Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/bec41a-d9f8-4545-8e48-673640233665/1/BNamB5vKS8VYoQEENNZLcbAD0yY.roa
File: BNamB5vKS8VYoQEENNZLcbAD0yY.roa (raw, json)
Hash identifier: AZc2M6A0pF1sMbjRSCCXbLIDgidX2dUycGenbS2p6qA=
Subject key identifier: 04:D6:A6:07:9B:CA:4B:C5:58:A1:01:04:34:D6:4B:71:B0:03:D3:26
Certificate issuer: /CN=717f55f3c6007b1cbdd7e820890569006757b366
Certificate serial: 01941F8C755383301AFF0FE81E0D3A61088C
Authority key identifier: 71:7F:55:F3:C6:00:7B:1C:BD:D7:E8:20:89:05:69:00:67:57:B3:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cX9V88YAexy91-ggiQVpAGdXs2Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/bec41a-d9f8-4545-8e48-673640233665/1/BNamB5vKS8VYoQEENNZLcbAD0yY.roa
Signing time: Wed 01 Jan 2025 01:48:06 +0000
ROA not before: Wed 01 Jan 2025 01:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43638
IP address blocks: 91.197.152.0/22 maxlen: 22
91.197.152.0/23 maxlen: 23
91.197.154.0/23 maxlen: 23
141.138.160.0/21 maxlen: 21
141.138.160.0/22 maxlen: 22
141.138.164.0/22 maxlen: 22
2a01:9380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/bec41a-d9f8-4545-8e48-673640233665/1/cX9V88YAexy91-ggiQVpAGdXs2Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/bec41a-d9f8-4545-8e48-673640233665/1/cX9V88YAexy91-ggiQVpAGdXs2Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/cX9V88YAexy91-ggiQVpAGdXs2Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 10:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:75:53:83:30:1a:ff:0f:e8:1e:0d:3a:61:08:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=717f55f3c6007b1cbdd7e820890569006757b366
Validity
Not Before: Jan 1 01:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04d6a6079bca4bc558a1010434d64b71b003d326
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b6:55:38:9b:db:96:44:d1:6e:6b:18:7e:c4:
44:30:fa:48:84:9f:95:a0:ea:2c:be:0c:72:16:e1:
f2:39:6c:56:42:33:ca:c7:e3:48:40:da:eb:d1:db:
5f:43:93:79:6e:af:a0:6a:36:ec:33:27:09:35:87:
3f:32:67:e8:18:14:d5:66:ec:a3:83:7e:bf:4b:47:
80:ee:e5:23:42:8d:b9:da:38:17:d5:1a:e0:ba:63:
95:e5:cd:62:89:50:a4:e6:ff:96:97:09:b8:30:d1:
56:eb:03:53:b8:a8:dd:3f:86:db:37:17:d6:36:4e:
7f:05:ab:5b:4e:99:fc:6e:42:17:81:3c:02:9e:71:
c3:b5:fd:53:ac:6d:68:f0:09:5b:17:c3:8f:b1:2e:
1b:60:f2:68:88:b1:1f:b7:4a:b0:88:5f:f5:c4:7a:
eb:70:5d:29:5d:84:5f:08:6e:e2:76:2b:ba:3d:d2:
64:dc:98:cb:4f:d4:e1:48:09:c3:5d:1b:44:fb:39:
8c:3b:1a:b9:f6:02:25:86:2f:26:d7:63:30:00:76:
3e:59:8f:3f:c9:c7:cd:e3:11:e3:96:d8:fd:d7:4c:
e8:dd:39:33:f9:91:35:de:20:e1:8b:80:35:15:b6:
e6:11:89:43:56:09:97:33:97:9f:23:51:b7:15:22:
b8:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:D6:A6:07:9B:CA:4B:C5:58:A1:01:04:34:D6:4B:71:B0:03:D3:26
X509v3 Authority Key Identifier:
