Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/BT6TVJmI3RprSa-N0sWISs5634A.roa
File: BT6TVJmI3RprSa-N0sWISs5634A.roa (raw, json)
Hash identifier: bIKRemDFFxTxUiCAL/8Hu++HBhZMoHacaRHBstTjw7w=
Subject key identifier: 05:3E:93:54:99:88:DD:1A:6B:49:AF:8D:D2:C5:88:4A:CE:7A:DF:80
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 01964868CF892DFB0C9C7947B02261C3318D
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/BT6TVJmI3RprSa-N0sWISs5634A.roa
Signing time: Fri 18 Apr 2025 10:19:10 +0000
ROA not before: Fri 18 Apr 2025 10:19:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.11.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
146.103.64.0/24 maxlen: 24
146.103.65.0/24 maxlen: 24
146.103.66.0/24 maxlen: 24
146.103.67.0/24 maxlen: 24
146.103.68.0/24 maxlen: 24
146.103.71.0/24 maxlen: 24
146.103.73.0/24 maxlen: 24
146.103.74.0/24 maxlen: 24
146.103.75.0/24 maxlen: 24
146.103.76.0/24 maxlen: 24
146.103.77.0/24 maxlen: 24
146.103.78.0/24 maxlen: 24
146.103.79.0/24 maxlen: 24
146.103.80.0/24 maxlen: 24
146.103.81.0/24 maxlen: 24
146.103.82.0/24 maxlen: 24
146.103.83.0/24 maxlen: 24
146.103.84.0/24 maxlen: 24
146.103.85.0/24 maxlen: 24
146.103.86.0/24 maxlen: 24
146.103.87.0/24 maxlen: 24
146.103.88.0/24 maxlen: 24
146.103.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 05:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:48:68:cf:89:2d:fb:0c:9c:79:47:b0:22:61:c3:31:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Apr 18 10:19:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=053e93549988dd1a6b49af8dd2c5884ace7adf80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:51:a1:f9:8f:ec:c1:e8:91:f9:23:71:78:31:
e8:81:c2:ee:d2:29:64:27:63:9d:d6:f4:36:03:e3:
40:27:02:70:e3:74:43:72:5c:5a:09:03:63:b1:c2:
06:72:2f:02:be:37:0b:74:54:6b:a2:5f:12:95:86:
74:85:1f:fc:43:7a:1d:0f:46:57:78:ea:4a:bb:67:
10:59:d4:93:08:bb:08:bf:e8:d8:62:f2:d5:d3:af:
19:51:bd:d4:0b:bc:b9:69:e7:72:b2:62:1f:07:c4:
d5:a2:34:85:9c:2e:d7:8b:27:5c:1b:06:f0:cc:3c:
31:9d:0c:c0:6f:6c:da:8a:7e:e0:77:67:de:28:10:
47:c6:8d:8e:f1:ae:7a:73:32:61:db:7e:32:a6:bf:
64:5c:e0:2b:bc:19:e9:23:cd:e2:94:bc:21:53:7a:
cc:ca:1a:a6:5a:ea:e3:19:e8:5d:9d:a2:82:25:ea:
f9:78:9a:b6:76:60:7a:1b:a1:34:c8:3a:da:c1:bc:
1a:77:26:fe:21:76:ac:f4:bd:19:d8:e6:db:87:fd:
74:d6:6c:fa:62:09:da:9b:55:c7:a9:b0:1c:b5:42:
89:66:0c:81:ab:74:52:17:6f:d8:16:c2:c3:f3:96:
46:e7:4a:dc:2a:e9:4e:a7:6e:fe:66:bc:4e:1f:c0:
90:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:3E:93:54:99:88:DD:1A:6B:49:AF:8D:D2:C5:88:4A:CE:7A:DF:80
