Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/BxG4JwAN57vo6NBlUISw9RdW7m0.roa
File: BxG4JwAN57vo6NBlUISw9RdW7m0.roa (raw, json)
Hash identifier: roJixiQowuB4avbvI55JLdOWJ/KjfR6U+Yu2VKUFfoA=
Subject key identifier: 07:11:B8:27:00:0D:E7:BB:E8:E8:D0:65:50:84:B0:F5:17:56:EE:6D
Certificate issuer: /CN=c43c222fad2c27ca612c98c273d4f16506e1b2e5
Certificate serial: 019425FC521ED3F30FB5E71860B64E054B24
Authority key identifier: C4:3C:22:2F:AD:2C:27:CA:61:2C:98:C2:73:D4:F1:65:06:E1:B2:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xDwiL60sJ8phLJjCc9TxZQbhsuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/BxG4JwAN57vo6NBlUISw9RdW7m0.roa
Signing time: Thu 02 Jan 2025 07:48:00 +0000
ROA not before: Thu 02 Jan 2025 07:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49718
IP address blocks: 176.100.64.0/18 maxlen: 18
176.100.64.0/22 maxlen: 22
176.100.68.0/22 maxlen: 22
176.100.72.0/22 maxlen: 22
176.100.76.0/22 maxlen: 22
176.100.80.0/22 maxlen: 22
176.100.84.0/22 maxlen: 22
176.100.88.0/22 maxlen: 22
176.100.92.0/22 maxlen: 22
176.100.96.0/22 maxlen: 22
176.100.100.0/22 maxlen: 22
176.100.104.0/22 maxlen: 22
176.100.108.0/22 maxlen: 22
176.100.112.0/22 maxlen: 22
176.100.116.0/22 maxlen: 22
176.100.120.0/22 maxlen: 22
176.100.124.0/22 maxlen: 22
213.108.168.0/21 maxlen: 21
213.108.168.0/24 maxlen: 24
213.108.169.0/24 maxlen: 24
213.108.170.0/24 maxlen: 24
213.108.171.0/24 maxlen: 24
213.108.172.0/24 maxlen: 24
213.108.173.0/24 maxlen: 24
213.108.174.0/24 maxlen: 24
213.108.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/xDwiL60sJ8phLJjCc9TxZQbhsuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/xDwiL60sJ8phLJjCc9TxZQbhsuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/xDwiL60sJ8phLJjCc9TxZQbhsuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:52:1e:d3:f3:0f:b5:e7:18:60:b6:4e:05:4b:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c43c222fad2c27ca612c98c273d4f16506e1b2e5
Validity
Not Before: Jan 2 07:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0711b827000de7bbe8e8d0655084b0f51756ee6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:49:1e:e0:fb:d3:2b:ef:23:c1:3e:ce:bc:5d:
6f:9e:33:04:bb:20:43:d9:20:db:1b:34:d8:89:18:
8d:bc:41:cc:6a:28:42:b0:56:49:48:a3:c8:f8:a7:
99:ee:9e:f2:f8:d1:40:59:ad:cb:0b:d0:33:23:d5:
68:91:60:05:0c:fd:8f:df:fe:4d:78:2a:7a:20:89:
b5:c1:76:f3:5d:e7:97:bd:e1:a6:bd:bc:ef:15:c5:
34:bd:f4:d0:50:d6:f5:fc:60:aa:f8:b4:62:c9:e2:
4f:16:a7:18:32:72:88:88:22:30:04:2f:f4:74:66:
4c:7e:93:da:34:2f:bf:ef:f0:f0:c1:7a:c1:c2:56:
9d:4f:4b:d9:c3:f3:16:dc:0e:7a:bd:43:7d:ba:e7:
16:15:cd:fc:f1:ef:5e:12:86:03:39:af:3a:40:cf:
05:33:a6:e2:8c:c5:f8:8f:d4:c4:1e:be:12:07:c4:
51:0e:c5:86:f7:a2:b5:e7:2a:74:2b:50:39:3f:f0:
db:4b:6b:52:5f:df:92:6b:e2:1e:12:ac:a4:b2:df:
23:7d:19:44:7f:f2:8c:9f:8b:5f:2e:9e:5e:7c:2c:
2c:bd:bf:52:19:ee:fd:43:15:73:8c:86:a0:30:2d:
82:71:d3:ec:ae:27:3d:6a:a7:69:f6:a0:68:4f:6c:
25:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:11:B8:27:00:0D:E7:BB:E8:E8:D0:65:50:84:B0:F5:17:56:EE:6D
