Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/bRmCB_BgICMvDW3ZRdC3IcqtpIQ.roa
File: bRmCB_BgICMvDW3ZRdC3IcqtpIQ.roa (raw, json)
Hash identifier: eTkWoKcHmw8SSK0VlnWoAjUFhRvhfKGAJQlm9GXJLNw=
Subject key identifier: 6D:19:82:07:F0:60:20:23:2F:0D:6D:D9:45:D0:B7:21:CA:AD:A4:84
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 019566F2D0BD31318B0AE0C3B9F66124B988
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/bRmCB_BgICMvDW3ZRdC3IcqtpIQ.roa
Signing time: Wed 05 Mar 2025 15:35:43 +0000
ROA not before: Wed 05 Mar 2025 15:35:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 2.56.137.0/24 maxlen: 24
45.148.165.0/24 maxlen: 24
185.210.137.0/24 maxlen: 24
193.148.61.0/24 maxlen: 24
193.148.63.0/24 maxlen: 24
194.32.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 20:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:66:f2:d0:bd:31:31:8b:0a:e0:c3:b9:f6:61:24:b9:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Mar 5 15:35:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6d198207f06020232f0d6dd945d0b721caada484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:17:78:cb:85:64:0d:af:4a:8e:b3:a5:81:d1:
f5:36:75:d5:d7:3d:14:49:82:85:68:d9:d4:4c:45:
58:bb:6a:d5:05:71:f1:92:35:5c:9a:04:7c:3e:a5:
24:95:c2:10:97:cd:a3:28:5a:38:53:c6:73:82:9b:
e9:c9:0d:ed:a8:4b:ab:89:b4:cb:a7:45:75:8c:dd:
f7:23:03:36:89:ba:28:3d:80:6c:37:79:36:81:e1:
5c:80:05:ca:d6:6e:59:38:c1:50:ec:d7:be:c8:de:
31:a4:b1:9b:34:3d:fc:f7:2f:d3:78:a9:8e:41:65:
a3:fa:b8:a4:ff:69:45:ab:45:28:c6:e7:2c:f7:01:
ae:b9:1c:a0:2c:94:46:e1:94:2d:4a:13:b6:1a:2a:
62:f8:fb:d6:cf:d0:ba:1a:09:31:d2:56:1f:7f:59:
0a:1f:9c:ba:b4:bd:89:cd:0d:de:72:0a:8e:94:ac:
48:89:49:a7:6a:d8:63:3f:1d:39:d3:72:3d:fd:6b:
49:f6:75:29:16:8f:25:99:b2:7c:50:08:e4:60:e3:
5b:b1:29:ff:91:b2:55:84:fa:d7:97:62:14:54:0b:
10:81:9a:10:ba:7e:cd:cd:ca:3f:56:c6:0e:70:e7:
85:f9:36:d8:dd:25:54:eb:54:a6:48:ca:80:83:20:
e6:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:19:82:07:F0:60:20:23:2F:0D:6D:D9:45:D0:B7:21:CA:AD:A4:84
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/bRmCB_BgICMvDW3ZRdC3IcqtpIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.137.0/24
45.148.165.0/24
185.210.137.0/24
193.148.61.0/24
193.148.63.0/24
194.32.127.0/24
Signature Algorithm: sha256WithRSAEncryption
58:c5:e7:fa:dd:91:11:a1:1d:b6:40:2b:93:e6:5e:b0:02:6d:
55:18:07:36:d1:0b:d2:be:d9:22:b0:b7:32:49:a5:fa:30:e4:
75:a6:95:09:1d:0d:13:ff:15:2f:dd:55:4a:e0:48:0e:02:3b:
49:e3:26:cb:a7:2a:9e:15:87:21:e6:2b:35:5b:40:e9:d0:76:
26:70:59:75:27:7b:65:da:4e:9e:41:df:08:b4:89:d0:8d:2b:
de:a1:1b:47:91:43:4a:96:03:29:c9:74:74:18:fb:39:e3:aa:
c4:87:88:33:bb:f2:df:da:b5:7b:56:56:b6:be:e0:72:12:65:
e3:87:09:11:07:41:06:f7:b1:33:c9:c8:09:ab:2a:75:d2:97:
3b:1b:3a:31:c7:29:4b:4c:70:a7:de:96:99:72:7e:42:f1:e4:
f4:f0:6a:81:33:79:41:fc:ac:70:27:bc:a8:43:ce:14:ed:be:
74:99:db:de:c8:a5:34:05:d0:7e:93:38:a6:91:bf:f2:97:9f:
6f:49:86:2a:be:18:b1:dd:6c:f4:7b:3f:73:bb:31:36:ad:3b:
dc:ce:fc:09:17:18:48:70:9d:c2:2d:47:49:cb:0e:57:3f:d1:
32:53:ed:76:66:ff:1a:00:72:97:0b:a9:4f:3e:8b:14:a5:26:
c0:b7:65:80
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZVm8tC9MTGLCuDDufZhJLmIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwMzA1MTUzNTQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZDE5ODIwN2YwNjAyMDIzMmYwZDZkZDk0NWQwYjcyMWNhYWRhNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjxd4y4VkDa9KjrOlgdH1NnXV1z0U
SYKFaNnUTEVYu2rVBXHxkjVcmgR8PqUklcIQl82jKFo4U8ZzgpvpyQ3tqEuribTL
p0V1jN33IwM2ibooPYBsN3k2geFcgAXK1m5ZOMFQ7Ne+yN4xpLGbND389y/TeKmO
QWWj+rik/2lFq0Uoxucs9wGuuRygLJRG4ZQtShO2Gipi+PvWz9C6Ggkx0lYff1kK
H5y6tL2JzQ3ecgqOlKxIiUmnathjPx0503I9/WtJ9nUpFo8lmbJ8UAjkYONbsSn/
kbJVhPrXl2IUVAsQgZoQun7Nzco/VsYOcOeF+TbY3SVU61SmSMqAgyDmywIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFG0ZggfwYCAjLw1t2UXQtyHKraSEMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvYlJtQ0JfQmdJQ012RFczWlJkQzNJY3F0cElRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAAjiJAwQA
LZSlAwQAudKJAwQAwZQ9AwQAwZQ/AwQAwiB/MA0GCSqGSIb3DQEBCwUAA4IBAQBY
xef63ZERoR22QCuT5l6wAm1VGAc20QvSvtkisLcySaX6MOR1ppUJHQ0T/xUv3VVK
4EgOAjtJ4ybLpyqeFYch5is1W0Dp0HYmcFl1J3tl2k6eQd8ItInQjSveoRtHkUNK
lgMpyXR0GPs546rEh4gzu/Lf2rV7Vla2vuByEmXjhwkRB0EG97EzycgJqyp10pc7
GzoxxylLTHCn3paZcn5C8eT08GqBM3lB/KxwJ7yoQ84U7b50mdveyKU0BdB+kzim
kb/yl59vSYYqvhix3Wz0ez9zuzE2rTvczvwJFxhIcJ3CLUdJyw5XP9EyU+12Zv8a
AHKXC6lPPosUpSbAt2WA
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:26:21 2025 by rpki-client