Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/BfHqfkHY1q4ldygRkcfv7XdzqLs.roa
File: BfHqfkHY1q4ldygRkcfv7XdzqLs.roa (raw, json)
Hash identifier: YbMXX/fz76OV1tIhHwhH/SEdCy/PTJDjaV1pgkgaZeE=
Subject key identifier: 05:F1:EA:7E:41:D8:D6:AE:25:77:28:11:91:C7:EF:ED:77:73:A8:BB
Certificate issuer: /CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Certificate serial: 019426D936062573303ED424BDCCAF84E708
Authority key identifier: AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/BfHqfkHY1q4ldygRkcfv7XdzqLs.roa
Signing time: Thu 02 Jan 2025 11:49:16 +0000
ROA not before: Thu 02 Jan 2025 11:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21182
IP address blocks: 185.178.156.0/22 maxlen: 22
185.178.156.0/23 maxlen: 23
185.178.158.0/24 maxlen: 24
217.173.192.0/21 maxlen: 21
217.173.200.0/23 maxlen: 23
217.173.206.0/23 maxlen: 23
2a04:9440::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:36:06:25:73:30:3e:d4:24:bd:cc:af:84:e7:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1c800aa1b78a17a43e19fd9938355d0411e94a
Validity
Not Before: Jan 2 11:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05f1ea7e41d8d6ae2577281191c7efed7773a8bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:a1:49:27:da:91:6a:1f:46:cb:79:12:b0:33:
f2:65:7e:58:34:e2:7c:1e:ba:70:58:18:3e:e1:2a:
d9:9a:11:27:c0:c4:c0:89:ac:a7:09:a6:23:0f:d0:
7d:f9:50:e7:10:d5:49:06:f7:07:a5:0e:45:09:5e:
3b:0d:cf:ac:3c:20:d6:49:23:af:0a:bb:d6:e2:30:
22:19:a4:dd:f2:56:00:a7:02:d5:a2:63:2f:d0:62:
50:26:69:da:15:70:e7:8e:22:0f:20:5b:9f:57:8c:
27:d6:7c:80:de:ad:21:ea:d8:de:4c:e0:57:7c:00:
82:2b:12:0c:2c:8e:a2:52:02:89:f7:37:5a:0b:99:
b5:e4:99:de:75:f4:4b:fc:d8:0d:27:ec:ab:88:25:
eb:52:7d:d3:3b:80:b8:7f:cb:80:c1:1a:12:8e:ea:
8c:30:f6:2e:29:d2:0d:62:c2:d7:c6:e1:2b:f8:e5:
40:67:78:09:67:d9:94:cf:ff:cb:4d:5d:57:12:4c:
ac:28:99:36:c4:28:c1:fe:8d:62:65:ae:ad:3e:22:
ca:59:9b:3c:d3:e2:57:5d:af:dc:82:9f:bf:8c:bc:
e8:b4:f5:ba:aa:20:50:dd:03:c2:8d:65:b4:d6:36:
5f:d5:e4:e6:00:e0:94:95:45:7e:15:38:e9:61:ec:
0a:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:F1:EA:7E:41:D8:D6:AE:25:77:28:11:91:C7:EF:ED:77:73:A8:BB
X509v3 Authority Key Identifier:
keyid:AB:1C:80:0A:A1:B7:8A:17:A4:3E:19:FD:99:38:35:5D:04:11:E9:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qxyACqG3ihekPhn9mTg1XQQR6Uo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/BfHqfkHY1q4ldygRkcfv7XdzqLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/1b1ca0-bbf2-4419-8a0c-50cbcb5b19c2/1/qxyACqG3ihekPhn9mTg1XQQR6Uo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.156.0/22
