Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Bju3646avDgxeIf046SGM1K3xd4.roa
File: Bju3646avDgxeIf046SGM1K3xd4.roa (raw, json)
Hash identifier: LHhnn721jkWFnoV82s+i9mEs2Dl0WWOwBUxWCDV3r5I=
Subject key identifier: 06:3B:B7:EB:8E:9A:BC:38:31:78:87:F4:E3:A4:86:33:52:B7:C5:DE
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 01959E28D2113B7AC99F2FE9282B5E451A84
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Bju3646avDgxeIf046SGM1K3xd4.roa
Signing time: Sun 16 Mar 2025 08:53:50 +0000
ROA not before: Sun 16 Mar 2025 08:53:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214419
IP address blocks: 46.38.142.0/24 maxlen: 24
109.94.165.0/24 maxlen: 24
212.16.71.0/24 maxlen: 24
2a00:7d80:11::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 12:15:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:9e:28:d2:11:3b:7a:c9:9f:2f:e9:28:2b:5e:45:1a:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Mar 16 08:53:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=063bb7eb8e9abc38317887f4e3a4863352b7c5de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:06:92:1c:5f:b9:61:57:f8:37:4d:ba:cf:24:
dc:c7:83:45:07:77:3b:de:d9:7f:7f:fd:dc:ff:7c:
4c:c6:9b:2d:73:e4:c0:a0:f8:e6:91:5a:cd:1d:9f:
9d:fe:61:68:49:e3:80:f5:9a:49:81:0d:a4:59:e5:
8d:96:3b:22:45:af:a2:99:37:53:f6:8d:41:23:2a:
c6:79:55:a6:b9:09:0f:12:51:48:a4:ae:05:d5:15:
0a:d6:4e:eb:28:78:3e:de:1c:49:d1:cb:71:aa:5f:
33:9b:0d:88:bb:1a:23:6d:e8:84:75:11:fc:9d:a8:
4c:9d:34:a0:c2:48:80:07:a6:53:21:55:be:17:c7:
0d:b8:4b:fb:b7:86:c5:bb:71:aa:17:d6:c0:09:f0:
40:e9:e9:8b:ca:d4:92:42:24:05:f5:ef:48:c6:16:
f2:65:03:fe:47:fc:ce:6b:31:f8:e3:48:5b:56:28:
2e:b8:eb:2a:9f:fb:98:9c:fd:de:ed:52:00:06:9b:
38:79:fe:f0:33:32:25:4b:e1:b9:38:d0:d1:85:0d:
f9:3a:4f:3b:22:00:89:c3:51:44:96:de:1e:b5:97:
40:c5:7e:fb:7e:97:25:3e:c4:b9:c1:04:59:08:b4:
d7:aa:d5:96:14:9d:f1:c9:c6:ad:a4:2a:32:c3:e7:
93:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:3B:B7:EB:8E:9A:BC:38:31:78:87:F4:E3:A4:86:33:52:B7:C5:DE
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/Bju3646avDgxeIf046SGM1K3xd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.38.142.0/24
109.94.165.0/24
212.16.71.0/24
IPv6:
2a00:7d80:11::/48
Signature Algorithm: sha256WithRSAEncryption
7b:25:a5:b0:e9:56:d8:74:1d:2e:8e:19:6f:e9:8e:06:9e:57:
22:52:d7:47:90:e7:99:f3:e5:de:ef:42:3e:82:39:b3:a2:51:
51:f6:51:57:86:02:ef:0b:87:af:27:04:e6:60:fd:4e:84:77:
38:d9:10:23:1b:de:31:3e:05:fb:72:af:e4:8e:ed:d1:2e:df:
62:d9:6b:9f:57:a4:87:f0:6b:83:ae:7d:ff:87:b5:ed:db:8b:
d4:80:4d:e9:15:d0:6a:0a:ca:af:ed:9e:2e:6c:b9:fa:05:f9:
b5:cb:6e:21:c2:ed:91:4f:29:71:f5:b7:ee:dd:ac:bf:c5:5c:
d8:76:3d:2d:02:3a:f9:f9:7d:28:97:01:bf:3a:66:eb:b4:61:
01:38:0d:2c:63:8e:f9:c6:ca:69:61:46:87:ab:ba:25:ae:9d:
90:37:41:41:df:bb:17:59:a4:42:8f:e9:74:5f:0f:d3:fd:de:
34:4c:b9:09:d2:ff:8b:45:6e:6e:1e:c0:6b:ce:d1:a0:93:6c:
54:1f:ce:de:e4:50:96:78:4a:ea:4b:04:e5:9f:d2:6b:b5:59:
44:d1:35:e2:cf:9e:a9:e9:6d:21:ef:95:41:a9:6b:b1:1e:9f:
ff:90:41:dd:2b:82:00:0a:28:7f:73:f9:a8:30:e0:59:4d:ea:
43:a2:40:fc
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZWeKNIRO3rJny/pKCteRRqEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwMzE2MDg1MzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjNiYjdlYjhlOWFiYzM4MzE3ODg3ZjRlM2E0ODYzMzUyYjdjNWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQaSHF+5YVf4N026zyTcx4NFB3c7
3tl/f/3c/3xMxpstc+TAoPjmkVrNHZ+d/mFoSeOA9ZpJgQ2kWeWNljsiRa+imTdT
9o1BIyrGeVWmuQkPElFIpK4F1RUK1k7rKHg+3hxJ0ctxql8zmw2IuxojbeiEdRH8
nahMnTSgwkiAB6ZTIVW+F8cNuEv7t4bFu3GqF9bACfBA6emLytSSQiQF9e9Ixhby
ZQP+R/zOazH440hbViguuOsqn/uYnP3e7VIABps4ef7wMzIlS+G5ONDRhQ35Ok87
IgCJw1FElt4etZdAxX77fpclPsS5wQRZCLTXqtWWFJ3xycatpCoyw+eTawIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFAY7t+uOmrw4MXiH9OOkhjNSt8XeMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvQmp1MzY0NmF2RGd4ZUlmMDQ2U0dNMUszeGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQALiaOAwQA
bV6lAwQA1BBHMA8EAgACMAkDBwAqAH2AABEwDQYJKoZIhvcNAQELBQADggEBAHsl
pbDpVth0HS6OGW/pjgaeVyJS10eQ55nz5d7vQj6CObOiUVH2UVeGAu8Lh68nBOZg
/U6EdzjZECMb3jE+Bftyr+SO7dEu32LZa59XpIfwa4Ouff+Hte3bi9SATekV0GoK
yq/tni5sufoF+bXLbiHC7ZFPKXH1t+7drL/FXNh2PS0COvn5fSiXAb86Zuu0YQE4
DSxjjvnGymlhRoeruiWunZA3QUHfuxdZpEKP6XRfD9P93jRMuQnS/4tFbm4ewGvO
0aCTbFQfzt7kUJZ4SupLBOWf0mu1WUTRNeLPnqnpbSHvlUGpa7Een/+QQd0rggAK
KH9z+agw4FlN6kOiQPw=
-----END CERTIFICATE-----
Generated at Tue Apr 8 21:35:25 2025 by rpki-client