Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/b1016c-121a-4988-b890-ecc4c1c36b0d/1/bdzpUxndz61zfLz7ajjz4tyOnrg.roa
File: bdzpUxndz61zfLz7ajjz4tyOnrg.roa (raw, json)
Hash identifier: GGVEBdFUMRnBM929MvvBO/m7RzF/RhhQavvdN/BpLuc=
Subject key identifier: 6D:DC:E9:53:19:DD:CF:AD:73:7C:BC:FB:6A:38:F3:E2:DC:8E:9E:B8
Certificate issuer: /CN=03590f562050d9769ed57b07b1bc931ecddf1397
Certificate serial: 01942445195709B550914EA092400132E9D3
Authority key identifier: 03:59:0F:56:20:50:D9:76:9E:D5:7B:07:B1:BC:93:1E:CD:DF:13:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A1kPViBQ2Xae1XsHsbyTHs3fE5c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/b1016c-121a-4988-b890-ecc4c1c36b0d/1/bdzpUxndz61zfLz7ajjz4tyOnrg.roa
Signing time: Wed 01 Jan 2025 23:48:15 +0000
ROA not before: Wed 01 Jan 2025 23:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47322
IP address blocks: 171.25.226.0/24 maxlen: 24
171.25.227.0/24 maxlen: 24
185.151.72.0/24 maxlen: 24
185.151.73.0/24 maxlen: 24
185.151.74.0/24 maxlen: 24
185.151.75.0/24 maxlen: 24
195.182.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/b1016c-121a-4988-b890-ecc4c1c36b0d/1/A1kPViBQ2Xae1XsHsbyTHs3fE5c.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/b1016c-121a-4988-b890-ecc4c1c36b0d/1/A1kPViBQ2Xae1XsHsbyTHs3fE5c.mft
rsync://rpki.ripe.net/repository/DEFAULT/A1kPViBQ2Xae1XsHsbyTHs3fE5c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:19:57:09:b5:50:91:4e:a0:92:40:01:32:e9:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=03590f562050d9769ed57b07b1bc931ecddf1397
Validity
Not Before: Jan 1 23:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ddce95319ddcfad737cbcfb6a38f3e2dc8e9eb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d7:57:98:cc:e8:71:b7:0b:6f:96:4e:7f:6e:
e9:4f:72:48:b8:1c:55:60:98:68:a7:6a:9b:90:3f:
6b:41:a8:a2:94:93:8f:bb:94:66:7f:42:59:f0:37:
db:2a:1b:58:a3:67:42:77:0e:47:81:8b:35:a7:2c:
f0:bc:78:9c:7d:a6:65:95:21:a4:5d:cc:81:fb:b9:
16:8a:6c:6e:70:68:b1:78:99:54:04:0b:eb:2d:98:
20:db:c0:2c:3b:93:68:d5:d1:90:36:fd:50:a7:02:
2f:a4:47:43:c0:e6:1b:bf:b6:88:98:86:0d:d7:9a:
0e:8e:8c:2c:6a:8d:91:0b:f1:b2:e4:97:fc:5a:da:
3b:6f:1e:f8:71:40:d5:a2:26:60:51:57:46:22:8f:
20:49:0f:c5:81:4a:dd:21:95:bc:40:a5:88:5f:9a:
90:f2:aa:03:65:2f:78:33:a2:34:93:51:df:dd:7a:
8a:8a:29:27:fa:8f:fe:6c:b0:bb:00:4b:91:92:21:
5c:08:78:56:88:38:2a:5c:62:7e:99:59:88:89:9e:
a7:4c:d1:f4:45:b0:86:eb:5d:9f:10:e5:bf:1a:ab:
86:f6:b2:36:9b:c6:e0:52:0b:35:06:eb:5f:48:c0:
10:5b:5d:f2:19:41:1f:23:7d:ac:db:a8:6d:49:3a:
8c:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:DC:E9:53:19:DD:CF:AD:73:7C:BC:FB:6A:38:F3:E2:DC:8E:9E:B8
X509v3 Authority Key Identifier:
