Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/BlrozZPONvKYEp2UEAlnW_YzHI4.roa
File: BlrozZPONvKYEp2UEAlnW_YzHI4.roa (raw, json)
Hash identifier: L9GHrxzoIcunUF/HHDD1IUg78PGRjvbme0vJn+zzCvE=
Subject key identifier: 06:5A:E8:CD:93:CE:36:F2:98:12:9D:94:10:09:67:5B:F6:33:1C:8E
Certificate issuer: /CN=de87d35bdcab123affc1a91d1736867969709a23
Certificate serial: 0196D299B420F498E1729FAFEC6612C65E2C
Authority key identifier: DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/BlrozZPONvKYEp2UEAlnW_YzHI4.roa
Signing time: Thu 15 May 2025 06:20:10 +0000
ROA not before: Thu 15 May 2025 06:20:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43399
IP address blocks: 91.194.226.0/23 maxlen: 24
91.194.226.0/24 maxlen: 24
91.194.227.0/24 maxlen: 24
91.218.132.0/22 maxlen: 24
91.218.132.0/23 maxlen: 23
91.218.132.0/24 maxlen: 24
91.218.133.0/24 maxlen: 24
91.218.134.0/23 maxlen: 23
91.218.134.0/24 maxlen: 24
91.218.135.0/24 maxlen: 24
212.233.80.0/22 maxlen: 24
212.233.80.0/24 maxlen: 24
212.233.81.0/24 maxlen: 24
212.233.82.0/23 maxlen: 23
212.233.82.0/24 maxlen: 24
212.233.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 15:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d2:99:b4:20:f4:98:e1:72:9f:af:ec:66:12:c6:5e:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de87d35bdcab123affc1a91d1736867969709a23
Validity
Not Before: May 15 06:20:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=065ae8cd93ce36f298129d941009675bf6331c8e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:64:ef:cc:df:2e:47:3b:63:8c:34:32:84:cb:
04:0b:13:2b:2a:49:8a:fb:eb:87:26:46:66:06:6f:
d2:40:ca:89:95:44:ce:e0:cc:b2:a5:ae:54:04:ab:
eb:b1:5f:27:28:a8:ad:9e:c7:07:4c:c2:28:61:01:
05:23:79:66:ec:86:51:8d:db:f0:40:81:b0:02:ec:
40:e5:38:92:9d:e3:fc:12:ad:c0:39:a2:f9:f1:88:
25:a3:9b:c2:37:4f:08:0f:4b:ef:d3:c7:f6:86:97:
9b:58:61:63:41:88:c3:44:b6:cf:a5:f5:e5:f9:cd:
96:53:8f:25:0f:80:d9:5c:eb:16:0e:f5:e6:d3:c9:
58:d7:bb:5e:00:c6:fb:52:34:48:aa:0d:25:66:c8:
0e:cd:a6:d0:b1:a7:b4:02:49:35:a4:ed:f0:21:b8:
03:e6:c6:c4:98:00:a6:b5:ef:aa:a7:58:cf:8d:42:
b8:aa:f0:92:1d:f5:32:d2:0d:00:3f:4c:67:ac:af:
8d:cd:d0:52:05:d0:d0:e3:b0:1d:00:81:63:e6:1a:
d5:6f:ff:1c:8c:04:8c:9e:fc:2a:1c:6a:8a:be:51:
40:83:8a:83:35:c6:94:18:0f:93:74:06:7c:1f:e1:
93:d6:2b:19:1f:e9:9f:80:4f:e9:1c:be:c0:9e:83:
e9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:5A:E8:CD:93:CE:36:F2:98:12:9D:94:10:09:67:5B:F6:33:1C:8E
X509v3 Authority Key Identifier:
keyid:DE:87:D3:5B:DC:AB:12:3A:FF:C1:A9:1D:17:36:86:79:69:70:9A:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ofTW9yrEjr_wakdFzaGeWlwmiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/BlrozZPONvKYEp2UEAlnW_YzHI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/910716-f266-47f0-9bad-c22390e8d9a6/1/3ofTW9yrEjr_wakdFzaGeWlwmiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.226.0/23