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/BT6TVJmI3RprSa-N0sWISs5634A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0-140.150.12.255
140.150.14.0/23
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
146.103.64.0-146.103.68.255
146.103.71.0/24
146.103.73.0-146.103.89.255
Signature Algorithm: sha256WithRSAEncryption
be:35:96:a8:72:83:ff:e2:81:17:89:8f:7f:40:ff:65:50:81:
54:e4:7a:b7:5e:78:9f:15:ac:f7:40:52:97:0b:c2:3f:09:cd:
20:11:99:7d:fe:5d:9a:98:1d:f3:f3:17:00:0e:bc:e9:09:c5:
e6:d7:cf:66:24:0d:33:41:5b:dd:fa:62:df:60:64:44:c2:22:
73:a6:fb:ce:98:c5:eb:b1:a4:c6:08:56:73:c6:8a:e1:e2:17:
ac:4d:5e:61:4d:4d:56:23:75:bc:05:a2:3a:61:cf:b1:3c:39:
a6:d7:00:c0:76:dc:24:23:52:dc:c5:7f:44:b7:1b:46:56:89:
33:e7:33:96:5e:0d:5c:98:4a:7f:2e:59:e2:4d:a9:30:9f:14:
f4:52:9d:6a:5a:66:65:b4:47:a6:66:53:1c:3f:66:fb:8d:d3:
8b:cd:b6:60:52:46:55:e7:0f:de:fe:43:90:f3:24:1e:09:95:
a5:66:c8:ad:3e:aa:46:b4:6c:72:8f:da:d1:b8:fb:8f:19:3d:
7b:c7:65:00:3b:5b:c5:a6:c2:67:2c:fb:b4:15:34:22:f2:40:
7f:99:24:28:b2:61:05:ea:c8:1d:2b:34:db:99:85:25:a0:07:
23:ae:9a:6f:8d:f2:10:a3:ec:3b:f6:61:3c:cf:a1:21:90:cf:
38:8b:37:46
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZZIaM+JLfsMnHlHsCJhwzGNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwNDE4MTAxOTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNTNlOTM1NDk5ODhkZDFhNmI0OWFmOGRkMmM1ODg0YWNlN2FkZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21Gh+Y/sweiR+SNxeDHogcLu0ilk
J2Od1vQ2A+NAJwJw43RDclxaCQNjscIGci8CvjcLdFRrol8SlYZ0hR/8Q3odD0ZX
eOpKu2cQWdSTCLsIv+jYYvLV068ZUb3UC7y5aedysmIfB8TVojSFnC7XiydcGwbw
zDwxnQzAb2zain7gd2feKBBHxo2O8a56czJh234ypr9kXOArvBnpI83ilLwhU3rM
yhqmWurjGehdnaKCJer5eJq2dmB6G6E0yDrawbwadyb+IXas9L0Z2Obbh/101mz6
Ygnam1XHqbActUKJZgyBq3RSF2/YFsLD85ZG50rcKulOp27+ZrxOH8CQvwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFAU+k1SZiN0aa0mvjdLFiErOet+AMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvQlQ2VFZKbUkzUnByU2EtTjBzV0lTczU2MzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQDjJYAMAwD
BAGMlgoDBACMlgwDBAGMlg4wDAMEAYyWEgMEAIyWJjAMAwQDjJYoAwQAjJYsAwQB
jJYuMAwDBAaSZ0ADBACSZ0QDBACSZ0cwDAMEAJJnSQMEAZJnWDANBgkqhkiG9w0B
AQsFAAOCAQEAvjWWqHKD/+KBF4mPf0D/ZVCBVOR6t154nxWs90BSlwvCPwnNIBGZ
ff5dmpgd8/MXAA686QnF5tfPZiQNM0Fb3fpi32BkRMIic6b7zpjF67GkxghWc8aK
4eIXrE1eYU1NViN1vAWiOmHPsTw5ptcAwHbcJCNS3MV/RLcbRlaJM+czll4NXJhK
fy5Z4k2pMJ8U9FKdalpmZbRHpmZTHD9m+43Ti822YFJGVecP3v5DkPMkHgmVpWbI
rT6qRrRsco/a0bj7jxk9e8dlADtbxabCZyz7tBU0IvJAf5kkKLJhBerIHSs025mF
JaAHI66ab43yEKPsO/ZhPM+hIZDPOIs3Rg==
-----END CERTIFICATE-----
Generated at Tue Apr 29 10:29:59 2025 by rpki-client