Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/BDePhfa6XjPm6GJ2nhEOB22J0Cc.roa
File: BDePhfa6XjPm6GJ2nhEOB22J0Cc.roa (raw, json)
Hash identifier: +yLTNZd1DxNd/w4/Tt21tkQYSV5rMNl3vDHxAq0lK+o=
Subject key identifier: 04:37:8F:85:F6:BA:5E:33:E6:E8:62:76:9E:11:0E:07:6D:89:D0:27
Certificate issuer: /CN=935c42857e302feb14017301e43c39fe45e7f629
Certificate serial: 01964CBE6E2B40C9214431104B8CB2B2624C
Authority key identifier: 93:5C:42:85:7E:30:2F:EB:14:01:73:01:E4:3C:39:FE:45:E7:F6:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k1xChX4wL-sUAXMB5Dw5_kXn9ik.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/BDePhfa6XjPm6GJ2nhEOB22J0Cc.roa
Signing time: Sat 19 Apr 2025 06:31:10 +0000
ROA not before: Sat 19 Apr 2025 06:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44612
IP address blocks: 185.214.25.0/24 maxlen: 24
185.214.27.0/24 maxlen: 24
2a0b:9440::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/k1xChX4wL-sUAXMB5Dw5_kXn9ik.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/k1xChX4wL-sUAXMB5Dw5_kXn9ik.mft
rsync://rpki.ripe.net/repository/DEFAULT/k1xChX4wL-sUAXMB5Dw5_kXn9ik.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:4c:be:6e:2b:40:c9:21:44:31:10:4b:8c:b2:b2:62:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=935c42857e302feb14017301e43c39fe45e7f629
Validity
Not Before: Apr 19 06:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04378f85f6ba5e33e6e862769e110e076d89d027
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:1b:63:eb:fb:f6:a2:46:a0:d1:3d:cc:62:f0:
8e:15:8a:f0:63:27:b5:4f:77:a3:45:b9:e5:58:b1:
49:4e:3f:92:00:04:8d:cc:87:dc:e4:4e:7b:6c:45:
44:c2:e1:7c:8c:27:7b:74:21:de:e2:8d:35:a7:ac:
3b:83:7d:d0:3b:85:b3:9a:4b:10:11:a6:92:4a:aa:
05:8d:da:a0:00:a5:73:66:f4:ec:ad:28:64:18:61:
a1:2f:5e:17:02:f9:4c:2c:94:5a:b9:11:ef:ec:a3:
94:22:d2:3f:3b:d9:94:5b:ff:c3:f2:0a:11:ab:d5:
58:83:62:30:e8:fc:01:aa:f5:d1:a8:89:d1:98:b3:
2d:bf:dc:ea:b2:c2:81:40:2b:f5:c4:e9:fa:bf:85:
9c:fa:35:e8:44:b8:7c:79:cd:a3:f0:ba:44:bb:fd:
56:90:7a:6e:e8:52:26:52:b9:f3:aa:04:e4:8f:84:
37:e9:0f:1d:77:9f:eb:4a:22:18:8e:bc:be:cd:90:
f1:c5:4d:11:83:09:03:18:81:44:3c:f4:47:53:99:
d6:74:29:a2:33:55:83:a7:98:87:f8:6a:8e:c0:46:
2c:27:75:ad:df:1d:29:5d:8e:51:a1:e9:93:ba:0e:
f2:b9:8a:3d:38:d5:52:8f:aa:b1:6c:65:28:17:2f:
3a:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:37:8F:85:F6:BA:5E:33:E6:E8:62:76:9E:11:0E:07:6D:89:D0:27
X509v3 Authority Key Identifier:
keyid:93:5C:42:85:7E:30:2F:EB:14:01:73:01:E4:3C:39:FE:45:E7:F6:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k1xChX4wL-sUAXMB5Dw5_kXn9ik.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/BDePhfa6XjPm6GJ2nhEOB22J0Cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/55e529-b839-444f-872d-1bfd10a8845a/1/k1xChX4wL-sUAXMB5Dw5_kXn9ik.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.214.25.0/24
