Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/BX8TzVbCvSIW38h_vPu5ASmAFTU.roa
File: BX8TzVbCvSIW38h_vPu5ASmAFTU.roa (raw, json)
Hash identifier: 9fbeu4ndfIatRqGo7OJ1vRbIh5amuFXDGED1/l+TEsY=
Subject key identifier: 05:7F:13:CD:56:C2:BD:22:16:DF:C8:7F:BC:FB:B9:01:29:80:15:35
Certificate issuer: /CN=993900f66e70b2fffd9c0ce92602f2f45c659961
Certificate serial: 01941F8C2100CC741E0B0E2DCDE135AE96A3
Authority key identifier: 99:39:00:F6:6E:70:B2:FF:FD:9C:0C:E9:26:02:F2:F4:5C:65:99:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/BX8TzVbCvSIW38h_vPu5ASmAFTU.roa
Signing time: Wed 01 Jan 2025 01:47:44 +0000
ROA not before: Wed 01 Jan 2025 01:47:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34718
IP address blocks: 62.209.128.0/19 maxlen: 19
80.80.208.0/20 maxlen: 20
80.80.208.0/23 maxlen: 23
80.80.210.0/24 maxlen: 24
80.80.211.0/24 maxlen: 24
80.80.212.0/22 maxlen: 22
80.80.216.0/21 maxlen: 21
89.236.192.0/18 maxlen: 18
94.141.70.0/24 maxlen: 24
94.141.80.0/24 maxlen: 24
94.141.82.0/24 maxlen: 24
94.141.83.0/24 maxlen: 24
94.141.84.0/24 maxlen: 24
94.141.85.0/24 maxlen: 24
94.141.89.0/24 maxlen: 24
94.141.95.0/24 maxlen: 24
185.6.40.0/22 maxlen: 22
185.248.44.0/22 maxlen: 22
194.55.92.0/22 maxlen: 22
217.30.164.0/22 maxlen: 22
217.30.168.0/24 maxlen: 24
217.30.174.0/24 maxlen: 24
2a02:f10::/32 maxlen: 32
2a03:540::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mTkA9m5wsv_9nAzpJgLy9FxlmWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mTkA9m5wsv_9nAzpJgLy9FxlmWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 22:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:21:00:cc:74:1e:0b:0e:2d:cd:e1:35:ae:96:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=993900f66e70b2fffd9c0ce92602f2f45c659961
Validity
Not Before: Jan 1 01:47:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=057f13cd56c2bd2216dfc87fbcfbb90129801535
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:79:a6:b1:99:b9:99:7c:c8:e1:f3:8d:e7:a6:
17:07:f4:05:7f:e4:82:0f:bc:42:80:f4:db:b7:b7:
2f:e7:5d:34:11:a9:c6:43:bb:15:85:00:0b:54:82:
f5:be:90:e0:94:f7:b9:d7:9f:3f:d3:71:e4:5d:0e:
f9:1f:55:96:0f:6e:4a:c3:a6:2c:cf:1e:02:04:3b:
c9:97:0e:86:95:e7:38:5d:e8:f8:20:b9:c0:f5:d5:
06:e4:83:3b:43:d1:58:d7:d4:02:85:22:b9:ed:1e:
fd:3c:90:3d:e3:01:a3:3f:cb:fb:30:9d:04:5c:c1:
84:56:95:42:d9:2a:77:be:58:a3:3c:c4:e5:a6:9b:
ab:8e:e7:68:d3:9f:93:78:9f:b2:42:2c:b3:63:1b:
ec:2c:bd:3f:69:ec:d3:07:ec:4d:e9:eb:64:61:98:
17:34:f0:bc:83:e4:93:fd:0b:28:66:81:d0:67:1b:
75:12:f9:98:47:58:ab:2a:01:cb:3d:b8:a8:32:ea:
b5:cf:27:15:d2:45:ec:1b:03:b1:f1:50:21:36:40:
d8:c9:64:92:83:b4:02:52:2a:81:e8:e3:c3:99:ca:
f6:78:06:0c:41:22:aa:98:0a:6c:be:b2:a1:31:66:
c7:8e:d4:3a:7f:f7:c8:ad:26:2d:dd:9f:21:c3:20:
50:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:7F:13:CD:56:C2:BD:22:16:DF:C8:7F:BC:FB:B9:01:29:80:15:35
X509v3 Authority Key Identifier:
keyid:99:39:00:F6:6E:70:B2:FF:FD:9C:0C:E9:26:02:F2:F4:5C:65:99:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mTkA9m5wsv_9nAzpJgLy9FxlmWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/BX8TzVbCvSIW38h_vPu5ASmAFTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/c1cf6f-54cd-434a-837d-def6efb44319/1/mTkA9m5wsv_9nAzpJgLy9FxlmWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.209.128.0/19
