Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/bkaEgwUfFQuvU4deHKYEq645oxo.roa
File: bkaEgwUfFQuvU4deHKYEq645oxo.roa (raw, json)
Hash identifier: a6t899hSFrNnCxDeJsEHX7KWBkAwoAJJxMP3KbPkcsM=
Subject key identifier: 6E:46:84:83:05:1F:15:0B:AF:53:87:5E:1C:A6:04:AB:AE:39:A3:1A
Certificate issuer: /CN=b2f27953ad4690c068fb40f9f356003379bb63f8
Certificate serial: 0194221FDA686A9A9F15E1B73D4BB9326C5F
Authority key identifier: B2:F2:79:53:AD:46:90:C0:68:FB:40:F9:F3:56:00:33:79:BB:63:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/svJ5U61GkMBo-0D581YAM3m7Y_g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/bkaEgwUfFQuvU4deHKYEq645oxo.roa
Signing time: Wed 01 Jan 2025 13:48:20 +0000
ROA not before: Wed 01 Jan 2025 13:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9085
IP address blocks: 185.53.124.0/22 maxlen: 22
212.75.96.0/19 maxlen: 19
212.180.128.0/17 maxlen: 17
2001:4c30::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/svJ5U61GkMBo-0D581YAM3m7Y_g.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/svJ5U61GkMBo-0D581YAM3m7Y_g.mft
rsync://rpki.ripe.net/repository/DEFAULT/svJ5U61GkMBo-0D581YAM3m7Y_g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 07:01:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:da:68:6a:9a:9f:15:e1:b7:3d:4b:b9:32:6c:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b2f27953ad4690c068fb40f9f356003379bb63f8
Validity
Not Before: Jan 1 13:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e468483051f150baf53875e1ca604abae39a31a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:27:d2:db:2b:6c:3c:8a:87:56:03:2a:e6:a8:
49:bb:cc:05:a6:dc:2f:23:bf:c3:9a:fb:d2:53:92:
29:3a:cb:c7:71:16:34:28:51:b3:39:6d:7b:1f:df:
a1:b2:04:74:61:40:22:73:7f:ab:e9:95:72:09:f5:
dd:02:3b:0a:96:95:64:a8:55:7e:34:29:9f:4f:f7:
7f:bf:9c:59:84:fb:9f:38:3c:f8:d0:0d:af:af:68:
3e:0f:cc:dd:c0:58:96:92:61:a3:85:e0:cf:a3:af:
77:f2:41:72:0e:4f:53:fa:3f:73:45:d0:82:45:d6:
d2:e6:b9:44:fe:79:05:8e:34:d8:14:5a:66:f6:02:
20:b5:12:26:de:b2:e2:2b:6d:9d:7c:8d:86:df:cf:
0f:da:77:7b:55:5d:2f:66:80:9d:f0:ad:2c:fd:1c:
42:ba:8e:ef:22:78:5d:d9:46:c1:f3:5e:1b:d5:62:
fd:84:55:8f:43:c0:81:82:28:f9:0e:ae:34:4e:29:
45:ee:da:c3:5b:ea:4b:f6:c7:0a:d5:8b:51:31:35:
d1:99:2e:b4:58:eb:43:3b:41:e6:9e:f3:9e:8d:f6:
c9:ed:30:de:5d:41:e7:47:d1:de:b8:30:46:01:c1:
a8:70:25:19:29:8c:da:7c:da:a1:27:4c:26:7c:ed:
31:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:46:84:83:05:1F:15:0B:AF:53:87:5E:1C:A6:04:AB:AE:39:A3:1A
X509v3 Authority Key Identifier:
keyid:B2:F2:79:53:AD:46:90:C0:68:FB:40:F9:F3:56:00:33:79:BB:63:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/svJ5U61GkMBo-0D581YAM3m7Y_g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/bkaEgwUfFQuvU4deHKYEq645oxo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/08973f-fb6a-41e5-8720-fb4cf137c1e9/1/svJ5U61GkMBo-0D581YAM3m7Y_g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.53.124.0/22
