Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/bkhY0JpEEO9e7LOCTStEAO3KiFg.roa
File: bkhY0JpEEO9e7LOCTStEAO3KiFg.roa (raw, json)
Hash identifier: nFRZrXuS6GoRY3BCOn9rQkEjbqjSmpEWfOS5j9kS+AQ=
Subject key identifier: 6E:48:58:D0:9A:44:10:EF:5E:EC:B3:82:4D:2B:44:00:ED:CA:88:58
Certificate issuer: /CN=b9b8139993be665f3b5d0f6909ef058fa8f97922
Certificate serial: 0194DEE12C903AD94115F83BC3DC6C098234
Authority key identifier: B9:B8:13:99:93:BE:66:5F:3B:5D:0F:69:09:EF:05:8F:A8:F9:79:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/bkhY0JpEEO9e7LOCTStEAO3KiFg.roa
Signing time: Fri 07 Feb 2025 05:28:06 +0000
ROA not before: Fri 07 Feb 2025 05:28:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39707
IP address blocks: 92.39.96.0/21 maxlen: 21
92.39.96.0/24 maxlen: 24
92.39.97.0/24 maxlen: 24
92.39.98.0/24 maxlen: 24
92.39.99.0/24 maxlen: 24
92.39.100.0/24 maxlen: 24
92.39.101.0/24 maxlen: 24
92.39.102.0/24 maxlen: 24
92.39.103.0/24 maxlen: 24
213.234.23.0/24 maxlen: 24
213.234.24.0/21 maxlen: 21
213.234.24.0/24 maxlen: 24
213.234.25.0/24 maxlen: 24
213.234.26.0/24 maxlen: 24
213.234.27.0/24 maxlen: 24
213.234.28.0/24 maxlen: 24
213.234.29.0/24 maxlen: 24
213.234.30.0/24 maxlen: 24
213.234.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:de:e1:2c:90:3a:d9:41:15:f8:3b:c3:dc:6c:09:82:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b8139993be665f3b5d0f6909ef058fa8f97922
Validity
Not Before: Feb 7 05:28:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e4858d09a4410ef5eecb3824d2b4400edca8858
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:85:34:a3:ad:bd:e2:cb:ce:6f:eb:46:41:8e:
f7:01:d5:47:14:92:35:b8:5d:c1:92:93:b1:e4:2c:
00:bf:a5:b8:e3:76:ea:46:ee:9b:87:88:9e:6d:e4:
ae:6c:b5:4f:9a:1d:5a:97:4c:8c:03:09:7b:cd:9e:
78:af:65:89:81:ff:15:c4:a2:77:56:ed:a2:e3:c0:
d2:3a:97:fc:1e:b7:e9:c4:2e:39:ba:e9:10:83:f0:
af:cc:88:f4:10:01:db:e3:93:13:c1:7f:50:a2:f2:
79:2d:32:b2:e2:68:8f:15:b1:dd:ac:12:61:d0:cb:
92:bf:5c:5b:80:0b:92:e0:44:8d:8f:75:44:42:1f:
2a:1b:49:56:6a:26:4a:27:9f:82:67:16:65:32:0c:
95:1a:0d:24:53:21:1a:5a:99:99:34:3f:82:fc:65:
18:fa:5a:b3:43:f1:7a:25:ef:4e:e5:7b:c2:c2:d0:
54:2e:b1:91:c9:e5:bf:cb:c6:a0:86:22:90:2a:66:
6c:5b:fc:02:7f:b4:a1:4f:fa:39:8f:b3:0c:5c:7d:
f7:e5:eb:cf:a0:64:12:4e:a6:cc:da:b3:fb:a7:51:
07:42:55:bb:6e:8b:2a:5c:38:c2:93:9b:c3:33:e3:
67:b9:81:61:bd:2c:4f:18:0a:b9:d8:bf:42:db:eb:
7a:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:48:58:D0:9A:44:10:EF:5E:EC:B3:82:4D:2B:44:00:ED:CA:88:58
X509v3 Authority Key Identifier:
keyid:B9:B8:13:99:93:BE:66:5F:3B:5D:0F:69:09:EF:05:8F:A8:F9:79:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/bkhY0JpEEO9e7LOCTStEAO3KiFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/44124d-8b15-45b2-a5c1-7bc73eee1447/1/ubgTmZO-Zl87XQ9pCe8Fj6j5eSI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.39.96.0/21