217.173.192.0-217.173.201.255
217.173.206.0/23
IPv6:
2a04:9440::/30
Signature Algorithm: sha256WithRSAEncryption
b1:47:b5:8f:6b:b3:2d:04:d6:b8:4f:55:2a:fc:6f:68:a9:16:
2f:15:54:a1:b9:3f:43:77:51:6d:d0:c9:dc:94:a8:e3:81:5b:
e2:66:e8:23:09:3b:4d:c0:4e:e7:b9:f5:2f:3a:77:ff:44:85:
9b:b6:c3:cb:e9:64:67:51:e4:66:c8:8c:3e:35:9c:a8:a6:69:
7c:fa:b5:6f:ff:c0:47:7e:b5:64:10:d9:69:cb:60:97:8b:24:
8f:8a:39:15:25:6b:49:42:14:94:19:c7:5e:25:cb:ce:ea:01:
3e:56:1b:eb:30:09:18:98:da:04:87:34:94:b8:b7:f0:ab:54:
26:07:86:40:33:58:6c:7d:1a:e7:b7:35:fb:27:53:71:44:62:
b9:55:d9:cf:e2:e4:8e:ff:1d:74:a7:24:49:91:b7:85:c8:1d:
4f:37:88:f6:ad:6e:15:e7:93:17:f9:ee:c6:12:0f:17:9a:ce:
d5:ab:5c:f2:c9:4d:9d:87:9d:c9:39:a5:9a:70:66:f2:73:a1:
30:3f:fc:3e:b5:f0:f5:5e:40:2f:3c:11:6a:3b:f7:c0:a8:fd:
00:f2:03:ea:24:9f:51:7f:a9:91:be:a6:95:39:6f:06:19:fd:
84:47:ae:53:e6:ac:bc:79:b2:55:9d:54:ee:4f:13:ef:38:98:
62:67:43:29
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZQm2TYGJXMwPtQkvcyvhOcIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWM4MDBhYTFiNzhhMTdhNDNlMTlmZDk5MzgzNTVkMDQx
MWU5NGEwHhcNMjUwMTAyMTE0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWYxZWE3ZTQxZDhkNmFlMjU3NzI4MTE5MWM3ZWZlZDc3NzNhOGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs6FJJ9qRah9Gy3kSsDPyZX5YNOJ8
HrpwWBg+4SrZmhEnwMTAiaynCaYjD9B9+VDnENVJBvcHpQ5FCV47Dc+sPCDWSSOv
CrvW4jAiGaTd8lYApwLVomMv0GJQJmnaFXDnjiIPIFufV4wn1nyA3q0h6tjeTOBX
fACCKxIMLI6iUgKJ9zdaC5m15JnedfRL/NgNJ+yriCXrUn3TO4C4f8uAwRoSjuqM
MPYuKdINYsLXxuEr+OVAZ3gJZ9mUz//LTV1XEkysKJk2xCjB/o1iZa6tPiLKWZs8
0+JXXa/cgp+/jLzotPW6qiBQ3QPCjWW01jZf1eTmAOCUlUV+FTjpYewKWQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFAXx6n5B2NauJXcoEZHH7+13c6i7MB8GA1UdIwQY
MBaAFKscgAqht4oXpD4Z/Zk4NV0EEelKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMt
NTBjYmNiNWIxOWMyLzEvQmZIcWZrSFkxcTRsZHlnUmtjZnY3WGR6cUxzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS8xYjFjYTAtYmJmMi00NDE5LThhMGMtNTBjYmNiNWIxOWMy
LzEvcXh5QUNxRzNpaGVrUGhuOW1UZzFYUVFSNlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCubKcMAwD
BAbZrcADBAHZrcgDBAHZrc4wDQQCAAIwBwMFAioElEAwDQYJKoZIhvcNAQELBQAD
ggEBALFHtY9rsy0E1rhPVSr8b2ipFi8VVKG5P0N3UW3QydyUqOOBW+Jm6CMJO03A
Tue59S86d/9EhZu2w8vpZGdR5GbIjD41nKimaXz6tW//wEd+tWQQ2WnLYJeLJI+K
ORUla0lCFJQZx14ly87qAT5WG+swCRiY2gSHNJS4t/CrVCYHhkAzWGx9Gue3Nfsn
U3FEYrlV2c/i5I7/HXSnJEmRt4XIHU83iPatbhXnkxf57sYSDxeaztWrXPLJTZ2H
nck5pZpwZvJzoTA//D618PVeQC88EWo798Co/QDyA+okn1F/qZG+ppU5bwYZ/YRH
rlPmrLx5slWdVO5PE+84mGJnQyk=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:34 2025 by rpki-client