Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/bEDl4F0oErintdjUmPi3KwD4d5k.roa
File: bEDl4F0oErintdjUmPi3KwD4d5k.roa (raw, json)
Hash identifier: Sj0vj1Cb+cSjoHj9Gcm8jJEMPloRebSIxFZ4ot1qytE=
Subject key identifier: 6C:40:E5:E0:5D:28:12:B8:A7:B5:D8:D4:98:F8:B7:2B:00:F8:77:99
Certificate issuer: /CN=0babd682c1a8fc5037adbf68143ae77fd00f38ab
Certificate serial: 019421B2566F97C611F24E9018145B5588A7
Authority key identifier: 0B:AB:D6:82:C1:A8:FC:50:37:AD:BF:68:14:3A:E7:7F:D0:0F:38:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6vWgsGo_FA3rb9oFDrnf9APOKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/bEDl4F0oErintdjUmPi3KwD4d5k.roa
Signing time: Wed 01 Jan 2025 11:48:43 +0000
ROA not before: Wed 01 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50833
IP address blocks: 91.224.59.0/24 maxlen: 24
193.150.128.0/24 maxlen: 24
193.150.129.0/24 maxlen: 24
2a10:24c0:272::/48 maxlen: 48
2a10:24c0:6c2::/48 maxlen: 48
2a10:24c0:ad1b::/48 maxlen: 48
2a10:24c0:ada1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/C6vWgsGo_FA3rb9oFDrnf9APOKs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/C6vWgsGo_FA3rb9oFDrnf9APOKs.mft
rsync://rpki.ripe.net/repository/DEFAULT/C6vWgsGo_FA3rb9oFDrnf9APOKs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:56:6f:97:c6:11:f2:4e:90:18:14:5b:55:88:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0babd682c1a8fc5037adbf68143ae77fd00f38ab
Validity
Not Before: Jan 1 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c40e5e05d2812b8a7b5d8d498f8b72b00f87799
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:2c:c2:ba:78:c8:24:73:ff:61:5b:2a:db:6b:
8c:59:14:61:96:4d:12:0b:5d:ff:72:49:9a:7e:e9:
7c:77:ea:7e:ec:d6:34:e7:bc:ce:21:5d:4e:b3:f2:
a3:17:1d:1a:2f:04:5d:43:0c:8c:53:16:ac:1c:13:
ba:fe:54:83:84:70:bc:d5:c5:3c:b3:d5:4c:b0:09:
3b:9b:3c:52:01:81:26:73:7a:e2:70:68:0b:7e:39:
24:d1:4a:3d:4e:ec:7b:9d:71:18:9f:6b:b3:a0:c5:
b7:d3:d1:2f:22:ff:ec:2f:0a:0f:9e:d6:b6:82:77:
8e:5d:e2:7c:ba:46:1d:2b:eb:26:00:f2:64:8c:f9:
55:9d:25:f7:7c:36:2a:68:7e:b0:97:74:bb:b4:29:
4a:6c:76:6a:d7:55:74:9d:c1:1b:3c:d6:e5:0f:da:
14:b7:33:ea:f1:d0:4e:2d:d3:11:15:fa:3c:e7:06:
8d:93:55:33:4d:11:19:ab:d9:bc:5e:96:02:a7:b4:
12:ca:13:a5:4e:e9:29:65:7d:ee:da:0a:4e:85:99:
d9:16:a2:20:fe:11:ca:12:c9:17:b2:08:bf:62:ff:
47:d4:f7:cb:02:84:45:1e:fe:e1:a1:cf:54:fd:89:
32:fb:e0:ff:28:75:bc:b8:61:93:6a:7f:b4:07:d1:
25:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:40:E5:E0:5D:28:12:B8:A7:B5:D8:D4:98:F8:B7:2B:00:F8:77:99
X509v3 Authority Key Identifier:
keyid:0B:AB:D6:82:C1:A8:FC:50:37:AD:BF:68:14:3A:E7:7F:D0:0F:38:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6vWgsGo_FA3rb9oFDrnf9APOKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/bEDl4F0oErintdjUmPi3KwD4d5k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/C6vWgsGo_FA3rb9oFDrnf9APOKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.59.0/24