X509v3 Authority Key Identifier:
keyid:C4:3C:22:2F:AD:2C:27:CA:61:2C:98:C2:73:D4:F1:65:06:E1:B2:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xDwiL60sJ8phLJjCc9TxZQbhsuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/BxG4JwAN57vo6NBlUISw9RdW7m0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/68a7ea-d50a-4a30-9513-e909a77cda98/1/xDwiL60sJ8phLJjCc9TxZQbhsuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.100.64.0/18
213.108.168.0/21
Signature Algorithm: sha256WithRSAEncryption
37:af:04:17:c5:00:90:41:2b:c4:b8:71:03:51:86:86:ab:d0:
bf:30:a7:08:ce:51:87:38:38:19:fa:c6:c8:ef:0e:92:b0:42:
2f:36:b2:d5:23:3d:ee:e5:2d:4c:0c:42:b7:5e:e6:b7:9f:9f:
21:fc:68:86:33:71:f8:e1:65:b4:e7:89:ef:67:df:37:47:92:
d9:5b:10:a5:eb:b6:bb:39:19:02:a5:90:21:54:31:57:6e:1c:
5d:0c:13:c6:03:83:07:73:7a:52:6b:4e:bb:ee:bc:46:98:e6:
0b:c7:f2:4e:7a:4a:b4:53:be:93:a2:06:13:d2:93:ef:44:a1:
cf:ce:1b:d3:7b:3e:fe:7b:57:61:19:03:d2:82:37:a2:71:24:
ae:64:05:14:fc:82:84:3a:a5:d5:d8:20:e2:c5:34:3c:7f:44:
fe:2a:4a:4c:db:b8:4b:74:77:7d:95:8c:eb:fc:fe:da:52:6b:
96:7f:a0:71:84:7e:f8:09:80:e4:d6:a0:51:4e:ed:cd:d1:f5:
5b:72:5b:1d:d8:05:a0:ba:8b:5a:36:a3:d0:9b:07:21:a9:fa:
6b:ae:71:0e:5b:84:36:3e:c1:93:8f:13:ec:c7:63:65:6b:10:
9a:2c:22:c6:c8:5a:fd:05:5c:75:88:53:a9:a4:14:a2:a9:79:
e3:91:43:db
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQl/FIe0/MPtecYYLZOBUskMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0M2MyMjJmYWQyYzI3Y2E2MTJjOThjMjczZDRmMTY1MDZl
MWIyZTUwHhcNMjUwMTAyMDc0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzExYjgyNzAwMGRlN2JiZThlOGQwNjU1MDg0YjBmNTE3NTZlZTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlEke4PvTK+8jwT7OvF1vnjMEuyBD
2SDbGzTYiRiNvEHMaihCsFZJSKPI+KeZ7p7y+NFAWa3LC9AzI9VokWAFDP2P3/5N
eCp6IIm1wXbzXeeXveGmvbzvFcU0vfTQUNb1/GCq+LRiyeJPFqcYMnKIiCIwBC/0
dGZMfpPaNC+/7/DwwXrBwladT0vZw/MW3A56vUN9uucWFc388e9eEoYDOa86QM8F
M6bijMX4j9TEHr4SB8RRDsWG96K15yp0K1A5P/DbS2tSX9+Sa+IeEqykst8jfRlE
f/KMn4tfLp5efCwsvb9SGe79QxVzjIagMC2CcdPsric9aqdp9qBoT2wl5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAcRuCcADee76OjQZVCEsPUXVu5tMB8GA1UdIwQY
MBaAFMQ8Ii+tLCfKYSyYwnPU8WUG4bLlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveER3aUw2MHNKOHBoTEpqQ2M5VHhaUWJoc3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC82OGE3ZWEtZDUwYS00YTMwLTk1MTMt
ZTkwOWE3N2NkYTk4LzEvQnhHNEp3QU41N3ZvNk5CbFVJU3c5UmRXN20wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC82OGE3ZWEtZDUwYS00YTMwLTk1MTMtZTkwOWE3N2NkYTk4
LzEveER3aUw2MHNKOHBoTEpqQ2M5VHhaUWJoc3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGsGRAAwQD
1WyoMA0GCSqGSIb3DQEBCwUAA4IBAQA3rwQXxQCQQSvEuHEDUYaGq9C/MKcIzlGH
ODgZ+sbI7w6SsEIvNrLVIz3u5S1MDEK3Xua3n58h/GiGM3H44WW054nvZ983R5LZ
WxCl67a7ORkCpZAhVDFXbhxdDBPGA4MHc3pSa0677rxGmOYLx/JOekq0U76TogYT
0pPvRKHPzhvTez7+e1dhGQPSgjeicSSuZAUU/IKEOqXV2CDixTQ8f0T+KkpM27hL
dHd9lYzr/P7aUmuWf6BxhH74CYDk1qBRTu3N0fVbclsd2AWguotaNqPQmwchqfpr
rnEOW4Q2PsGTjxPsx2NlaxCaLCLGyFr9BVx1iFOppBSiqXnjkUPb
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:25:02 2025 by rpki-client