Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/BBLVYphj9iVORNRgS5zeqL3DQPg.roa
File: BBLVYphj9iVORNRgS5zeqL3DQPg.roa (raw, json)
Hash identifier: s1WIuz+QL6Jyc5guR2FL0PZ9V8MIYBcEY0zm1CAEjHg=
Subject key identifier: 04:12:D5:62:98:63:F6:25:4E:44:D4:60:4B:9C:DE:A8:BD:C3:40:F8
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01946B203A4EE8769F64DDC3BC0C4D9675E7
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/BBLVYphj9iVORNRgS5zeqL3DQPg.roa
Signing time: Wed 15 Jan 2025 18:01:01 +0000
ROA not before: Wed 15 Jan 2025 18:01:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8708
IP address blocks: 46.102.175.0/24 maxlen: 24
85.204.242.0/24 maxlen: 24
86.105.233.0/24 maxlen: 24
86.106.113.0/24 maxlen: 24
89.34.178.0/24 maxlen: 24
89.38.236.0/24 maxlen: 24
89.40.65.0/24 maxlen: 24
89.43.53.0/24 maxlen: 24
89.43.63.0/24 maxlen: 24
89.46.93.0/24 maxlen: 24
93.114.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:6b:20:3a:4e:e8:76:9f:64:dd:c3:bc:0c:4d:96:75:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 15 18:01:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0412d5629863f6254e44d4604b9cdea8bdc340f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cb:02:a5:bf:90:8c:f1:72:c8:5c:19:9c:97:
b9:b0:ae:88:31:e2:39:7b:8f:02:72:1f:53:97:d6:
18:35:02:d9:cd:aa:03:d2:ae:6e:d4:8a:e4:91:cf:
2b:a5:61:6c:fa:8f:5b:00:4f:6a:7b:e0:d4:c6:44:
3c:2e:e1:9b:0e:f0:38:5f:89:be:b1:1d:55:83:c2:
67:99:cf:6d:66:34:b0:1c:dd:2a:32:52:00:6d:bc:
a5:48:ef:4f:4f:aa:9f:7c:0d:77:8d:84:9b:52:9f:
97:f9:cd:09:68:d7:9e:dd:ef:22:7c:f3:77:fb:58:
00:ca:d1:83:77:73:a8:21:45:93:ed:78:60:32:9f:
28:75:ca:df:c4:13:94:fa:ca:74:d9:d1:8a:ed:e8:
1a:74:6c:81:86:3e:3d:dc:06:65:5a:d2:e9:5f:b3:
20:26:71:c6:f6:51:6b:73:93:e9:2f:59:d3:a8:2b:
7a:f1:34:3d:3a:25:75:24:ff:36:4c:ab:ba:03:17:
4f:ad:b5:94:15:ec:f1:ac:39:75:b8:2d:3d:0b:ae:
51:fa:3f:6d:84:4f:3f:0d:69:8c:9e:7b:d8:1d:04:
f0:be:2d:bf:10:8e:fc:27:6b:d5:7a:9d:28:c8:e7:
3d:c7:3f:0b:59:03:e0:06:8c:52:1b:16:3d:4f:92:
94:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:12:D5:62:98:63:F6:25:4E:44:D4:60:4B:9C:DE:A8:BD:C3:40:F8
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/BBLVYphj9iVORNRgS5zeqL3DQPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.102.175.0/24
85.204.242.0/24
86.105.233.0/24
86.106.113.0/24
89.34.178.0/24
89.38.236.0/24
89.40.65.0/24
