Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/BXWkDJgGeE3wLT1lYDsJPAlavfw.roa
File: BXWkDJgGeE3wLT1lYDsJPAlavfw.roa (raw, json)
Hash identifier: irjuewqr+XdI7kgKWav4JZTl4lqEMRRX3Cq/Qdp74jc=
Subject key identifier: 05:75:A4:0C:98:06:78:4D:F0:2D:3D:65:60:3B:09:3C:09:5A:BD:FC
Certificate issuer: /CN=19cdd8206c1e352c5065e481797ef77af0c3de8d
Certificate serial: 019424B282935725BEA1076AF39145402EA0
Authority key identifier: 19:CD:D8:20:6C:1E:35:2C:50:65:E4:81:79:7E:F7:7A:F0:C3:DE:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gc3YIGweNSxQZeSBeX73evDD3o0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/BXWkDJgGeE3wLT1lYDsJPAlavfw.roa
Signing time: Thu 02 Jan 2025 01:47:46 +0000
ROA not before: Thu 02 Jan 2025 01:47:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51669
IP address blocks: 31.129.128.0/19 maxlen: 19
31.129.128.0/22 maxlen: 22
31.129.132.0/22 maxlen: 22
31.129.133.0/24 maxlen: 24
31.129.134.0/24 maxlen: 24
31.129.136.0/22 maxlen: 22
31.129.140.0/22 maxlen: 22
31.129.144.0/22 maxlen: 22
31.129.148.0/22 maxlen: 22
31.129.152.0/22 maxlen: 22
31.129.156.0/22 maxlen: 22
31.129.156.0/24 maxlen: 24
176.120.176.0/20 maxlen: 20
176.120.176.0/22 maxlen: 22
176.120.180.0/22 maxlen: 22
176.120.184.0/22 maxlen: 22
176.120.188.0/22 maxlen: 22
176.120.190.0/24 maxlen: 24
178.159.48.0/20 maxlen: 20
178.159.48.0/22 maxlen: 22
178.159.52.0/22 maxlen: 22
178.159.56.0/22 maxlen: 22
178.159.60.0/22 maxlen: 22
185.63.216.0/23 maxlen: 23
185.63.216.0/24 maxlen: 24
185.63.217.0/24 maxlen: 24
185.63.218.0/23 maxlen: 23
185.63.218.0/24 maxlen: 24
185.63.219.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/Gc3YIGweNSxQZeSBeX73evDD3o0.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/Gc3YIGweNSxQZeSBeX73evDD3o0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gc3YIGweNSxQZeSBeX73evDD3o0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:82:93:57:25:be:a1:07:6a:f3:91:45:40:2e:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19cdd8206c1e352c5065e481797ef77af0c3de8d
Validity
Not Before: Jan 2 01:47:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0575a40c9806784df02d3d65603b093c095abdfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:9f:d0:8f:7c:9b:c1:bd:94:e3:07:ff:fd:34:
b4:c1:c4:a5:3b:3b:52:49:ee:41:47:cb:a7:c6:fe:
73:fb:71:2e:eb:15:8e:7d:ca:76:e6:0d:2b:1c:a1:
d9:2a:d9:9e:a0:4e:e6:75:59:32:0b:cf:11:4f:61:
0c:43:8c:40:e6:47:a2:f9:44:64:da:4e:1c:6b:4f:
45:c1:5c:86:38:17:ea:d8:3a:15:8c:bd:f7:c1:e9:
06:ae:f9:18:0f:ea:d5:d8:c7:4e:4c:ae:43:72:61:
75:26:f9:94:dd:e1:86:a7:05:5b:ac:ea:cc:a8:6a:
8e:fe:2d:68:56:17:8b:32:d3:7e:51:fc:19:3b:89:
6b:f1:50:e9:00:16:59:11:79:0a:b2:66:a3:25:5e:
aa:8c:fb:74:a8:33:0b:31:2f:97:70:51:cc:bb:69:
76:a7:77:23:b9:7f:29:fc:db:e9:bd:60:42:1d:be:
e4:d5:fa:ed:13:74:bf:73:33:6a:8f:14:41:3d:eb:
d4:a3:83:a1:28:71:2b:33:a1:93:5f:e0:64:af:a0:
60:76:1c:dd:41:ce:1d:eb:3a:10:32:9f:96:e8:00:
98:a2:ef:4a:46:c2:d3:39:d6:aa:ee:c9:81:55:85:
bc:b7:7e:2a:5d:6d:ff:c6:46:43:df:6c:d4:5b:e2:
c4:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:75:A4:0C:98:06:78:4D:F0:2D:3D:65:60:3B:09:3C:09:5A:BD:FC
