Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/bMJHJ15q8SjitWmuP9peXe1Nkgk.roa
File: bMJHJ15q8SjitWmuP9peXe1Nkgk.roa (raw, json)
Hash identifier: 5u3K41DsbJV0Yn98LtTfOVioVsgbLUcKqD6Xs/cfO5s=
Subject key identifier: 6C:C2:47:27:5E:6A:F1:28:E2:B5:69:AE:3F:DA:5E:5D:ED:4D:92:09
Certificate issuer: /CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Certificate serial: 01942747E1381A01088437695D539D46D12F
Authority key identifier: 84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/bMJHJ15q8SjitWmuP9peXe1Nkgk.roa
Signing time: Thu 02 Jan 2025 13:50:09 +0000
ROA not before: Thu 02 Jan 2025 13:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9127
IP address blocks: 82.146.4.0/23 maxlen: 24
82.146.8.0/23 maxlen: 24
82.146.10.0/24 maxlen: 24
82.146.14.0/24 maxlen: 24
82.146.30.0/24 maxlen: 24
84.238.164.0/24 maxlen: 24
84.238.166.0/24 maxlen: 24
212.72.192.0/22 maxlen: 24
212.72.192.0/24 maxlen: 24
212.72.196.0/23 maxlen: 24
212.72.200.0/23 maxlen: 24
212.72.204.0/23 maxlen: 24
212.72.204.0/24 maxlen: 24
212.72.207.0/24 maxlen: 24
212.72.208.0/22 maxlen: 24
212.72.213.0/24 maxlen: 24
212.72.215.0/24 maxlen: 24
212.72.216.0/22 maxlen: 24
212.72.220.0/24 maxlen: 24
212.72.222.0/23 maxlen: 24
213.130.70.0/23 maxlen: 24
213.130.72.0/23 maxlen: 24
213.130.75.0/24 maxlen: 24
213.130.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:e1:38:1a:01:08:84:37:69:5d:53:9d:46:d1:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84b2f4fa5163af96168e88fbf9cb4ed1ed8fb4c4
Validity
Not Before: Jan 2 13:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cc247275e6af128e2b569ae3fda5e5ded4d9209
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:b7:af:2e:e3:39:2f:29:5b:47:d4:a7:f3:4a:
6e:fe:1c:f5:de:ce:0b:43:48:1a:9a:35:14:50:7d:
a2:95:fa:4c:87:bb:d0:61:ac:6c:32:f5:18:b9:6c:
d9:4a:d1:4f:51:89:cb:a2:16:c1:83:96:ac:21:e8:
3a:11:8f:01:dc:a0:25:1c:51:b4:03:4f:cf:bb:d6:
a2:90:c3:39:05:1d:e9:f6:93:57:75:ba:03:51:ba:
22:9e:6e:7a:33:06:23:87:b8:e3:27:83:1a:a6:fa:
02:9e:17:9c:c6:c1:96:07:87:99:26:2f:4c:af:05:
0e:d7:f0:54:22:c5:03:b8:e7:9c:b7:9d:a5:81:0f:
86:c0:dd:5a:cb:a0:17:1d:71:2b:d3:cb:64:fb:19:
57:b6:9b:08:06:1f:54:ce:07:65:26:b1:87:ce:a0:
30:ef:67:09:71:26:99:03:0f:e5:88:65:56:2e:e0:
27:8b:ab:65:c9:9f:2c:e1:dc:83:c6:7d:eb:e6:43:
65:a5:6c:08:13:c7:01:5b:95:56:89:02:31:57:d3:
e4:5d:c8:9a:e5:dd:29:5e:4b:03:a0:5c:68:7a:06:
1b:78:d6:2a:27:c1:55:e9:44:78:c6:8b:87:23:ef:
25:e6:54:48:c9:fe:47:38:c9:98:ad:d8:80:20:99:
fc:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C2:47:27:5E:6A:F1:28:E2:B5:69:AE:3F:DA:5E:5D:ED:4D:92:09
X509v3 Authority Key Identifier:
keyid:84:B2:F4:FA:51:63:AF:96:16:8E:88:FB:F9:CB:4E:D1:ED:8F:B4:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/bMJHJ15q8SjitWmuP9peXe1Nkgk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/4aa789-878b-472b-b847-872ba2d9f44c/1/hLL0-lFjr5YWjoj7-ctO0e2PtMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.4.0/23
