Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/bjYWIiRDJQJHClBhm5lHGbc7p3c.roa
File: bjYWIiRDJQJHClBhm5lHGbc7p3c.roa (raw, json)
Hash identifier: 2CHXRgaX05mE8dTCdvnAxjehUb/UlBCUBvMnngQZ4pY=
Subject key identifier: 6E:36:16:22:24:43:25:02:47:0A:50:61:9B:99:47:19:B7:3B:A7:77
Certificate issuer: /CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Certificate serial: 019427B4FE6E73A488DE797DD8D73421FF58
Authority key identifier: A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/bjYWIiRDJQJHClBhm5lHGbc7p3c.roa
Signing time: Thu 02 Jan 2025 15:49:20 +0000
ROA not before: Thu 02 Jan 2025 15:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204175
IP address blocks: 185.177.42.0/24 maxlen: 24
185.220.166.0/23 maxlen: 23
185.220.166.0/24 maxlen: 24
185.220.167.0/24 maxlen: 24
185.232.132.0/24 maxlen: 24
185.232.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 07:26:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b4:fe:6e:73:a4:88:de:79:7d:d8:d7:34:21:ff:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a849204ca4f0eb4e56e08e099fe3785ce06ffeaa
Validity
Not Before: Jan 2 15:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e36162224432502470a50619b994719b73ba777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:40:37:c8:5b:32:98:b1:d1:41:f8:ff:83:40:
cc:5f:38:ab:6b:59:87:c3:ba:3b:40:f5:b3:6c:9e:
38:a3:75:af:29:0e:60:af:ac:41:a5:6f:ec:10:e3:
ae:3e:df:b4:8f:75:97:08:ea:d8:8d:8d:19:ed:d8:
cb:5d:bc:52:25:d1:a1:1c:f5:39:ee:90:28:98:fa:
56:14:f0:21:0f:dc:a5:2e:84:0d:94:f3:ed:f4:16:
ba:ce:f7:91:f3:7e:31:27:b7:40:96:c1:e0:69:e8:
0d:1e:dd:41:6e:34:6c:35:21:8c:01:35:88:07:5b:
76:74:6d:85:4b:a5:fd:a0:91:77:74:09:d5:91:c9:
06:46:00:b9:e3:09:2f:02:99:c9:18:2b:dc:9a:31:
31:33:d0:14:56:ec:fb:38:a8:cd:58:1d:d3:7f:72:
f1:87:a9:81:d9:c2:4d:32:d8:cf:05:da:a2:93:26:
fd:46:97:fa:77:2d:2d:7a:47:c7:ad:76:ca:c2:4f:
6c:66:8a:56:23:4d:9b:d2:5a:6c:5c:e2:92:60:3f:
5a:2b:31:f3:66:36:aa:dd:30:db:80:3a:5e:46:48:
0e:cb:d1:a0:55:77:d2:53:7d:fb:90:e3:40:73:e4:
94:91:65:42:73:87:ae:a3:0d:b2:d2:f7:76:56:71:
3a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:36:16:22:24:43:25:02:47:0A:50:61:9B:99:47:19:B7:3B:A7:77
X509v3 Authority Key Identifier:
keyid:A8:49:20:4C:A4:F0:EB:4E:56:E0:8E:09:9F:E3:78:5C:E0:6F:FE:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qEkgTKTw605W4I4Jn-N4XOBv_qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/bjYWIiRDJQJHClBhm5lHGbc7p3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/45b23f-302b-41f2-9496-9ccbb08428fa/1/qEkgTKTw605W4I4Jn-N4XOBv_qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.177.42.0/24
