Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/BT46iIB4OSMOWVQ2HKjuNk25XSs.roa
File: BT46iIB4OSMOWVQ2HKjuNk25XSs.roa (raw, json)
Hash identifier: 44E2dRX13lWTv0CpNFnA+SZ7s9k3n6xjHPl7U1S3LJI=
Subject key identifier: 05:3E:3A:88:80:78:39:23:0E:59:54:36:1C:A8:EE:36:4D:B9:5D:2B
Certificate issuer: /CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Certificate serial: 0194221FC47063B2DA911E906A569F394DFB
Authority key identifier: 1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/BT46iIB4OSMOWVQ2HKjuNk25XSs.roa
Signing time: Wed 01 Jan 2025 13:48:14 +0000
ROA not before: Wed 01 Jan 2025 13:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60448
IP address blocks: 85.219.192.0/24 maxlen: 24
89.174.25.0/24 maxlen: 24
89.174.26.0/23 maxlen: 23
89.174.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 21:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c4:70:63:b2:da:91:1e:90:6a:56:9f:39:4d:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1aca63df248b7adf3ddd07e8c2d3eedd02cef933
Validity
Not Before: Jan 1 13:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=053e3a88807839230e5954361ca8ee364db95d2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:4b:34:8d:6d:26:d4:92:33:0a:ff:ed:33:e2:
56:1e:67:d0:94:79:15:86:2c:81:96:45:31:6f:73:
78:ad:44:a7:20:5f:f2:e6:46:02:69:29:a3:b5:63:
73:62:39:d5:31:56:88:85:4e:5c:83:48:df:f9:41:
82:9d:9b:ec:fb:b3:a2:36:75:8b:96:23:c8:18:39:
06:8c:c7:11:3f:a5:79:8b:0c:b9:2a:f9:00:10:2a:
bf:7f:b7:8b:9c:b7:9c:76:f7:42:37:8a:8e:df:98:
63:d0:c3:95:91:89:bf:4c:a5:c4:61:16:e6:f6:5d:
b6:c8:9e:02:79:9c:e3:d7:f9:22:f7:99:a1:12:46:
5a:20:e4:6f:a1:d8:0a:1d:e9:ca:48:f9:c3:11:03:
a3:2e:eb:3b:ed:f4:df:95:4d:c9:b4:46:7c:f7:de:
6e:7e:6d:b7:47:48:3a:b7:1b:d6:59:26:c5:58:80:
37:67:4e:71:f3:de:89:62:3a:17:58:07:58:a0:22:
33:cc:13:28:0b:1a:53:c3:b5:02:f7:62:c3:24:94:
ee:12:4e:3e:22:0c:d3:37:e0:b1:8c:a1:f8:71:4f:
4e:33:f8:1a:fe:c6:c5:15:6b:80:2c:d6:77:f9:29:
b2:c7:33:b8:89:a1:3b:34:85:34:22:6d:a4:bc:da:
6f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:3E:3A:88:80:78:39:23:0E:59:54:36:1C:A8:EE:36:4D:B9:5D:2B
X509v3 Authority Key Identifier:
keyid:1A:CA:63:DF:24:8B:7A:DF:3D:DD:07:E8:C2:D3:EE:DD:02:CE:F9:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gspj3ySLet893QfowtPu3QLO-TM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/BT46iIB4OSMOWVQ2HKjuNk25XSs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/1f6458-dc75-4add-ae72-91e3184bb0ab/1/Gspj3ySLet893QfowtPu3QLO-TM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.219.192.0/24
