Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BvrFfgaOvktjClmF1Y8fP67Mecs.roa
File: BvrFfgaOvktjClmF1Y8fP67Mecs.roa (raw, json)
Hash identifier: PbuxkncSrl/Kd/73WRwH/QoM5pPO6VdbbF0JBm0KcQM=
Subject key identifier: 06:FA:C5:7E:06:8E:BE:4B:63:0A:59:85:D5:8F:1F:3F:AE:CC:79:CB
Certificate issuer: /CN=042d9f4d6aff383c59e9de7802dbee024ee887dc
Certificate serial: 019428259EAEAF7DC2CED26CBB48A300D8F3
Authority key identifier: 04:2D:9F:4D:6A:FF:38:3C:59:E9:DE:78:02:DB:EE:02:4E:E8:87:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BC2fTWr_ODxZ6d54AtvuAk7oh9w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BvrFfgaOvktjClmF1Y8fP67Mecs.roa
Signing time: Thu 02 Jan 2025 17:52:21 +0000
ROA not before: Thu 02 Jan 2025 17:52:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 82.178.33.0/24 maxlen: 24
82.178.158.0/23 maxlen: 24
134.0.216.0/21 maxlen: 24
213.202.0.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BC2fTWr_ODxZ6d54AtvuAk7oh9w.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BC2fTWr_ODxZ6d54AtvuAk7oh9w.mft
rsync://rpki.ripe.net/repository/DEFAULT/BC2fTWr_ODxZ6d54AtvuAk7oh9w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 11 Apr 2025 21:50:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:25:9e:ae:af:7d:c2:ce:d2:6c:bb:48:a3:00:d8:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=042d9f4d6aff383c59e9de7802dbee024ee887dc
Validity
Not Before: Jan 2 17:52:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=06fac57e068ebe4b630a5985d58f1f3faecc79cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:48:85:e9:8c:e6:44:88:7b:6e:bb:4b:a7:05:
70:9a:e7:d8:b1:22:4c:a0:06:41:8e:3f:9a:b4:5d:
f4:8f:54:20:d4:43:d8:62:cb:76:c7:af:35:f5:e5:
22:58:6c:39:2a:a6:1e:bd:2a:5d:ed:1a:dd:91:a4:
db:f4:2a:60:9e:05:75:1c:3f:8f:40:e1:d1:c9:4e:
d9:7c:c0:e2:13:70:ec:4a:4c:10:c1:a3:79:b5:15:
d1:32:0b:77:10:46:8c:83:c7:8b:c2:56:6e:69:6b:
3f:3e:f8:54:0c:10:ed:6c:dc:be:ab:d3:40:57:15:
fd:98:f6:84:c5:88:30:04:8a:f4:53:6d:c6:6d:06:
3a:83:26:46:6f:13:a2:df:39:70:bc:bd:e6:fa:c8:
69:6d:52:11:da:a2:c9:59:ae:10:35:da:90:e8:26:
0f:27:45:a4:48:b5:bc:31:cf:49:eb:bc:76:8d:c7:
81:eb:3a:bb:7d:e6:05:5b:6a:4a:b8:fe:bc:02:6c:
fe:0b:2c:be:47:a1:af:a0:50:40:57:e4:ca:a7:50:
9f:bc:b0:1e:0e:2c:23:0f:87:33:8c:56:25:c5:cd:
0d:9f:23:5e:31:8b:61:51:aa:ab:81:9c:46:a3:df:
89:34:5d:7a:79:53:14:a2:f3:77:12:c2:87:22:0a:
64:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:FA:C5:7E:06:8E:BE:4B:63:0A:59:85:D5:8F:1F:3F:AE:CC:79:CB
X509v3 Authority Key Identifier:
keyid:04:2D:9F:4D:6A:FF:38:3C:59:E9:DE:78:02:DB:EE:02:4E:E8:87:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BC2fTWr_ODxZ6d54AtvuAk7oh9w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BvrFfgaOvktjClmF1Y8fP67Mecs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/c1364a-0501-4faf-bcfa-aae1447603c0/1/BC2fTWr_ODxZ6d54AtvuAk7oh9w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.178.33.0/24
