Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/bzVsLijY3-nRPNP3h4rxl64PXKk.roa
File: bzVsLijY3-nRPNP3h4rxl64PXKk.roa (raw, json)
Hash identifier: riS0R0mOdaXJPo4gzgYg5KC9rMRZjBjAip5TXiNX86Q=
Subject key identifier: 6F:35:6C:2E:28:D8:DF:E9:D1:3C:D3:F7:87:8A:F1:97:AE:0F:5C:A9
Certificate issuer: /CN=27a4e5aacb129ea507382b23db97ca4200704d69
Certificate serial: 01941FFA27B30343F2D5AF35697EEDA984D9
Authority key identifier: 27:A4:E5:AA:CB:12:9E:A5:07:38:2B:23:DB:97:CA:42:00:70:4D:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J6TlqssSnqUHOCsj25fKQgBwTWk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/bzVsLijY3-nRPNP3h4rxl64PXKk.roa
Signing time: Wed 01 Jan 2025 03:47:55 +0000
ROA not before: Wed 01 Jan 2025 03:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59886
IP address blocks: 185.49.44.0/24 maxlen: 24
185.49.45.0/24 maxlen: 24
185.49.46.0/24 maxlen: 24
185.49.47.0/24 maxlen: 24
185.67.204.0/24 maxlen: 24
185.67.205.0/24 maxlen: 24
185.67.206.0/24 maxlen: 24
185.67.207.0/24 maxlen: 24
2a03:2620::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/J6TlqssSnqUHOCsj25fKQgBwTWk.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/J6TlqssSnqUHOCsj25fKQgBwTWk.mft
rsync://rpki.ripe.net/repository/DEFAULT/J6TlqssSnqUHOCsj25fKQgBwTWk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:27:b3:03:43:f2:d5:af:35:69:7e:ed:a9:84:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27a4e5aacb129ea507382b23db97ca4200704d69
Validity
Not Before: Jan 1 03:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f356c2e28d8dfe9d13cd3f7878af197ae0f5ca9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:e3:d0:9c:f5:e7:72:ff:bc:66:86:2a:e7:5b:
a7:0c:cc:96:9a:91:39:97:6c:5b:4f:56:34:5d:f3:
0a:aa:eb:1c:92:a1:2c:7e:67:99:9d:b0:cf:6f:6b:
de:f1:f6:6f:cd:bd:73:2f:aa:59:8c:e3:66:37:4d:
c4:dd:f9:65:46:2b:2b:51:26:6a:1b:39:a7:b5:7c:
b6:95:72:59:8e:d4:a4:4f:d8:d3:fa:15:a7:ae:5a:
11:67:b6:1d:4f:fb:10:97:38:21:f1:5d:3a:fa:00:
bd:9a:78:2c:4c:38:ea:d4:5d:1b:aa:45:ce:d7:46:
97:48:e2:44:96:64:e3:16:55:11:cb:70:71:44:77:
e5:e2:4c:a7:59:3c:55:d4:e9:3b:f5:de:fb:b1:79:
33:08:72:2b:7d:fa:17:26:82:a4:4e:29:99:e7:86:
14:51:a7:16:a8:1b:9c:e1:e7:67:e9:bf:a0:f3:af:
8e:c1:ba:4f:90:b6:e8:c2:76:5d:a7:bd:07:cd:0d:
0c:b4:bc:2a:70:90:da:b1:42:ad:2f:05:9c:b4:0b:
a2:13:74:0f:e2:fc:12:45:5c:90:f8:7a:01:e5:da:
6d:d6:c7:93:5d:46:0d:73:91:51:74:1a:5d:6c:d5:
7c:7f:05:d5:82:3d:36:9c:b8:f6:aa:81:fa:69:a6:
a1:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:35:6C:2E:28:D8:DF:E9:D1:3C:D3:F7:87:8A:F1:97:AE:0F:5C:A9
X509v3 Authority Key Identifier:
keyid:27:A4:E5:AA:CB:12:9E:A5:07:38:2B:23:DB:97:CA:42:00:70:4D:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J6TlqssSnqUHOCsj25fKQgBwTWk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/bzVsLijY3-nRPNP3h4rxl64PXKk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/fe8042-fef4-4ff0-bac4-c8a48339ca79/1/J6TlqssSnqUHOCsj25fKQgBwTWk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.49.44.0/22
