Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/bzDr7kn2LfhqjYsoZQLZ-uHwvQI.roa
File: bzDr7kn2LfhqjYsoZQLZ-uHwvQI.roa (raw, json)
Hash identifier: ETCcL6Lmgpdi6iyG4gf+W9Umfg+Mzqif1q2dVBD62g4=
Subject key identifier: 6F:30:EB:EE:49:F6:2D:F8:6A:8D:8B:28:65:02:D9:FA:E1:F0:BD:02
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 019427B5315FD51023ADFB33FBD968D0F4DF
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/bzDr7kn2LfhqjYsoZQLZ-uHwvQI.roa
Signing time: Thu 02 Jan 2025 15:49:33 +0000
ROA not before: Thu 02 Jan 2025 15:49:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12632
IP address blocks: 82.79.114.0/23 maxlen: 23
82.79.119.0/24 maxlen: 24
82.137.8.0/22 maxlen: 22
82.137.12.0/22 maxlen: 24
86.123.114.0/24 maxlen: 24
188.208.136.0/22 maxlen: 24
188.208.136.0/23 maxlen: 23
188.208.138.0/23 maxlen: 23
188.241.252.0/22 maxlen: 24
188.241.252.0/23 maxlen: 23
188.241.254.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:31:5f:d5:10:23:ad:fb:33:fb:d9:68:d0:f4:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Jan 2 15:49:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f30ebee49f62df86a8d8b286502d9fae1f0bd02
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c9:73:2e:0a:c5:ce:c5:8e:93:95:5e:92:9f:
ef:35:c1:35:e7:77:7d:82:6f:f2:21:c1:a8:74:96:
ef:91:07:8d:53:bc:54:4e:fc:e5:b2:ac:7a:9f:5f:
c0:05:c9:60:33:20:ab:f2:e8:ba:e3:13:f0:03:2c:
40:d6:fb:31:97:d7:9d:f2:d3:8a:16:63:e6:1d:e4:
02:63:b1:aa:ab:61:bc:18:3e:11:44:9f:2d:53:a5:
8e:bf:83:3a:13:30:45:cb:4a:40:2a:a2:a8:22:26:
8f:8e:c4:06:29:5f:39:24:fa:31:af:13:4b:39:7b:
d0:03:d9:d4:aa:1b:3a:d4:6d:4b:6b:f7:68:50:ee:
2b:82:12:ba:27:29:cd:08:2b:3c:bb:0e:46:79:09:
37:2c:49:25:67:96:f0:83:eb:96:24:6b:bb:e9:b5:
63:bc:45:ce:a0:20:ec:72:53:6d:8b:7e:c6:f0:6a:
50:5b:bd:94:7c:d9:e1:34:c9:ca:8b:b4:35:6f:c0:
84:df:55:60:fd:fd:5c:d5:cb:52:b5:fb:b5:60:c3:
e6:69:a1:6b:39:c3:b5:5a:55:3b:25:6a:6f:7a:c2:
bb:57:6b:f2:bb:2a:cc:8a:ed:d4:22:16:13:27:c1:
5d:a1:cf:2e:4d:12:da:54:8c:31:c9:48:ef:82:20:
43:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:30:EB:EE:49:F6:2D:F8:6A:8D:8B:28:65:02:D9:FA:E1:F0:BD:02
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/bzDr7kn2LfhqjYsoZQLZ-uHwvQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.79.114.0/23
82.79.119.0/24
82.137.8.0/21
86.123.114.0/24
188.208.136.0/22
188.241.252.0/22
Signature Algorithm: sha256WithRSAEncryption
13:63:1e:3e:6a:1c:8a:a4:a4:b3:8a:c5:c8:d9:62:0c:a3:22:
09:24:fe:2a:51:ab:f2:7e:05:ba:53:db:db:79:68:3d:8f:cf:
3c:d2:23:c0:47:7b:b6:9b:19:62:cd:74:0c:17:d4:29:c9:01:
22:9e:f8:34:aa:72:5c:87:5d:f7:bd:7c:f5:28:a4:09:c2:ea:
f9:48:d1:6c:42:2d:01:87:d0:0c:d4:5d:12:62:56:2a:c9:06:
13:d4:9b:35:47:ca:00:9b:ce:d3:ef:39:c1:d0:95:93:41:81:
f0:7d:62:6d:b9:f1:73:7b:32:cc:6f:23:57:26:bc:7f:2e:33:
d6:df:e0:e9:7b:b4:be:f4:fc:82:0a:55:0e:82:26:c4:32:dc:
d5:8d:4e:72:59:9e:52:a3:1b:b1:ac:48:2a:1a:7e:fb:8c:b4:
87:c7:c5:6a:06:d6:c0:da:7e:39:62:c6:6e:83:f2:40:de:7c:
7e:6a:77:da:ea:f4:b7:38:cf:a4:38:0c:09:a9:3c:cd:ce:df:
e4:1e:f0:d2:9c:f3:1e:de:84:c7:a8:44:21:44:d0:70:2c:20:
a2:a3:b6:1c:53:d0:78:e6:98:11:1b:d4:9f:ed:0d:11:ba:50:
14:44:33:2b:73:ea:6e:14:88:d4:de:f3:2f:c8:06:67:b6:e2:
e0:0e:08:fe
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQntTFf1RAjrfsz+9lo0PTfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjUwMTAyMTU0OTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjMwZWJlZTQ5ZjYyZGY4NmE4ZDhiMjg2NTAyZDlmYWUxZjBiZDAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMlzLgrFzsWOk5Vekp/vNcE153d9
gm/yIcGodJbvkQeNU7xUTvzlsqx6n1/ABclgMyCr8ui64xPwAyxA1vsxl9ed8tOK
FmPmHeQCY7Gqq2G8GD4RRJ8tU6WOv4M6EzBFy0pAKqKoIiaPjsQGKV85JPoxrxNL
OXvQA9nUqhs61G1La/doUO4rghK6JynNCCs8uw5GeQk3LEklZ5bwg+uWJGu76bVj
vEXOoCDsclNti37G8GpQW72UfNnhNMnKi7Q1b8CE31Vg/f1c1ctStfu1YMPmaaFr
OcO1WlU7JWpvesK7V2vyuyrMiu3UIhYTJ8Fdoc8uTRLaVIwxyUjvgiBDqwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG8w6+5J9i34ao2LKGUC2frh8L0CMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEvYnpEcjdrbjJMZmhxallzb1pRTFotdUh3dlFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBUk9yAwQA
Uk93AwQDUokIAwQAVntyAwQCvNCIAwQCvPH8MA0GCSqGSIb3DQEBCwUAA4IBAQAT
Yx4+ahyKpKSzisXI2WIMoyIJJP4qUavyfgW6U9vbeWg9j8880iPAR3u2mxlizXQM
F9QpyQEinvg0qnJch133vXz1KKQJwur5SNFsQi0Bh9AM1F0SYlYqyQYT1Js1R8oA
m87T7znB0JWTQYHwfWJtufFzezLMbyNXJrx/LjPW3+Dpe7S+9PyCClUOgibEMtzV
jU5yWZ5SoxuxrEgqGn77jLSHx8VqBtbA2n45YsZug/JA3nx+anfa6vS3OM+kOAwJ
qTzNzt/kHvDSnPMe3oTHqEQhRNBwLCCio7YcU9B45pgRG9Sf7Q0RulAURDMrc+pu
FIjU3vMvyAZntuLgDgj+
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:55:21 2025 by rpki-client