Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/BTQAIYiem6ll8U-LWQUv-bwT9X8.roa
File: BTQAIYiem6ll8U-LWQUv-bwT9X8.roa (raw, json)
Hash identifier: FDDxUsXQ5/3fL8BYl5aVHWskEjN73qFRfixFMPF5l8k=
Subject key identifier: 05:34:00:21:88:9E:9B:A9:65:F1:4F:8B:59:05:2F:F9:BC:13:F5:7F
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 01954BAD8DAE37A3C10993F59111BD2EBD22
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/BTQAIYiem6ll8U-LWQUv-bwT9X8.roa
Signing time: Fri 28 Feb 2025 08:30:20 +0000
ROA not before: Fri 28 Feb 2025 08:30:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48803
IP address blocks: 193.183.148.0/22 maxlen: 22
193.183.192.0/24 maxlen: 24
193.183.194.0/24 maxlen: 24
193.183.195.0/24 maxlen: 24
193.183.212.0/24 maxlen: 24
193.183.213.0/24 maxlen: 24
193.183.215.0/24 maxlen: 24
193.183.250.0/23 maxlen: 23
193.234.72.0/22 maxlen: 24
193.234.72.0/24 maxlen: 24
193.234.73.0/24 maxlen: 24
193.234.74.0/24 maxlen: 24
193.234.75.0/24 maxlen: 24
193.234.108.0/24 maxlen: 24
193.234.109.0/24 maxlen: 24
193.234.111.0/24 maxlen: 24
194.68.117.0/24 maxlen: 24
194.132.224.0/22 maxlen: 24
194.132.224.0/24 maxlen: 24
194.132.225.0/24 maxlen: 24
194.132.226.0/24 maxlen: 24
194.132.227.0/24 maxlen: 24
194.132.228.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 08:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4b:ad:8d:ae:37:a3:c1:09:93:f5:91:11:bd:2e:bd:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Feb 28 08:30:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05340021889e9ba965f14f8b59052ff9bc13f57f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:e5:f2:dc:ae:72:db:58:93:28:7b:d2:ac:74:
d1:6e:06:a7:28:bd:d0:ca:77:2e:9b:aa:b4:07:ee:
c4:63:c8:ce:fd:c0:d5:24:ad:80:7f:ee:5a:91:54:
60:7f:23:6d:50:a5:54:0f:6d:d2:10:de:f6:86:ee:
e5:b4:81:e5:6d:11:01:f7:eb:e3:17:b8:4d:83:9c:
c1:90:56:73:6f:2d:52:8b:53:14:0e:3a:a4:35:d0:
07:28:9e:af:cb:81:e0:0c:6a:d2:47:f2:63:03:7e:
c5:b4:48:82:5d:f2:99:be:05:94:39:28:d9:11:77:
9a:67:4f:99:20:f4:07:35:50:e8:28:4d:38:24:61:
a5:6d:c3:ac:01:1e:c3:e1:7a:84:92:29:8c:01:e0:
92:bf:63:0e:9c:f6:4e:99:37:7d:c7:a2:ae:d9:2d:
f5:af:80:01:d2:59:9f:84:14:f2:a9:8d:ae:1b:b1:
bc:1d:29:3c:83:9c:58:9b:06:b1:eb:7f:11:61:4f:
de:96:f6:c1:bb:15:0d:92:91:13:81:88:01:0c:4f:
3f:a9:7c:fe:39:a6:fd:51:a7:62:9f:44:d6:63:4b:
81:95:1d:a5:12:7a:7b:67:92:13:d2:d2:9a:d5:89:
34:f9:63:6c:93:df:37:e4:12:26:0b:c1:5f:7f:21:
7e:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:34:00:21:88:9E:9B:A9:65:F1:4F:8B:59:05:2F:F9:BC:13:F5:7F
