Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bkgySgELEYwo9V1uwXg8k8bo9Sc.roa
File: bkgySgELEYwo9V1uwXg8k8bo9Sc.roa (raw, json)
Hash identifier: 7LnoQrVkl8zw+XsybaCWYBNg3eTrgYml0QpkSX8UGXM=
Subject key identifier: 6E:48:32:4A:01:0B:11:8C:28:F5:5D:6E:C1:78:3C:93:C6:E8:F5:27
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019422201C60AAB4FC622330DE61F13EF717
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bkgySgELEYwo9V1uwXg8k8bo9Sc.roa
Signing time: Wed 01 Jan 2025 13:48:37 +0000
ROA not before: Wed 01 Jan 2025 13:48:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48806
IP address blocks: 45.146.186.0/24 maxlen: 24
185.205.191.0/24 maxlen: 24
185.239.242.0/24 maxlen: 24
188.212.155.0/24 maxlen: 24
188.241.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:1c:60:aa:b4:fc:62:23:30:de:61:f1:3e:f7:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 13:48:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e48324a010b118c28f55d6ec1783c93c6e8f527
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:8e:b5:38:07:09:d4:1c:5c:67:1e:e8:19:61:
29:b5:42:28:7c:d5:88:2f:5e:55:9b:11:ee:cc:40:
85:0e:23:63:9a:93:64:44:39:30:f9:91:da:7c:f6:
81:74:ee:73:76:38:06:eb:f0:49:fb:78:46:f0:94:
b9:67:32:2f:83:15:48:a8:50:9e:5b:09:dc:44:b6:
6f:50:ac:98:c0:11:3a:ec:1e:c7:87:a4:09:63:81:
34:c9:9b:8f:57:df:ad:06:a1:64:05:ee:06:8a:2f:
12:68:ee:cf:6c:48:f6:fb:c8:5e:cf:ba:9d:91:2b:
0b:5a:90:09:4d:62:9e:78:37:a6:a4:e3:7b:f8:d9:
e3:ab:06:3e:83:98:f0:30:73:7f:28:ed:99:ca:59:
a6:b0:97:82:5a:3f:02:77:b1:b9:a1:c3:1b:46:21:
fc:11:96:50:62:16:eb:cc:f5:21:35:c7:16:7a:c2:
9f:51:05:dd:d1:e8:20:7b:0d:9f:64:38:6f:f2:32:
0e:8e:fc:97:d1:b1:da:16:36:90:e5:80:da:1f:cf:
5b:a1:88:49:ab:e7:e9:f8:e3:59:08:38:73:05:bf:
0d:2a:55:15:8c:52:25:3d:15:e9:dd:4a:58:15:4e:
a3:92:a5:50:88:9c:9a:b9:74:37:b5:7f:29:01:82:
42:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:48:32:4A:01:0B:11:8C:28:F5:5D:6E:C1:78:3C:93:C6:E8:F5:27
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/bkgySgELEYwo9V1uwXg8k8bo9Sc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.146.186.0/24
185.205.191.0/24
185.239.242.0/24
188.212.155.0/24
188.241.182.0/24
Signature Algorithm: sha256WithRSAEncryption
37:87:8b:04:93:f5:58:29:72:2b:28:35:07:f9:bf:f3:c4:1a:
29:41:f5:09:7d:a2:07:8c:04:11:c4:f7:c8:25:ec:d0:37:ff:
9b:60:e6:f2:f6:94:7f:e2:6b:e5:41:88:2c:0d:ce:56:58:32:
5c:91:9a:cc:f2:45:23:fc:db:bf:b8:88:7d:f0:f0:38:1c:1b:
6b:a1:d7:db:59:29:c7:a8:ce:4c:f3:6d:60:a3:54:08:24:bc:
de:21:ac:d9:60:00:12:2c:4b:04:7c:3c:3d:ae:c0:2e:6b:61:
77:b3:cc:cb:95:05:c7:65:73:de:14:ef:de:07:70:30:cf:d5:
17:a2:f8:8c:b6:11:1b:6b:9f:be:a1:48:77:27:6f:19:14:8a:
3e:44:77:a4:81:cc:dd:16:1f:36:77:9a:b6:91:19:2c:b4:1b:
0e:3b:2c:17:77:e0:ea:41:6b:d4:13:61:34:a2:7b:a6:e1:36:
9e:26:65:dd:35:59:71:5b:3a:a4:12:ab:d7:99:21:f7:36:43:
7c:49:15:2e:03:5c:3c:63:51:a5:ec:c6:bd:5d:55:ba:1f:c0:
cf:28:d6:48:87:fa:26:55:e7:73:ba:f3:5c:9c:47:ec:c9:0d:
63:33:ce:a5:3b:91:78:c6:81:ac:38:a1:2b:bf:4d:96:22:a1:
52:a7:fb:2d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQiIBxgqrT8YiMw3mHxPvcXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwMTAxMTM0ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTQ4MzI0YTAxMGIxMThjMjhmNTVkNmVjMTc4M2M5M2M2ZThmNTI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr461OAcJ1BxcZx7oGWEptUIofNWI
L15VmxHuzECFDiNjmpNkRDkw+ZHafPaBdO5zdjgG6/BJ+3hG8JS5ZzIvgxVIqFCe
WwncRLZvUKyYwBE67B7Hh6QJY4E0yZuPV9+tBqFkBe4Gii8SaO7PbEj2+8hez7qd
kSsLWpAJTWKeeDempON7+NnjqwY+g5jwMHN/KO2ZylmmsJeCWj8Cd7G5ocMbRiH8
EZZQYhbrzPUhNccWesKfUQXd0eggew2fZDhv8jIOjvyX0bHaFjaQ5YDaH89boYhJ
q+fp+ONZCDhzBb8NKlUVjFIlPRXp3UpYFU6jkqVQiJyauXQ3tX8pAYJCnQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFG5IMkoBCxGMKPVdbsF4PJPG6PUnMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvYmtneVNnRUxFWXdvOVYxdXdYZzhrOGJvOVNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALZK6AwQA
uc2/AwQAue/yAwQAvNSbAwQAvPG2MA0GCSqGSIb3DQEBCwUAA4IBAQA3h4sEk/VY
KXIrKDUH+b/zxBopQfUJfaIHjAQRxPfIJezQN/+bYOby9pR/4mvlQYgsDc5WWDJc
kZrM8kUj/Nu/uIh98PA4HBtrodfbWSnHqM5M821go1QIJLzeIazZYAASLEsEfDw9
rsAua2F3s8zLlQXHZXPeFO/eB3Awz9UXoviMthEba5++oUh3J28ZFIo+RHekgczd
Fh82d5q2kRkstBsOOywXd+DqQWvUE2E0onum4TaeJmXdNVlxWzqkEqvXmSH3NkN8
SRUuA1w8Y1Gl7Ma9XVW6H8DPKNZIh/omVedzuvNcnEfsyQ1jM86lO5F4xoGsOKEr
v02WIqFSp/st
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:37:10 2025 by rpki-client