Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/BVlS5feNmWdOLJ165musLYEx5nE.roa
File: BVlS5feNmWdOLJ165musLYEx5nE.roa (raw, json)
Hash identifier: SM/6EqVv5ryznml3uYjoiN2rUtzuVv9yrFvvgUs/n50=
Subject key identifier: 05:59:52:E5:F7:8D:99:67:4E:2C:9D:7A:E6:6B:AC:2D:81:31:E6:71
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 01966678BB1422A88A87144CBDDFE3EDD256
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/BVlS5feNmWdOLJ165musLYEx5nE.roa
Signing time: Thu 24 Apr 2025 06:25:10 +0000
ROA not before: Thu 24 Apr 2025 06:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 86.105.104.0/22 maxlen: 24
89.36.236.0/22 maxlen: 24
89.37.128.0/24 maxlen: 24
89.37.188.0/22 maxlen: 24
89.40.43.0/24 maxlen: 24
89.184.208.0/20 maxlen: 32
91.232.136.0/22 maxlen: 24
93.114.169.0/24 maxlen: 24
93.115.155.0/24 maxlen: 24
94.177.65.0/24 maxlen: 24
94.190.248.0/22 maxlen: 24
176.223.190.0/24 maxlen: 24
185.64.100.0/22 maxlen: 24
185.172.20.0/22 maxlen: 24
188.211.252.0/22 maxlen: 24
188.212.104.0/22 maxlen: 24
193.46.204.0/24 maxlen: 24
193.46.211.0/24 maxlen: 24
194.213.10.0/24 maxlen: 24
194.242.28.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:66:78:bb:14:22:a8:8a:87:14:4c:bd:df:e3:ed:d2:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: Apr 24 06:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=055952e5f78d99674e2c9d7ae66bac2d8131e671
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:28:7b:5f:51:11:7e:31:34:d2:b4:3b:42:8c:
0d:43:4d:76:49:49:7b:24:8e:c4:a3:50:58:1d:9d:
eb:c3:36:f4:66:12:f8:93:90:57:b8:67:33:01:39:
99:5c:b9:90:c2:8c:5b:30:24:44:ad:3f:61:2a:0c:
6f:25:ee:14:9b:d2:e6:f5:ab:35:e3:05:ba:b4:b7:
a4:b5:e6:f8:e5:fd:43:85:d1:95:e5:ed:01:c5:d1:
eb:0b:38:4f:d2:59:8c:41:e1:e5:56:2e:3c:e6:a9:
d5:0c:0c:fc:da:f1:44:1e:e7:77:bf:f4:a5:9e:f2:
46:e5:ea:77:f8:3d:33:38:71:96:e4:fb:c9:40:ab:
e0:9a:a7:f3:1e:89:cf:32:b4:73:ad:99:f9:b3:87:
1d:00:8b:f0:7b:35:e7:64:56:12:f2:4b:52:cb:6b:
ed:c8:07:22:f7:46:c3:34:d6:47:b6:7e:01:f5:e3:
39:a2:6b:20:bd:06:1e:a6:07:21:ed:20:5b:8a:cc:
7c:c1:2b:2a:5e:54:d9:25:18:fa:08:48:d4:2c:60:
a7:0f:ec:12:40:e8:8b:b7:27:1e:d1:2f:57:7d:fc:
e2:23:fd:73:da:02:8e:a1:8c:81:c5:b2:f3:ab:5c:
e3:0f:7e:d1:38:6b:21:46:c9:18:1f:b3:45:bf:fb:
f6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:59:52:E5:F7:8D:99:67:4E:2C:9D:7A:E6:6B:AC:2D:81:31:E6:71
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/BVlS5feNmWdOLJ165musLYEx5nE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.105.104.0/22
89.36.236.0/22
89.37.128.0/24
89.37.188.0/22
89.40.43.0/24
89.184.208.0/20
