Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/BO3NQSZ4VV4Ik2Xgm0m98xsd8Po.roa
File: BO3NQSZ4VV4Ik2Xgm0m98xsd8Po.roa (raw, json)
Hash identifier: zwimVc6fdY5wMVCx/Pfq1/VebJPothW3yZi++5QRFE0=
Subject key identifier: 04:ED:CD:41:26:78:55:5E:08:93:65:E0:9B:49:BD:F3:1B:1D:F0:FA
Certificate issuer: /CN=86497682e9307c4687935008173147d132a28c64
Certificate serial: 019425FDA542B395FDFB548571F93AB6503A
Authority key identifier: 86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/BO3NQSZ4VV4Ik2Xgm0m98xsd8Po.roa
Signing time: Thu 02 Jan 2025 07:49:27 +0000
ROA not before: Thu 02 Jan 2025 07:49:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60782
IP address blocks: 79.139.66.0/24 maxlen: 32
79.139.68.0/22 maxlen: 32
79.139.116.0/22 maxlen: 32
185.74.84.0/22 maxlen: 32
185.97.16.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:a5:42:b3:95:fd:fb:54:85:71:f9:3a:b6:50:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86497682e9307c4687935008173147d132a28c64
Validity
Not Before: Jan 2 07:49:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04edcd412678555e089365e09b49bdf31b1df0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:ef:41:8a:c5:17:04:dc:4d:cc:d2:30:b1:f7:
37:3a:3d:28:1b:08:a9:37:fb:91:98:a1:ce:0b:9f:
e8:28:93:70:e1:b9:74:e3:ff:ac:01:d3:bc:6e:be:
b4:4a:d5:12:a7:4f:fa:14:91:8f:2d:88:cc:e9:c0:
ce:87:7d:ac:2e:64:4e:ab:f5:c8:8b:ba:e2:ff:f7:
a5:cb:16:bc:0a:0d:cd:41:8b:65:8a:d6:07:98:b9:
17:0e:ed:68:07:6a:c9:2f:3f:4d:1c:63:75:a7:f5:
33:34:07:46:39:44:c5:90:46:ae:71:6b:39:cd:0f:
14:e8:6f:80:b2:36:af:8b:4f:d7:92:4c:42:41:68:
b8:ea:70:f8:2c:b4:de:9e:c4:ab:61:13:c0:06:1e:
6c:d1:2d:2c:a7:d6:3f:24:61:51:1c:cd:c7:47:3b:
43:f3:ec:79:8e:df:fb:5b:b3:ba:b3:cb:17:56:f6:
74:c4:26:48:70:9c:60:de:06:b6:0f:1e:68:87:4b:
4c:d8:89:11:5a:f6:43:f5:a3:ed:b1:c4:1b:4e:e4:
bb:28:41:77:f2:f5:3c:3e:0f:6d:80:e9:39:e5:98:
17:88:fe:9e:ed:36:a6:eb:68:da:93:4e:65:f2:2f:
57:df:63:47:12:3d:0d:27:d0:a1:2c:2a:c1:68:bc:
c6:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:ED:CD:41:26:78:55:5E:08:93:65:E0:9B:49:BD:F3:1B:1D:F0:FA
X509v3 Authority Key Identifier:
keyid:86:49:76:82:E9:30:7C:46:87:93:50:08:17:31:47:D1:32:A2:8C:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hkl2gukwfEaHk1AIFzFH0TKijGQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/BO3NQSZ4VV4Ik2Xgm0m98xsd8Po.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/c1a754-1f96-4500-8102-91140f329eaa/1/hkl2gukwfEaHk1AIFzFH0TKijGQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.139.66.0/24
79.139.68.0/22