82.146.8.0-82.146.10.255
82.146.14.0/24
82.146.30.0/24
84.238.164.0/24
84.238.166.0/24
212.72.192.0-212.72.197.255
212.72.200.0/23
212.72.204.0/23
212.72.207.0-212.72.211.255
212.72.213.0/24
212.72.215.0-212.72.220.255
212.72.222.0/23
213.130.70.0-213.130.73.255
213.130.75.0/24
213.130.94.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:b2:34:a9:0d:e8:89:95:3a:d3:ae:b9:9f:be:a7:3b:bf:89:
23:04:63:38:8d:f3:05:58:39:c0:bd:5a:e5:81:7d:8f:64:a2:
57:ef:bb:e0:d8:75:db:0a:6c:90:dc:a2:09:67:46:15:f4:83:
be:ee:82:52:40:9a:44:6f:f7:59:27:bb:78:16:9f:ab:46:76:
57:67:1e:b6:9d:d3:b0:b7:3c:e8:9c:d1:28:e5:ec:24:ac:b6:
26:5f:20:64:6b:62:1c:a6:80:86:9a:18:88:a3:51:a9:b8:32:
70:eb:1a:1a:d1:ef:2f:04:f5:64:63:11:c5:3e:cf:60:22:2b:
ba:01:d0:d5:77:2a:2f:f2:17:c7:32:9e:95:fd:ae:22:47:f1:
48:54:58:23:85:b2:41:be:27:86:12:1d:f5:b3:fc:b7:d2:51:
d3:6b:16:5d:0f:17:5c:e9:da:0b:f9:46:19:83:2d:90:62:a1:
e2:ca:c5:27:c5:6e:fc:cc:3f:9b:ae:a0:b3:30:9a:e5:db:77:
18:87:fd:d1:85:2f:93:9f:d0:2c:a9:3b:7b:6a:3f:3b:7d:b8:
ee:d0:d9:66:32:d1:8d:d3:51:3b:0a:e0:75:d7:32:78:93:58:
f1:18:89:a0:31:68:a3:65:95:56:38:42:67:0d:a8:fc:06:5c:
c1:4c:78:3b
-----BEGIN CERTIFICATE-----
MIIFhDCCBGygAwIBAgISAZQnR+E4GgEIhDdpXVOdRtEvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YjJmNGZhNTE2M2FmOTYxNjhlODhmYmY5Y2I0ZWQxZWQ4
ZmI0YzQwHhcNMjUwMTAyMTM1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2MyNDcyNzVlNmFmMTI4ZTJiNTY5YWUzZmRhNWU1ZGVkNGQ5MjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmrevLuM5LylbR9Sn80pu/hz13s4L
Q0gamjUUUH2ilfpMh7vQYaxsMvUYuWzZStFPUYnLohbBg5asIeg6EY8B3KAlHFG0
A0/Pu9aikMM5BR3p9pNXdboDUboinm56MwYjh7jjJ4MapvoCnhecxsGWB4eZJi9M
rwUO1/BUIsUDuOect52lgQ+GwN1ay6AXHXEr08tk+xlXtpsIBh9UzgdlJrGHzqAw
72cJcSaZAw/liGVWLuAni6tlyZ8s4dyDxn3r5kNlpWwIE8cBW5VWiQIxV9PkXcia
5d0pXksDoFxoegYbeNYqJ8FV6UR4xouHI+8l5lRIyf5HOMmYrdiAIJn8TwIDAQAB
o4ICkDCCAowwHQYDVR0OBBYEFGzCRydeavEo4rVprj/aXl3tTZIJMB8GA1UdIwQY
MBaAFISy9PpRY6+WFo6I+/nLTtHtj7TEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDct
ODcyYmEyZDlmNDRjLzEvYk1KSEoxNXE4U2ppdFdtdVA5cGVYZTFOa2drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC80YWE3ODktODc4Yi00NzJiLWI4NDctODcyYmEyZDlmNDRj
LzEvaExMMC1sRmpyNVlXam9qNy1jdE8wZTJQdE1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGlBggrBgEFBQcBBwEB/wSBlTCBkjCBjwQCAAEwgYgDBAFS
kgQwDAMEA1KSCAMEAFKSCgMEAFKSDgMEAFKSHgMEAFTupAMEAFTupjAMAwQG1EjA
AwQB1EjEAwQB1EjIAwQB1EjMMAwDBADUSM8DBALUSNADBADUSNUwDAMEANRI1wME
ANRI3AMEAdRI3jAMAwQB1YJGAwQB1YJIAwQA1YJLAwQA1YJeMA0GCSqGSIb3DQEB
CwUAA4IBAQCisjSpDeiJlTrTrrmfvqc7v4kjBGM4jfMFWDnAvVrlgX2PZKJX77vg
2HXbCmyQ3KIJZ0YV9IO+7oJSQJpEb/dZJ7t4Fp+rRnZXZx62ndOwtzzonNEo5ewk
rLYmXyBka2IcpoCGmhiIo1GpuDJw6xoa0e8vBPVkYxHFPs9gIiu6AdDVdyov8hfH
Mp6V/a4iR/FIVFgjhbJBvieGEh31s/y30lHTaxZdDxdc6doL+UYZgy2QYqHiysUn
xW78zD+brqCzMJrl23cYh/3RhS+Tn9AsqTt7aj87fbju0NlmMtGN01E7CuB11zJ4
k1jxGImgMWijZZVWOEJnDaj8BlzBTHg7
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:07:06 2025 by rpki-client