Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/6e2cbf-7056-4419-b51c-62b1da261329/1/bgKhGgsXnxYOt5etHFWwqDnUeNs.roa
File: bgKhGgsXnxYOt5etHFWwqDnUeNs.roa (raw, json)
Hash identifier: uM75kFMM5Lx2SB0GVKIXvYn71xMx4/TssgSDMD0euaE=
Subject key identifier: 6E:02:A1:1A:0B:17:9F:16:0E:B7:97:AD:1C:55:B0:A8:39:D4:78:DB
Certificate issuer: /CN=478c7fc6b211e271f7483f721d45f238dd7de5c4
Certificate serial: 01947088956700A2B4E61231143C094D89E4
Authority key identifier: 47:8C:7F:C6:B2:11:E2:71:F7:48:3F:72:1D:45:F2:38:DD:7D:E5:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R4x_xrIR4nH3SD9yHUXyON195cQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/6e2cbf-7056-4419-b51c-62b1da261329/1/bgKhGgsXnxYOt5etHFWwqDnUeNs.roa
Signing time: Thu 16 Jan 2025 19:13:06 +0000
ROA not before: Thu 16 Jan 2025 19:13:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51898
IP address blocks: 77.220.204.0/24 maxlen: 24
193.36.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/6e2cbf-7056-4419-b51c-62b1da261329/1/R4x_xrIR4nH3SD9yHUXyON195cQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/6e2cbf-7056-4419-b51c-62b1da261329/1/R4x_xrIR4nH3SD9yHUXyON195cQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/R4x_xrIR4nH3SD9yHUXyON195cQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 23:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:70:88:95:67:00:a2:b4:e6:12:31:14:3c:09:4d:89:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=478c7fc6b211e271f7483f721d45f238dd7de5c4
Validity
Not Before: Jan 16 19:13:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6e02a11a0b179f160eb797ad1c55b0a839d478db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:bb:13:15:75:e6:69:d7:88:cc:74:b7:e7:13:
4a:17:49:ad:44:24:85:7e:a4:e1:96:6f:9c:77:a8:
b6:dc:7f:bc:fa:8a:6f:f8:2a:ee:72:02:be:33:cd:
19:4e:20:df:74:17:be:1b:a4:f3:9f:01:15:c1:76:
f7:6f:2b:3a:72:c0:4b:36:f7:4e:bd:6d:11:58:e0:
8c:62:28:b8:7c:87:e9:db:58:cb:93:bc:c4:2b:d2:
ec:94:42:90:f0:83:2a:ac:0a:3b:8b:77:4e:08:d1:
f2:e0:64:03:6e:c6:94:13:4c:ad:16:72:fb:2b:5a:
49:58:19:fa:f2:3e:4e:0a:67:97:ec:57:eb:98:5d:
b9:f1:24:2b:ab:b4:90:a7:99:9b:aa:43:58:e7:4a:
e1:1c:be:ac:99:3a:e6:bd:e0:27:b7:d8:f6:d1:7c:
a9:e4:6c:de:b6:9e:50:3d:4a:02:87:37:e6:9a:bb:
e1:75:6a:12:f3:77:78:9d:05:59:79:9c:52:d7:96:
05:29:c7:30:ce:ac:a0:df:52:dc:bf:87:1a:2a:73:
36:37:79:a6:20:cf:7b:42:b9:3a:9a:37:78:cf:8f:
c7:4a:cc:c0:a9:da:ac:5e:dc:03:14:bc:14:4e:33:
6d:a4:a8:06:01:e2:b5:88:73:5c:e9:3f:28:6f:5d:
83:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:02:A1:1A:0B:17:9F:16:0E:B7:97:AD:1C:55:B0:A8:39:D4:78:DB
X509v3 Authority Key Identifier:
