Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/BuP0RbRAUkAkRvDTTrdTCB9lYnI.roa
File: BuP0RbRAUkAkRvDTTrdTCB9lYnI.roa (raw, json)
Hash identifier: +MQInPw7P8gOa/G8zOkWun0X16HZKeTjeBeYKbATzLs=
Subject key identifier: 06:E3:F4:45:B4:40:52:40:24:46:F0:D3:4E:B7:53:08:1F:65:62:72
Certificate issuer: /CN=0c0f7a04dd7249a5d14b7de0542a4197380006cc
Certificate serial: 01955C2A219400A19E9755C5C5C3C90F6398
Authority key identifier: 0C:0F:7A:04:DD:72:49:A5:D1:4B:7D:E0:54:2A:41:97:38:00:06:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DA96BN1ySaXRS33gVCpBlzgABsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/BuP0RbRAUkAkRvDTTrdTCB9lYnI.roa
Signing time: Mon 03 Mar 2025 13:20:19 +0000
ROA not before: Mon 03 Mar 2025 13:20:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21277
IP address blocks: 93.91.192.0/20 maxlen: 20
93.91.192.0/24 maxlen: 24
93.91.193.0/24 maxlen: 24
93.91.195.0/24 maxlen: 24
93.91.196.0/24 maxlen: 24
93.91.197.0/24 maxlen: 24
93.91.200.0/24 maxlen: 24
93.91.201.0/24 maxlen: 24
93.91.204.0/24 maxlen: 24
95.170.192.0/19 maxlen: 19
95.170.192.0/24 maxlen: 24
95.170.193.0/24 maxlen: 24
95.170.194.0/24 maxlen: 24
95.170.196.0/24 maxlen: 24
95.170.199.0/24 maxlen: 24
95.170.200.0/24 maxlen: 24
95.170.201.0/24 maxlen: 24
95.170.202.0/24 maxlen: 24
95.170.203.0/24 maxlen: 24
95.170.204.0/24 maxlen: 24
95.170.205.0/24 maxlen: 24
95.170.206.0/24 maxlen: 24
95.170.207.0/24 maxlen: 24
95.170.208.0/24 maxlen: 24
95.170.214.0/24 maxlen: 24
95.170.215.0/24 maxlen: 24
95.170.216.0/24 maxlen: 24
95.170.217.0/24 maxlen: 24
95.170.218.0/24 maxlen: 24
95.170.219.0/24 maxlen: 24
95.170.220.0/24 maxlen: 24
95.170.221.0/24 maxlen: 24
95.170.222.0/24 maxlen: 24
109.127.64.0/18 maxlen: 18
109.127.64.0/20 maxlen: 20
109.127.64.0/21 maxlen: 21
109.127.72.0/21 maxlen: 21
109.127.80.0/24 maxlen: 24
109.127.82.0/24 maxlen: 24
109.127.86.0/24 maxlen: 24
109.127.88.0/24 maxlen: 24
109.127.89.0/24 maxlen: 24
109.127.90.0/24 maxlen: 24
109.127.91.0/24 maxlen: 24
109.127.94.0/24 maxlen: 24
109.127.95.0/24 maxlen: 24
109.127.107.0/24 maxlen: 24
130.193.128.0/17 maxlen: 17
130.193.128.0/19 maxlen: 19
130.193.131.0/24 maxlen: 24
130.193.132.0/22 maxlen: 22
130.193.144.0/24 maxlen: 24
130.193.145.0/24 maxlen: 24
130.193.146.0/24 maxlen: 24
130.193.147.0/24 maxlen: 24
130.193.148.0/24 maxlen: 24
130.193.149.0/24 maxlen: 24
130.193.150.0/23 maxlen: 23
130.193.150.0/24 maxlen: 24
130.193.151.0/24 maxlen: 24
130.193.152.0/23 maxlen: 23
130.193.154.0/23 maxlen: 23
130.193.160.0/20 maxlen: 20