80.80.208.0/20
89.236.192.0/18
94.141.70.0/24
94.141.80.0/24
94.141.82.0-94.141.85.255
94.141.89.0/24
94.141.95.0/24
185.6.40.0/22
185.248.44.0/22
194.55.92.0/22
217.30.164.0-217.30.168.255
217.30.174.0/24
IPv6:
2a02:f10::/32
2a03:540::/32
Signature Algorithm: sha256WithRSAEncryption
93:28:7d:4f:f0:e1:72:69:61:b5:75:54:e4:e9:ea:32:53:c7:
a3:4d:a3:ca:66:db:26:74:99:0d:41:48:49:8d:e8:cd:a9:8e:
55:3b:94:65:09:a1:f4:de:4a:82:82:a4:42:0e:06:f5:65:40:
72:36:a3:b3:25:bb:3b:81:7a:d1:94:82:5b:a6:dd:cc:51:7d:
fb:04:6b:61:12:b8:41:d4:9e:86:27:2a:ca:06:a9:37:90:84:
80:98:a4:5d:c8:80:4a:34:fc:85:1e:fa:6a:9a:a4:70:9f:ee:
9b:a7:40:16:1e:5a:da:5a:f3:b2:0c:e7:49:ae:36:a9:3a:5d:
e6:a7:9e:55:1c:03:45:a3:3c:95:9d:46:54:e7:e8:93:1f:96:
d5:c0:74:c7:a2:fd:d7:94:d3:ed:46:77:7a:c8:33:97:6e:fb:
1a:42:4a:9e:9d:50:8f:14:e0:07:0e:68:a8:af:05:c8:6c:0d:
b3:6d:77:cb:a7:bf:8f:96:38:20:a6:da:22:19:fe:ec:db:27:
ad:34:e7:5c:95:6c:25:cc:12:b1:f8:41:9c:c1:7a:a8:39:ec:
f9:83:21:18:42:66:72:f9:01:9b:48:09:24:ed:d4:72:48:cf:
8b:3c:9f:38:6c:25:4e:6b:ee:b3:25:bc:a4:d6:fb:b9:1b:5d:
0e:3f:89:26
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZQfjCEAzHQeCw4tzeE1rpajMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5MzkwMGY2NmU3MGIyZmZmZDljMGNlOTI2MDJmMmY0NWM2
NTk5NjEwHhcNMjUwMTAxMDE0NzQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTdmMTNjZDU2YzJiZDIyMTZkZmM4N2ZiY2ZiYjkwMTI5ODAxNTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6XmmsZm5mXzI4fON56YXB/QFf+SC
D7xCgPTbt7cv5100EanGQ7sVhQALVIL1vpDglPe5158/03HkXQ75H1WWD25Kw6Ys
zx4CBDvJlw6Glec4Xej4ILnA9dUG5IM7Q9FY19QChSK57R79PJA94wGjP8v7MJ0E
XMGEVpVC2Sp3vlijPMTlppurjudo05+TeJ+yQiyzYxvsLL0/aezTB+xN6etkYZgX
NPC8g+ST/QsoZoHQZxt1EvmYR1irKgHLPbioMuq1zycV0kXsGwOx8VAhNkDYyWSS
g7QCUiqB6OPDmcr2eAYMQSKqmApsvrKhMWbHjtQ6f/fIrSYt3Z8hwyBQJQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFAV/E81Wwr0iFt/If7z7uQEpgBU1MB8GA1UdIwQY
MBaAFJk5APZucLL//ZwM6SYC8vRcZZlhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVRrQTltNXdzdl85bkF6cEpnTHk5RnhsbVdFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9jMWNmNmYtNTRjZC00MzRhLTgzN2Qt
ZGVmNmVmYjQ0MzE5LzEvQlg4VHpWYkN2U0lXMzhoX3ZQdTVBU21BRlRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9jMWNmNmYtNTRjZC00MzRhLTgzN2QtZGVmNmVmYjQ0MzE5
LzEvbVRrQTltNXdzdl85bkF6cEpnTHk5RnhsbVdFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwZAQCAAEwXgMEBT7RgAME
BFBQ0AMEBlnswAMEAF6NRgMEAF6NUDAMAwQBXo1SAwQBXo1UAwQAXo1ZAwQAXo1f
AwQCuQYoAwQCufgsAwQCwjdcMAwDBALZHqQDBADZHqgDBADZHq4wFAQCAAIwDgMF
ACoCDxADBQAqAwVAMA0GCSqGSIb3DQEBCwUAA4IBAQCTKH1P8OFyaWG1dVTk6eoy
U8ejTaPKZtsmdJkNQUhJjejNqY5VO5RlCaH03kqCgqRCDgb1ZUByNqOzJbs7gXrR
lIJbpt3MUX37BGthErhB1J6GJyrKBqk3kISAmKRdyIBKNPyFHvpqmqRwn+6bp0AW
HlraWvOyDOdJrjapOl3mp55VHANFozyVnUZU5+iTH5bVwHTHov3XlNPtRnd6yDOX
bvsaQkqenVCPFOAHDmiorwXIbA2zbXfLp7+PljggptoiGf7s2yetNOdclWwlzBKx
+EGcwXqoOez5gyEYQmZy+QGbSAkk7dRySM+LPJ84bCVOa+6zJbyk1vu5G10OP4km
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:39:07 2025 by rpki-client