212.75.96.0/19
212.180.128.0/17
IPv6:
2001:4c30::/32
Signature Algorithm: sha256WithRSAEncryption
1a:ee:43:52:b7:83:c9:34:26:bb:db:9d:2b:b6:23:6d:eb:ed:
ec:0d:2c:52:e7:cd:ea:45:ae:15:53:52:c5:c9:96:39:c5:5f:
91:c9:85:9f:eb:10:a0:a6:53:4e:3e:76:63:78:fb:6c:2c:3a:
6d:82:52:3a:8a:20:db:2a:0a:b4:2b:64:3b:30:9d:b8:e9:1a:
60:d3:bc:ce:eb:09:fe:a3:f1:62:2e:76:62:26:39:8d:c6:fc:
28:f5:69:2d:28:5d:37:23:a9:b0:c4:06:a8:c7:31:13:40:83:
5e:de:d6:bb:98:02:f0:97:d4:2a:83:a6:d4:29:8b:21:76:78:
3b:4f:d0:d2:40:9d:06:12:08:c2:bc:d7:f4:ac:5c:bb:f7:1f:
3e:ac:f0:db:29:7e:0e:ea:41:00:22:18:12:a1:6f:a4:5a:35:
58:d5:ae:06:34:eb:b8:de:b7:50:ca:be:65:10:f2:f1:c7:bd:
62:e1:4e:eb:3b:ce:0a:8a:d6:d3:b2:23:78:e2:62:f5:30:d2:
6d:83:08:12:fe:45:df:d0:eb:6b:21:d8:c0:e1:c0:39:bb:ea:
56:d3:a9:10:e1:06:6f:70:6f:d1:5a:73:38:fd:ec:4b:b6:c1:
e8:a6:1c:1d:0c:e3:6d:4f:17:7c:cd:7d:81:f7:b2:40:95:ea:
48:10:25:14
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQiH9poapqfFeG3PUu5MmxfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIyZjI3OTUzYWQ0NjkwYzA2OGZiNDBmOWYzNTYwMDMzNzli
YjYzZjgwHhcNMjUwMTAxMTM0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQ2ODQ4MzA1MWYxNTBiYWY1Mzg3NWUxY2E2MDRhYmFlMzlhMzFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtifS2ytsPIqHVgMq5qhJu8wFptwv
I7/DmvvSU5IpOsvHcRY0KFGzOW17H9+hsgR0YUAic3+r6ZVyCfXdAjsKlpVkqFV+
NCmfT/d/v5xZhPufODz40A2vr2g+D8zdwFiWkmGjheDPo6938kFyDk9T+j9zRdCC
RdbS5rlE/nkFjjTYFFpm9gIgtRIm3rLiK22dfI2G388P2nd7VV0vZoCd8K0s/RxC
uo7vInhd2UbB814b1WL9hFWPQ8CBgij5Dq40TilF7trDW+pL9scK1YtRMTXRmS60
WOtDO0HmnvOejfbJ7TDeXUHnR9HeuDBGAcGocCUZKYzafNqhJ0wmfO0xrQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFG5GhIMFHxULr1OHXhymBKuuOaMaMB8GA1UdIwQY
MBaAFLLyeVOtRpDAaPtA+fNWADN5u2P4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3ZKNVU2MUdrTUJvLTBENTgxWUFNM203WV9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC8wODk3M2YtZmI2YS00MWU1LTg3MjAt
ZmI0Y2YxMzdjMWU5LzEvYmthRWd3VWZGUXV2VTRkZUhLWUVxNjQ1b3hvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC8wODk3M2YtZmI2YS00MWU1LTg3MjAtZmI0Y2YxMzdjMWU5
LzEvc3ZKNVU2MUdrTUJvLTBENTgxWUFNM203WV9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuTV8AwQF
1EtgAwQH1LSAMA0EAgACMAcDBQAgAUwwMA0GCSqGSIb3DQEBCwUAA4IBAQAa7kNS
t4PJNCa7250rtiNt6+3sDSxS583qRa4VU1LFyZY5xV+RyYWf6xCgplNOPnZjePts
LDptglI6iiDbKgq0K2Q7MJ246Rpg07zO6wn+o/FiLnZiJjmNxvwo9WktKF03I6mw
xAaoxzETQINe3ta7mALwl9Qqg6bUKYshdng7T9DSQJ0GEgjCvNf0rFy79x8+rPDb
KX4O6kEAIhgSoW+kWjVY1a4GNOu43rdQyr5lEPLxx71i4U7rO84KitbTsiN44mL1
MNJtgwgS/kXf0OtrIdjA4cA5u+pW06kQ4QZvcG/RWnM4/exLtsHophwdDONtTxd8
zX2B97JAlepIECUU
-----END CERTIFICATE-----
Generated at Tue Apr 8 11:45:22 2025 by rpki-client