82.178.158.0/23
134.0.216.0/21
213.202.0.0/21
Signature Algorithm: sha256WithRSAEncryption
04:8f:5c:70:d4:83:74:49:b4:67:70:9a:d2:02:6c:ad:b2:89:
45:3a:6a:cf:b8:fc:33:d0:98:80:05:4d:0b:b5:00:9f:77:f4:
f9:bf:50:30:bc:16:74:7a:87:87:50:63:4d:1b:da:b5:ac:7b:
d9:b9:1f:ba:82:3f:3e:71:b0:5c:6d:1a:09:99:8f:1d:b7:e9:
0a:e7:11:5e:02:01:1d:0f:0f:29:10:5a:bc:dc:8a:f5:e4:c5:
24:80:81:a1:62:8a:60:93:e5:bc:f8:31:a8:fb:2b:ca:a4:56:
04:a2:6e:01:15:98:33:56:80:41:b4:af:b5:2c:1a:45:71:ec:
d5:f2:24:2f:cb:f7:9a:2c:07:e8:d8:a4:55:1d:4c:2d:90:ec:
a9:15:86:5d:7f:9e:67:b6:4a:74:94:28:df:ae:67:6e:69:4a:
4a:0c:9c:b1:b0:af:d1:4b:15:ca:be:4d:1a:b0:f3:f0:1d:a3:
60:d1:40:87:42:e1:56:5b:99:46:bc:ff:b8:4c:10:31:70:ed:
b4:fb:d4:cf:e0:fc:75:a4:95:3f:fc:5d:f2:3d:09:97:72:24:
aa:95:04:09:f3:84:a8:fe:d2:cb:b2:2f:46:c5:12:e6:d4:c6:
71:4d:19:ce:14:cf:b8:a4:43:fe:f1:bc:ac:29:87:4a:f9:e5:
de:53:ec:ab
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJZ6ur33CztJsu0ijANjzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0MmQ5ZjRkNmFmZjM4M2M1OWU5ZGU3ODAyZGJlZTAyNGVl
ODg3ZGMwHhcNMjUwMTAyMTc1MjIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNmZhYzU3ZTA2OGViZTRiNjMwYTU5ODVkNThmMWYzZmFlY2M3OWNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiUiF6YzmRIh7brtLpwVwmufYsSJM
oAZBjj+atF30j1Qg1EPYYst2x6819eUiWGw5KqYevSpd7RrdkaTb9CpgngV1HD+P
QOHRyU7ZfMDiE3DsSkwQwaN5tRXRMgt3EEaMg8eLwlZuaWs/PvhUDBDtbNy+q9NA
VxX9mPaExYgwBIr0U23GbQY6gyZGbxOi3zlwvL3m+shpbVIR2qLJWa4QNdqQ6CYP
J0WkSLW8Mc9J67x2jceB6zq7feYFW2pKuP68Amz+Cyy+R6GvoFBAV+TKp1CfvLAe
DiwjD4czjFYlxc0NnyNeMYthUaqrgZxGo9+JNF16eVMUovN3EsKHIgpkUwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAb6xX4Gjr5LYwpZhdWPHz+uzHnLMB8GA1UdIwQY
MBaAFAQtn01q/zg8WeneeALb7gJO6IfcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQkMyZlRXcl9PRHhaNmQ1NEF0dnVBazdvaDl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC9jMTM2NGEtMDUwMS00ZmFmLWJjZmEt
YWFlMTQ0NzYwM2MwLzEvQnZyRmZnYU92a3RqQ2xtRjFZOGZQNjdNZWNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC9jMTM2NGEtMDUwMS00ZmFmLWJjZmEtYWFlMTQ0NzYwM2Mw
LzEvQkMyZlRXcl9PRHhaNmQ1NEF0dnVBazdvaDl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUrIhAwQB
UrKeAwQDhgDYAwQD1coAMA0GCSqGSIb3DQEBCwUAA4IBAQAEj1xw1IN0SbRncJrS
AmytsolFOmrPuPwz0JiABU0LtQCfd/T5v1AwvBZ0eoeHUGNNG9q1rHvZuR+6gj8+
cbBcbRoJmY8dt+kK5xFeAgEdDw8pEFq83Ir15MUkgIGhYopgk+W8+DGo+yvKpFYE
om4BFZgzVoBBtK+1LBpFcezV8iQvy/eaLAfo2KRVHUwtkOypFYZdf55ntkp0lCjf
rmduaUpKDJyxsK/RSxXKvk0asPPwHaNg0UCHQuFWW5lGvP+4TBAxcO20+9TP4Px1
pJU//F3yPQmXciSqlQQJ84So/tLLsi9GxRLm1MZxTRnOFM+4pEP+8bysKYdK+eXe
U+yr
-----END CERTIFICATE-----
Generated at Fri Apr 11 05:07:56 2025 by rpki-client