Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bccfoxCfyNYe1cnWPcYhL2ehId4.roa
File: bccfoxCfyNYe1cnWPcYhL2ehId4.roa (raw, json)
Hash identifier: FxnA1YPWM/aAH8MLHcYPit5ZGx9TDBhBnv3U9uPWk/I=
Subject key identifier: 6D:C7:1F:A3:10:9F:C8:D6:1E:D5:C9:D6:3D:C6:21:2F:67:A1:21:DE
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01970DC1D00259F0D64C4D64AFD78989E91D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bccfoxCfyNYe1cnWPcYhL2ehId4.roa
Signing time: Mon 26 May 2025 18:01:34 +0000
ROA not before: Mon 26 May 2025 18:01:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 82.152.142.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0d:c1:d0:02:59:f0:d6:4c:4d:64:af:d7:89:89:e9:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 26 18:01:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dc71fa3109fc8d61ed5c9d63dc6212f67a121de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8e:bf:ef:85:39:a7:2a:87:1a:88:bb:a9:0e:
03:ef:1a:4d:98:ae:5e:c6:2b:a4:8d:42:b2:2e:13:
b3:a1:ab:99:3b:1f:c8:ef:a6:cf:b3:e2:bb:b1:2f:
96:21:a8:68:b3:b6:8e:63:fe:1d:8a:5e:8a:fb:01:
57:c0:49:85:ca:8b:49:fa:f1:83:fe:25:22:ea:2b:
ab:20:9f:6c:8f:14:83:52:b0:67:e9:2f:21:87:60:
19:61:e7:75:60:95:87:a3:69:b8:93:9d:40:71:98:
1e:ef:7d:c5:25:da:a7:48:35:16:3f:d8:b6:fd:73:
c7:34:14:07:72:14:c3:d4:7f:3a:96:48:cf:d0:a8:
eb:cc:df:e6:33:f8:9d:01:9b:a7:ef:44:c2:1b:c0:
d4:7e:1f:3c:aa:f5:83:a3:5d:0b:f8:f3:a1:f3:78:
b8:99:4d:cf:02:07:53:2c:a0:ac:b0:1d:fb:75:91:
b4:6a:1d:44:77:91:52:30:99:5d:a8:bc:be:73:2b:
4c:55:b9:c4:a9:4c:c5:66:39:0a:25:f6:27:d9:44:
e1:5e:dc:8b:c1:ae:47:1e:1b:a5:2f:90:3a:de:30:
6d:be:0a:97:f7:df:e5:e6:0d:cc:3b:6b:5c:18:5c:
61:9e:41:fc:bd:b1:34:1a:47:58:90:86:e1:f5:d5:
b1:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C7:1F:A3:10:9F:C8:D6:1E:D5:C9:D6:3D:C6:21:2F:67:A1:21:DE
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/bccfoxCfyNYe1cnWPcYhL2ehId4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
89.213.6.0/24
89.213.104.0/24
89.213.123.0/24
213.210.52.0/23
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
03:f4:76:27:9a:79:06:d6:11:23:1c:9a:74:71:8a:f1:30:e9:
23:13:4c:b4:ce:9c:74:5c:5c:9a:7c:53:59:2a:c7:6f:e6:ad:
98:b2:5e:67:f4:0f:48:a8:73:fc:5d:26:00:0b:a5:f1:c2:f8:
71:26:d6:36:43:94:d5:06:47:cc:b8:58:ce:f1:ec:bd:a0:19:
68:93:69:bc:a0:d8:02:6b:4b:9b:41:27:af:75:bd:f0:ee:40:
48:7f:51:56:ba:d4:2e:28:fd:57:fc:bb:e7:3d:17:12:0a:a9:
cb:e1:f1:c3:72:47:62:34:ae:42:09:c2:b9:e2:a3:b8:7e:15:
b3:85:d3:28:c8:5a:76:80:ba:54:d9:54:a4:21:4a:b1:ad:f1:
1e:f1:4a:a6:1d:9e:39:7e:80:ca:0b:64:ca:8d:7f:5c:14:eb:
20:b8:c9:b9:3c:78:e3:0a:e7:36:9f:f1:9a:a3:ec:3a:76:94:
f0:5d:e4:49:cb:22:25:67:8a:93:ba:3c:69:0a:2a:08:0c:11:
1f:d8:c6:e8:d7:d4:d4:ee:3b:ee:da:6d:28:5e:cd:ef:5d:c1:
b2:43:8e:3f:1a:1c:17:e7:94:13:91:81:13:23:45:27:62:4b:
6b:8c:3d:9c:eb:25:1c:7c:7f:6a:4e:a3:83:2c:5c:0e:52:e1:
f9:bd:b2:f9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZcNwdACWfDWTE1kr9eJiekdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNTI2MTgwMTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGM3MWZhMzEwOWZjOGQ2MWVkNWM5ZDYzZGM2MjEyZjY3YTEyMWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxI6/74U5pyqHGoi7qQ4D7xpNmK5e
xiukjUKyLhOzoauZOx/I76bPs+K7sS+WIahos7aOY/4dil6K+wFXwEmFyotJ+vGD
/iUi6iurIJ9sjxSDUrBn6S8hh2AZYed1YJWHo2m4k51AcZge733FJdqnSDUWP9i2
/XPHNBQHchTD1H86lkjP0KjrzN/mM/idAZun70TCG8DUfh88qvWDo10L+POh83i4
mU3PAgdTLKCssB37dZG0ah1Ed5FSMJldqLy+cytMVbnEqUzFZjkKJfYn2UThXtyL
wa5HHhulL5A63jBtvgqX99/l5g3MO2tcGFxhnkH8vbE0GkdYkIbh9dWxeQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG3HH6MQn8jWHtXJ1j3GIS9noSHeMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvYmNjZm94Q2Z5TlllMWNuV1BjWWhMMmVoSWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAUpiOAwQA
WdUGAwQAWdVoAwQAWdV7AwQB1dI0AwQA2ZFLMA0GCSqGSIb3DQEBCwUAA4IBAQAD
9HYnmnkG1hEjHJp0cYrxMOkjE0y0zpx0XFyafFNZKsdv5q2Ysl5n9A9IqHP8XSYA
C6XxwvhxJtY2Q5TVBkfMuFjO8ey9oBlok2m8oNgCa0ubQSevdb3w7kBIf1FWutQu
KP1X/LvnPRcSCqnL4fHDckdiNK5CCcK54qO4fhWzhdMoyFp2gLpU2VSkIUqxrfEe
8UqmHZ45foDKC2TKjX9cFOsguMm5PHjjCuc2n/Gao+w6dpTwXeRJyyIlZ4qTujxp
CioIDBEf2Mbo19TU7jvu2m0oXs3vXcGyQ44/GhwX55QTkYETI0UnYktrjD2c6yUc
fH9qTqODLFwOUuH5vbL5
-----END CERTIFICATE-----
Generated at Sat Jun 7 20:27:14 2025 by rpki-client