185.220.166.0/23
185.232.132.0/23
Signature Algorithm: sha256WithRSAEncryption
19:1e:50:91:69:df:01:bb:75:22:ad:37:fc:58:62:f6:43:76:
b1:9a:96:03:17:b7:b6:be:8d:30:a6:0c:81:55:35:87:c0:f3:
df:58:bb:1b:97:d7:4c:f4:16:dc:c7:a8:8d:c0:74:34:fd:2e:
85:9a:2c:29:9a:40:ec:75:3e:dd:e3:a8:22:c2:6a:be:4c:6b:
91:6c:99:67:93:75:31:30:52:70:45:aa:23:b7:63:20:06:be:
8a:5b:05:f8:2f:00:e9:18:a0:35:b8:b6:02:f4:08:41:1d:72:
84:fc:c4:72:64:bc:ef:c0:55:71:27:43:fd:d1:c9:31:8b:28:
3f:bd:c7:97:41:a6:61:b6:48:86:aa:fc:8f:c5:19:39:22:f1:
0c:9b:c0:4d:fc:27:59:84:5c:7a:48:3f:77:70:ce:3e:11:6b:
ed:8b:57:64:b9:c2:a0:27:03:f5:59:d4:30:61:5a:0f:6a:03:
95:78:8b:06:57:ee:b9:7f:67:16:35:b9:98:db:7a:68:e7:77:
7d:ba:b9:4b:62:ba:41:82:3a:98:fa:65:6b:14:5c:7a:6f:df:
78:51:77:40:d9:d6:9c:36:fa:91:e0:64:73:00:45:e0:62:2d:
c9:0b:b2:0d:38:0f:98:59:c6:bb:2f:4c:a8:58:3e:ae:34:97:
2e:5c:db:56
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQntP5uc6SI3nl92Nc0If9YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NDkyMDRjYTRmMGViNGU1NmUwOGUwOTlmZTM3ODVjZTA2
ZmZlYWEwHhcNMjUwMTAyMTU0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTM2MTYyMjI0NDMyNTAyNDcwYTUwNjE5Yjk5NDcxOWI3M2JhNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUA3yFsymLHRQfj/g0DMXzira1mH
w7o7QPWzbJ44o3WvKQ5gr6xBpW/sEOOuPt+0j3WXCOrYjY0Z7djLXbxSJdGhHPU5
7pAomPpWFPAhD9ylLoQNlPPt9Ba6zveR834xJ7dAlsHgaegNHt1BbjRsNSGMATWI
B1t2dG2FS6X9oJF3dAnVkckGRgC54wkvApnJGCvcmjExM9AUVuz7OKjNWB3Tf3Lx
h6mB2cJNMtjPBdqikyb9Rpf6dy0tekfHrXbKwk9sZopWI02b0lpsXOKSYD9aKzHz
Zjaq3TDbgDpeRkgOy9GgVXfSU337kONAc+SUkWVCc4euow2y0vd2VnE6tQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG42FiIkQyUCRwpQYZuZRxm3O6d3MB8GA1UdIwQY
MBaAFKhJIEyk8OtOVuCOCZ/jeFzgb/6qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYt
OWNjYmIwODQyOGZhLzEvYmpZV0lpUkRKUUpIQ2xCaG01bEhHYmM3cDNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi80NWIyM2YtMzAyYi00MWYyLTk0OTYtOWNjYmIwODQyOGZh
LzEvcUVrZ1RLVHc2MDVXNEk0Sm4tTjRYT0J2X3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAubEqAwQB
udymAwQBueiEMA0GCSqGSIb3DQEBCwUAA4IBAQAZHlCRad8Bu3UirTf8WGL2Q3ax
mpYDF7e2vo0wpgyBVTWHwPPfWLsbl9dM9Bbcx6iNwHQ0/S6FmiwpmkDsdT7d46gi
wmq+TGuRbJlnk3UxMFJwRaojt2MgBr6KWwX4LwDpGKA1uLYC9AhBHXKE/MRyZLzv
wFVxJ0P90ckxiyg/vceXQaZhtkiGqvyPxRk5IvEMm8BN/CdZhFx6SD93cM4+EWvt
i1dkucKgJwP1WdQwYVoPagOVeIsGV+65f2cWNbmY23po53d9urlLYrpBgjqY+mVr
FFx6b994UXdA2dacNvqR4GRzAEXgYi3JC7INOA+YWca7L0yoWD6uNJcuXNtW
-----END CERTIFICATE-----
Generated at Sat Apr 19 15:24:50 2025 by rpki-client