Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/BW-tMglcHAD8hq8_tMy9T1opQZ0.roa
File: BW-tMglcHAD8hq8_tMy9T1opQZ0.roa (raw, json)
Hash identifier: 4sNnGgRCRJjpN+EP586jNMgHdq80C+5wgfEN0wRG/RY=
Subject key identifier: 05:6F:AD:32:09:5C:1C:00:FC:86:AF:3F:B4:CC:BD:4F:5A:29:41:9D
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 019427B614893CDC6EAA496EBC54C95B0DE2
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/BW-tMglcHAD8hq8_tMy9T1opQZ0.roa
Signing time: Thu 02 Jan 2025 15:50:31 +0000
ROA not before: Thu 02 Jan 2025 15:50:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44060
IP address blocks: 147.234.4.0/23 maxlen: 23
147.234.4.0/24 maxlen: 24
147.234.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:14:89:3c:dc:6e:aa:49:6e:bc:54:c9:5b:0d:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jan 2 15:50:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=056fad32095c1c00fc86af3fb4ccbd4f5a29419d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:3e:11:84:a2:76:27:6d:b7:a9:c2:c6:f5:c2:
5f:d0:05:ad:6e:5e:89:07:80:22:b5:9c:62:3a:a3:
56:01:15:84:10:6c:64:96:4d:20:22:0c:a8:3f:e9:
a6:c6:91:6f:96:a2:7d:e5:f1:74:1d:e0:4c:91:68:
21:15:3f:e8:dd:1f:17:ad:8b:64:ba:1f:d5:20:35:
e2:cb:02:ec:9c:ab:29:63:08:48:88:48:28:70:53:
a7:cf:3b:2d:95:ef:eb:e6:35:63:bc:17:79:f5:f3:
06:54:25:b2:86:d1:04:e9:99:db:7e:0b:b2:85:a6:
e2:ea:de:4a:a7:a2:bf:07:10:8d:66:aa:c4:b8:31:
53:20:fa:7c:9c:55:95:9a:c9:e9:0b:15:28:c4:00:
8b:87:d4:85:d2:e8:f1:6f:c8:04:23:f4:e2:f0:2a:
1d:8d:64:07:97:35:a1:c2:9e:49:9a:1e:0c:e1:dc:
86:c0:62:1a:0d:9b:7c:9f:31:16:78:91:cb:75:e8:
49:6c:df:1f:d7:6c:db:4d:b1:2d:54:32:a0:74:4c:
ec:74:6d:e0:4b:90:a4:08:b8:c6:90:a9:f4:7d:75:
55:7c:2c:6b:4f:36:65:c3:6a:c9:dc:47:9e:fb:c7:
06:6a:da:a9:06:3e:52:86:9e:1e:16:63:d5:51:1f:
d5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:6F:AD:32:09:5C:1C:00:FC:86:AF:3F:B4:CC:BD:4F:5A:29:41:9D
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/BW-tMglcHAD8hq8_tMy9T1opQZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.4.0/23
Signature Algorithm: sha256WithRSAEncryption
2d:01:b2:17:95:ff:24:70:21:7a:55:90:58:7a:aa:5f:6c:63:
ea:63:55:5c:59:44:ed:91:5c:1a:7e:fd:2a:42:fa:4d:b2:25:
92:76:a9:90:38:4c:63:fe:39:d4:b1:8a:50:04:ff:0c:9b:15:
df:10:00:3d:d1:bc:c3:53:6b:fc:a1:b5:1b:1e:90:ad:69:59:
63:16:d6:cc:e0:7a:b0:5b:06:5b:4a:26:0e:1c:62:8e:99:19:
87:84:85:c8:9f:b0:36:97:7c:29:f4:25:44:8a:ef:09:d9:44:
4d:1d:e0:fd:80:9a:91:59:4f:b2:79:47:b2:bd:04:18:d7:2c:
22:db:d2:94:d1:cb:a7:f0:41:c8:4c:a8:60:9c:bf:e8:ac:70:
80:e7:5e:89:9b:bb:55:d4:07:a5:7c:0f:26:b1:1a:ec:b4:0e:
5d:82:46:52:bd:bc:4a:da:23:e7:98:e9:11:01:6e:22:5b:44:
ce:b6:e1:17:c1:78:d4:bc:22:f0:9b:0b:f9:31:75:3c:7b:46:
83:16:cc:2a:b3:a8:ff:49:d5:c8:2f:e0:58:e7:eb:aa:5f:60:
6c:dc:58:57:d2:18:0c:a2:26:3b:d3:35:22:3c:10:82:58:aa:
f4:d2:2d:36:b1:74:fa:ec:b6:62:9b:d9:f6:fa:d1:2c:dd:5d:
ea:19:58:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnthSJPNxuqkluvFTJWw3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjUwMTAyMTU1MDMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTZmYWQzMjA5NWMxYzAwZmM4NmFmM2ZiNGNjYmQ0ZjVhMjk0MTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlD4RhKJ2J223qcLG9cJf0AWtbl6J
B4AitZxiOqNWARWEEGxklk0gIgyoP+mmxpFvlqJ95fF0HeBMkWghFT/o3R8XrYtk
uh/VIDXiywLsnKspYwhIiEgocFOnzzstle/r5jVjvBd59fMGVCWyhtEE6Znbfguy
habi6t5Kp6K/BxCNZqrEuDFTIPp8nFWVmsnpCxUoxACLh9SF0ujxb8gEI/Ti8Cod
jWQHlzWhwp5Jmh4M4dyGwGIaDZt8nzEWeJHLdehJbN8f12zbTbEtVDKgdEzsdG3g
S5CkCLjGkKn0fXVVfCxrTzZlw2rJ3Eee+8cGatqpBj5Shp4eFmPVUR/VlQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAVvrTIJXBwA/IavP7TMvU9aKUGdMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvQlctdE1nbGNIQUQ4aHE4X3RNeTlUMW9wUVowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBk+oEMA0G
CSqGSIb3DQEBCwUAA4IBAQAtAbIXlf8kcCF6VZBYeqpfbGPqY1VcWUTtkVwafv0q
QvpNsiWSdqmQOExj/jnUsYpQBP8MmxXfEAA90bzDU2v8obUbHpCtaVljFtbM4Hqw
WwZbSiYOHGKOmRmHhIXIn7A2l3wp9CVEiu8J2URNHeD9gJqRWU+yeUeyvQQY1ywi
29KU0cun8EHITKhgnL/orHCA516Jm7tV1AelfA8msRrstA5dgkZSvbxK2iPnmOkR
AW4iW0TOtuEXwXjUvCLwmwv5MXU8e0aDFswqs6j/SdXIL+BY5+uqX2Bs3FhX0hgM
oiY70zUiPBCCWKr00i02sXT67LZim9n2+tEs3V3qGVjY
-----END CERTIFICATE-----
Generated at Thu Apr 17 02:14:09 2025 by rpki-client