:65:d0:99:8e:7e:88:59:0d:28:9f:4a:7b:6f:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=535761913f575c411c992322ebb06cd2f37f02a2
Validity
Not Before: Jan 1 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e395412a6991791300920e4fd2c5ffe6107ced7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:18:85:45:0a:7b:22:b8:5f:4d:98:4a:73:e5:
a0:c3:2c:15:b7:8f:d5:9b:49:98:72:fd:cd:4a:db:
00:cd:78:a3:59:52:66:96:37:2f:8b:9d:a3:19:aa:
8b:c8:c9:e6:fa:cb:8a:a5:1f:55:c6:72:22:6b:7b:
5b:5b:47:2b:cb:c8:b3:6e:97:1c:2a:02:39:50:22:
21:a5:48:ed:1f:15:04:11:bc:69:23:5e:70:39:ce:
c6:7c:11:0e:0b:e6:1c:28:ce:aa:59:ff:e4:7f:f7:
f2:5d:46:8b:03:69:35:a5:d7:3a:6e:a3:6e:38:53:
4f:53:21:71:bd:94:73:b0:52:75:2b:34:19:f0:51:
f1:e5:61:a8:45:75:be:05:5c:f5:c8:9e:66:82:f2:
eb:1a:25:cf:da:bb:dd:f8:00:e5:59:a9:3f:be:23:
c8:cf:93:27:24:ae:69:9d:2e:57:86:36:f2:82:08:
e5:45:6c:d9:bb:5e:ed:a1:a5:ad:93:ac:cb:ba:cb:
d2:2b:9f:03:60:d4:4b:8a:4c:7e:ff:a4:66:db:bd:
c1:0e:9b:53:e2:7d:b4:b2:40:3d:d8:c2:9a:46:91:
c0:21:03:fc:08:02:07:81:f1:d6:08:5a:d1:14:6c:
fe:d5:2b:55:4a:49:29:9a:d6:f1:d0:8d:b8:94:dd:
60:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:39:54:12:A6:99:17:91:30:09:20:E4:FD:2C:5F:FE:61:07:CE:D7
X509v3 Authority Key Identifier:
keyid:53:57:61:91:3F:57:5C:41:1C:99:23:22:EB:B0:6C:D2:F3:7F:02:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U1dhkT9XXEEcmSMi67Bs0vN_AqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/bjlUEqaZF5EwCSDk_Sxf_mEHztc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/9f00a9-b60f-4e32-9037-04dfc3663e35/1/U1dhkT9XXEEcmSMi67Bs0vN_AqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.95.0.0/16
185.240.116.0/22
IPv6:
2a00:a200::/29
Signature Algorithm: sha256WithRSAEncryption
5a:90:77:ed:87:3d:eb:27:31:be:b3:2b:67:2b:d5:32:b5:5f:
1b:92:a6:65:7e:59:ef:42:5d:89:e1:af:ee:0b:c1:9e:cf:fc:
69:e4:58:32:a1:e1:b8:1a:d3:41:35:da:8e:95:3d:f1:30:39:
88:4d:5f:24:77:21:84:9b:68:88:f5:92:4c:6d:3c:de:16:60:
20:e5:f4:7c:b2:b9:ec:a6:7d:c5:00:ed:f4:f3:47:ee:2f:c8:
6d:41:e0:04:7a:1d:24:3e:16:8b:6c:3c:d2:9a:f9:c1:ce:28:
73:7f:ab:f3:0e:e4:ba:3c:27:a8:95:c8:e4:99:2f:74:07:a1:
59:28:10:cc:03:74:a4:1b:68:89:a3:ae:87:cc:eb:47:92:d2:
b6:71:7e:0c:2d:4b:64:26:25:a0:6a:d1:5b:44:bb:b6:73:94:
3a:9f:b6:c2:70:35:6b:20:9c:56:f5:86:8d:e0:2b:20:98:b1:
d9:f8:65:99:c9:c8:60:8a:d1:f4:42:cc:26:18:24:e1:82:89:
cd:cc:7a:0a:d3:ba:3f:56:cb:5c:c3:32:ae:46:fd:52:2a:c2:
ac:78:c9:24:44:8f:b9:7d:07:e0:24:7e:18:e9:e7:7d:e7:15:
de:13:4c:39:44:20:1f:b8:5d:2d:71:56:d2:11:15:f1:c3:25:
e4:56:99:66
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQgaGXQmY5+iFkNKJ9Ke2/KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzNTc2MTkxM2Y1NzVjNDExYzk5MjMyMmViYjA2Y2QyZjM3
ZjAyYTIwHhcNMjUwMTAxMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTM5NTQxMmE2OTkxNzkxMzAwOTIwZTRmZDJjNWZmZTYxMDdjZWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hiFRQp7IrhfTZhKc+WgwywVt4/V
m0mYcv3NStsAzXijWVJmljcvi52jGaqLyMnm+suKpR9VxnIia3tbW0cry8izbpcc
KgI5UCIhpUjtHxUEEbxpI15wOc7GfBEOC+YcKM6qWf/kf/fyXUaLA2k1pdc6bqNu
OFNPUyFxvZRzsFJ1KzQZ8FHx5WGoRXW+BVz1yJ5mgvLrGiXP2rvd+ADlWak/viPI
z5MnJK5pnS5XhjbyggjlRWzZu17toaWtk6zLusvSK58DYNRLikx+/6Rm273BDptT
4n20skA92MKaRpHAIQP8CAIHgfHWCFrRFGz+1StVSkkpmtbx0I24lN1g1wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFG45VBKmmReRMAkg5P0sX/5hB87XMB8GA1UdIwQY
MBaAFFNXYZE/V1xBHJkjIuuwbNLzfwKiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTFkaGtUOVhYRUVjbVNNaTY3QnMwdk5fQXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS85ZjAwYTktYjYwZi00ZTMyLTkwMzct
MDRkZmMzNjYzZTM1LzEvYmpsVUVxYVpGNUV3Q1NEa19TeGZfbUVIenRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS85ZjAwYTktYjYwZi00ZTMyLTkwMzctMDRkZmMzNjYzZTM1
LzEvVTFkaGtUOVhYRUVjbVNNaTY3QnMwdk5fQXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAhl8DBAK5
8HQwDQQCAAIwBwMFAyoAogAwDQYJKoZIhvcNAQELBQADggEBAFqQd+2HPesnMb6z
K2cr1TK1XxuSpmV+We9CXYnhr+4LwZ7P/GnkWDKh4bga00E12o6VPfEwOYhNXyR3
IYSbaIj1kkxtPN4WYCDl9HyyueymfcUA7fTzR+4vyG1B4AR6HSQ+FotsPNKa+cHO
KHN/q/MO5Lo8J6iVyOSZL3QHoVkoEMwDdKQbaImjrofM60eS0rZxfgwtS2QmJaBq
0VtEu7ZzlDqftsJwNWsgnFb1ho3gKyCYsdn4ZZnJyGCK0fRCzCYYJOGCic3MegrT
uj9Wy1zDMq5G/VIqwqx4ySREj7l9B+Akfhjp533nFd4TTDlEIB+4XS1xVtIRFfHD
JeRWmWY=
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:55:47 2025 by rpki-client