Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BDQ4mpxoWBhZQVmKyfo2-joyeeY.roa
File: BDQ4mpxoWBhZQVmKyfo2-joyeeY.roa (raw, json)
Hash identifier: XWJbr4deh8lhlquX7M3wcTDhHM4CFfkmf7RIzrmupNI=
Subject key identifier: 04:34:38:9A:9C:68:58:18:59:41:59:8A:C9:FA:36:FA:3A:32:79:E6
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019422200C4DED58FC2C6ABBAA66C381AF37
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BDQ4mpxoWBhZQVmKyfo2-joyeeY.roa
Signing time: Wed 01 Jan 2025 13:48:32 +0000
ROA not before: Wed 01 Jan 2025 13:48:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.85.104.0/24 maxlen: 24
188.240.73.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
194.242.2.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:0c:4d:ed:58:fc:2c:6a:bb:aa:66:c3:81:af:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0434389a9c6858185941598ac9fa36fa3a3279e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:91:84:22:0e:cc:4b:5a:89:9f:21:fc:56:13:
04:31:03:10:d3:cd:e3:4c:f0:23:46:08:40:88:d7:
de:bb:c0:01:b9:0c:56:79:57:0f:da:5c:79:80:b0:
54:90:a6:ff:cf:10:93:12:ce:9a:35:4c:c8:6e:1e:
c7:be:cf:c4:4c:a0:a9:4b:30:e3:97:7a:7b:89:15:
1e:5c:ae:9a:68:77:84:74:ba:77:13:5a:2c:89:1d:
c2:7e:7f:28:ec:39:25:94:53:81:70:08:5e:ca:6d:
07:6f:ea:e0:7a:2a:e8:73:24:55:a0:ae:4d:00:46:
a4:e7:29:3f:31:cf:93:15:ec:b2:fd:1b:22:87:e9:
de:ec:f2:78:38:a8:35:51:90:4c:8c:cb:85:0a:48:
47:72:84:ed:cc:2d:cf:d8:d2:b0:c9:03:f3:a3:a0:
1c:36:7d:4f:a7:51:55:55:2b:6f:0e:4a:30:c9:e7:
a0:51:04:cc:2d:8e:3e:6c:20:3e:f5:50:0c:83:2a:
97:0b:d1:6a:65:d5:0c:d7:3f:b3:65:db:66:27:1f:
c3:8e:72:e3:6c:d7:e9:73:bd:98:62:a3:13:64:8c:
80:91:f6:b9:3c:4f:de:81:9a:51:43:19:e1:d7:9e:
28:d5:37:ed:48:65:53:e9:c0:b4:4c:41:7e:42:d4:
0f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:34:38:9A:9C:68:58:18:59:41:59:8A:C9:FA:36:FA:3A:32:79:E6
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/BDQ4mpxoWBhZQVmKyfo2-joyeeY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.85.104.0/24
188.240.73.0/24
193.19.108.0/24
194.242.2.0/24
Signature Algorithm: sha256WithRSAEncryption
85:87:18:e2:47:08:67:61:84:56:8c:85:3e:89:ae:c5:47:3f:
3e:18:3f:13:54:85:4b:13:1b:23:92:0a:3f:ac:2a:f8:4b:0b:
70:81:02:12:0b:18:88:c4:c3:47:53:bf:f9:b7:62:b4:c1:63:
cb:30:55:fe:bc:f5:ec:7c:51:0c:91:ca:44:2a:76:aa:ca:03:
19:53:60:93:1e:70:46:99:c7:f8:3d:4b:f7:ac:78:e8:a3:c9:
ab:92:e3:1f:1d:eb:1a:5c:b5:38:e1:ef:33:d5:29:ad:04:62:
2d:81:f9:c5:68:a1:51:86:e6:67:1e:15:0a:1e:ed:08:95:f8:
fb:7e:d7:e7:fb:ae:ca:7f:4d:19:0f:e4:90:4c:0c:a1:d3:e3:
b6:bf:d8:78:e8:66:b4:9a:98:b1:94:60:81:9a:3f:93:7e:69:
62:61:1c:ce:99:6a:25:17:4d:10:64:f2:1c:ae:ce:bd:e6:5f:
48:cf:4a:1f:2d:55:9c:48:cf:28:8f:c7:02:93:86:9d:f8:49:
43:32:ee:c1:bb:2f:2e:70:cc:91:2f:db:15:aa:e4:88:3b:2a:
35:64:ec:b7:61:04:fe:d3:f4:c7:86:66:5b:c3:6b:5d:29:91:
1e:f1:de:f3:d5:9e:b3:7c:53:c9:7b:44:61:94:73:da:76:db:
0b:42:b3:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQiIAxN7Vj8LGq7qmbDga83MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDM0Mzg5YTljNjg1ODE4NTk0MTU5OGFjOWZhMzZmYTNhMzI3OWU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ZGEIg7MS1qJnyH8VhMEMQMQ083j
TPAjRghAiNfeu8ABuQxWeVcP2lx5gLBUkKb/zxCTEs6aNUzIbh7Hvs/ETKCpSzDj
l3p7iRUeXK6aaHeEdLp3E1osiR3Cfn8o7DkllFOBcAheym0Hb+rgeirocyRVoK5N
AEak5yk/Mc+TFeyy/Rsih+ne7PJ4OKg1UZBMjMuFCkhHcoTtzC3P2NKwyQPzo6Ac
Nn1Pp1FVVStvDkowyeegUQTMLY4+bCA+9VAMgyqXC9FqZdUM1z+zZdtmJx/DjnLj
bNfpc72YYqMTZIyAkfa5PE/egZpRQxnh154o1TftSGVT6cC0TEF+QtQPOQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAQ0OJqcaFgYWUFZisn6Nvo6MnnmMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQkRRNG1weG9XQmhaUVZtS3lmbzItam95ZWVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALVVoAwQA
vPBJAwQAwRNsAwQAwvICMA0GCSqGSIb3DQEBCwUAA4IBAQCFhxjiRwhnYYRWjIU+
ia7FRz8+GD8TVIVLExsjkgo/rCr4SwtwgQISCxiIxMNHU7/5t2K0wWPLMFX+vPXs
fFEMkcpEKnaqygMZU2CTHnBGmcf4PUv3rHjoo8mrkuMfHesaXLU44e8z1SmtBGIt
gfnFaKFRhuZnHhUKHu0Ilfj7ftfn+67Kf00ZD+SQTAyh0+O2v9h46Ga0mpixlGCB
mj+TfmliYRzOmWolF00QZPIcrs695l9Iz0ofLVWcSM8oj8cCk4ad+ElDMu7Buy8u
cMyRL9sVquSIOyo1ZOy3YQT+0/THhmZbw2tdKZEe8d7z1Z6zfFPJe0RhlHPadtsL
QrPf
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:52:52 2025 by rpki-client