91.232.136.0/22
93.114.169.0/24
93.115.155.0/24
94.177.65.0/24
94.190.248.0/22
176.223.190.0/24
185.64.100.0/22
185.172.20.0/22
188.211.252.0/22
188.212.104.0/22
193.46.204.0/24
193.46.211.0/24
194.213.10.0/24
194.242.28.0/23
Signature Algorithm: sha256WithRSAEncryption
52:8f:9b:5f:4f:66:ce:c3:15:cc:dc:2c:f2:4c:48:f1:ab:23:
2a:08:4a:82:51:65:94:ad:35:16:7f:14:35:c0:9b:95:0b:86:
76:7c:b2:e8:10:f5:8a:48:83:75:e1:fd:a9:3c:3f:14:b8:e9:
70:2e:6b:b4:20:60:e4:98:67:e6:c7:1e:81:d3:1f:b5:81:3a:
c9:dd:b9:6a:9a:82:ef:32:f6:ca:d8:ac:76:3e:4b:1e:f6:97:
ce:09:8f:23:f1:41:3c:f6:79:01:58:7e:d3:3f:7d:71:6e:8a:
96:83:76:c6:0e:d9:13:11:0a:f5:21:f1:9d:c0:e8:bf:c3:0e:
cf:69:0a:3a:8f:2e:91:0a:2f:80:a8:63:18:41:ce:b9:b5:ad:
b0:ab:86:cb:27:ea:46:a6:c5:da:6f:98:c4:ce:bc:54:ca:ea:
ce:fd:fa:4b:54:6a:80:e9:3e:f1:ef:a7:02:49:d1:ae:bf:f0:
af:0e:50:9c:ef:d4:55:f8:aa:f5:9a:08:f0:38:35:5c:58:ce:
6f:02:0f:0c:03:0a:1f:aa:c0:7f:98:99:0c:28:a2:f6:5b:61:
11:b0:79:b3:59:2a:aa:3f:a8:c3:35:a9:97:e3:13:6c:12:f6:
93:2c:51:a3:17:c7:38:db:f7:23:e0:01:ed:d6:a7:9e:fb:3d:
d4:ca:df:e6
-----BEGIN CERTIFICATE-----
MIIFcjCCBFqgAwIBAgISAZZmeLsUIqiKhxRMvd/j7dJWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjUwNDI0MDYyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTU5NTJlNWY3OGQ5OTY3NGUyYzlkN2FlNjZiYWMyZDgxMzFlNjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyh7X1ERfjE00rQ7QowNQ012SUl7
JI7Eo1BYHZ3rwzb0ZhL4k5BXuGczATmZXLmQwoxbMCRErT9hKgxvJe4Um9Lm9as1
4wW6tLekteb45f1DhdGV5e0BxdHrCzhP0lmMQeHlVi485qnVDAz82vFEHud3v/Sl
nvJG5ep3+D0zOHGW5PvJQKvgmqfzHonPMrRzrZn5s4cdAIvwezXnZFYS8ktSy2vt
yAci90bDNNZHtn4B9eM5omsgvQYepgch7SBbisx8wSsqXlTZJRj6CEjULGCnD+wS
QOiLtyce0S9XffziI/1z2gKOoYyBxbLzq1zjD37ROGshRskYH7NFv/v2wwIDAQAB
o4ICfjCCAnowHQYDVR0OBBYEFAVZUuX3jZlnTiydeuZrrC2BMeZxMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvQlZsUzVmZU5tV2RPTEoxNjVtdXNMWUV4NW5FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGTBggrBgEFBQcBBwEB/wSBgzCBgDB+BAIAATB4AwQCVmlo
AwQCWSTsAwQAWSWAAwQCWSW8AwQAWSgrAwQEWbjQAwQCW+iIAwQAXXKpAwQAXXOb
AwQAXrFBAwQCXr74AwQAsN++AwQCuUBkAwQCuawUAwQCvNP8AwQCvNRoAwQAwS7M
AwQAwS7TAwQAwtUKAwQBwvIcMA0GCSqGSIb3DQEBCwUAA4IBAQBSj5tfT2bOwxXM
3CzyTEjxqyMqCEqCUWWUrTUWfxQ1wJuVC4Z2fLLoEPWKSIN14f2pPD8UuOlwLmu0
IGDkmGfmxx6B0x+1gTrJ3blqmoLvMvbK2Kx2Pkse9pfOCY8j8UE89nkBWH7TP31x
boqWg3bGDtkTEQr1IfGdwOi/ww7PaQo6jy6RCi+AqGMYQc65ta2wq4bLJ+pGpsXa
b5jEzrxUyurO/fpLVGqA6T7x76cCSdGuv/CvDlCc79RV+Kr1mgjwODVcWM5vAg8M
AwofqsB/mJkMKKL2W2ERsHmzWSqqP6jDNamX4xNsEvaTLFGjF8c42/cj4AHt1qee
+z3Uyt/m
-----END CERTIFICATE-----
Generated at Sat Apr 26 17:00:33 2025 by rpki-client