Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/178ffd-a99c-4333-8e9b-ca35469553cf/1/BEVOt5Hu7SlSOUV5TBn_pg8-Bq4.roa
File: BEVOt5Hu7SlSOUV5TBn_pg8-Bq4.roa (raw, json)
Hash identifier: nEzdIf15rxzhFQC8rcsKrtOrx8pALRaykpAEEi2uLpo=
Subject key identifier: 04:45:4E:B7:91:EE:ED:29:52:39:45:79:4C:19:FF:A6:0F:3E:06:AE
Certificate issuer: /CN=b0847250b3a77127df7c3c7b8def8c9d919dc4b9
Certificate serial: 0194266BE530B5911272584F70C35A0C3D80
Authority key identifier: B0:84:72:50:B3:A7:71:27:DF:7C:3C:7B:8D:EF:8C:9D:91:9D:C4:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sIRyULOncSfffDx7je-MnZGdxLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/178ffd-a99c-4333-8e9b-ca35469553cf/1/BEVOt5Hu7SlSOUV5TBn_pg8-Bq4.roa
Signing time: Thu 02 Jan 2025 09:49:52 +0000
ROA not before: Thu 02 Jan 2025 09:49:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60823
IP address blocks: 92.243.70.0/24 maxlen: 24
92.243.92.0/24 maxlen: 24
185.25.124.0/22 maxlen: 22
195.191.254.0/23 maxlen: 23
2a04:3180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/178ffd-a99c-4333-8e9b-ca35469553cf/1/sIRyULOncSfffDx7je-MnZGdxLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/178ffd-a99c-4333-8e9b-ca35469553cf/1/sIRyULOncSfffDx7je-MnZGdxLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/sIRyULOncSfffDx7je-MnZGdxLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 06:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:e5:30:b5:91:12:72:58:4f:70:c3:5a:0c:3d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0847250b3a77127df7c3c7b8def8c9d919dc4b9
Validity
Not Before: Jan 2 09:49:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04454eb791eeed29523945794c19ffa60f3e06ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:10:77:3f:1c:7f:9e:c6:18:ed:d2:93:62:12:
d3:78:61:e9:a7:02:21:99:36:dc:7b:1f:34:0f:a8:
1d:ba:97:1c:42:9c:7e:a4:6b:09:af:5d:b5:eb:04:
c3:ef:58:83:53:8b:62:7b:6c:32:07:2d:34:9a:04:
87:12:49:76:0a:e9:59:94:37:2f:6c:d9:6a:25:46:
c5:f6:d9:e3:39:bd:14:7c:74:fa:6c:db:ef:4c:6c:
0b:c6:26:02:94:ed:8b:bf:a0:00:85:15:9a:fb:cf:
9e:65:8d:a2:a2:be:dc:ea:ac:b8:e9:80:70:88:0f:
c9:3c:6d:65:3a:3a:78:07:7c:a5:d4:a5:86:bd:e1:
cd:1c:af:25:80:a0:17:ed:4a:6f:ba:15:b8:ce:b2:
b8:89:2d:a9:f6:5b:2f:fc:d1:6a:37:fa:bb:8b:71:
61:5a:12:26:85:a9:6f:ae:6d:27:03:d2:db:10:0a:
55:3a:ab:1d:62:0a:f4:e6:60:80:b7:ea:19:db:19:
98:00:ff:aa:43:72:46:b3:5d:e0:06:4a:cb:56:cb:
36:ee:a0:c6:dd:2c:a4:e2:2e:99:87:5f:a1:2d:e3:
f8:f6:04:06:7d:98:17:c4:6d:ff:cb:d4:e9:bd:cb:
71:36:78:c6:93:07:2d:30:f4:d8:1d:70:85:76:98:
3e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:45:4E:B7:91:EE:ED:29:52:39:45:79:4C:19:FF:A6:0F:3E:06:AE
X509v3 Authority Key Identifier:
