Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/byk_uVbEcBcJ5E54PZILxzilXqs.roa
File: byk_uVbEcBcJ5E54PZILxzilXqs.roa (raw, json)
Hash identifier: JCkW4yYVwvgxvyj62HKMLWieGutHlsi8Ja6vFazZOyk=
Subject key identifier: 6F:29:3F:B9:56:C4:70:17:09:E4:4E:78:3D:92:0B:C7:38:A5:5E:AB
Certificate issuer: /CN=3474210c28413e26284822abe83ad6d7c0f764fa
Certificate serial: 019423D708C758DFE6B8624EA0C2579B8DC5
Authority key identifier: 34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/byk_uVbEcBcJ5E54PZILxzilXqs.roa
Signing time: Wed 01 Jan 2025 21:48:02 +0000
ROA not before: Wed 01 Jan 2025 21:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47557
IP address blocks: 91.206.20.0/24 maxlen: 24
185.68.44.0/24 maxlen: 24
185.68.45.0/24 maxlen: 24
185.68.46.0/24 maxlen: 24
2a07:c880::/29 maxlen: 29
2a07:c881::/32 maxlen: 32
2a07:c882::/32 maxlen: 32
2a07:c883::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 14:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:08:c7:58:df:e6:b8:62:4e:a0:c2:57:9b:8d:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3474210c28413e26284822abe83ad6d7c0f764fa
Validity
Not Before: Jan 1 21:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f293fb956c4701709e44e783d920bc738a55eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:70:90:6a:3e:4a:5e:7e:76:ed:d1:a1:d2:c1:
8e:a3:72:b2:6b:56:51:53:c2:77:86:02:e7:35:b2:
80:82:4c:57:e5:fa:fe:3f:47:a0:c7:fe:42:a2:8b:
d8:13:b4:3e:a2:2d:43:c6:f9:5d:1e:25:e9:f5:d7:
b5:f5:ff:16:97:82:05:07:fe:aa:7f:a2:b2:3c:1f:
1b:57:77:0e:f8:6b:86:4a:40:d3:d7:74:e0:06:49:
cc:da:b3:2f:de:e6:1a:1b:f2:67:5a:57:a4:28:a2:
9c:20:ed:df:c0:60:6f:6c:9e:fe:63:8b:48:66:63:
35:01:50:70:24:cb:a7:ad:c3:11:6a:59:67:58:57:
46:7b:ce:6f:86:13:b4:8f:ab:9d:b6:f6:3c:74:6e:
80:bd:9b:1b:91:5c:20:77:cf:98:a1:9d:22:6c:ce:
c6:df:08:65:06:25:77:32:55:f6:3c:fa:ab:25:87:
aa:44:55:16:00:e6:fa:2a:c4:e6:62:ad:58:fb:bc:
20:b1:ad:0a:01:84:76:5c:fb:2b:9c:8e:4a:01:f4:
63:3e:b7:81:c4:76:c4:43:ac:eb:41:ed:b9:c1:7d:
1a:3b:b8:92:88:75:97:41:27:65:07:08:c5:59:39:
30:f6:c8:d8:8d:ed:cc:70:34:ef:e0:39:7f:bf:c0:
b0:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:29:3F:B9:56:C4:70:17:09:E4:4E:78:3D:92:0B:C7:38:A5:5E:AB
X509v3 Authority Key Identifier:
keyid:34:74:21:0C:28:41:3E:26:28:48:22:AB:E8:3A:D6:D7:C0:F7:64:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHQhDChBPiYoSCKr6DrW18D3ZPo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/byk_uVbEcBcJ5E54PZILxzilXqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/3e9916-4f8a-4b08-89c9-b0c74b76e182/1/NHQhDChBPiYoSCKr6DrW18D3ZPo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.20.0/24