91.218.132.0/22
212.233.80.0/22
Signature Algorithm: sha256WithRSAEncryption
18:14:8f:12:3c:9c:91:d1:78:3e:63:b7:6d:8f:a3:ce:1f:15:
dc:cf:4e:8a:47:11:7e:6b:e9:42:cc:7d:8d:80:01:43:77:0f:
7c:10:d0:20:97:44:d9:5f:ae:fd:b2:ca:9c:32:68:88:0e:31:
ee:36:1e:90:ec:85:a0:5f:71:a8:c9:f0:6e:fd:bd:c4:91:f3:
f3:55:65:f5:6d:e6:aa:24:f8:f1:0d:e7:a2:e8:c5:4a:4e:26:
2e:5e:b5:c7:c2:f7:a1:6a:d2:c7:89:7e:56:95:9b:28:e6:77:
71:f0:c9:8d:99:71:1a:0b:ea:a5:0b:44:c0:8d:e4:27:6d:c1:
18:cd:7d:b6:24:6f:f7:7a:9f:fd:c6:08:0d:e3:77:c5:63:e8:
9c:6e:38:f0:ba:f2:07:d7:17:ad:3f:09:0a:7d:f8:02:26:e8:
13:6f:28:ae:3a:11:a4:10:75:fa:a4:24:92:31:32:19:03:4b:
e7:ec:b1:6b:50:d4:c4:8d:19:03:93:e2:ef:4c:14:87:e7:6d:
fb:2b:a9:58:c2:e1:8a:e9:e7:85:3c:4e:b1:ba:9f:7e:7b:bc:
96:ee:92:1b:61:4f:0f:15:cd:92:e6:ab:9a:a5:57:83:df:29:
96:f0:2c:68:04:8a:ae:43:c5:10:28:cb:29:db:e0:44:e3:62:
a0:ca:5e:64
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZbSmbQg9Jjhcp+v7GYSxl4sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlODdkMzViZGNhYjEyM2FmZmMxYTkxZDE3MzY4Njc5Njk3
MDlhMjMwHhcNMjUwNTE1MDYyMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjVhZThjZDkzY2UzNmYyOTgxMjlkOTQxMDA5Njc1YmY2MzMxYzhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArmTvzN8uRztjjDQyhMsECxMrKkmK
++uHJkZmBm/SQMqJlUTO4Myypa5UBKvrsV8nKKitnscHTMIoYQEFI3lm7IZRjdvw
QIGwAuxA5TiSneP8Eq3AOaL58Yglo5vCN08ID0vv08f2hpebWGFjQYjDRLbPpfXl
+c2WU48lD4DZXOsWDvXm08lY17teAMb7UjRIqg0lZsgOzabQsae0Akk1pO3wIbgD
5sbEmACmte+qp1jPjUK4qvCSHfUy0g0AP0xnrK+NzdBSBdDQ47AdAIFj5hrVb/8c
jASMnvwqHGqKvlFAg4qDNcaUGA+TdAZ8H+GT1isZH+mfgE/pHL7AnoPpawIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAZa6M2TzjbymBKdlBAJZ1v2MxyOMB8GA1UdIwQY
MBaAFN6H01vcqxI6/8GpHRc2hnlpcJojMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM29mVFc5eXJFanJfd2FrZEZ6YUdlV2x3bWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS85MTA3MTYtZjI2Ni00N2YwLTliYWQt
YzIyMzkwZThkOWE2LzEvQmxyb3paUE9OdktZRXAyVUVBbG5XX1l6SEk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS85MTA3MTYtZjI2Ni00N2YwLTliYWQtYzIyMzkwZThkOWE2
LzEvM29mVFc5eXJFanJfd2FrZEZ6YUdlV2x3bWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW8LiAwQC
W9qEAwQC1OlQMA0GCSqGSIb3DQEBCwUAA4IBAQAYFI8SPJyR0Xg+Y7dtj6POHxXc
z06KRxF+a+lCzH2NgAFDdw98ENAgl0TZX679ssqcMmiIDjHuNh6Q7IWgX3GoyfBu
/b3EkfPzVWX1beaqJPjxDeei6MVKTiYuXrXHwvehatLHiX5WlZso5ndx8MmNmXEa
C+qlC0TAjeQnbcEYzX22JG/3ep/9xggN43fFY+icbjjwuvIH1xetPwkKffgCJugT
byiuOhGkEHX6pCSSMTIZA0vn7LFrUNTEjRkDk+LvTBSH5237K6lYwuGK6eeFPE6x
up9+e7yW7pIbYU8PFc2S5quapVeD3ymW8CxoBIquQ8UQKMsp2+BE42Kgyl5k
-----END CERTIFICATE-----
Generated at Mon Jun 9 00:58:02 2025 by rpki-client