Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Bi8Uo7f3rLeSh-WcqXS0FjBQFqI.roa
File: Bi8Uo7f3rLeSh-WcqXS0FjBQFqI.roa (raw, json)
Hash identifier: 9w0aXCiKTaC0CNDZBuBf+VEhxzXvJ79PaTrY3PO3ObU=
Subject key identifier: 06:2F:14:A3:B7:F7:AC:B7:92:87:E5:9C:A9:74:B4:16:30:50:16:A2
Certificate issuer: /CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Certificate serial: 0195221EDF2F6213B99B07B71F75C4527AC3
Authority key identifier: 63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Bi8Uo7f3rLeSh-WcqXS0FjBQFqI.roa
Signing time: Thu 20 Feb 2025 06:50:03 +0000
ROA not before: Thu 20 Feb 2025 06:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202656
IP address blocks: 93.88.207.0/24 maxlen: 24
146.19.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 15:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:22:1e:df:2f:62:13:b9:9b:07:b7:1f:75:c4:52:7a:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=63e916717ab11cccf11ef1fb5c12ee41950fad9b
Validity
Not Before: Feb 20 06:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=062f14a3b7f7acb79287e59ca974b416305016a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:7f:62:c1:66:c3:66:5e:71:12:ca:5b:af:cc:
a8:06:d5:d6:d4:f4:9c:92:eb:1d:db:b0:f4:a5:33:
ba:71:ee:ea:ff:80:01:0c:cc:68:c6:e9:11:95:a6:
2c:e4:72:e0:cb:8d:2a:11:99:2f:03:38:eb:a0:01:
27:97:71:57:3c:a4:49:22:cb:ca:3a:74:72:e2:0c:
64:58:e6:9d:f2:aa:bd:5e:3a:2a:fb:e7:b1:23:53:
6b:a6:5c:76:da:81:a4:3f:05:65:2e:d2:02:7b:69:
58:49:dd:83:40:33:5b:c5:83:b9:2a:0e:e0:a2:35:
b2:92:89:86:eb:20:9e:0f:ac:2a:4c:78:c2:c2:64:
d0:84:12:04:01:9e:4b:38:d1:5f:ca:b4:fb:a9:89:
2f:0f:fd:62:ab:99:4d:c8:6b:3e:ea:83:d0:d9:4b:
a3:b1:28:5c:4d:d1:a3:57:bd:09:4b:91:36:49:dd:
c1:e2:93:c8:09:ab:18:87:d9:6c:27:05:53:4b:32:
e6:38:a1:de:f6:1c:0c:7e:6d:ec:04:25:c8:06:8e:
e8:15:a0:50:cc:92:0f:fa:b5:99:e5:d4:14:7c:bb:
2e:63:3b:23:4e:bc:fe:ff:94:c2:93:0f:07:7d:6c:
5a:66:a2:03:9f:d3:02:4a:64:f0:15:f3:37:15:09:
e2:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:2F:14:A3:B7:F7:AC:B7:92:87:E5:9C:A9:74:B4:16:30:50:16:A2
X509v3 Authority Key Identifier:
keyid:63:E9:16:71:7A:B1:1C:CC:F1:1E:F1:FB:5C:12:EE:41:95:0F:AD:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Bi8Uo7f3rLeSh-WcqXS0FjBQFqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/4957a4-ce59-4315-9976-dc5ec748f6a5/1/Y-kWcXqxHMzxHvH7XBLuQZUPrZs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.88.207.0/24
146.19.139.0/24
