Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/BnZ18m27JG41iStc-0bf7RUhMqc.roa
File: BnZ18m27JG41iStc-0bf7RUhMqc.roa (raw, json)
Hash identifier: 506prusX3qMZHHvl16GjdziNik+Zaiptx5uE6D2elAc=
Subject key identifier: 06:76:75:F2:6D:BB:24:6E:35:89:2B:5C:FB:46:DF:ED:15:21:32:A7
Certificate issuer: /CN=0b9d86096a49110cf9bf670240b519315b66abcb
Certificate serial: 019422FC022F5FAB669C6387F33B600A695B
Authority key identifier: 0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/BnZ18m27JG41iStc-0bf7RUhMqc.roa
Signing time: Wed 01 Jan 2025 17:48:48 +0000
ROA not before: Wed 01 Jan 2025 17:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20559
IP address blocks: 5.172.40.0/21 maxlen: 24
31.200.208.0/21 maxlen: 24
45.13.164.0/22 maxlen: 24
45.133.196.0/22 maxlen: 24
45.146.124.0/22 maxlen: 24
46.19.216.0/21 maxlen: 24
46.226.88.0/21 maxlen: 24
85.209.108.0/22 maxlen: 24
88.218.152.0/22 maxlen: 24
91.218.148.0/22 maxlen: 24
91.224.248.0/23 maxlen: 24
93.186.176.0/20 maxlen: 24
185.46.64.0/22 maxlen: 24
185.51.56.0/22 maxlen: 24
185.113.84.0/22 maxlen: 24
185.122.116.0/22 maxlen: 24
193.37.204.0/22 maxlen: 24
193.187.188.0/22 maxlen: 24
194.213.112.0/23 maxlen: 24
2a00:d10::/32 maxlen: 48
2a03:3400::/32 maxlen: 48
2a04:a840::/29 maxlen: 48
2a06:6940::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.mft
rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 08:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:02:2f:5f:ab:66:9c:63:87:f3:3b:60:0a:69:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b9d86096a49110cf9bf670240b519315b66abcb
Validity
Not Before: Jan 1 17:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=067675f26dbb246e35892b5cfb46dfed152132a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:65:06:ae:a6:42:45:bb:bb:89:6c:43:bb:11:
cb:59:88:eb:84:6d:1a:d4:a3:e5:05:47:52:6a:6f:
0c:eb:5b:9f:80:c5:2a:2f:eb:12:a1:3c:41:42:36:
21:bf:6b:6c:50:fc:d2:30:6a:c9:dd:c3:f9:c7:85:
9d:e5:c7:33:8f:83:37:37:ba:15:d2:38:3f:ab:d2:
9b:95:15:0c:76:43:0d:09:ef:da:b2:2a:61:55:49:
7f:c4:dd:1c:ad:88:82:db:7c:ef:ef:7c:e1:68:a4:
c4:fb:cf:28:43:65:a0:53:f7:26:09:00:12:06:ed:
4f:ce:79:c0:99:06:b2:51:0a:5b:ba:a9:4a:b2:ff:
da:bd:5d:c1:48:52:12:90:87:04:da:2d:de:a8:dd:
4e:37:18:76:fe:7f:0a:33:e4:86:8e:c3:a1:41:7a:
77:d5:19:d7:ec:fa:90:43:c4:7f:38:25:39:d0:e3:
82:e7:98:61:cf:0c:95:f4:60:12:aa:f0:d8:23:5b:
8a:15:99:7c:49:c2:63:a4:fb:0f:36:0b:44:27:2f:
eb:34:34:ef:9c:92:bd:10:ec:33:48:1d:90:c5:9c:
0e:eb:2b:c4:cb:07:dd:cb:11:bc:d9:b4:72:41:2b:
ea:f5:04:71:5a:2f:6e:00:49:3a:28:2e:ef:0c:73:
9f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:76:75:F2:6D:BB:24:6E:35:89:2B:5C:FB:46:DF:ED:15:21:32:A7
X509v3 Authority Key Identifier:
keyid:0B:9D:86:09:6A:49:11:0C:F9:BF:67:02:40:B5:19:31:5B:66:AB:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C52GCWpJEQz5v2cCQLUZMVtmq8s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/BnZ18m27JG41iStc-0bf7RUhMqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/1e1a97-f276-4a51-b1b5-8c10909a485c/1/C52GCWpJEQz5v2cCQLUZMVtmq8s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.40.0/21