keyid:B0:84:72:50:B3:A7:71:27:DF:7C:3C:7B:8D:EF:8C:9D:91:9D:C4:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sIRyULOncSfffDx7je-MnZGdxLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/178ffd-a99c-4333-8e9b-ca35469553cf/1/BEVOt5Hu7SlSOUV5TBn_pg8-Bq4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/178ffd-a99c-4333-8e9b-ca35469553cf/1/sIRyULOncSfffDx7je-MnZGdxLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.243.70.0/24
92.243.92.0/24
185.25.124.0/22
195.191.254.0/23
IPv6:
2a04:3180::/29
Signature Algorithm: sha256WithRSAEncryption
34:1e:ec:56:b2:51:2e:53:12:8a:23:2d:30:97:d0:a3:e6:5b:
81:e7:1e:f3:ba:d8:08:0b:7d:e4:f4:3b:ac:ef:2f:33:87:83:
bd:87:6c:53:bc:8d:77:05:1a:57:2c:c6:1a:0d:d4:04:a9:b5:
c8:c1:69:0c:d6:a1:24:ee:71:29:d4:11:8c:9a:11:ba:3e:c7:
71:13:d0:cb:1f:39:3d:04:b9:a2:9c:1c:a8:b0:f8:fd:74:a5:
3f:43:e1:10:0a:fb:bc:52:22:71:08:e0:bf:21:dc:3d:23:bc:
39:f7:73:59:7a:b4:b1:04:38:0f:80:64:e0:99:58:fc:9a:85:
50:19:14:64:d2:99:90:09:cb:84:df:c5:e4:60:11:72:e8:19:
a1:95:c1:a5:dd:fd:3d:c7:0b:ca:8d:62:72:6a:02:98:26:af:
49:36:cb:39:9a:38:f1:f8:37:ff:78:c5:8b:77:35:a5:36:bc:
f8:94:d0:c3:c5:28:5b:7a:18:7b:81:fd:97:73:58:63:e7:7a:
ea:ee:a5:4c:32:ca:c4:7f:9f:d4:94:71:30:a0:83:c4:ea:c8:
4b:be:a7:cd:31:b5:1d:c1:9c:3b:dd:9c:3c:39:ea:12:a0:ce:
90:38:a3:4b:7b:7f:7d:e2:71:0d:8c:80:95:b4:2a:93:32:da:
58:6c:42:d3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQma+UwtZESclhPcMNaDD2AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwODQ3MjUwYjNhNzcxMjdkZjdjM2M3YjhkZWY4YzlkOTE5
ZGM0YjkwHhcNMjUwMTAyMDk0OTUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDQ1NGViNzkxZWVlZDI5NTIzOTQ1Nzk0YzE5ZmZhNjBmM2UwNmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3BB3Pxx/nsYY7dKTYhLTeGHppwIh
mTbcex80D6gdupccQpx+pGsJr1216wTD71iDU4tie2wyBy00mgSHEkl2CulZlDcv
bNlqJUbF9tnjOb0UfHT6bNvvTGwLxiYClO2Lv6AAhRWa+8+eZY2ior7c6qy46YBw
iA/JPG1lOjp4B3yl1KWGveHNHK8lgKAX7UpvuhW4zrK4iS2p9lsv/NFqN/q7i3Fh
WhImhalvrm0nA9LbEApVOqsdYgr05mCAt+oZ2xmYAP+qQ3JGs13gBkrLVss27qDG
3Syk4i6Zh1+hLeP49gQGfZgXxG3/y9TpvctxNnjGkwctMPTYHXCFdpg+LwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFARFTreR7u0pUjlFeUwZ/6YPPgauMB8GA1UdIwQY
MBaAFLCEclCzp3En33w8e43vjJ2RncS5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0lSeVVMT25jU2ZmZkR4N2plLU1uWkdkeExrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8xNzhmZmQtYTk5Yy00MzMzLThlOWIt
Y2EzNTQ2OTU1M2NmLzEvQkVWT3Q1SHU3U2xTT1VWNVRCbl9wZzgtQnE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8xNzhmZmQtYTk5Yy00MzMzLThlOWItY2EzNTQ2OTU1M2Nm
LzEvc0lSeVVMT25jU2ZmZkR4N2plLU1uWkdkeExrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAXPNGAwQA
XPNcAwQCuRl8AwQBw7/+MA0EAgACMAcDBQMqBDGAMA0GCSqGSIb3DQEBCwUAA4IB
AQA0HuxWslEuUxKKIy0wl9Cj5luB5x7zutgIC33k9Dus7y8zh4O9h2xTvI13BRpX
LMYaDdQEqbXIwWkM1qEk7nEp1BGMmhG6PsdxE9DLHzk9BLminByosPj9dKU/Q+EQ
Cvu8UiJxCOC/Idw9I7w593NZerSxBDgPgGTgmVj8moVQGRRk0pmQCcuE38XkYBFy
6BmhlcGl3f09xwvKjWJyagKYJq9JNss5mjjx+Df/eMWLdzWlNrz4lNDDxShbehh7
gf2Xc1hj53rq7qVMMsrEf5/UlHEwoIPE6shLvqfNMbUdwZw73Zw8OeoSoM6QOKNL
e3994nENjICVtCqTMtpYbELT
-----END CERTIFICATE-----
Generated at Mon Apr 7 13:04:43 2025 by rpki-client