185.214.27.0/24
IPv6:
2a0b:9440::/29
Signature Algorithm: sha256WithRSAEncryption
00:89:c6:c8:d0:fd:4c:df:c9:38:bb:3f:c8:35:95:91:86:2a:
df:10:5f:81:a4:1b:52:13:60:23:b0:f8:8c:ee:bf:6a:bb:dd:
b1:a8:46:fc:93:47:53:09:c1:42:2f:f5:cb:3b:07:f8:da:d1:
99:6a:01:bd:a7:22:e2:f5:fc:88:5c:0e:09:b0:24:dc:8b:48:
3f:b8:c3:ef:bd:9e:9c:8d:dd:ed:40:49:3d:76:1b:1d:1d:ba:
52:cb:fb:73:c4:e7:ed:42:51:f4:3f:40:91:46:16:3b:5c:49:
10:a1:4d:42:43:f4:a0:33:8d:e2:6f:0a:0e:98:25:ef:10:a7:
aa:26:e7:a3:a6:f3:b5:8d:11:95:76:02:a9:d6:4a:82:fc:8b:
bb:89:95:e7:d7:f4:09:c6:b7:45:6d:6c:f6:cd:fb:b9:12:ca:
61:25:d0:ce:da:29:65:5b:6d:cd:23:cd:fc:0c:17:2b:1a:1b:
9f:f4:ed:55:f1:17:62:7a:c6:46:56:f4:b3:57:52:78:b0:48:
03:28:8f:41:8e:0a:07:02:d3:ab:fa:2d:37:37:2e:ce:c6:57:
81:27:ed:ae:c1:b0:a7:bb:36:0c:57:38:15:a0:68:b6:a4:11:
03:34:0a:2e:27:60:6a:a2:5a:f9:18:f5:e2:58:77:9e:cf:e9:
fd:e0:74:1b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZZMvm4rQMkhRDEQS4yysmJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNWM0Mjg1N2UzMDJmZWIxNDAxNzMwMWU0M2MzOWZlNDVl
N2Y2MjkwHhcNMjUwNDE5MDYzMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDM3OGY4NWY2YmE1ZTMzZTZlODYyNzY5ZTExMGUwNzZkODlkMDI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmhtj6/v2okag0T3MYvCOFYrwYye1
T3ejRbnlWLFJTj+SAASNzIfc5E57bEVEwuF8jCd7dCHe4o01p6w7g33QO4WzmksQ
EaaSSqoFjdqgAKVzZvTsrShkGGGhL14XAvlMLJRauRHv7KOUItI/O9mUW//D8goR
q9VYg2Iw6PwBqvXRqInRmLMtv9zqssKBQCv1xOn6v4Wc+jXoRLh8ec2j8LpEu/1W
kHpu6FImUrnzqgTkj4Q36Q8dd5/rSiIYjry+zZDxxU0RgwkDGIFEPPRHU5nWdCmi
M1WDp5iH+GqOwEYsJ3Wt3x0pXY5RoemTug7yuYo9ONVSj6qxbGUoFy86sQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAQ3j4X2ul4z5uhidp4RDgdtidAnMB8GA1UdIwQY
MBaAFJNcQoV+MC/rFAFzAeQ8Of5F5/YpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazF4Q2hYNHdMLXNVQVhNQjVEdzVfa1huOWlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS81NWU1MjktYjgzOS00NDRmLTg3MmQt
MWJmZDEwYTg4NDVhLzEvQkRlUGhmYTZYalBtNkdKMm5oRU9CMjJKMENjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS81NWU1MjktYjgzOS00NDRmLTg3MmQtMWJmZDEwYTg4NDVh
LzEvazF4Q2hYNHdMLXNVQVhNQjVEdzVfa1huOWlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAudYZAwQA
udYbMA0EAgACMAcDBQMqC5RAMA0GCSqGSIb3DQEBCwUAA4IBAQAAicbI0P1M38k4
uz/INZWRhirfEF+BpBtSE2AjsPiM7r9qu92xqEb8k0dTCcFCL/XLOwf42tGZagG9
pyLi9fyIXA4JsCTci0g/uMPvvZ6cjd3tQEk9dhsdHbpSy/tzxOftQlH0P0CRRhY7
XEkQoU1CQ/SgM43ibwoOmCXvEKeqJuejpvO1jRGVdgKp1kqC/Iu7iZXn1/QJxrdF
bWz2zfu5EsphJdDO2illW23NI838DBcrGhuf9O1V8RdiesZGVvSzV1J4sEgDKI9B
jgoHAtOr+i03Ny7OxleBJ+2uwbCnuzYMVzgVoGi2pBEDNAouJ2Bqolr5GPXiWHee
z+n94HQb
-----END CERTIFICATE-----
Generated at Mon Apr 21 10:39:33 2025 by rpki-client