31.200.208.0/21
45.13.164.0/22
45.133.196.0/22
45.146.124.0/22
46.19.216.0/21
46.226.88.0/21
85.209.108.0/22
88.218.152.0/22
91.218.148.0/22
91.224.248.0/23
93.186.176.0/20
185.46.64.0/22
185.51.56.0/22
185.113.84.0/22
185.122.116.0/22
193.37.204.0/22
193.187.188.0/22
194.213.112.0/23
IPv6:
2a00:d10::/32
2a03:3400::/32
2a04:a840::/29
2a06:6940::/29
Signature Algorithm: sha256WithRSAEncryption
33:29:07:18:6c:10:fa:60:92:70:89:8a:3e:d0:df:6a:6c:1a:
56:4d:eb:8e:76:d3:a2:0e:d7:a4:3c:4f:26:71:09:e7:2f:89:
bd:f2:db:7a:e5:10:8f:5f:32:4b:e7:52:c8:6c:84:d7:1e:cf:
b8:78:a9:f4:f6:2d:26:44:9b:a3:c6:6c:63:a7:9c:dd:40:25:
ce:fa:6a:a6:1e:ff:c5:05:36:aa:ee:1a:9b:22:3b:0f:5c:84:
45:d8:8a:67:52:02:29:f5:8d:44:89:6e:45:54:db:b0:d5:2c:
c3:77:7c:88:ae:fc:af:3a:4c:39:87:ea:95:d2:e2:38:b8:b6:
37:35:b9:fe:1b:3a:2a:60:9a:44:2a:8b:d8:b9:e7:78:d2:15:
72:7c:ec:9b:7b:43:e5:60:5a:8c:77:a5:b5:06:6a:bc:25:bc:
f4:88:f2:93:82:6a:1e:fa:4c:3f:1c:43:73:21:1d:ed:58:e2:
66:cf:77:56:77:6f:0a:5b:8b:c9:b4:9b:f0:64:f1:04:ad:ec:
a6:cd:77:da:3a:a3:d0:04:f6:89:76:4a:e9:7c:52:ef:3a:d2:
a9:3c:e3:cf:ff:61:c3:3f:c7:78:71:f9:5c:4f:29:54:05:79:
14:2a:62:d1:98:4a:27:26:67:3a:c8:26:6d:13:9b:14:0b:fb:
aa:54:77:dd
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZQi/AIvX6tmnGOH8ztgCmlbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOWQ4NjA5NmE0OTExMGNmOWJmNjcwMjQwYjUxOTMxNWI2
NmFiY2IwHhcNMjUwMTAxMTc0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjc2NzVmMjZkYmIyNDZlMzU4OTJiNWNmYjQ2ZGZlZDE1MjEzMmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr2UGrqZCRbu7iWxDuxHLWYjrhG0a
1KPlBUdSam8M61ufgMUqL+sSoTxBQjYhv2tsUPzSMGrJ3cP5x4Wd5cczj4M3N7oV
0jg/q9KblRUMdkMNCe/asiphVUl/xN0crYiC23zv73zhaKTE+88oQ2WgU/cmCQAS
Bu1PznnAmQayUQpbuqlKsv/avV3BSFISkIcE2i3eqN1ONxh2/n8KM+SGjsOhQXp3
1RnX7PqQQ8R/OCU50OOC55hhzwyV9GASqvDYI1uKFZl8ScJjpPsPNgtEJy/rNDTv
nJK9EOwzSB2QxZwO6yvEywfdyxG82bRyQSvq9QRxWi9uAEk6KC7vDHOfZwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFAZ2dfJtuyRuNYkrXPtG3+0VITKnMB8GA1UdIwQY
MBaAFAudhglqSREM+b9nAkC1GTFbZqvLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzUyR0NXcEpFUXo1djJjQ1FMVVpNVnRtcThzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8xZTFhOTctZjI3Ni00YTUxLWIxYjUt
OGMxMDkwOWE0ODVjLzEvQm5aMThtMjdKRzQxaVN0Yy0wYmY3UlVoTXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8xZTFhOTctZjI3Ni00YTUxLWIxYjUtOGMxMDkwOWE0ODVj
LzEvQzUyR0NXcEpFUXo1djJjQ1FMVVpNVnRtcThzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjB4BAIAATByAwQDBawo
AwQDH8jQAwQCLQ2kAwQCLYXEAwQCLZJ8AwQDLhPYAwQDLuJYAwQCVdFsAwQCWNqY
AwQCW9qUAwQBW+D4AwQEXbqwAwQCuS5AAwQCuTM4AwQCuXFUAwQCuXp0AwQCwSXM
AwQCwbu8AwQBwtVwMCIEAgACMBwDBQAqAA0QAwUAKgM0AAMFAyoEqEADBQMqBmlA
MA0GCSqGSIb3DQEBCwUAA4IBAQAzKQcYbBD6YJJwiYo+0N9qbBpWTeuOdtOiDtek
PE8mcQnnL4m98tt65RCPXzJL51LIbITXHs+4eKn09i0mRJujxmxjp5zdQCXO+mqm
Hv/FBTaq7hqbIjsPXIRF2IpnUgIp9Y1EiW5FVNuw1SzDd3yIrvyvOkw5h+qV0uI4
uLY3Nbn+GzoqYJpEKovYued40hVyfOybe0PlYFqMd6W1Bmq8Jbz0iPKTgmoe+kw/
HENzIR3tWOJmz3dWd28KW4vJtJvwZPEEreymzXfaOqPQBPaJdkrpfFLvOtKpPOPP
/2HDP8d4cflcTylUBXkUKmLRmEonJmc6yCZtE5sUC/uqVHfd
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:05:09 2025 by rpki-client