Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/BmreWoAUK7MjBeuAh238zrHfFuQ.roa
File: BmreWoAUK7MjBeuAh238zrHfFuQ.roa (raw, json)
Hash identifier: Ge0ZmwiJrUfLkRR5MluuijbO2QLfIsVaMJDkiZRgpf8=
Subject key identifier: 06:6A:DE:5A:80:14:2B:B3:23:05:EB:80:87:6D:FC:CE:B1:DF:16:E4
Certificate issuer: /CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Certificate serial: 019424B27F986760634E8115475807F4240D
Authority key identifier: 07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/BmreWoAUK7MjBeuAh238zrHfFuQ.roa
Signing time: Thu 02 Jan 2025 01:47:45 +0000
ROA not before: Thu 02 Jan 2025 01:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56611
IP address blocks: 80.82.71.0/24 maxlen: 24
80.82.72.0/24 maxlen: 24
80.82.75.0/24 maxlen: 24
185.173.232.0/24 maxlen: 24
185.173.233.0/24 maxlen: 24
185.173.234.0/24 maxlen: 24
2a02:6c8::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b2:7f:98:67:60:63:4e:81:15:47:58:07:f4:24:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07e5c4e4be3b8cbde0eae9460a11032d6a64ab71
Validity
Not Before: Jan 2 01:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=066ade5a80142bb32305eb80876dfcceb1df16e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:68:a1:96:16:7d:d2:95:c1:1a:47:83:ff:08:
31:ea:c4:14:12:c5:33:46:d9:b8:53:e1:34:25:e2:
b0:5f:74:b3:dc:12:a7:39:63:d2:07:72:0e:44:06:
ad:f6:f1:a4:ea:a0:49:0e:f2:19:db:96:45:20:21:
8e:3b:80:0f:1f:c4:32:dd:f4:0a:b0:81:7c:9e:e6:
e4:0f:ef:ba:95:bf:6c:b8:db:59:86:68:a2:5f:1e:
ff:3d:8a:a3:70:87:e6:cb:0f:28:77:96:f2:31:ee:
c4:73:a6:5d:e9:2c:27:5c:f2:9b:ed:c6:1f:60:82:
40:50:29:cb:fb:7d:f4:78:4a:c9:9d:5b:35:5d:fc:
dd:9d:72:bc:f7:ad:70:49:1d:a5:a3:f2:02:3b:c6:
31:7a:65:53:5d:40:2d:ac:59:13:1a:5e:5b:06:36:
05:c1:6d:d9:9e:77:00:91:e7:32:78:24:cc:8e:1e:
80:ed:5f:47:52:e9:fb:e4:ae:86:bb:4b:33:f6:15:
d2:f9:be:d0:93:27:fe:00:f8:5c:cf:62:7d:6c:38:
4c:fe:11:e0:66:01:2c:36:0b:16:25:75:21:63:7b:
94:d5:c8:87:f8:cb:7c:f5:70:87:53:c5:26:ee:34:
bd:65:37:36:3f:34:4e:b9:a6:d5:d6:25:c9:93:cd:
8c:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:6A:DE:5A:80:14:2B:B3:23:05:EB:80:87:6D:FC:CE:B1:DF:16:E4
X509v3 Authority Key Identifier:
keyid:07:E5:C4:E4:BE:3B:8C:BD:E0:EA:E9:46:0A:11:03:2D:6A:64:AB:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B-XE5L47jL3g6ulGChEDLWpkq3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/BmreWoAUK7MjBeuAh238zrHfFuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/f6b173-912c-4151-bac5-4c8883327a2a/1/B-XE5L47jL3g6ulGChEDLWpkq3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.82.71.0-80.82.72.255