Signature Algorithm: sha256WithRSAEncryption
40:25:4e:77:77:7b:34:3c:f3:4d:68:82:a1:75:1f:11:29:6e:
92:62:ca:92:84:eb:6e:0d:cf:ec:3c:c3:c2:bf:bb:3f:c0:1f:
7a:e4:e4:d2:31:44:1a:93:66:75:cd:d3:75:7b:07:ab:88:02:
b1:cd:51:ef:5b:73:75:e2:f4:38:6e:a3:7e:9a:e4:29:aa:f9:
b1:22:77:cf:f0:f9:fa:74:ca:b4:67:15:4e:7e:3d:c9:21:2a:
7a:18:bb:fa:11:14:2e:a1:e4:b9:1b:08:07:93:8a:b3:72:85:
5c:7d:7a:d1:ef:45:b7:e9:f6:0a:54:85:53:ea:7b:ee:04:cd:
fd:c3:cf:e4:2e:2d:d0:1c:a1:a7:11:2c:b9:c5:5d:bf:89:84:
48:8d:45:6c:5d:55:2b:2a:98:12:ea:f4:36:82:a0:5c:ab:44:
51:3b:5a:a4:09:17:51:1e:db:71:9b:83:73:34:fb:a7:55:8d:
34:77:50:e5:75:b5:dd:b8:e9:fe:c9:6a:1c:a9:4b:b3:a9:0a:
05:99:2a:ae:94:ad:61:53:7b:48:4d:66:a8:71:dd:aa:8b:75:
33:34:ff:d1:2d:32:2b:e5:49:2d:2f:8c:1d:8b:0d:bb:81:cb:
87:ce:f3:df:5b:07:93:13:61:b6:76:4a:f4:01:c3:cb:0f:83:
41:ad:4b:b2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZUiHt8vYhO5mwe3H3XEUnrDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzZTkxNjcxN2FiMTFjY2NmMTFlZjFmYjVjMTJlZTQxOTUw
ZmFkOWIwHhcNMjUwMjIwMDY1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjJmMTRhM2I3ZjdhY2I3OTI4N2U1OWNhOTc0YjQxNjMwNTAxNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnX9iwWbDZl5xEspbr8yoBtXW1PSc
kusd27D0pTO6ce7q/4ABDMxoxukRlaYs5HLgy40qEZkvAzjroAEnl3FXPKRJIsvK
OnRy4gxkWOad8qq9Xjoq++exI1Nrplx22oGkPwVlLtICe2lYSd2DQDNbxYO5Kg7g
ojWykomG6yCeD6wqTHjCwmTQhBIEAZ5LONFfyrT7qYkvD/1iq5lNyGs+6oPQ2Uuj
sShcTdGjV70JS5E2Sd3B4pPICasYh9lsJwVTSzLmOKHe9hwMfm3sBCXIBo7oFaBQ
zJIP+rWZ5dQUfLsuYzsjTrz+/5TCkw8HfWxaZqIDn9MCSmTwFfM3FQniRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAYvFKO396y3koflnKl0tBYwUBaiMB8GA1UdIwQY
MBaAFGPpFnF6sRzM8R7x+1wS7kGVD62bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYt
ZGM1ZWM3NDhmNmE1LzEvQmk4VW83ZjNyTGVTaC1XY3FYUzBGakJRRnFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS80OTU3YTQtY2U1OS00MzE1LTk5NzYtZGM1ZWM3NDhmNmE1
LzEvWS1rV2NYcXhITXp4SHZIN1hCTHVRWlVQclpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAXVjPAwQA
khOLMA0GCSqGSIb3DQEBCwUAA4IBAQBAJU53d3s0PPNNaIKhdR8RKW6SYsqShOtu
Dc/sPMPCv7s/wB965OTSMUQak2Z1zdN1eweriAKxzVHvW3N14vQ4bqN+muQpqvmx
InfP8Pn6dMq0ZxVOfj3JISp6GLv6ERQuoeS5GwgHk4qzcoVcfXrR70W36fYKVIVT
6nvuBM39w8/kLi3QHKGnESy5xV2/iYRIjUVsXVUrKpgS6vQ2gqBcq0RRO1qkCRdR
Httxm4NzNPunVY00d1DldbXduOn+yWocqUuzqQoFmSqulK1hU3tITWaocd2qi3Uz
NP/RLTIr5UktL4wdiw27gcuHzvPfWweTE2G2dkr0AcPLD4NBrUuy
-----END CERTIFICATE-----
Generated at Thu Apr 10 19:23:47 2025 by rpki-client