185.68.44.0-185.68.46.255
IPv6:
2a07:c880::/29
Signature Algorithm: sha256WithRSAEncryption
80:6e:51:4c:ed:3a:86:59:13:eb:b8:ca:bd:2c:da:35:05:d4:
13:50:8e:c5:30:00:58:af:cc:b9:13:44:e1:e4:d3:d7:99:f0:
46:98:6f:52:b2:07:63:1e:9b:74:13:cf:2b:61:7b:43:3a:78:
72:28:41:d8:c8:19:f3:ce:77:72:40:b7:1e:4f:b0:a6:d3:5d:
9b:dd:d4:93:e0:aa:93:b2:26:52:5c:31:f5:3c:09:28:b7:b0:
07:08:2b:9a:6a:b9:3f:e1:6a:1c:2b:9e:38:5a:28:63:cb:34:
ec:6e:db:fe:02:0d:38:c8:ec:59:dc:fc:bd:51:8e:ef:de:5d:
f7:60:2d:bc:97:cd:33:9d:af:90:83:78:c0:4e:ed:6e:a4:79:
2e:28:42:72:05:cd:8a:b1:65:a1:d3:0d:6f:f2:8f:2f:2d:bd:
5c:f6:21:d5:ef:26:3a:12:fc:65:10:40:dd:14:71:ee:37:b0:
a0:28:32:17:06:9c:03:f8:4e:0f:ac:a4:04:37:63:70:66:1d:
b5:1a:a3:4e:fc:a7:b3:8f:50:a9:98:56:92:fa:fa:68:d9:34:
d6:5d:c9:56:d6:cb:8f:c0:27:98:dd:b5:5a:00:e8:b3:d4:a0:
0f:84:14:d7:33:39:63:db:61:20:77:ee:b0:28:db:1e:a5:b9:
c6:e6:6b:85
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQj1wjHWN/muGJOoMJXm43FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0NzQyMTBjMjg0MTNlMjYyODQ4MjJhYmU4M2FkNmQ3YzBm
NzY0ZmEwHhcNMjUwMTAxMjE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjI5M2ZiOTU2YzQ3MDE3MDllNDRlNzgzZDkyMGJjNzM4YTU1ZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoXCQaj5KXn527dGh0sGOo3Kya1ZR
U8J3hgLnNbKAgkxX5fr+P0egx/5CoovYE7Q+oi1DxvldHiXp9de19f8Wl4IFB/6q
f6KyPB8bV3cO+GuGSkDT13TgBknM2rMv3uYaG/JnWlekKKKcIO3fwGBvbJ7+Y4tI
ZmM1AVBwJMunrcMRallnWFdGe85vhhO0j6udtvY8dG6AvZsbkVwgd8+YoZ0ibM7G
3whlBiV3MlX2PPqrJYeqRFUWAOb6KsTmYq1Y+7wgsa0KAYR2XPsrnI5KAfRjPreB
xHbEQ6zrQe25wX0aO7iSiHWXQSdlBwjFWTkw9sjYje3McDTv4Dl/v8Cw/wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFG8pP7lWxHAXCeROeD2SC8c4pV6rMB8GA1UdIwQY
MBaAFDR0IQwoQT4mKEgiq+g61tfA92T6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5Yzkt
YjBjNzRiNzZlMTgyLzEvYnlrX3VWYkVjQmNKNUU1NFBaSUx4emlsWHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8zZTk5MTYtNGY4YS00YjA4LTg5YzktYjBjNzRiNzZlMTgy
LzEvTkhRaERDaEJQaVlvU0NLcjZEclcxOEQzWlBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQAW84UMAwD
BAK5RCwDBAC5RC4wDQQCAAIwBwMFAyoHyIAwDQYJKoZIhvcNAQELBQADggEBAIBu
UUztOoZZE+u4yr0s2jUF1BNQjsUwAFivzLkTROHk09eZ8EaYb1KyB2Mem3QTzyth
e0M6eHIoQdjIGfPOd3JAtx5PsKbTXZvd1JPgqpOyJlJcMfU8CSi3sAcIK5pquT/h
ahwrnjhaKGPLNOxu2/4CDTjI7Fnc/L1Rju/eXfdgLbyXzTOdr5CDeMBO7W6keS4o
QnIFzYqxZaHTDW/yjy8tvVz2IdXvJjoS/GUQQN0Uce43sKAoMhcGnAP4Tg+spAQ3
Y3BmHbUao078p7OPUKmYVpL6+mjZNNZdyVbWy4/AJ5jdtVoA6LPUoA+EFNczOWPb
YSB37rAo2x6lucbma4U=
-----END CERTIFICATE-----
Generated at Sat Apr 19 00:34:02 2025 by rpki-client