Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/BPwP4_eaRC-ExEMmsEHbE_XcDyk.roa
File: BPwP4_eaRC-ExEMmsEHbE_XcDyk.roa (raw, json)
Hash identifier: PuWly/aliHEqwaBp5Lw/IykpWGderMcstp3zqAZSzaU=
Subject key identifier: 04:FC:0F:E3:F7:9A:44:2F:84:C4:43:26:B0:41:DB:13:F5:DC:0F:29
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019423D74D8B7975EF8AA436789B8C75A744
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/BPwP4_eaRC-ExEMmsEHbE_XcDyk.roa
Signing time: Wed 01 Jan 2025 21:48:20 +0000
ROA not before: Wed 01 Jan 2025 21:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29119
IP address blocks: 62.43.252.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 09:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:4d:8b:79:75:ef:8a:a4:36:78:9b:8c:75:a7:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 21:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04fc0fe3f79a442f84c44326b041db13f5dc0f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:0b:98:18:64:52:0a:32:08:0e:7f:03:06:e5:
a7:ad:5c:67:bc:9e:c5:40:c1:ce:1e:b1:dc:39:9d:
4e:a5:0c:00:2d:f1:d9:f9:a9:46:32:49:79:8b:3b:
3a:54:71:55:e1:66:46:ab:88:3a:d7:25:90:c1:5a:
12:37:2f:e4:2f:e6:58:d4:8b:80:f1:99:91:01:14:
68:ae:ff:14:eb:b1:40:0f:6a:df:cf:49:a5:84:0b:
63:b5:35:d5:f2:f3:fb:95:f7:13:d1:33:1e:6d:6d:
24:b0:38:8c:cf:e2:ca:60:e0:f3:28:8a:ce:2a:3c:
88:67:a3:01:68:0c:3c:5c:de:81:02:88:7d:0e:a3:
40:59:4d:14:1e:f9:46:52:86:22:8d:09:ba:ce:95:
e1:1c:29:24:af:ea:81:cd:52:7e:ef:27:e9:fe:b2:
44:bb:6a:03:d3:5c:5b:55:fd:ff:d6:73:b4:43:9a:
90:0b:79:47:ed:fb:c2:b9:a5:0d:e2:d1:5c:ef:16:
17:d0:57:42:80:ab:51:23:19:35:b6:d7:13:28:b3:
b0:1b:d1:47:13:5b:65:e0:25:13:d4:71:14:a1:11:
34:23:d8:23:bf:08:0d:d2:e5:fb:c9:45:76:eb:92:
fc:91:95:bc:ff:d2:0d:87:f5:1c:a7:59:f2:de:f7:
98:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:FC:0F:E3:F7:9A:44:2F:84:C4:43:26:B0:41:DB:13:F5:DC:0F:29
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/BPwP4_eaRC-ExEMmsEHbE_XcDyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.43.252.0/23
Signature Algorithm: sha256WithRSAEncryption
5b:08:e4:4a:3c:88:0e:39:bf:3a:f8:b1:2c:1b:0d:ac:9f:ac:
d8:e0:52:7a:5e:de:b4:0a:6b:fe:14:a9:ef:fc:a4:3e:e0:55:
d4:65:1e:62:0c:2d:97:eb:ca:b5:f8:30:e9:08:31:ee:22:f8:
58:42:0c:99:b3:70:f6:12:0c:8f:75:74:cd:3f:08:e9:40:0f:
be:b6:26:8a:f3:28:1d:f4:e0:43:0c:d4:fe:b4:72:b7:9c:14:
68:93:21:54:68:6f:f4:f4:c6:97:5d:f3:46:e4:65:c9:f5:79:
84:9d:a9:a8:cc:f9:2b:07:75:5b:04:9b:08:2f:01:16:f2:40:
af:85:3f:f3:01:93:89:d9:1c:4c:f1:d5:a4:d7:1a:b8:7d:2b:
ee:49:77:20:64:ee:d0:52:28:96:d2:4b:9d:38:24:b9:d9:dc:
3e:f2:b1:94:78:e3:47:d7:43:93:82:de:27:26:21:53:1c:2a:
68:6d:0a:83:cc:2e:b3:67:fd:a9:f9:19:e1:dc:d7:0b:8f:48:
4f:02:ee:64:83:a0:e4:1f:fd:3e:73:19:1d:52:f9:d8:cd:64:
25:b0:77:26:83:03:b3:ee:fe:9a:b5:10:f5:e7:56:53:b2:ba:
64:5c:47:f9:d7:5d:e3:69:f8:41:7a:e0:a4:db:dd:9c:70:fa:
82:7d:02:52
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQj102LeXXviqQ2eJuMdadEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUwMTAxMjE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGZjMGZlM2Y3OWE0NDJmODRjNDQzMjZiMDQxZGIxM2Y1ZGMwZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwguYGGRSCjIIDn8DBuWnrVxnvJ7F
QMHOHrHcOZ1OpQwALfHZ+alGMkl5izs6VHFV4WZGq4g61yWQwVoSNy/kL+ZY1IuA
8ZmRARRorv8U67FAD2rfz0mlhAtjtTXV8vP7lfcT0TMebW0ksDiMz+LKYODzKIrO
KjyIZ6MBaAw8XN6BAoh9DqNAWU0UHvlGUoYijQm6zpXhHCkkr+qBzVJ+7yfp/rJE
u2oD01xbVf3/1nO0Q5qQC3lH7fvCuaUN4tFc7xYX0FdCgKtRIxk1ttcTKLOwG9FH
E1tl4CUT1HEUoRE0I9gjvwgN0uX7yUV265L8kZW8/9INh/Ucp1ny3veYXQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAT8D+P3mkQvhMRDJrBB2xP13A8pMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvQlB3UDRfZWFSQy1FeEVNbXNFSGJFX1hjRHlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBPiv8MA0G
CSqGSIb3DQEBCwUAA4IBAQBbCORKPIgOOb86+LEsGw2sn6zY4FJ6Xt60Cmv+FKnv
/KQ+4FXUZR5iDC2X68q1+DDpCDHuIvhYQgyZs3D2EgyPdXTNPwjpQA++tiaK8ygd
9OBDDNT+tHK3nBRokyFUaG/09MaXXfNG5GXJ9XmEnamozPkrB3VbBJsILwEW8kCv
hT/zAZOJ2RxM8dWk1xq4fSvuSXcgZO7QUiiW0kudOCS52dw+8rGUeONH10OTgt4n
JiFTHCpobQqDzC6zZ/2p+Rnh3NcLj0hPAu5kg6DkH/0+cxkdUvnYzWQlsHcmgwOz
7v6atRD151ZTsrpkXEf5113jafhBeuCk292ccPqCfQJS
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:45:56 2025 by rpki-client