185.67.204.0/22
IPv6:
2a03:2620::/32
Signature Algorithm: sha256WithRSAEncryption
58:70:ae:df:5e:0a:53:0d:e4:80:9d:e6:84:03:58:10:65:a8:
6a:12:03:3e:5e:e3:37:51:d6:4f:f3:e9:e9:fc:c1:c7:c7:09:
77:eb:83:c7:c0:7b:12:0e:d0:d8:b6:8d:fc:aa:6e:44:2b:ed:
80:a8:97:a6:dc:a1:f9:f0:bd:33:4b:16:9e:2d:7f:2c:75:dd:
37:4a:08:67:ad:7f:15:27:8e:62:27:25:7b:bd:cf:7b:2f:4f:
eb:f2:c3:48:0e:da:1f:c1:43:a1:1e:36:b6:e9:2d:9e:18:94:
05:4b:61:c9:8b:a2:9b:15:0c:a9:a7:7e:a9:46:55:7f:f1:1e:
1a:b9:ae:fd:db:ea:8b:00:38:14:aa:0a:64:b4:22:5f:bc:7e:
f3:a4:34:40:c4:66:d5:ef:67:77:b9:41:30:10:53:74:03:ff:
f7:2c:1d:9d:70:18:f9:fb:eb:26:07:72:03:c3:3d:2a:45:b1:
8e:82:18:be:b1:ca:ac:4d:8f:6c:40:f8:ed:76:7e:7c:e2:af:
b4:05:42:92:67:4d:79:92:c4:5d:6b:a2:d3:72:fa:77:52:57:
9e:2a:e2:3d:21:f4:41:91:b4:e6:42:aa:4e:9b:b3:df:d2:aa:
12:4c:99:4b:b2:50:59:97:fb:e1:cb:9a:5a:b6:30:04:95:58:
39:c4:c9:8a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQf+iezA0Py1a81aX7tqYTZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3YTRlNWFhY2IxMjllYTUwNzM4MmIyM2RiOTdjYTQyMDA3
MDRkNjkwHhcNMjUwMTAxMDM0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjM1NmMyZTI4ZDhkZmU5ZDEzY2QzZjc4NzhhZjE5N2FlMGY1Y2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8+PQnPXncv+8ZoYq51unDMyWmpE5
l2xbT1Y0XfMKqusckqEsfmeZnbDPb2ve8fZvzb1zL6pZjONmN03E3fllRisrUSZq
GzmntXy2lXJZjtSkT9jT+hWnrloRZ7YdT/sQlzgh8V06+gC9mngsTDjq1F0bqkXO
10aXSOJElmTjFlURy3BxRHfl4kynWTxV1Ok79d77sXkzCHIrffoXJoKkTimZ54YU
UacWqBuc4edn6b+g86+OwbpPkLbownZdp70HzQ0MtLwqcJDasUKtLwWctAuiE3QP
4vwSRVyQ+HoB5dpt1seTXUYNc5FRdBpdbNV8fwXVgj02nLj2qoH6aaahKQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFG81bC4o2N/p0TzT94eK8ZeuD1ypMB8GA1UdIwQY
MBaAFCek5arLEp6lBzgrI9uXykIAcE1pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjZUbHFzc1NucVVIT0NzajI1ZktRZ0J3VFdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mZTgwNDItZmVmNC00ZmYwLWJhYzQt
YzhhNDgzMzljYTc5LzEvYnpWc0xpalkzLW5SUE5QM2g0cnhsNjRQWEtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mZTgwNDItZmVmNC00ZmYwLWJhYzQtYzhhNDgzMzljYTc5
LzEvSjZUbHFzc1NucVVIT0NzajI1ZktRZ0J3VFdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuTEsAwQC
uUPMMA0EAgACMAcDBQAqAyYgMA0GCSqGSIb3DQEBCwUAA4IBAQBYcK7fXgpTDeSA
neaEA1gQZahqEgM+XuM3UdZP8+np/MHHxwl364PHwHsSDtDYto38qm5EK+2AqJem
3KH58L0zSxaeLX8sdd03SghnrX8VJ45iJyV7vc97L0/r8sNIDtofwUOhHja26S2e
GJQFS2HJi6KbFQypp36pRlV/8R4aua792+qLADgUqgpktCJfvH7zpDRAxGbV72d3
uUEwEFN0A//3LB2dcBj5++smB3IDwz0qRbGOghi+scqsTY9sQPjtdn584q+0BUKS
Z015ksRda6LTcvp3UleeKuI9IfRBkbTmQqpOm7Pf0qoSTJlLslBZl/vhy5patjAE
lVg5xMmK
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:47:33 2025 by rpki-client