89.43.53.0/24
89.43.63.0/24
89.46.93.0/24
93.114.57.0/24
Signature Algorithm: sha256WithRSAEncryption
e4:2c:a8:f5:6a:ed:7a:fc:69:0c:28:72:02:35:16:9f:21:e6:
07:82:65:47:40:b9:63:da:e2:53:d3:b3:68:69:42:cc:3d:de:
67:5e:b0:fa:a9:98:59:cf:c9:2f:5a:d9:69:b3:52:14:13:af:
2c:7d:15:99:73:6a:2a:69:38:3c:e0:79:67:f6:4f:d7:4d:45:
41:63:bf:27:eb:6d:f3:ad:6f:07:1f:06:8d:42:64:68:a3:4f:
95:2c:d2:4b:17:7d:57:98:80:44:c6:1c:56:5f:e6:bc:db:77:
8e:f1:e6:a6:86:fa:2d:87:b2:d5:e6:da:2d:ab:93:28:55:a3:
7e:31:57:2f:f3:06:5f:e8:1a:c9:41:39:28:2c:87:c8:74:e0:
56:20:6d:ab:39:b7:a8:35:4b:fe:af:f2:85:69:a8:c4:9c:64:
0b:7d:9e:d8:8e:3e:e7:35:e0:99:0e:f0:08:a8:ac:a6:d2:0a:
c8:fc:4f:1f:2e:24:6c:49:07:95:7f:10:11:d0:28:84:f5:cb:
7b:4b:cf:fb:0a:44:0b:08:cd:00:93:4b:44:e4:af:4f:43:c2:
a3:e0:0d:b0:bd:f1:d6:ab:d8:5f:cc:14:14:c1:6c:41:82:53:
49:89:4b:69:bf:35:21:b4:89:34:fa:d0:9d:76:76:e7:b3:c7:
c8:07:99:7c
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZRrIDpO6HafZN3DvAxNlnXnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTE1MTgwMTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDEyZDU2Mjk4NjNmNjI1NGU0NGQ0NjA0YjljZGVhOGJkYzM0MGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMsCpb+QjPFyyFwZnJe5sK6IMeI5
e48Cch9Tl9YYNQLZzaoD0q5u1Irkkc8rpWFs+o9bAE9qe+DUxkQ8LuGbDvA4X4m+
sR1Vg8Jnmc9tZjSwHN0qMlIAbbylSO9PT6qffA13jYSbUp+X+c0JaNee3e8ifPN3
+1gAytGDd3OoIUWT7XhgMp8odcrfxBOU+sp02dGK7egadGyBhj493AZlWtLpX7Mg
JnHG9lFrc5PpL1nTqCt68TQ9OiV1JP82TKu6AxdPrbWUFezxrDl1uC09C65R+j9t
hE8/DWmMnnvYHQTwvi2/EI78J2vVep0oyOc9xz8LWQPgBoxSGxY9T5KUnQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFAQS1WKYY/YlTkTUYEuc3qi9w0D4MB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL0JCTFZZcGhqOWlWT1JOUmdTNXplcUwzRFFQZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwWwYIKwYBBQUHAQcBAf8ETDBKMEgEAgABMEIDBAAuZq8D
BABVzPIDBABWaekDBABWanEDBABZIrIDBABZJuwDBABZKEEDBABZKzUDBABZKz8D
BABZLl0DBABdcjkwDQYJKoZIhvcNAQELBQADggEBAOQsqPVq7Xr8aQwocgI1Fp8h
5geCZUdAuWPa4lPTs2hpQsw93mdesPqpmFnPyS9a2WmzUhQTryx9FZlzaippODzg
eWf2T9dNRUFjvyfrbfOtbwcfBo1CZGijT5Us0ksXfVeYgETGHFZf5rzbd47x5qaG
+i2HstXm2i2rkyhVo34xVy/zBl/oGslBOSgsh8h04FYgbas5t6g1S/6v8oVpqMSc
ZAt9ntiOPuc14JkO8AiorKbSCsj8Tx8uJGxJB5V/EBHQKIT1y3tLz/sKRAsIzQCT
S0Tkr09DwqPgDbC98dar2F/MFBTBbEGCU0mJS2m/NSG0iTT60J12duezx8gHmXw=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:34:48 2025 by rpki-client