213.234.23.0-213.234.31.255
Signature Algorithm: sha256WithRSAEncryption
8f:73:61:5a:ea:d6:06:74:fc:27:06:54:dd:ac:39:d5:ee:af:
36:04:c3:5f:c0:79:5e:c3:9a:20:14:74:98:2c:29:31:61:38:
1b:c3:28:f7:aa:9d:a5:35:47:2a:b8:a4:1f:7c:ef:f5:76:0c:
9c:70:48:00:c1:d8:db:09:ce:74:70:11:ff:6f:0e:8a:6c:d1:
82:17:7a:ff:54:15:74:b1:e7:b8:19:26:ab:1d:3c:0e:7e:4e:
5a:b8:6c:6f:ee:f6:5b:93:b9:8e:06:44:48:f8:c9:d2:75:96:
d8:a5:5e:cc:56:be:be:69:97:9c:ee:af:67:8d:ef:01:d8:1a:
57:20:22:de:d0:60:e7:fb:7f:56:8a:ab:d8:e5:7d:36:d7:e8:
47:93:dd:05:bd:d5:6a:c6:2b:54:fd:e5:26:29:13:95:25:76:
6e:09:a4:df:05:3a:45:40:f1:74:41:0d:a3:21:b8:1d:67:d0:
e7:bb:72:75:07:47:b2:42:5c:3a:81:ec:d3:3d:e9:e5:62:e3:
8e:ff:e2:67:a1:23:f3:62:4a:6a:10:44:38:0c:8b:70:b0:dd:
19:c3:6d:74:40:45:a8:f1:83:52:ba:ab:21:cc:66:57:2c:33:
da:32:12:5c:78:f8:62:6d:7b:e5:3d:21:e4:f5:ea:4b:93:41:
a4:74:78:d4
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZTe4SyQOtlBFfg7w9xsCYI0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjgxMzk5OTNiZTY2NWYzYjVkMGY2OTA5ZWYwNThmYThm
OTc5MjIwHhcNMjUwMjA3MDUyODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQ4NThkMDlhNDQxMGVmNWVlY2IzODI0ZDJiNDQwMGVkY2E4ODU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYU0o6294svOb+tGQY73AdVHFJI1
uF3BkpOx5CwAv6W443bqRu6bh4iebeSubLVPmh1al0yMAwl7zZ54r2WJgf8VxKJ3
Vu2i48DSOpf8HrfpxC45uukQg/CvzIj0EAHb45MTwX9QovJ5LTKy4miPFbHdrBJh
0MuSv1xbgAuS4ESNj3VEQh8qG0lWaiZKJ5+CZxZlMgyVGg0kUyEaWpmZND+C/GUY
+lqzQ/F6Je9O5XvCwtBULrGRyeW/y8aghiKQKmZsW/wCf7ShT/o5j7MMXH335evP
oGQSTqbM2rP7p1EHQlW7bosqXDjCk5vDM+NnuYFhvSxPGAq52L9C2+t6dQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFG5IWNCaRBDvXuyzgk0rRADtyohYMB8GA1UdIwQY
MBaAFLm4E5mTvmZfO10PaQnvBY+o+XkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJnVG1aTy1abDg3WFE5cENlOEZqNmo1ZVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC80NDEyNGQtOGIxNS00NWIyLWE1YzEt
N2JjNzNlZWUxNDQ3LzEvYmtoWTBKcEVFTzllN0xPQ1RTdEVBTzNLaUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC80NDEyNGQtOGIxNS00NWIyLWE1YzEtN2JjNzNlZWUxNDQ3
LzEvdWJnVG1aTy1abDg3WFE5cENlOEZqNmo1ZVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDXCdgMAwD
BADV6hcDBAXV6gAwDQYJKoZIhvcNAQELBQADggEBAI9zYVrq1gZ0/CcGVN2sOdXu
rzYEw1/AeV7DmiAUdJgsKTFhOBvDKPeqnaU1Ryq4pB987/V2DJxwSADB2NsJznRw
Ef9vDops0YIXev9UFXSx57gZJqsdPA5+Tlq4bG/u9luTuY4GREj4ydJ1ltilXsxW
vr5pl5zur2eN7wHYGlcgIt7QYOf7f1aKq9jlfTbX6EeT3QW91WrGK1T95SYpE5Ul
dm4JpN8FOkVA8XRBDaMhuB1n0Oe7cnUHR7JCXDqB7NM96eVi447/4mehI/NiSmoQ
RDgMi3Cw3RnDbXRARajxg1K6qyHMZlcsM9oyElx4+GJte+U9IeT16kuTQaR0eNQ=
-----END CERTIFICATE-----
Generated at Mon Apr 7 10:55:42 2025 by rpki-client