79.139.116.0/22
185.74.84.0/22
185.97.16.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:ca:98:11:7d:4d:9f:94:5e:fc:34:0e:58:a4:1b:88:7f:38:
20:cc:cd:60:26:2d:0f:89:47:a9:4a:88:63:8e:78:62:a8:30:
d3:dc:76:33:59:f0:f7:7d:f9:4d:e2:78:c7:ca:85:76:00:22:
05:47:c2:e1:be:ba:7c:c1:22:0d:0a:2d:29:1d:fd:1a:5e:9f:
08:95:02:b0:92:f5:ef:55:a3:f5:de:a2:b0:d7:01:8b:35:db:
39:55:ca:41:bf:0b:88:69:a9:24:40:0b:c5:32:e7:76:bf:68:
0a:2a:63:f0:07:db:c5:58:94:c0:fd:f6:e2:00:29:eb:6e:eb:
3c:84:37:b5:ba:f5:02:98:a2:e2:b3:9d:ca:6f:34:04:2e:3f:
6a:68:61:28:17:ce:73:7e:79:87:bf:2f:d9:d0:d5:7e:dc:75:
5a:be:80:9c:c6:29:37:d7:fb:77:af:7c:4f:1d:77:57:12:ff:
a3:6e:df:ef:b8:cc:79:b0:3a:5d:f8:94:92:95:a0:67:ce:7e:
cf:4b:be:82:09:fb:91:b4:d6:43:15:27:38:df:ed:22:2c:fc:
7f:77:92:bb:e8:b7:62:f0:f1:24:f6:ef:2d:10:c4:8e:48:ee:
23:cf:e4:c7:77:6b:ae:4a:49:fd:bf:ff:53:ac:e8:b2:8b:63:
3f:b2:63:e4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQl/aVCs5X9+1SFcfk6tlA6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2NDk3NjgyZTkzMDdjNDY4NzkzNTAwODE3MzE0N2QxMzJh
MjhjNjQwHhcNMjUwMTAyMDc0OTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGVkY2Q0MTI2Nzg1NTVlMDg5MzY1ZTA5YjQ5YmRmMzFiMWRmMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4O9BisUXBNxNzNIwsfc3Oj0oGwip
N/uRmKHOC5/oKJNw4bl04/+sAdO8br60StUSp0/6FJGPLYjM6cDOh32sLmROq/XI
i7ri//elyxa8Cg3NQYtlitYHmLkXDu1oB2rJLz9NHGN1p/UzNAdGOUTFkEaucWs5
zQ8U6G+Asjavi0/XkkxCQWi46nD4LLTensSrYRPABh5s0S0sp9Y/JGFRHM3HRztD
8+x5jt/7W7O6s8sXVvZ0xCZIcJxg3ga2Dx5oh0tM2IkRWvZD9aPtscQbTuS7KEF3
8vU8Pg9tgOk55ZgXiP6e7Tam62jak05l8i9X32NHEj0NJ9ChLCrBaLzGIQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFATtzUEmeFVeCJNl4JtJvfMbHfD6MB8GA1UdIwQY
MBaAFIZJdoLpMHxGh5NQCBcxR9EyooxkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDIt
OTExNDBmMzI5ZWFhLzEvQk8zTlFTWjRWVjRJazJYZ20wbTk4eHNkOFBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jMWE3NTQtMWY5Ni00NTAwLTgxMDItOTExNDBmMzI5ZWFh
LzEvaGtsMmd1a3dmRWFIazFBSUZ6RkgwVEtpakdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAT4tCAwQC
T4tEAwQCT4t0AwQCuUpUAwQCuWEQMA0GCSqGSIb3DQEBCwUAA4IBAQArypgRfU2f
lF78NA5YpBuIfzggzM1gJi0PiUepSohjjnhiqDDT3HYzWfD3fflN4njHyoV2ACIF
R8Lhvrp8wSINCi0pHf0aXp8IlQKwkvXvVaP13qKw1wGLNds5VcpBvwuIaakkQAvF
Mud2v2gKKmPwB9vFWJTA/fbiACnrbus8hDe1uvUCmKLis53KbzQELj9qaGEoF85z
fnmHvy/Z0NV+3HVavoCcxik31/t3r3xPHXdXEv+jbt/vuMx5sDpd+JSSlaBnzn7P
S76CCfuRtNZDFSc43+0iLPx/d5K76Ldi8PEk9u8tEMSOSO4jz+THd2uuSkn9v/9T
rOiyi2M/smPk
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:07:07 2025 by rpki-client