Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/BhPT9ct0QQhlS6BTxHGKvPWfHxs.roa
File: BhPT9ct0QQhlS6BTxHGKvPWfHxs.roa (raw, json)
Hash identifier: tck+K1FVcy2vP5iiS6BlAFqWfmvUmMWsdXvC/gdh9iQ=
Subject key identifier: 06:13:D3:F5:CB:74:41:08:65:4B:A0:53:C4:71:8A:BC:F5:9F:1F:1B
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 019425221387CFB0A2A67DB57D50F9FCCF1A
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/BhPT9ct0QQhlS6BTxHGKvPWfHxs.roa
Signing time: Thu 02 Jan 2025 03:49:37 +0000
ROA not before: Thu 02 Jan 2025 03:49:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3269
IP address blocks: 94.199.8.0/21 maxlen: 24
193.207.192.0/20 maxlen: 20
193.207.208.0/20 maxlen: 20
193.207.224.0/21 maxlen: 21
193.207.232.0/21 maxlen: 21
193.207.240.0/22 maxlen: 22
193.207.244.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:13:87:cf:b0:a2:a6:7d:b5:7d:50:f9:fc:cf:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Jan 2 03:49:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0613d3f5cb744108654ba053c4718abcf59f1f1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:85:fe:fb:60:1f:06:cd:56:5c:39:81:c4:c9:
77:1c:cb:39:1a:17:48:ef:6a:bf:dd:48:a5:57:07:
88:00:b1:8f:0d:eb:38:0b:a9:8b:a9:bf:33:c2:3b:
ad:98:f7:8a:3c:62:43:b8:44:cd:6a:44:5e:c6:3c:
b0:54:f1:1a:c2:d5:f6:a5:31:b7:f8:ac:73:83:d5:
22:80:fe:da:ee:cf:d1:b6:38:59:0f:f4:b9:c4:32:
1f:43:e0:a1:51:03:69:99:66:79:61:87:d1:07:74:
16:f4:38:b7:31:0d:43:89:92:fc:f7:d0:be:e1:a7:
07:26:89:ac:5a:97:c9:7c:36:c4:b5:a9:99:54:6d:
a3:02:03:af:91:23:08:98:3e:87:a3:26:8c:37:bd:
91:06:25:d6:88:f6:e4:4b:f6:d7:9a:36:2e:4a:e4:
40:82:05:15:ee:50:3b:de:2a:2c:01:33:c3:1d:3c:
d7:b6:6f:96:c0:d1:70:a0:de:90:38:ed:2e:5f:1d:
d1:ff:6f:e8:f4:ac:59:ea:af:3d:9e:5f:11:80:09:
41:44:47:84:d2:89:45:59:79:ea:1c:82:09:76:3f:
0a:e1:76:32:9a:03:5a:a8:a8:c4:18:06:28:ba:cf:
58:ba:34:7c:b5:11:fa:07:b5:58:88:61:13:c0:22:
64:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:13:D3:F5:CB:74:41:08:65:4B:A0:53:C4:71:8A:BC:F5:9F:1F:1B
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/BhPT9ct0QQhlS6BTxHGKvPWfHxs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.199.8.0/21
193.207.192.0-193.207.247.255
Signature Algorithm: sha256WithRSAEncryption
79:7c:c0:17:89:90:bb:3e:0c:09:88:5b:b8:22:34:cd:18:c4:
77:5a:c5:21:47:7b:39:d3:92:d7:a7:ec:98:8c:7f:ad:0c:c0:
8b:36:24:47:dd:0e:e3:13:cd:28:53:9d:c1:4e:34:81:e4:c1:
29:f5:c0:a3:13:6e:62:7c:42:a7:23:2d:dd:b5:d1:9d:2b:c1:
25:54:f8:f6:64:d9:f2:b7:72:75:29:7e:66:c2:73:f2:38:a3:
53:53:ff:af:f8:99:71:cd:ed:8f:96:2d:88:b5:11:66:a9:38:
44:e1:3b:7d:36:8e:be:2a:d3:d0:90:a9:a1:44:b1:9b:56:bd:
96:5e:0a:c1:21:b0:71:15:82:7d:e3:c3:d2:de:d0:b1:8d:00:
80:eb:7d:de:44:a4:e0:a6:21:cc:07:72:7a:ed:c1:ce:52:d6:
34:6d:ae:a3:36:45:4a:16:5f:f0:35:34:0d:6a:a3:30:6e:dc:
cc:96:5c:2c:0d:8a:45:b3:c3:74:1c:56:12:7b:36:88:a0:f8:
63:59:c4:6e:e3:99:21:38:a0:65:8f:50:f5:d4:7d:74:56:f0:
2d:af:2c:dc:98:c2:a5:be:f7:ef:cc:99:9f:b1:78:02:d2:57:
66:c5:01:0b:c6:2a:7c:5c:b9:a0:80:8e:06:d1:f4:12:3f:65:
84:53:66:67
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQlIhOHz7Cipn21fVD5/M8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjUwMTAyMDM0OTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjEzZDNmNWNiNzQ0MTA4NjU0YmEwNTNjNDcxOGFiY2Y1OWYxZjFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4X++2AfBs1WXDmBxMl3HMs5GhdI
72q/3UilVweIALGPDes4C6mLqb8zwjutmPeKPGJDuETNakRexjywVPEawtX2pTG3
+Kxzg9UigP7a7s/RtjhZD/S5xDIfQ+ChUQNpmWZ5YYfRB3QW9Di3MQ1DiZL899C+
4acHJomsWpfJfDbEtamZVG2jAgOvkSMImD6HoyaMN72RBiXWiPbkS/bXmjYuSuRA
ggUV7lA73iosATPDHTzXtm+WwNFwoN6QOO0uXx3R/2/o9KxZ6q89nl8RgAlBREeE
0olFWXnqHIIJdj8K4XYymgNaqKjEGAYous9YujR8tRH6B7VYiGETwCJkXwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFAYT0/XLdEEIZUugU8Rxirz1nx8bMB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvQmhQVDljdDBRUWhsUzZCVHhIR0t2UFdmSHhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQDXscIMAwD
BAbBz8ADBAPBz/AwDQYJKoZIhvcNAQELBQADggEBAHl8wBeJkLs+DAmIW7giNM0Y
xHdaxSFHeznTkten7JiMf60MwIs2JEfdDuMTzShTncFONIHkwSn1wKMTbmJ8Qqcj
Ld210Z0rwSVU+PZk2fK3cnUpfmbCc/I4o1NT/6/4mXHN7Y+WLYi1EWapOEThO302
jr4q09CQqaFEsZtWvZZeCsEhsHEVgn3jw9Le0LGNAIDrfd5EpOCmIcwHcnrtwc5S
1jRtrqM2RUoWX/A1NA1qozBu3MyWXCwNikWzw3QcVhJ7Noig+GNZxG7jmSE4oGWP
UPXUfXRW8C2vLNyYwqW+9+/MmZ+xeALSV2bFAQvGKnxcuaCAjgbR9BI/ZYRTZmc=
-----END CERTIFICATE-----
Generated at Sun Apr 13 08:20:28 2025 by rpki-client