Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/bnVoAcKQpBUpBdJ_G4E6sEiT0wk.roa
File: bnVoAcKQpBUpBdJ_G4E6sEiT0wk.roa (raw, json)
Hash identifier: D5MR6IRxVzBiemlQt2yPaFHtcO6ch7oL0gJFMCA2LTc=
Subject key identifier: 6E:75:68:01:C2:90:A4:15:29:05:D2:7F:1B:81:3A:B0:48:93:D3:09
Certificate issuer: /CN=3be2f0164b66a76795860b4ea3586fad563bac47
Certificate serial: 019420D659D9C664BEFE3D5287527B0A4160
Authority key identifier: 3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/bnVoAcKQpBUpBdJ_G4E6sEiT0wk.roa
Signing time: Wed 01 Jan 2025 07:48:26 +0000
ROA not before: Wed 01 Jan 2025 07:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206264
IP address blocks: 2.57.214.0/24 maxlen: 24
2.57.215.0/24 maxlen: 24
5.183.209.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.139.122.0/24 maxlen: 24
80.251.152.0/23 maxlen: 24
89.42.231.0/24 maxlen: 24
89.249.49.0/24 maxlen: 24
93.123.72.0/24 maxlen: 24
94.156.33.0/24 maxlen: 24
185.177.74.0/24 maxlen: 24
185.177.75.0/24 maxlen: 24
185.191.124.0/24 maxlen: 24
185.191.125.0/24 maxlen: 24
185.191.126.0/24 maxlen: 24
185.191.127.0/24 maxlen: 24
2a0d:1000::/29 maxlen: 29
2a0d:1000::/30 maxlen: 30
2a0d:1004::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:59:d9:c6:64:be:fe:3d:52:87:52:7b:0a:41:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3be2f0164b66a76795860b4ea3586fad563bac47
Validity
Not Before: Jan 1 07:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e756801c290a4152905d27f1b813ab04893d309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:d5:22:46:77:e4:61:22:74:3c:8b:5f:7c:3a:
90:d1:6f:00:c7:0c:71:82:ba:9d:a8:43:5d:4c:7c:
f5:45:0b:0e:af:90:29:5a:14:f8:51:69:a4:95:9a:
d6:10:7b:31:5d:06:36:6a:f4:52:82:30:e1:20:bd:
5b:a0:fb:95:ba:20:18:56:a0:fd:16:25:aa:50:64:
10:1e:76:6b:0a:71:72:97:d3:2e:98:05:d0:8d:e4:
3e:7e:55:9e:db:f3:1c:3b:0a:d6:a5:85:9e:ed:05:
10:0a:ab:1a:57:a4:43:c8:93:ae:ed:44:25:55:c1:
cb:81:1d:0c:50:e6:a3:c7:c6:47:fd:72:66:e3:88:
fa:62:5b:2c:46:3d:69:35:60:da:74:16:1d:41:95:
c4:1e:7a:9c:d7:f7:5e:3a:f7:08:97:34:8b:de:f3:
5e:4c:22:ca:a6:f8:d5:18:1c:05:ff:99:d6:9c:2e:
e3:a2:6e:50:39:61:01:55:08:ad:65:13:71:62:0f:
83:08:0e:d7:c2:b1:22:04:32:22:95:ba:5b:61:00:
ff:2a:c9:2f:13:c6:30:a3:8f:51:ec:8f:91:4d:c7:
e5:28:a2:7a:c3:d9:5c:b8:d3:24:72:fb:a9:e0:63:
ba:10:fb:bd:f9:ee:b9:1c:f4:ce:a5:bf:13:ac:5f:
e7:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:75:68:01:C2:90:A4:15:29:05:D2:7F:1B:81:3A:B0:48:93:D3:09
X509v3 Authority Key Identifier:
keyid:3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/bnVoAcKQpBUpBdJ_G4E6sEiT0wk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.214.0/23
5.183.209.0/24