193.150.128.0/23
IPv6:
2a10:24c0:272::/48
2a10:24c0:6c2::/48
2a10:24c0:ad1b::/48
2a10:24c0:ada1::/48
Signature Algorithm: sha256WithRSAEncryption
19:bf:f2:55:cc:a0:2a:68:82:4f:b3:59:84:82:4c:fc:e2:a1:
04:c9:3a:ba:dd:ff:c1:60:5d:4f:33:fb:40:ce:f1:db:7e:94:
79:e0:ff:58:6f:37:f0:5a:c1:51:8e:8f:f3:a4:38:ed:a1:a7:
d4:fb:0f:e5:e0:24:dd:44:2d:0c:df:4b:61:d9:00:8f:91:08:
0b:ec:06:a0:ce:88:33:ed:25:c3:7d:9f:48:61:4c:44:c7:ad:
4c:0c:6e:a6:cf:dc:d1:c6:1b:19:57:01:12:8c:10:2d:10:a4:
00:0e:22:ba:2a:c4:4b:f4:c5:7b:d0:18:0b:70:54:8f:92:2c:
22:3a:79:26:9b:f1:61:1e:eb:08:e4:e0:60:3c:2a:cc:a0:fe:
7b:5f:15:20:1a:96:b6:79:93:86:6b:cc:7d:70:24:79:78:61:
46:b2:b1:34:f5:e9:65:11:6b:8e:34:04:eb:8b:94:d9:93:51:
59:ab:2c:79:9f:a7:d8:04:72:76:62:bf:7a:dc:05:f2:6b:76:
f8:87:94:29:5a:be:fb:ec:ef:37:73:f4:b8:f0:78:c6:90:25:
d9:3c:d2:05:40:64:67:91:e0:f0:04:d0:e2:e0:8e:86:4d:d8:
30:cd:60:01:67:ef:0a:b6:fb:ea:b2:fe:13:cb:1b:c0:ed:7b:
0c:ed:53:c6
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZQhslZvl8YR8k6QGBRbVYinMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWJkNjgyYzFhOGZjNTAzN2FkYmY2ODE0M2FlNzdmZDAw
ZjM4YWIwHhcNMjUwMTAxMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzQwZTVlMDVkMjgxMmI4YTdiNWQ4ZDQ5OGY4YjcyYjAwZjg3Nzk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0SzCunjIJHP/YVsq22uMWRRhlk0S
C13/ckmaful8d+p+7NY057zOIV1Os/KjFx0aLwRdQwyMUxasHBO6/lSDhHC81cU8
s9VMsAk7mzxSAYEmc3ricGgLfjkk0Uo9Tux7nXEYn2uzoMW309EvIv/sLwoPnta2
gneOXeJ8ukYdK+smAPJkjPlVnSX3fDYqaH6wl3S7tClKbHZq11V0ncEbPNblD9oU
tzPq8dBOLdMRFfo85waNk1UzTREZq9m8XpYCp7QSyhOlTukpZX3u2gpOhZnZFqIg
/hHKEskXsgi/Yv9H1PfLAoRFHv7hoc9U/Yky++D/KHW8uGGTan+0B9ElQwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFGxA5eBdKBK4p7XY1Jj4tysA+HeZMB8GA1UdIwQY
MBaAFAur1oLBqPxQN62/aBQ653/QDzirMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ2V2dzR29fRkEzcmI5b0ZEcm5mOUFQT0tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9iYzQwMWEtNjkzOC00ZmRjLTljNmUt
ZmFjM2Q1NTQzYTJjLzEvYkVEbDRGMG9FcmludGRqVW1QaTNLd0Q0ZDVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9iYzQwMWEtNjkzOC00ZmRjLTljNmUtZmFjM2Q1NTQzYTJj
LzEvQzZ2V2dzR29fRkEzcmI5b0ZEcm5mOUFQT0tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQAW+A7AwQB
wZaAMCoEAgACMCQDBwAqECTAAnIDBwAqECTABsIDBwAqECTArRsDBwAqECTAraEw
DQYJKoZIhvcNAQELBQADggEBABm/8lXMoCpogk+zWYSCTPzioQTJOrrd/8FgXU8z
+0DO8dt+lHng/1hvN/BawVGOj/OkOO2hp9T7D+XgJN1ELQzfS2HZAI+RCAvsBqDO
iDPtJcN9n0hhTETHrUwMbqbP3NHGGxlXARKMEC0QpAAOIroqxEv0xXvQGAtwVI+S
LCI6eSab8WEe6wjk4GA8Ksyg/ntfFSAalrZ5k4ZrzH1wJHl4YUaysTT16WURa440
BOuLlNmTUVmrLHmfp9gEcnZiv3rcBfJrdviHlClavvvs7zdz9LjweMaQJdk80gVA
ZGeR4PAE0OLgjoZN2DDNYAFn7wq2++qy/hPLG8DtewztU8Y=
-----END CERTIFICATE-----
Generated at Sun Apr 6 16:59:39 2025 by rpki-client