X509v3 Authority Key Identifier:
keyid:19:CD:D8:20:6C:1E:35:2C:50:65:E4:81:79:7E:F7:7A:F0:C3:DE:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gc3YIGweNSxQZeSBeX73evDD3o0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/BXWkDJgGeE3wLT1lYDsJPAlavfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/f25066-9eba-43ac-bbb4-7b1778ddf7a9/1/Gc3YIGweNSxQZeSBeX73evDD3o0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.129.128.0/19
176.120.176.0/20
178.159.48.0/20
185.63.216.0/22
Signature Algorithm: sha256WithRSAEncryption
50:2a:f2:32:b2:b8:53:e4:6e:b7:ab:0c:b7:ab:0d:33:78:48:
d9:72:75:9e:e3:d0:3f:f4:74:fb:30:0f:96:41:a9:bd:a0:91:
4f:38:11:e8:e9:42:2a:13:31:f8:29:10:f6:44:5d:15:f8:36:
83:7b:77:3d:6e:b5:47:d0:cb:ff:78:03:7f:ff:95:07:19:fc:
70:7a:73:9d:a3:da:57:eb:36:ce:62:85:a2:95:be:b8:d2:fb:
4d:70:11:b3:c5:27:a0:96:8f:74:1a:ac:59:33:2f:c6:89:05:
06:44:9f:b8:6a:8d:2d:43:62:5a:15:63:64:9a:41:63:85:a8:
08:f5:31:a7:c4:64:40:43:d3:1d:a2:69:7c:32:7d:60:13:02:
84:3e:f4:00:01:0d:73:4a:51:c4:db:dc:73:f5:cc:4a:c3:ef:
68:23:8b:bf:02:c4:56:7b:7d:b7:09:d5:fb:52:63:2c:12:a5:
2b:3f:de:bb:80:67:61:23:89:61:00:40:88:bd:c2:03:2a:54:
73:92:e6:88:f6:e3:a9:8d:90:4c:44:5d:19:72:d1:49:56:e0:
79:eb:6e:d3:4c:bd:ff:39:45:b5:db:03:e3:09:2b:29:68:8f:
0c:0e:a0:c6:43:f3:e8:ef:1f:b4:4d:4b:a6:8f:cb:03:43:59:
b4:83:cd:b1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQksoKTVyW+oQdq85FFQC6gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5Y2RkODIwNmMxZTM1MmM1MDY1ZTQ4MTc5N2VmNzdhZjBj
M2RlOGQwHhcNMjUwMTAyMDE0NzQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTc1YTQwYzk4MDY3ODRkZjAyZDNkNjU2MDNiMDkzYzA5NWFiZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwp/Qj3ybwb2U4wf//TS0wcSlOztS
Se5BR8unxv5z+3Eu6xWOfcp25g0rHKHZKtmeoE7mdVkyC88RT2EMQ4xA5kei+URk
2k4ca09FwVyGOBfq2DoVjL33wekGrvkYD+rV2MdOTK5DcmF1JvmU3eGGpwVbrOrM
qGqO/i1oVheLMtN+UfwZO4lr8VDpABZZEXkKsmajJV6qjPt0qDMLMS+XcFHMu2l2
p3cjuX8p/NvpvWBCHb7k1frtE3S/czNqjxRBPevUo4OhKHErM6GTX+Bkr6Bgdhzd
Qc4d6zoQMp+W6ACYou9KRsLTOdaq7smBVYW8t34qXW3/xkZD32zUW+LEvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAV1pAyYBnhN8C09ZWA7CTwJWr38MB8GA1UdIwQY
MBaAFBnN2CBsHjUsUGXkgXl+93rww96NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2MzWUlHd2VOU3hRWmVTQmVYNzNldkREM28wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9mMjUwNjYtOWViYS00M2FjLWJiYjQt
N2IxNzc4ZGRmN2E5LzEvQlhXa0RKZ0dlRTN3TFQxbFlEc0pQQWxhdmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9mMjUwNjYtOWViYS00M2FjLWJiYjQtN2IxNzc4ZGRmN2E5
LzEvR2MzWUlHd2VOU3hRWmVTQmVYNzNldkREM28wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFH4GAAwQE
sHiwAwQEsp8wAwQCuT/YMA0GCSqGSIb3DQEBCwUAA4IBAQBQKvIysrhT5G63qwy3
qw0zeEjZcnWe49A/9HT7MA+WQam9oJFPOBHo6UIqEzH4KRD2RF0V+DaDe3c9brVH
0Mv/eAN//5UHGfxwenOdo9pX6zbOYoWilb640vtNcBGzxSeglo90GqxZMy/GiQUG
RJ+4ao0tQ2JaFWNkmkFjhagI9TGnxGRAQ9Mdoml8Mn1gEwKEPvQAAQ1zSlHE29xz
9cxKw+9oI4u/AsRWe323CdX7UmMsEqUrP967gGdhI4lhAECIvcIDKlRzkuaI9uOp
jZBMRF0ZctFJVuB5627TTL3/OUW12wPjCSspaI8MDqDGQ/Po7x+0TUumj8sDQ1m0
g82x
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:38:30 2025 by rpki-client