89.174.25.0-89.174.27.255
89.174.184.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:4e:d9:81:51:2a:95:78:82:c2:17:71:98:23:b1:7a:44:a3:
c7:34:e1:b0:6b:d0:26:74:1a:ba:f7:c9:78:fe:55:bb:6b:80:
40:3e:95:0e:41:da:56:33:23:72:ba:4e:0c:ac:e1:89:80:56:
a8:d4:03:e0:7c:a7:f9:e7:8d:dd:cc:26:50:93:bf:54:1a:62:
d1:20:fe:02:c7:13:fd:58:ba:5e:ab:f6:5c:1f:41:98:55:3a:
67:1f:f2:fb:4f:35:29:a4:b3:00:bf:e0:b1:a3:1d:79:e7:85:
c9:a1:6d:8d:24:be:1d:38:9d:6f:7e:4c:6b:66:8f:ea:e1:54:
c4:cd:83:d0:b5:88:08:16:1c:47:44:6c:b9:a7:d2:03:0a:93:
90:66:bd:34:60:2a:4b:f5:ce:72:98:8d:7f:c8:23:e3:4a:b1:
fc:6e:80:18:01:de:dc:27:78:7f:62:5e:27:07:26:37:5e:a4:
81:fe:a5:ee:ba:ed:8e:71:57:83:3c:9a:21:94:f0:f1:f9:72:
83:c5:0f:f7:41:15:82:16:e1:2b:ea:0b:f1:14:66:7f:cb:9e:
96:54:8e:d5:f1:74:65:38:c4:08:82:c7:e7:ef:45:d0:42:a5:
a5:e5:05:f5:b4:c7:78:c1:0c:66:ca:5f:8d:ce:39:51:77:2a:
7d:45:cb:c7
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQiH8RwY7LakR6QalafOU37MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhY2E2M2RmMjQ4YjdhZGYzZGRkMDdlOGMyZDNlZWRkMDJj
ZWY5MzMwHhcNMjUwMTAxMTM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTNlM2E4ODgwNzgzOTIzMGU1OTU0MzYxY2E4ZWUzNjRkYjk1ZDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtUs0jW0m1JIzCv/tM+JWHmfQlHkV
hiyBlkUxb3N4rUSnIF/y5kYCaSmjtWNzYjnVMVaIhU5cg0jf+UGCnZvs+7OiNnWL
liPIGDkGjMcRP6V5iwy5KvkAECq/f7eLnLecdvdCN4qO35hj0MOVkYm/TKXEYRbm
9l22yJ4CeZzj1/ki95mhEkZaIORvodgKHenKSPnDEQOjLus77fTflU3JtEZ8995u
fm23R0g6txvWWSbFWIA3Z05x896JYjoXWAdYoCIzzBMoCxpTw7UC92LDJJTuEk4+
IgzTN+CxjKH4cU9OM/ga/sbFFWuALNZ3+SmyxzO4iaE7NIU0Im2kvNpvMQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFAU+OoiAeDkjDllUNhyo7jZNuV0rMB8GA1UdIwQY
MBaAFBrKY98ki3rfPd0H6MLT7t0CzvkzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzIt
OTFlMzE4NGJiMGFiLzEvQlQ0NmlJQjRPU01PV1ZRMkhLanVOazI1WFNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8xZjY0NTgtZGM3NS00YWRkLWFlNzItOTFlMzE4NGJiMGFi
LzEvR3NwajN5U0xldDg5M1Fmb3d0UHUzUUxPLVRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAVdvAMAwD
BABZrhkDBAJZrhgDBABZrrgwDQYJKoZIhvcNAQELBQADggEBADpO2YFRKpV4gsIX
cZgjsXpEo8c04bBr0CZ0Grr3yXj+VbtrgEA+lQ5B2lYzI3K6Tgys4YmAVqjUA+B8
p/nnjd3MJlCTv1QaYtEg/gLHE/1Yul6r9lwfQZhVOmcf8vtPNSmkswC/4LGjHXnn
hcmhbY0kvh04nW9+TGtmj+rhVMTNg9C1iAgWHEdEbLmn0gMKk5BmvTRgKkv1znKY
jX/II+NKsfxugBgB3twneH9iXicHJjdepIH+pe667Y5xV4M8miGU8PH5coPFD/dB
FYIW4SvqC/EUZn/LnpZUjtXxdGU4xAiCx+fvRdBCpaXlBfW0x3jBDGbKX43OOVF3
Kn1Fy8c=
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:35:20 2025 by rpki-client