keyid:03:59:0F:56:20:50:D9:76:9E:D5:7B:07:B1:BC:93:1E:CD:DF:13:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A1kPViBQ2Xae1XsHsbyTHs3fE5c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/b1016c-121a-4988-b890-ecc4c1c36b0d/1/bdzpUxndz61zfLz7ajjz4tyOnrg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/b1016c-121a-4988-b890-ecc4c1c36b0d/1/A1kPViBQ2Xae1XsHsbyTHs3fE5c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.226.0/23
185.151.72.0/22
195.182.52.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:6b:81:50:d7:c8:59:34:d8:8e:06:43:66:cd:2a:ef:33:bd:
5b:8f:59:6e:15:be:65:9e:f7:31:98:a1:7d:a3:2a:c8:10:55:
0b:aa:9e:1e:52:7e:53:43:a1:a8:36:6d:3b:f5:14:5f:a6:74:
cf:8e:b9:2b:45:75:ac:07:01:a3:79:49:b6:50:0e:27:84:5d:
23:7f:b7:75:22:55:47:23:94:de:c0:50:8e:1d:3f:96:b9:40:
f0:01:22:5c:3e:bd:18:99:28:c6:43:02:3e:4e:a7:41:c8:1c:
79:dd:b6:e4:bd:59:5e:ff:43:48:d6:82:24:26:42:50:4a:ac:
21:36:03:9d:f2:ed:57:b0:22:2e:1d:91:9b:f8:d3:de:45:00:
0b:74:b1:42:70:b3:ca:7e:08:61:2b:f3:ae:e0:0e:14:5b:f2:
be:86:85:9f:14:34:4a:50:ae:a2:c5:ce:85:b9:91:d8:6a:86:
8e:a3:3b:63:a0:cd:eb:fd:70:ef:11:eb:e0:2c:c1:5e:fe:25:
81:59:73:72:93:2f:76:5a:38:7e:e8:99:ee:c3:7e:1b:c2:0f:
b3:a9:ad:d7:7a:86:c5:cf:b1:cd:e2:0e:a9:0e:7c:74:07:ac:
36:bc:33:88:fa:49:34:2c:27:2b:8c:b3:88:37:9a:3b:06:fa:
46:99:17:3f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQkRRlXCbVQkU6gkkABMunTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzNTkwZjU2MjA1MGQ5NzY5ZWQ1N2IwN2IxYmM5MzFlY2Rk
ZjEzOTcwHhcNMjUwMTAxMjM0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGRjZTk1MzE5ZGRjZmFkNzM3Y2JjZmI2YTM4ZjNlMmRjOGU5ZWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9dXmMzocbcLb5ZOf27pT3JIuBxV
YJhop2qbkD9rQaiilJOPu5Rmf0JZ8DfbKhtYo2dCdw5HgYs1pyzwvHicfaZllSGk
XcyB+7kWimxucGixeJlUBAvrLZgg28AsO5No1dGQNv1QpwIvpEdDwOYbv7aImIYN
15oOjowsao2RC/Gy5Jf8Wto7bx74cUDVoiZgUVdGIo8gSQ/FgUrdIZW8QKWIX5qQ
8qoDZS94M6I0k1Hf3XqKiikn+o/+bLC7AEuRkiFcCHhWiDgqXGJ+mVmIiZ6nTNH0
RbCG612fEOW/GquG9rI2m8bgUgs1ButfSMAQW13yGUEfI32s26htSTqMtQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG3c6VMZ3c+tc3y8+2o48+Lcjp64MB8GA1UdIwQY
MBaAFANZD1YgUNl2ntV7B7G8kx7N3xOXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTFrUFZpQlEyWGFlMVhzSHNieVRIczNmRTVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9iMTAxNmMtMTIxYS00OTg4LWI4OTAt
ZWNjNGMxYzM2YjBkLzEvYmR6cFV4bmR6NjF6Zkx6N2Fqano0dHlPbnJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9iMTAxNmMtMTIxYS00OTg4LWI4OTAtZWNjNGMxYzM2YjBk
LzEvQTFrUFZpQlEyWGFlMVhzSHNieVRIczNmRTVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBqxniAwQC
uZdIAwQAw7Y0MA0GCSqGSIb3DQEBCwUAA4IBAQAMa4FQ18hZNNiOBkNmzSrvM71b
j1luFb5lnvcxmKF9oyrIEFULqp4eUn5TQ6GoNm079RRfpnTPjrkrRXWsBwGjeUm2
UA4nhF0jf7d1IlVHI5TewFCOHT+WuUDwASJcPr0YmSjGQwI+TqdByBx53bbkvVle
/0NI1oIkJkJQSqwhNgOd8u1XsCIuHZGb+NPeRQALdLFCcLPKfghhK/Ou4A4UW/K+
hoWfFDRKUK6ixc6FuZHYaoaOoztjoM3r/XDvEevgLMFe/iWBWXNyky92Wjh+6Jnu
w34bwg+zqa3XeobFz7HN4g6pDnx0B6w2vDOI+kk0LCcrjLOIN5o7BvpGmRc/
-----END CERTIFICATE-----
Generated at Tue Apr 22 16:39:49 2025 by rpki-client