80.82.75.0/24
185.173.232.0-185.173.234.255
IPv6:
2a02:6c8::/33
Signature Algorithm: sha256WithRSAEncryption
66:43:55:11:bd:59:0d:b3:02:37:db:fb:c5:d1:87:b2:47:34:
20:ba:43:98:58:39:e2:c9:bc:7d:fe:5a:27:79:ac:b1:4e:ad:
50:d9:5e:4c:f8:91:b3:65:21:8c:17:73:c4:6d:78:29:4b:9d:
9b:b9:08:e9:7d:d1:fa:5c:26:81:06:c6:57:3f:54:26:5a:39:
7a:77:1c:9d:23:64:39:0b:9b:d3:1b:98:ae:a6:10:aa:77:c2:
da:60:64:b2:0e:dc:a7:a3:99:38:93:03:07:64:d8:36:77:2d:
33:20:dc:86:b8:5d:47:4b:d2:e8:62:11:26:93:7a:8c:7b:9f:
5d:22:8e:d6:92:43:b5:59:46:5d:e6:33:4f:88:51:a5:13:7d:
f3:5e:d2:f9:04:56:db:88:4f:e3:1e:4e:07:d2:e3:3e:d7:f8:
dc:ed:14:87:db:ce:15:0c:db:72:41:04:ef:22:fd:d0:4b:48:
cd:e6:ea:27:05:6d:a4:e1:7a:c8:76:04:86:c4:b1:83:03:c5:
2f:00:44:5a:86:63:71:1e:ee:82:a7:25:20:0d:6a:8d:5e:e1:
bc:28:03:c2:d5:cb:89:b9:43:2a:af:de:ab:8a:75:5b:1d:a7:
dd:c1:6c:2c:d0:d3:5f:a5:0e:59:ac:52:2f:68:f8:f6:e7:f6:
78:f7:7f:58
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQksn+YZ2BjToEVR1gH9CQNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZTVjNGU0YmUzYjhjYmRlMGVhZTk0NjBhMTEwMzJkNmE2
NGFiNzEwHhcNMjUwMTAyMDE0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjZhZGU1YTgwMTQyYmIzMjMwNWViODA4NzZkZmNjZWIxZGYxNmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkmihlhZ90pXBGkeD/wgx6sQUEsUz
Rtm4U+E0JeKwX3Sz3BKnOWPSB3IORAat9vGk6qBJDvIZ25ZFICGOO4APH8Qy3fQK
sIF8nubkD++6lb9suNtZhmiiXx7/PYqjcIfmyw8od5byMe7Ec6Zd6SwnXPKb7cYf
YIJAUCnL+330eErJnVs1XfzdnXK8961wSR2lo/ICO8YxemVTXUAtrFkTGl5bBjYF
wW3ZnncAkecyeCTMjh6A7V9HUun75K6Gu0sz9hXS+b7Qkyf+APhcz2J9bDhM/hHg
ZgEsNgsWJXUhY3uU1ciH+Mt89XCHU8Um7jS9ZTc2PzROuabV1iXJk82MuwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFAZq3lqAFCuzIwXrgIdt/M6x3xbkMB8GA1UdIwQY
MBaAFAflxOS+O4y94OrpRgoRAy1qZKtxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUt
NGM4ODgzMzI3YTJhLzEvQm1yZVdvQVVLN01qQmV1QWgyMzh6ckhmRnVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9mNmIxNzMtOTEyYy00MTUxLWJhYzUtNGM4ODgzMzI3YTJh
LzEvQi1YRTVMNDdqTDNnNnVsR0NoRURMV3BrcTNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAoBAIAATAiMAwDBABQUkcD
BABQUkgDBABQUkswDAMEA7mt6AMEALmt6jAOBAIAAjAIAwYHKgIGyAAwDQYJKoZI
hvcNAQELBQADggEBAGZDVRG9WQ2zAjfb+8XRh7JHNCC6Q5hYOeLJvH3+Wid5rLFO
rVDZXkz4kbNlIYwXc8RteClLnZu5COl90fpcJoEGxlc/VCZaOXp3HJ0jZDkLm9Mb
mK6mEKp3wtpgZLIO3KejmTiTAwdk2DZ3LTMg3Ia4XUdL0uhiESaTeox7n10ijtaS
Q7VZRl3mM0+IUaUTffNe0vkEVtuIT+MeTgfS4z7X+NztFIfbzhUM23JBBO8i/dBL
SM3m6icFbaThesh2BIbEsYMDxS8ARFqGY3Ee7oKnJSANao1e4bwoA8LVy4m5Qyqv
3quKdVsdp93BbCzQ01+lDlmsUi9o+Pbn9nj3f1g=
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:52:32 2025 by rpki-client