Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/BF8BRnT-OS5yWUcWSPgEePZyGz8.roa
File: BF8BRnT-OS5yWUcWSPgEePZyGz8.roa (raw, json)
Hash identifier: tEanYnw5s++8T/omsVA+rr5VFiuTmtiWHuolMNxDI5o=
Subject key identifier: 04:5F:01:46:74:FE:39:2E:72:59:47:16:48:F8:04:78:F6:72:1B:3F
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B39F7C34E6DFA2386A9766042B978F
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/BF8BRnT-OS5yWUcWSPgEePZyGz8.roa
Signing time: Thu 02 Jan 2025 15:47:50 +0000
ROA not before: Thu 02 Jan 2025 15:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51681
IP address blocks: 45.88.244.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:9f:7c:34:e6:df:a2:38:6a:97:66:04:2b:97:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=045f014674fe392e7259471648f80478f6721b3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:cc:5c:41:21:8d:70:26:a5:db:05:82:1d:00:
52:89:b7:75:47:18:a6:c5:2a:86:29:e9:e5:2a:e5:
02:b1:f6:ed:19:96:99:5e:22:0b:2d:f4:e6:3a:6d:
1b:48:68:68:58:7c:df:46:c7:1c:58:92:13:95:0b:
5b:cc:b5:2a:5c:77:17:6b:2d:68:5b:49:6d:60:c2:
54:7c:6d:19:69:28:96:dc:8e:bf:5c:d3:5b:16:da:
f4:0f:69:fa:88:0f:3e:5c:0b:8b:e2:2b:9a:f9:f7:
72:fe:c3:1b:c2:62:8f:24:41:1e:23:5f:e9:c4:0a:
eb:e8:d0:3d:77:69:05:f6:96:dc:65:bd:98:1a:12:
5b:0f:95:ff:31:e1:a1:bf:a8:81:2b:fe:33:7f:9b:
c1:8d:33:ae:a1:f5:74:eb:fe:88:44:4e:ec:8f:d4:
ee:ac:60:16:e1:84:81:0e:96:2d:8b:0b:1f:28:5e:
0b:12:3d:0e:c1:ab:6e:17:7b:59:40:0e:db:83:be:
cf:87:dd:86:da:84:ee:b5:f1:28:fe:5e:a1:a2:4a:
bb:8a:24:28:87:fb:70:87:9e:05:c5:36:1b:4c:44:
74:c9:55:2f:97:5e:3e:8d:48:6e:51:10:e2:4f:6f:
77:bf:75:7c:a2:db:ce:97:19:f4:36:6e:04:9c:39:
56:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:5F:01:46:74:FE:39:2E:72:59:47:16:48:F8:04:78:F6:72:1B:3F
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/BF8BRnT-OS5yWUcWSPgEePZyGz8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.244.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:d3:9b:df:cc:d0:12:e0:bd:de:99:e0:c8:3b:c2:79:35:d1:
ba:35:c5:c0:29:79:51:7c:02:8b:25:07:bf:dc:4a:17:47:89:
ce:11:e6:97:b8:58:3e:7d:53:ae:8b:d0:88:9e:79:ea:13:31:
52:f7:70:88:a2:2a:32:31:1d:a7:0c:b9:fe:2e:d0:33:7a:24:
b1:05:ae:fa:d4:11:ee:ae:c2:9e:f2:b3:fc:15:dd:67:ac:31:
26:06:95:d1:3d:16:9f:ac:77:c3:6f:ce:23:e7:b3:c7:fd:1d:
8f:68:15:2d:55:94:7a:fe:dc:9f:cc:0c:48:b4:9e:cc:29:70:
fa:ea:36:36:f0:0e:92:d5:9c:04:50:cb:b9:38:37:65:ab:1b:
8e:5f:e6:72:87:9f:ea:26:dd:de:04:ea:25:5d:5b:9c:93:17:
db:18:b5:69:9b:d3:62:e4:70:8a:8c:2b:9f:a9:0b:96:d3:46:
11:fc:de:f5:27:cd:d7:43:02:7f:ab:df:ca:8f:97:b3:2f:8c:
98:a9:04:34:c7:82:f3:f4:63:21:39:39:c6:02:58:9a:6e:f1:
24:b5:29:18:d4:f0:6f:b3:94:56:ae:14:1f:db:bd:f0:b4:28:
94:21:fa:7f:c7:92:fd:dc:57:9c:fc:70:b5:52:c6:e1:99:9a:
bc:21:10:f9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns598NObfojhql2YEK5ePMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDVmMDE0Njc0ZmUzOTJlNzI1OTQ3MTY0OGY4MDQ3OGY2NzIxYjNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq8xcQSGNcCal2wWCHQBSibd1Rxim
xSqGKenlKuUCsfbtGZaZXiILLfTmOm0bSGhoWHzfRsccWJITlQtbzLUqXHcXay1o
W0ltYMJUfG0ZaSiW3I6/XNNbFtr0D2n6iA8+XAuL4iua+fdy/sMbwmKPJEEeI1/p
xArr6NA9d2kF9pbcZb2YGhJbD5X/MeGhv6iBK/4zf5vBjTOuofV06/6IRE7sj9Tu
rGAW4YSBDpYtiwsfKF4LEj0OwatuF3tZQA7bg77Ph92G2oTutfEo/l6hokq7iiQo
h/twh54FxTYbTER0yVUvl14+jUhuURDiT293v3V8otvOlxn0Nm4EnDlWwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFARfAUZ0/jkucllHFkj4BHj2chs/MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvQkY4QlJuVC1PUzV5V1VjV1NQZ0VlUFp5R3o4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLVj0MA0G
CSqGSIb3DQEBCwUAA4IBAQBN05vfzNAS4L3emeDIO8J5NdG6NcXAKXlRfAKLJQe/
3EoXR4nOEeaXuFg+fVOui9CInnnqEzFS93CIoioyMR2nDLn+LtAzeiSxBa761BHu
rsKe8rP8Fd1nrDEmBpXRPRafrHfDb84j57PH/R2PaBUtVZR6/tyfzAxItJ7MKXD6
6jY28A6S1ZwEUMu5ODdlqxuOX+Zyh5/qJt3eBOolXVuckxfbGLVpm9Ni5HCKjCuf
qQuW00YR/N71J83XQwJ/q9/Kj5ezL4yYqQQ0x4Lz9GMhOTnGAliabvEktSkY1PBv
s5RWrhQf273wtCiUIfp/x5L93Fec/HC1UsbhmZq8IRD5
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:56:19 2025 by rpki-client