keyid:71:7F:55:F3:C6:00:7B:1C:BD:D7:E8:20:89:05:69:00:67:57:B3:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cX9V88YAexy91-ggiQVpAGdXs2Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bec41a-d9f8-4545-8e48-673640233665/1/BNamB5vKS8VYoQEENNZLcbAD0yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/bec41a-d9f8-4545-8e48-673640233665/1/cX9V88YAexy91-ggiQVpAGdXs2Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.152.0/22
141.138.160.0/21
IPv6:
2a01:9380::/32
Signature Algorithm: sha256WithRSAEncryption
84:8a:dc:c3:1d:94:2e:b3:d8:9d:77:02:b1:10:89:48:cf:77:
8c:68:0b:8d:28:b1:72:3e:05:28:7e:68:42:a0:ce:9c:73:20:
04:12:74:32:87:48:c1:e9:fe:2c:83:e5:30:bc:b4:a2:da:93:
b6:5f:50:0e:2b:07:13:94:92:bb:d5:11:60:3f:06:a4:16:6e:
5a:80:72:83:0b:5b:2e:a4:ee:bc:31:ab:34:b3:83:7b:72:fa:
77:2c:f0:f5:ec:47:44:ff:3b:61:98:fb:c1:e5:ca:e3:70:af:
6c:e5:c5:cc:2a:03:dd:ad:96:bf:ff:d1:58:92:ec:8e:c6:b6:
ac:f1:ec:52:ff:18:37:39:7e:98:f4:55:4d:56:14:ed:fd:5c:
ea:93:bb:75:47:f9:2f:ac:f0:7e:09:a2:3f:b5:41:c3:23:29:
f9:13:95:9b:82:d2:1c:aa:9c:e8:0c:fc:29:c0:a7:67:8d:bd:
f1:a9:7d:90:bf:9a:12:89:fb:ae:9b:21:40:19:9a:b4:25:c3:
d0:05:92:90:12:c6:5f:1a:0a:44:0b:97:40:e5:f6:77:ab:d3:
b1:ac:57:79:5e:77:8e:c0:5b:af:16:7b:19:77:f2:e1:dc:d6:
99:85:92:b3:8f:a8:be:1f:63:64:0c:b5:98:2d:74:0f:9d:65:
9a:ee:dd:b8
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQfjHVTgzAa/w/oHg06YQiMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxN2Y1NWYzYzYwMDdiMWNiZGQ3ZTgyMDg5MDU2OTAwNjc1
N2IzNjYwHhcNMjUwMTAxMDE0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGQ2YTYwNzliY2E0YmM1NThhMTAxMDQzNGQ2NGI3MWIwMDNkMzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLZVOJvblkTRbmsYfsREMPpIhJ+V
oOosvgxyFuHyOWxWQjPKx+NIQNrr0dtfQ5N5bq+gajbsMycJNYc/MmfoGBTVZuyj
g36/S0eA7uUjQo252jgX1RrgumOV5c1iiVCk5v+Wlwm4MNFW6wNTuKjdP4bbNxfW
Nk5/BatbTpn8bkIXgTwCnnHDtf1TrG1o8AlbF8OPsS4bYPJoiLEft0qwiF/1xHrr
cF0pXYRfCG7idiu6PdJk3JjLT9ThSAnDXRtE+zmMOxq59gIlhi8m12MwAHY+WY8/
ycfN4xHjltj910zo3Tkz+ZE13iDhi4A1FbbmEYlDVgmXM5efI1G3FSK4RwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFATWpgebykvFWKEBBDTWS3GwA9MmMB8GA1UdIwQY
MBaAFHF/VfPGAHscvdfoIIkFaQBnV7NmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1g5Vjg4WUFleHk5MS1nZ2lRVnBBR2RYczJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy9iZWM0MWEtZDlmOC00NTQ1LThlNDgt
NjczNjQwMjMzNjY1LzEvQk5hbUI1dktTOFZZb1FFRU5OWkxjYkFEMHlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy9iZWM0MWEtZDlmOC00NTQ1LThlNDgtNjczNjQwMjMzNjY1
LzEvY1g5Vjg4WUFleHk5MS1nZ2lRVnBBR2RYczJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8WYAwQD
jYqgMA0EAgACMAcDBQAqAZOAMA0GCSqGSIb3DQEBCwUAA4IBAQCEitzDHZQus9id
dwKxEIlIz3eMaAuNKLFyPgUofmhCoM6ccyAEEnQyh0jB6f4sg+UwvLSi2pO2X1AO
KwcTlJK71RFgPwakFm5agHKDC1supO68Mas0s4N7cvp3LPD17EdE/zthmPvB5crj
cK9s5cXMKgPdrZa//9FYkuyOxras8exS/xg3OX6Y9FVNVhTt/Vzqk7t1R/kvrPB+
CaI/tUHDIyn5E5WbgtIcqpzoDPwpwKdnjb3xqX2Qv5oSifuumyFAGZq0JcPQBZKQ
EsZfGgpEC5dA5fZ3q9OxrFd5XneOwFuvFnsZd/Lh3NaZhZKzj6i+H2NkDLWYLXQP
nWWa7t24
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:50:06 2025 by rpki-client