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/BTQAIYiem6ll8U-LWQUv-bwT9X8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.183.148.0/22
193.183.192.0/24
193.183.194.0/23
193.183.212.0/23
193.183.215.0/24
193.183.250.0/23
193.234.72.0/22
193.234.108.0/23
193.234.111.0/24
194.68.117.0/24
194.132.224.0/21
Signature Algorithm: sha256WithRSAEncryption
62:b7:65:3e:d2:9b:47:85:49:6a:4a:9a:4e:58:48:1f:2b:94:
d0:23:53:77:26:db:ef:75:15:cf:2e:32:e7:fe:eb:5a:03:ac:
89:09:21:da:38:ef:be:ba:98:15:b0:97:f0:ea:74:a6:b1:18:
64:47:44:74:03:db:b4:c1:d9:04:ab:c8:ce:8c:03:35:03:84:
53:c5:54:fd:98:48:9b:5b:10:f3:52:2c:4d:eb:0e:56:92:c4:
7e:58:77:69:12:35:26:bc:11:39:14:e5:27:1f:c5:c3:3f:53:
f8:9b:b9:f5:f6:2d:6f:ac:96:89:f3:cc:b4:a0:2e:99:dc:07:
23:94:c5:73:61:b9:7d:87:6e:a3:44:78:58:fc:8e:5e:c1:44:
12:98:37:19:e8:34:cd:8f:51:65:4e:3f:5f:5f:05:57:af:d8:
1a:e6:fa:ba:d3:56:56:5e:9a:e3:66:7f:86:bc:1f:b8:e1:71:
a8:12:60:3b:79:ce:19:86:98:a1:dc:f4:4a:0e:08:93:9a:40:
d2:f3:65:5e:56:18:dd:2c:5c:c2:e4:c2:59:65:6f:3e:fa:58:
0b:ff:12:4c:ee:6b:08:f4:f7:50:53:53:8f:b8:95:7d:77:60:
02:f1:a2:f6:2d:69:98:b7:80:70:54:68:7c:43:34:74:b0:83:
e0:11:35:56
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZVLrY2uN6PBCZP1kRG9Lr0iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwMjI4MDgzMDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTM0MDAyMTg4OWU5YmE5NjVmMTRmOGI1OTA1MmZmOWJjMTNmNTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmuXy3K5y21iTKHvSrHTRbganKL3Q
yncum6q0B+7EY8jO/cDVJK2Af+5akVRgfyNtUKVUD23SEN72hu7ltIHlbREB9+vj
F7hNg5zBkFZzby1Si1MUDjqkNdAHKJ6vy4HgDGrSR/JjA37FtEiCXfKZvgWUOSjZ
EXeaZ0+ZIPQHNVDoKE04JGGlbcOsAR7D4XqEkimMAeCSv2MOnPZOmTd9x6Ku2S31
r4AB0lmfhBTyqY2uG7G8HSk8g5xYmwax638RYU/elvbBuxUNkpETgYgBDE8/qXz+
Oab9Uadin0TWY0uBlR2lEnp7Z5IT0tKa1Yk0+WNsk9835BImC8FffyF+zwIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFAU0ACGInpupZfFPi1kFL/m8E/V/MB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvQlRRQUlZaWVtNmxsOFUtTFdRVXYtYndUOVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQCwbeUAwQA
wbfAAwQBwbfCAwQBwbfUAwQAwbfXAwQBwbf6AwQCwepIAwQBwepsAwQAwepvAwQA
wkR1AwQDwoTgMA0GCSqGSIb3DQEBCwUAA4IBAQBit2U+0ptHhUlqSppOWEgfK5TQ
I1N3JtvvdRXPLjLn/utaA6yJCSHaOO++upgVsJfw6nSmsRhkR0R0A9u0wdkEq8jO
jAM1A4RTxVT9mEibWxDzUixN6w5WksR+WHdpEjUmvBE5FOUnH8XDP1P4m7n19i1v
rJaJ88y0oC6Z3AcjlMVzYbl9h26jRHhY/I5ewUQSmDcZ6DTNj1FlTj9fXwVXr9ga
5vq601ZWXprjZn+GvB+44XGoEmA7ec4Zhpih3PRKDgiTmkDS82VeVhjdLFzC5MJZ
ZW8++lgL/xJM7msI9PdQU1OPuJV9d2AC8aL2LWmYt4BwVGh8QzR0sIPgETVW
-----END CERTIFICATE-----
Generated at Thu Apr 10 15:18:43 2025 by rpki-client