Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Bd-sRBCRKYP1aKFTHsuhka9vHKA.roa
File: Bd-sRBCRKYP1aKFTHsuhka9vHKA.roa (raw, json)
Hash identifier: OmnvLu1+Y9+uxCF96sh2qWVMhiqq7mujE3MK3kp01WA=
Subject key identifier: 05:DF:AC:44:10:91:29:83:F5:68:A1:53:1E:CB:A1:91:AF:6F:1C:A0
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019422202682C0110292D69AA964EEE17576
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Bd-sRBCRKYP1aKFTHsuhka9vHKA.roa
Signing time: Wed 01 Jan 2025 13:48:39 +0000
ROA not before: Wed 01 Jan 2025 13:48:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 45.80.157.0/24 maxlen: 24
45.144.226.0/24 maxlen: 24
185.192.69.0/24 maxlen: 24
185.198.240.0/24 maxlen: 24
185.198.243.0/24 maxlen: 24
185.217.117.0/24 maxlen: 24
188.213.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:26:82:c0:11:02:92:d6:9a:a9:64:ee:e1:75:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05dfac4410912983f568a1531ecba191af6f1ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:9d:26:3a:79:db:6e:2d:4c:98:76:28:91:e5:
d4:1f:26:c7:ec:37:88:2e:be:7c:da:5e:f6:d2:48:
52:3b:a2:7c:5e:7e:8a:a9:e9:64:52:27:f9:17:94:
c3:f0:38:ec:15:47:75:65:11:b9:5f:e9:02:55:3f:
4f:b2:2d:da:20:68:89:07:e3:e3:24:64:79:32:07:
0a:61:b9:46:38:ea:65:1a:a0:c2:ad:88:e6:38:d7:
d3:8f:10:22:2e:68:54:df:6f:2e:b1:93:4a:14:ed:
df:a6:5c:e3:60:e7:9a:23:83:61:75:44:97:ba:c6:
44:d2:72:1d:53:ae:65:4d:0e:8a:21:a9:d4:9c:b0:
69:71:cc:34:c7:6f:a6:ea:de:15:c4:cd:7c:70:f3:
13:bb:11:93:30:d7:06:e7:fe:a4:d3:eb:1a:31:41:
64:4d:53:bb:c1:4f:f3:5d:84:e6:06:b4:15:39:34:
61:33:2b:6d:8a:11:2e:cd:e8:56:96:31:2a:fd:2e:
89:37:5e:53:a7:5f:54:01:4d:b7:f1:61:56:0f:69:
9a:01:c3:ac:c8:02:a8:06:3f:32:be:f0:6a:0d:d1:
e7:85:6b:2a:07:1e:f1:b7:1f:38:dd:9c:51:c8:e0:
da:33:b8:c2:d9:e1:b8:a1:60:85:92:67:66:6d:89:
62:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:DF:AC:44:10:91:29:83:F5:68:A1:53:1E:CB:A1:91:AF:6F:1C:A0
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Bd-sRBCRKYP1aKFTHsuhka9vHKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.157.0/24
45.144.226.0/24
185.192.69.0/24
185.198.240.0/24
185.198.243.0/24
185.217.117.0/24
188.213.203.0/24
Signature Algorithm: sha256WithRSAEncryption
13:64:70:8d:a2:66:06:84:80:f5:3d:ed:de:4c:1f:65:63:5d:
93:4b:e2:46:2b:44:15:2b:73:8f:ed:28:f9:e9:cc:bd:d0:67:
e8:8a:b5:5f:4a:cf:00:fe:d7:68:84:2d:be:e6:4c:17:87:0d:
cb:8b:66:6d:2a:4a:18:13:f9:f4:0d:22:19:1f:a5:80:bd:67:
d8:24:e4:40:73:4d:5a:00:e6:8c:a2:74:4e:a5:fe:ba:2c:e7:
db:33:67:c5:06:2c:78:6f:a6:f0:cb:85:38:25:2d:4c:2b:4f:
72:ee:26:14:28:67:21:41:8a:19:b9:7e:60:57:7e:d3:4b:83:
89:cf:2f:f0:80:d4:77:0a:01:83:5d:75:f2:14:80:3b:7a:92:
a1:c8:09:47:3b:2d:91:e1:ce:2b:2b:45:39:41:93:f9:eb:50:
73:11:8a:4e:2c:70:ac:df:e6:2c:55:84:de:d8:cb:65:cc:82:
44:df:a5:41:2a:a9:13:b0:40:e2:3b:a6:c6:00:00:fb:1e:f9:
b1:bc:41:53:51:98:9c:b7:d2:12:e5:24:6c:7a:38:66:86:07:
09:26:ad:07:aa:36:96:a4:4a:87:e8:ea:fd:27:0c:de:b0:40:
fe:a6:d7:06:e8:64:13:f6:d8:ef:0f:bb:5a:7b:01:16:ca:1d:
9e:ef:bc:89
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQiICaCwBECktaaqWTu4XV2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWRmYWM0NDEwOTEyOTgzZjU2OGExNTMxZWNiYTE5MWFmNmYxY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA250mOnnbbi1MmHYokeXUHybH7DeI
Lr582l720khSO6J8Xn6KqelkUif5F5TD8DjsFUd1ZRG5X+kCVT9Psi3aIGiJB+Pj
JGR5MgcKYblGOOplGqDCrYjmONfTjxAiLmhU328usZNKFO3fplzjYOeaI4NhdUSX
usZE0nIdU65lTQ6KIanUnLBpccw0x2+m6t4VxM18cPMTuxGTMNcG5/6k0+saMUFk
TVO7wU/zXYTmBrQVOTRhMyttihEuzehWljEq/S6JN15Tp19UAU238WFWD2maAcOs
yAKoBj8yvvBqDdHnhWsqBx7xtx843ZxRyODaM7jC2eG4oWCFkmdmbYliBwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFAXfrEQQkSmD9WihUx7LoZGvbxygMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvQmQtc1JCQ1JLWVAxYUtGVEhzdWhrYTl2SEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQALVCdAwQA
LZDiAwQAucBFAwQAucbwAwQAucbzAwQAudl1AwQAvNXLMA0GCSqGSIb3DQEBCwUA
A4IBAQATZHCNomYGhID1Pe3eTB9lY12TS+JGK0QVK3OP7Sj56cy90GfoirVfSs8A
/tdohC2+5kwXhw3Li2ZtKkoYE/n0DSIZH6WAvWfYJORAc01aAOaMonROpf66LOfb
M2fFBix4b6bwy4U4JS1MK09y7iYUKGchQYoZuX5gV37TS4OJzy/wgNR3CgGDXXXy
FIA7epKhyAlHOy2R4c4rK0U5QZP561BzEYpOLHCs3+YsVYTe2MtlzIJE36VBKqkT
sEDiO6bGAAD7HvmxvEFTUZict9IS5SRsejhmhgcJJq0HqjaWpEqH6Or9JwzesED+
ptcG6GQT9tjvD7taewEWyh2e77yJ
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:42:24 2025 by rpki-client