130.193.160.0/24 maxlen: 24
130.193.165.0/24 maxlen: 24
130.193.166.0/24 maxlen: 24
130.193.176.0/20 maxlen: 20
130.193.176.0/21 maxlen: 21
130.193.184.0/21 maxlen: 21
130.193.192.0/20 maxlen: 20
130.193.208.0/20 maxlen: 20
130.193.224.0/20 maxlen: 20
130.193.240.0/20 maxlen: 20
2a04:a040::/29 maxlen: 29
2a04:a040::/32 maxlen: 32
2a04:a041::/32 maxlen: 32
2a04:a042::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/DA96BN1ySaXRS33gVCpBlzgABsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/DA96BN1ySaXRS33gVCpBlzgABsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/DA96BN1ySaXRS33gVCpBlzgABsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 01:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:2a:21:94:00:a1:9e:97:55:c5:c5:c3:c9:0f:63:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c0f7a04dd7249a5d14b7de0542a4197380006cc
Validity
Not Before: Mar 3 13:20:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06e3f445b44052402446f0d34eb753081f656272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e2:11:48:1d:ab:43:d1:12:a5:df:c5:e0:43:
f1:3e:f4:42:1a:3b:9d:2a:78:cb:be:87:f0:eb:25:
1e:14:6e:a9:88:ca:93:eb:8b:87:0c:77:ff:d3:41:
4e:59:8d:86:a7:f8:e0:d1:a8:70:01:24:ed:20:f3:
79:f7:da:16:14:3e:c9:78:84:bc:09:9f:71:85:ca:
69:98:83:64:0b:ff:08:4b:4f:ce:e6:62:7c:3b:43:
27:f3:09:ff:19:cd:81:23:a6:35:6a:7a:e5:63:94:
84:78:82:a0:9f:b7:0a:10:a5:b7:c9:27:66:b2:2b:
fe:db:e4:a3:cc:2d:76:57:92:ed:31:4a:ef:a2:3b:
22:c8:c5:e1:56:21:11:ff:b0:14:73:1c:9e:cc:80:
a0:a9:fa:ca:89:e5:77:be:fa:e6:e4:ad:9a:cc:a8:
4d:1d:15:91:ec:49:77:4f:08:4b:cf:29:47:8f:c9:
55:b5:2a:38:a9:c6:22:6a:47:66:31:eb:16:a3:0c:
de:2e:75:ab:79:90:d6:69:68:31:53:e0:38:ce:f8:
1b:6e:71:d1:1f:2b:b4:4d:1e:d5:95:e4:ff:19:69:
1c:db:8e:df:b1:3d:4b:a4:c0:3c:c4:de:94:2b:2c:
97:4b:33:27:ba:56:e1:c1:24:3b:f3:c7:3c:09:87:
b2:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E3:F4:45:B4:40:52:40:24:46:F0:D3:4E:B7:53:08:1F:65:62:72
X509v3 Authority Key Identifier:
keyid:0C:0F:7A:04:DD:72:49:A5:D1:4B:7D:E0:54:2A:41:97:38:00:06:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DA96BN1ySaXRS33gVCpBlzgABsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/BuP0RbRAUkAkRvDTTrdTCB9lYnI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/11db14-e845-4e4f-a692-a3cbefff7777/1/DA96BN1ySaXRS33gVCpBlzgABsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.91.192.0/20
95.170.192.0/19
109.127.64.0/18
130.193.128.0/17
IPv6:
2a04:a040::/29
Signature Algorithm: sha256WithRSAEncryption