45.129.84.0/24
45.139.122.0/24
80.251.152.0/23
89.42.231.0/24
89.249.49.0/24
93.123.72.0/24
94.156.33.0/24
185.177.74.0/23
185.191.124.0/22
IPv6:
2a0d:1000::/29
Signature Algorithm: sha256WithRSAEncryption
83:6f:28:4c:4d:9f:1a:39:b9:f7:f6:b2:96:5c:3e:0f:75:88:
1d:31:34:c5:ab:60:38:c3:0a:f7:cf:bb:5c:c7:ad:19:51:82:
61:e3:a3:1b:b6:8e:07:91:32:f5:0e:8a:cf:b2:48:07:4b:d2:
d0:d6:8f:f4:98:c0:d4:12:ee:b1:0b:26:79:1e:1a:bb:66:a6:
89:9f:11:b9:c2:fd:6f:13:b9:75:34:28:dd:4f:1c:83:5a:5d:
bf:e1:35:ac:cb:35:d3:bd:83:1e:f8:59:98:21:4c:ac:56:10:
c6:ae:b5:c5:aa:f7:8f:b7:69:5a:cf:9a:bf:26:46:dd:4c:a6:
72:44:3a:97:a1:e9:32:8f:e5:02:d3:24:28:4c:0b:d7:3a:78:
02:3a:6e:dd:f4:59:07:da:a9:3d:4b:31:1f:58:b3:03:19:7c:
aa:5e:cd:81:d5:56:66:f8:04:15:4d:55:e2:6f:b8:31:05:e2:
db:c7:ff:86:0e:af:8b:b3:80:e1:bc:eb:88:97:28:8e:89:40:
12:8e:f4:19:77:f3:f0:e7:7d:0e:b0:40:a4:f4:68:fe:1c:cd:
97:43:92:45:d9:80:92:6f:fe:fd:7e:3b:88:3b:ca:07:e8:27:
8a:00:2b:12:43:76:31:e6:86:3f:e6:86:ba:d5:91:dd:a7:aa:
98:4d:a5:e7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZQg1lnZxmS+/j1Sh1J7CkFgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZTJmMDE2NGI2NmE3Njc5NTg2MGI0ZWEzNTg2ZmFkNTYz
YmFjNDcwHhcNMjUwMTAxMDc0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTc1NjgwMWMyOTBhNDE1MjkwNWQyN2YxYjgxM2FiMDQ4OTNkMzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19UiRnfkYSJ0PItffDqQ0W8Axwxx
grqdqENdTHz1RQsOr5ApWhT4UWmklZrWEHsxXQY2avRSgjDhIL1boPuVuiAYVqD9
FiWqUGQQHnZrCnFyl9MumAXQjeQ+flWe2/McOwrWpYWe7QUQCqsaV6RDyJOu7UQl
VcHLgR0MUOajx8ZH/XJm44j6YlssRj1pNWDadBYdQZXEHnqc1/deOvcIlzSL3vNe
TCLKpvjVGBwF/5nWnC7jom5QOWEBVQitZRNxYg+DCA7XwrEiBDIilbpbYQD/Kskv
E8Ywo49R7I+RTcflKKJ6w9lcuNMkcvup4GO6EPu9+e65HPTOpb8TrF/nCwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFG51aAHCkKQVKQXSfxuBOrBIk9MJMB8GA1UdIwQY
MBaAFDvi8BZLZqdnlYYLTqNYb61WO6xHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYt
ZjlhZDM4MDUxMjIwLzEvYm5Wb0FjS1FwQlVwQmRKX0c0RTZzRWlUMHdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYtZjlhZDM4MDUxMjIw
LzEvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQBAjnWAwQA
BbfRAwQALYFUAwQALYt6AwQBUPuYAwQAWSrnAwQAWfkxAwQAXXtIAwQAXpwhAwQB
ubFKAwQCub98MA0EAgACMAcDBQMqDRAAMA0GCSqGSIb3DQEBCwUAA4IBAQCDbyhM
TZ8aObn39rKWXD4PdYgdMTTFq2A4wwr3z7tcx60ZUYJh46Mbto4HkTL1DorPskgH
S9LQ1o/0mMDUEu6xCyZ5Hhq7ZqaJnxG5wv1vE7l1NCjdTxyDWl2/4TWsyzXTvYMe
+FmYIUysVhDGrrXFqvePt2laz5q/JkbdTKZyRDqXoekyj+UC0yQoTAvXOngCOm7d
9FkH2qk9SzEfWLMDGXyqXs2B1VZm+AQVTVXib7gxBeLbx/+GDq+Ls4DhvOuIlyiO
iUASjvQZd/Pw530OsECk9Gj+HM2XQ5JF2YCSb/79fjuIO8oH6CeKACsSQ3Yx5oY/
5oa61ZHdp6qYTaXn
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:42:42 2025 by rpki-client