Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/BizwVqvZdhUuEiUUA6H9zAejEvc.roa
File: BizwVqvZdhUuEiUUA6H9zAejEvc.roa (raw, json)
Hash identifier: 8JA753RR1roY2M3ffiPryyPG0+WCHtCxP4xXOSxkJig=
Subject key identifier: 06:2C:F0:56:AB:D9:76:15:2E:12:25:14:03:A1:FD:CC:07:A3:12:F7
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3ADF5A148BCDE354D2E5F3FE63701
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/BizwVqvZdhUuEiUUA6H9zAejEvc.roa
Signing time: Thu 02 Jan 2025 15:47:54 +0000
ROA not before: Thu 02 Jan 2025 15:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 45.95.242.0/24 maxlen: 24
45.130.137.0/24 maxlen: 24
45.130.139.0/24 maxlen: 24
45.139.252.0/24 maxlen: 24
45.139.253.0/24 maxlen: 24
45.149.3.0/24 maxlen: 24
91.206.168.0/24 maxlen: 24
93.185.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:ad:f5:a1:48:bc:de:35:4d:2e:5f:3f:e6:37:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=062cf056abd976152e12251403a1fdcc07a312f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:84:94:b3:5c:e2:ab:98:4d:17:f3:b7:0c:23:
32:1c:72:f8:ce:b9:b3:4b:2a:35:85:cd:f6:be:33:
80:73:af:60:1a:a4:df:9e:ca:d3:37:dc:92:85:08:
e5:86:f9:f3:66:95:0e:ba:38:1a:1d:44:7c:70:30:
17:bd:55:e3:9e:67:c9:97:a3:d3:c8:c0:af:e5:af:
c5:61:9e:06:5c:60:2e:32:75:44:0c:11:36:7a:98:
ba:48:6c:c2:92:0d:c1:8b:09:0a:91:45:27:8f:14:
10:d6:49:84:9d:fa:fd:b0:cb:d3:a4:81:92:8d:a9:
de:2c:c4:0d:dc:64:05:20:fd:19:96:a7:0c:9e:a6:
e1:96:89:2c:b5:60:77:e5:91:4f:91:b9:61:ab:cb:
5a:3d:7d:14:a2:59:19:f2:46:33:62:15:5d:64:c5:
cb:46:14:97:85:54:43:7a:70:5b:c8:3e:74:fb:14:
b1:7b:fb:ed:26:49:c4:42:a9:18:40:32:ce:58:7c:
88:1f:02:7a:72:dc:7d:f2:f4:57:ef:70:9c:97:34:
b5:13:70:f1:1a:12:e4:16:19:47:ad:dc:14:1d:18:
ae:32:d2:bc:cd:ba:61:40:64:03:40:6e:e3:2c:ff:
5e:1b:cd:12:7e:95:02:0f:39:33:79:e7:b3:86:c1:
ea:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:2C:F0:56:AB:D9:76:15:2E:12:25:14:03:A1:FD:CC:07:A3:12:F7
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/BizwVqvZdhUuEiUUA6H9zAejEvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.242.0/24
45.130.137.0/24
45.130.139.0/24
45.139.252.0/23
45.149.3.0/24
91.206.168.0/24
93.185.162.0/24
Signature Algorithm: sha256WithRSAEncryption
31:80:bb:60:7d:50:99:94:a9:3a:63:57:58:d7:f0:1f:70:1b:
dd:c0:2c:7f:d7:d5:24:87:87:9f:55:1d:a7:2b:25:2c:5b:e7:
39:40:eb:5f:98:ad:69:00:c1:9f:95:a4:16:6e:a5:ae:93:12:
9d:9e:41:9d:a2:bd:24:9d:82:1c:97:ff:dc:97:13:80:be:35:
95:0b:41:af:21:63:eb:48:ce:c8:c4:89:1c:94:d6:67:e3:7d:
2c:1f:c8:a9:a2:10:bb:52:87:03:26:4d:23:f6:95:37:19:1a:
9b:90:e4:7a:bd:28:0b:a4:4a:73:f0:6c:dd:77:e5:34:e3:95:
a0:38:22:c4:17:8f:68:54:51:92:b1:9a:ab:a8:77:dd:93:ee:
f9:20:70:7b:36:08:7e:0c:34:50:c3:6c:69:e3:0a:a4:56:2b:
7b:8b:7e:a9:7e:e5:77:b3:24:fa:b0:61:0c:4d:f0:27:b7:46:
33:69:2e:2d:ce:65:26:b3:7c:c0:a3:61:f3:c2:5a:56:24:97:
bb:e1:00:c6:cf:99:5f:68:db:00:37:b2:66:a2:6b:21:0a:57:
f8:b6:e3:27:c1:be:c8:65:7c:5a:72:03:10:47:68:df:82:67:
83:ad:1c:3d:13:65:14:ce:06:d5:95:7f:69:fb:20:68:a7:06:
ed:76:1b:90
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQns631oUi83jVNLl8/5jcBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjJjZjA1NmFiZDk3NjE1MmUxMjI1MTQwM2ExZmRjYzA3YTMxMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyYSUs1ziq5hNF/O3DCMyHHL4zrmz
Syo1hc32vjOAc69gGqTfnsrTN9yShQjlhvnzZpUOujgaHUR8cDAXvVXjnmfJl6PT
yMCv5a/FYZ4GXGAuMnVEDBE2epi6SGzCkg3BiwkKkUUnjxQQ1kmEnfr9sMvTpIGS
janeLMQN3GQFIP0ZlqcMnqbhlokstWB35ZFPkblhq8taPX0UolkZ8kYzYhVdZMXL
RhSXhVRDenBbyD50+xSxe/vtJknEQqkYQDLOWHyIHwJ6ctx98vRX73CclzS1E3Dx
GhLkFhlHrdwUHRiuMtK8zbphQGQDQG7jLP9eG80SfpUCDzkzeeezhsHqiQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAYs8Far2XYVLhIlFAOh/cwHoxL3MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvQml6d1ZxdlpkaFV1RWlVVUE2SDl6QWVqRXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALV/yAwQA
LYKJAwQALYKLAwQBLYv8AwQALZUDAwQAW86oAwQAXbmiMA0GCSqGSIb3DQEBCwUA
A4IBAQAxgLtgfVCZlKk6Y1dY1/AfcBvdwCx/19Ukh4efVR2nKyUsW+c5QOtfmK1p
AMGflaQWbqWukxKdnkGdor0knYIcl//clxOAvjWVC0GvIWPrSM7IxIkclNZn430s
H8ipohC7UocDJk0j9pU3GRqbkOR6vSgLpEpz8Gzdd+U045WgOCLEF49oVFGSsZqr
qHfdk+75IHB7Ngh+DDRQw2xp4wqkVit7i36pfuV3syT6sGEMTfAnt0YzaS4tzmUm
s3zAo2HzwlpWJJe74QDGz5lfaNsAN7JmomshClf4tuMnwb7IZXxacgMQR2jfgmeD
rRw9E2UUzgbVlX9p+yBopwbtdhuQ
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:56:25 2025 by rpki-client