keyid:47:8C:7F:C6:B2:11:E2:71:F7:48:3F:72:1D:45:F2:38:DD:7D:E5:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R4x_xrIR4nH3SD9yHUXyON195cQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6e2cbf-7056-4419-b51c-62b1da261329/1/bgKhGgsXnxYOt5etHFWwqDnUeNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/6e2cbf-7056-4419-b51c-62b1da261329/1/R4x_xrIR4nH3SD9yHUXyON195cQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.220.204.0/24
193.36.95.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:b8:9a:91:0a:16:1a:82:2e:8a:0f:67:d0:07:3c:30:34:59:
85:8a:f6:7b:c8:fc:96:13:11:19:50:76:4f:74:89:55:a0:6f:
90:f3:e3:3e:96:7a:78:db:b9:e2:57:a4:d2:66:36:b4:98:8a:
4e:8e:aa:56:16:fc:5c:3a:a5:37:ce:76:e8:da:c9:f4:f9:a0:
b5:0d:38:70:4e:91:3d:d0:e6:10:9d:0f:e5:3b:3f:6c:46:94:
20:a5:e0:cd:67:db:5c:bc:8a:54:78:69:40:7f:13:21:17:28:
6a:39:a6:18:54:17:49:ba:4b:bd:20:57:47:27:5c:b2:60:b3:
43:24:88:0d:09:61:14:29:31:18:dd:3e:b2:7f:18:22:4d:66:
7f:38:e9:f4:c1:2b:55:5b:33:78:3b:7d:7e:77:4f:a4:50:5d:
1e:fc:70:59:ca:7a:7d:30:2d:69:5c:81:39:b0:73:54:83:fe:
92:71:b0:4f:ba:2f:b6:3e:25:d7:ac:57:1c:58:76:b9:4d:bb:
24:75:ae:aa:a4:11:99:a7:94:86:55:0a:93:a6:f6:3f:8f:81:
ed:97:90:63:e4:76:2d:33:a2:d2:98:3e:b7:50:45:f8:ac:01:
6a:0d:69:f7:f0:1d:35:a8:d6:28:0b:b7:1e:58:55:ac:43:c3:
c9:a4:2d:8b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZRwiJVnAKK05hIxFDwJTYnkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3OGM3ZmM2YjIxMWUyNzFmNzQ4M2Y3MjFkNDVmMjM4ZGQ3
ZGU1YzQwHhcNMjUwMTE2MTkxMzA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZTAyYTExYTBiMTc5ZjE2MGViNzk3YWQxYzU1YjBhODM5ZDQ3OGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprsTFXXmadeIzHS35xNKF0mtRCSF
fqThlm+cd6i23H+8+opv+CrucgK+M80ZTiDfdBe+G6TznwEVwXb3bys6csBLNvdO
vW0RWOCMYii4fIfp21jLk7zEK9LslEKQ8IMqrAo7i3dOCNHy4GQDbsaUE0ytFnL7
K1pJWBn68j5OCmeX7FfrmF258SQrq7SQp5mbqkNY50rhHL6smTrmveAnt9j20Xyp
5Gzetp5QPUoChzfmmrvhdWoS83d4nQVZeZxS15YFKccwzqyg31Lcv4caKnM2N3mm
IM97Qrk6mjd4z4/HSszAqdqsXtwDFLwUTjNtpKgGAeK1iHNc6T8ob12D1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFG4CoRoLF58WDreXrRxVsKg51HjbMB8GA1UdIwQY
MBaAFEeMf8ayEeJx90g/ch1F8jjdfeXEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjR4X3hySVI0bkgzU0Q5eUhVWHlPTjE5NWNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS82ZTJjYmYtNzA1Ni00NDE5LWI1MWMt
NjJiMWRhMjYxMzI5LzEvYmdLaEdnc1hueFlPdDVldEhGV3dxRG5VZU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS82ZTJjYmYtNzA1Ni00NDE5LWI1MWMtNjJiMWRhMjYxMzI5
LzEvUjR4X3hySVI0bkgzU0Q5eUhVWHlPTjE5NWNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATdzMAwQA
wSRfMA0GCSqGSIb3DQEBCwUAA4IBAQDUuJqRChYagi6KD2fQBzwwNFmFivZ7yPyW
ExEZUHZPdIlVoG+Q8+M+lnp427niV6TSZja0mIpOjqpWFvxcOqU3znbo2sn0+aC1
DThwTpE90OYQnQ/lOz9sRpQgpeDNZ9tcvIpUeGlAfxMhFyhqOaYYVBdJuku9IFdH
J1yyYLNDJIgNCWEUKTEY3T6yfxgiTWZ/OOn0wStVWzN4O31+d0+kUF0e/HBZynp9
MC1pXIE5sHNUg/6ScbBPui+2PiXXrFccWHa5Tbskda6qpBGZp5SGVQqTpvY/j4Ht
l5Bj5HYtM6LSmD63UEX4rAFqDWn38B01qNYoC7ceWFWsQ8PJpC2L
-----END CERTIFICATE-----
Generated at Sun Apr 13 06:20:55 2025 by rpki-client