Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/BMTWySXXoYp4j_6ntbs2-ohamFg.roa
File: BMTWySXXoYp4j_6ntbs2-ohamFg.roa (raw, json)
Hash identifier: Edn46RrNIn8d7M7n7vHt7AEpc6kjHSKwgJ18d66oH+s=
Subject key identifier: 04:C4:D6:C9:25:D7:A1:8A:78:8F:FE:A7:B5:BB:36:FA:88:5A:98:58
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 019427B63A49A930CFE6AF1B2D859A1CA73E
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/BMTWySXXoYp4j_6ntbs2-ohamFg.roa
Signing time: Thu 02 Jan 2025 15:50:41 +0000
ROA not before: Thu 02 Jan 2025 15:50:41 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211415
IP address blocks: 2.56.184.0/22 maxlen: 22
31.40.232.0/22 maxlen: 24
45.11.152.0/24 maxlen: 24
45.11.153.0/24 maxlen: 24
45.147.153.0/24 maxlen: 24
45.147.154.0/24 maxlen: 24
45.147.155.0/24 maxlen: 24
85.8.168.0/22 maxlen: 22
194.121.59.0/24 maxlen: 24
194.124.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:3a:49:a9:30:cf:e6:af:1b:2d:85:9a:1c:a7:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Jan 2 15:50:41 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04c4d6c925d7a18a788ffea7b5bb36fa885a9858
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:a1:fc:cc:6c:ca:52:db:d6:da:74:72:b4:37:
61:f1:04:3a:12:6c:c1:38:dc:1d:5a:c9:70:d1:3c:
f9:15:a3:3f:97:9a:1e:8f:2f:d7:5f:17:d6:3f:b9:
0a:1d:64:f0:36:57:8b:41:e5:cf:ce:d6:d2:a8:5c:
8f:ba:1e:e7:2a:b8:00:2b:56:2c:1f:ea:fa:54:b6:
56:2e:62:e8:b0:e4:a6:b8:f3:08:05:da:ad:f3:7c:
10:c4:40:a6:8c:6f:3f:15:4e:e1:67:27:be:e3:be:
b9:c1:a3:77:50:b4:c0:7b:0e:13:6d:ae:a3:d7:76:
48:a8:e1:60:84:55:81:0f:e6:9f:92:f3:37:09:9e:
9f:82:12:6a:6d:fc:87:78:59:f5:a1:ed:86:1a:b0:
8b:8a:f0:5d:71:a0:38:82:e2:b0:99:54:77:f7:c7:
47:27:c1:81:36:e5:d9:6a:08:a3:8c:58:75:40:8c:
12:fa:bf:76:94:d5:44:3b:bd:44:53:0d:a1:ea:34:
24:19:01:ea:95:6e:1d:72:57:6d:03:61:ed:17:9c:
63:ce:c6:78:15:a3:e9:52:23:7a:b9:d0:c2:31:a0:
f8:83:fd:c9:88:83:6d:5b:8e:80:72:0a:8e:cd:a8:
4a:1a:11:d8:66:b4:e3:2e:ce:fe:00:54:21:b4:2e:
85:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:C4:D6:C9:25:D7:A1:8A:78:8F:FE:A7:B5:BB:36:FA:88:5A:98:58
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/BMTWySXXoYp4j_6ntbs2-ohamFg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.184.0/22
31.40.232.0/22
45.11.152.0/23
45.147.153.0-45.147.155.255
85.8.168.0/22
194.121.59.0/24
194.124.144.0/24
Signature Algorithm: sha256WithRSAEncryption
57:de:2a:d4:04:eb:a0:45:0e:5c:7a:44:ff:e1:f0:36:6d:71:
4e:30:57:5e:d9:c0:df:7b:45:67:c1:c9:e9:0c:46:b8:4f:72:
d7:07:a6:c6:35:4d:b4:cb:1c:ce:6b:58:6d:66:88:d4:57:b2:
e4:f4:93:ff:1c:b2:00:41:ac:1b:fd:0e:12:52:fe:ef:ff:b4:
6a:7b:12:d8:6a:8e:6f:1a:b1:23:56:04:17:f1:2b:7f:fb:6f:
21:4a:a7:04:89:26:8e:ab:33:2e:33:f8:65:90:76:5e:c0:e5:
7a:9d:e7:6a:94:f7:ec:7b:4b:f7:06:ff:35:c7:40:74:cd:20:
17:37:a0:cd:7f:2f:a5:d7:8b:aa:92:6a:d3:67:c9:4b:5a:f8:
a3:f9:cd:b4:8c:23:19:9a:89:c1:9c:03:96:53:0a:33:38:c5:
06:9e:cd:16:a2:10:5c:4b:85:0c:de:9f:8b:95:dc:8e:34:8c:
b1:72:d8:33:84:8f:7f:87:0a:6b:ed:73:7f:6e:7f:62:3f:e6:
68:9d:a6:0b:f5:b0:a6:e2:43:32:10:0f:0e:b3:d1:28:15:f6:
fd:83:af:47:20:69:f9:18:5d:a1:80:e4:8c:28:18:32:7f:a6:
15:05:2a:1e:de:88:d0:4a:8f:1b:ae:97:14:e2:d1:54:50:64:
3b:e2:9c:e0
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQntjpJqTDP5q8bLYWaHKc+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjUwMTAyMTU1MDQxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGM0ZDZjOTI1ZDdhMThhNzg4ZmZlYTdiNWJiMzZmYTg4NWE5ODU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqKH8zGzKUtvW2nRytDdh8QQ6EmzB
ONwdWslw0Tz5FaM/l5oejy/XXxfWP7kKHWTwNleLQeXPztbSqFyPuh7nKrgAK1Ys
H+r6VLZWLmLosOSmuPMIBdqt83wQxECmjG8/FU7hZye+4765waN3ULTAew4Tba6j
13ZIqOFghFWBD+afkvM3CZ6fghJqbfyHeFn1oe2GGrCLivBdcaA4guKwmVR398dH
J8GBNuXZagijjFh1QIwS+r92lNVEO71EUw2h6jQkGQHqlW4dcldtA2HtF5xjzsZ4
FaPpUiN6udDCMaD4g/3JiINtW46AcgqOzahKGhHYZrTjLs7+AFQhtC6FHQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFATE1skl16GKeI/+p7W7NvqIWphYMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvQk1UV3lTWFhvWXA0al82bnRiczItb2hhbUZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCAji4AwQC
HyjoAwQBLQuYMAwDBAAtk5kDBAItk5gDBAJVCKgDBADCeTsDBADCfJAwDQYJKoZI
hvcNAQELBQADggEBAFfeKtQE66BFDlx6RP/h8DZtcU4wV17ZwN97RWfByekMRrhP
ctcHpsY1TbTLHM5rWG1miNRXsuT0k/8csgBBrBv9DhJS/u//tGp7Ethqjm8asSNW
BBfxK3/7byFKpwSJJo6rMy4z+GWQdl7A5Xqd52qU9+x7S/cG/zXHQHTNIBc3oM1/
L6XXi6qSatNnyUta+KP5zbSMIxmaicGcA5ZTCjM4xQaezRaiEFxLhQzen4uV3I40
jLFy2DOEj3+HCmvtc39uf2I/5midpgv1sKbiQzIQDw6z0SgV9v2Dr0cgafkYXaGA
5IwoGDJ/phUFKh7eiNBKjxuulxTi0VRQZDvinOA=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:30:21 2025 by rpki-client