74:01:16:eb:97:07:a6:da:ba:2a:44:06:e6:ba:76:cc:17:a7:
01:c5:03:aa:b5:0a:74:45:59:6f:4a:cd:03:c2:36:5e:7e:98:
ef:14:96:6c:12:7b:9d:b5:ee:1b:72:20:af:77:23:0e:75:0c:
27:8a:5a:33:73:39:28:6f:dd:b0:c1:be:24:ab:8e:70:a1:61:
cf:e2:ae:0f:94:8a:86:6f:cb:97:b9:56:7b:7a:50:65:21:c2:
42:90:aa:83:e7:9a:b8:a8:b0:25:15:b4:02:32:ab:6f:0e:da:
86:82:7b:04:fa:9f:07:c0:a1:88:57:32:85:1a:ba:dc:95:7d:
64:40:ed:62:2e:a3:b5:6f:03:01:54:48:1b:cd:3a:a6:9b:53:
42:95:47:20:12:0a:a7:f6:4c:b9:a1:0c:4d:61:35:9d:f3:12:
bd:30:74:2a:b3:73:16:4d:c7:89:87:f2:94:52:a6:bc:f2:46:
c6:8f:a0:eb:e0:48:ab:0d:d4:9b:b7:f6:a6:e9:82:af:d5:8f:
f0:7b:99:f0:c6:4e:16:68:bd:8b:90:34:7a:7f:5a:32:a2:ed:
a3:a7:e5:92:09:f0:7a:a3:7d:ef:da:86:7f:8f:f1:8a:c2:b8:
ed:fa:66:b7:8e:db:94:6a:51:09:f7:e0:86:28:de:fa:f1:f2:
7c:ef:4d:05
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZVcKiGUAKGel1XFxcPJD2OYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMGY3YTA0ZGQ3MjQ5YTVkMTRiN2RlMDU0MmE0MTk3Mzgw
MDA2Y2MwHhcNMjUwMzAzMTMyMDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmUzZjQ0NWI0NDA1MjQwMjQ0NmYwZDM0ZWI3NTMwODFmNjU2MjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseIRSB2rQ9ESpd/F4EPxPvRCGjud
KnjLvofw6yUeFG6piMqT64uHDHf/00FOWY2Gp/jg0ahwASTtIPN599oWFD7JeIS8
CZ9xhcppmINkC/8IS0/O5mJ8O0Mn8wn/Gc2BI6Y1anrlY5SEeIKgn7cKEKW3ySdm
siv+2+SjzC12V5LtMUrvojsiyMXhViER/7AUcxyezICgqfrKieV3vvrm5K2azKhN
HRWR7El3TwhLzylHj8lVtSo4qcYiakdmMesWowzeLnWreZDWaWgxU+A4zvgbbnHR
Hyu0TR7VleT/GWkc247fsT1LpMA8xN6UKyyXSzMnulbhwSQ788c8CYeyUwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAbj9EW0QFJAJEbw0063UwgfZWJyMB8GA1UdIwQY
MBaAFAwPegTdckml0Ut94FQqQZc4AAbMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREE5NkJOMXlTYVhSUzMzZ1ZDcEJsemdBQnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8xMWRiMTQtZTg0NS00ZTRmLWE2OTIt
YTNjYmVmZmY3Nzc3LzEvQnVQMFJiUkFVa0FrUnZEVFRyZFRDQjlsWW5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8xMWRiMTQtZTg0NS00ZTRmLWE2OTItYTNjYmVmZmY3Nzc3
LzEvREE5NkJOMXlTYVhSUzMzZ1ZDcEJsemdBQnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEXVvAAwQF
X6rAAwQGbX9AAwQHgsGAMA0EAgACMAcDBQMqBKBAMA0GCSqGSIb3DQEBCwUAA4IB
AQB0ARbrlwem2roqRAbmunbMF6cBxQOqtQp0RVlvSs0DwjZefpjvFJZsEnudte4b
ciCvdyMOdQwnilozczkob92wwb4kq45woWHP4q4PlIqGb8uXuVZ7elBlIcJCkKqD
55q4qLAlFbQCMqtvDtqGgnsE+p8HwKGIVzKFGrrclX1kQO1iLqO1bwMBVEgbzTqm
m1NClUcgEgqn9ky5oQxNYTWd8xK9MHQqs3MWTceJh/KUUqa88kbGj6Dr4EirDdSb
t/am6YKv1Y/we5nwxk4WaL2LkDR6f1oyou2jp+WSCfB6o33v2oZ/j/GKwrjt+ma3
jtuUalEJ9+CGKN768fJ8700F
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:00:16 2025 by rpki-client