Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/bJi42FnwJqN8jH7mbmez6hDvWQ8.roa
File: bJi42FnwJqN8jH7mbmez6hDvWQ8.roa (raw, json)
Hash identifier: KnnxICDY297RUvYPLgL+Dvnh1Bw8KXlSVenTgK4F4O4=
Subject key identifier: 6C:98:B8:D8:59:F0:26:A3:7C:8C:7E:E6:6E:67:B3:EA:10:EF:59:0F
Certificate issuer: /CN=0b5f8c9447d614b86182763d9333250e2d9412e2
Certificate serial: 01966135FD880704C03CB157F6DA0F2B1D2B
Authority key identifier: 0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/bJi42FnwJqN8jH7mbmez6hDvWQ8.roa
Signing time: Wed 23 Apr 2025 05:54:10 +0000
ROA not before: Wed 23 Apr 2025 05:54:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.149.153.0/24 maxlen: 24
89.150.49.0/24 maxlen: 24
185.33.26.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/C1-MlEfWFLhhgnY9kzMlDi2UEuI.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/C1-MlEfWFLhhgnY9kzMlDi2UEuI.mft
rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 11:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:61:35:fd:88:07:04:c0:3c:b1:57:f6:da:0f:2b:1d:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b5f8c9447d614b86182763d9333250e2d9412e2
Validity
Not Before: Apr 23 05:54:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c98b8d859f026a37c8c7ee66e67b3ea10ef590f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:19:60:32:cc:f7:0e:a7:7f:09:24:30:27:ef:
e6:99:c8:fb:1a:8d:96:3a:a8:74:26:8f:74:37:97:
1b:99:01:ca:3c:e7:2b:6f:29:76:38:bc:c6:7b:4c:
b8:aa:5a:75:17:f9:88:08:27:f1:07:76:d3:c6:a4:
a8:c3:3d:1f:19:1f:b2:28:d8:4a:21:ac:e2:57:de:
95:87:1e:99:8c:c5:db:cf:23:4c:a1:df:20:52:7c:
a0:8f:ba:f7:98:8d:df:37:f2:39:74:e5:69:1e:62:
5c:7d:7c:32:22:ad:35:3e:4b:23:76:54:73:f9:61:
d3:49:c1:e1:2c:35:ca:ca:69:91:23:a8:5d:62:35:
93:4f:8b:aa:20:71:d7:d0:d3:5c:d5:7b:43:87:f4:
17:00:77:a5:4c:8a:2d:45:5a:e0:0c:b2:c4:3a:d3:
d6:26:51:7c:33:3d:d0:f6:53:47:8b:f4:53:df:20:
9b:a0:e4:96:12:81:dc:bf:ed:a9:e4:34:2f:41:66:
3c:60:02:27:86:54:4c:24:24:8f:66:41:12:0d:67:
64:fd:43:05:90:fb:82:da:ae:e4:b1:16:97:1d:d8:
55:15:5a:35:71:be:76:f0:0a:01:15:aa:c2:79:18:
ba:66:d3:20:2e:4c:bb:0d:4a:04:f7:71:70:d0:ea:
5b:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:98:B8:D8:59:F0:26:A3:7C:8C:7E:E6:6E:67:B3:EA:10:EF:59:0F
X509v3 Authority Key Identifier:
keyid:0B:5F:8C:94:47:D6:14:B8:61:82:76:3D:93:33:25:0E:2D:94:12:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1-MlEfWFLhhgnY9kzMlDi2UEuI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/bJi42FnwJqN8jH7mbmez6hDvWQ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/f7f6c0-09d0-492c-92e6-8a95e6377332/1/C1-MlEfWFLhhgnY9kzMlDi2UEuI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.149.153.0/24
89.150.49.0/24
185.33.26.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:60:4e:55:15:54:e3:cc:ff:fd:3b:ba:0f:81:90:2f:c0:54:
3b:4f:53:a4:58:66:fa:9b:61:2d:32:74:9b:52:8b:ad:5e:65:
11:9c:18:4d:2d:2c:7a:48:14:c3:f0:ea:1b:73:5e:1a:87:8a:
1e:b6:72:92:82:b4:83:73:92:ca:6b:f5:c6:81:8c:67:f9:e3:
7a:bc:d1:42:57:50:e3:00:5f:44:0c:35:a9:1c:8e:7f:9b:ff:
45:e6:b8:0e:32:dc:c8:b0:59:e0:6c:0f:7c:66:89:bf:e0:36:
44:66:86:5c:0c:bc:19:c9:0d:7c:49:2b:8d:cc:78:89:f0:8a:
ac:66:93:a3:30:43:db:1b:f1:59:e9:f6:6b:99:7e:76:d3:f4:
98:a9:f4:a3:ca:3b:53:08:21:e3:66:d3:fc:fa:03:4f:d5:3e:
99:4f:df:be:09:a5:b6:08:0d:18:05:35:27:4d:6f:76:35:12:
74:ab:43:66:5e:8d:22:95:3a:d6:b5:52:60:a7:47:09:6a:27:
df:1d:ec:e6:db:78:d2:a9:a6:16:13:da:62:15:2d:27:9c:64:
33:e8:41:35:01:af:dc:05:69:e9:1a:16:c4:8f:10:91:2e:f2:
cd:f0:10:d9:9a:53:af:2a:da:a1:98:19:1d:1a:0b:bd:53:3c:
87:20:4d:bd
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZZhNf2IBwTAPLFX9toPKx0rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNWY4Yzk0NDdkNjE0Yjg2MTgyNzYzZDkzMzMyNTBlMmQ5
NDEyZTIwHhcNMjUwNDIzMDU1NDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Yzk4YjhkODU5ZjAyNmEzN2M4YzdlZTY2ZTY3YjNlYTEwZWY1OTBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxlgMsz3Dqd/CSQwJ+/mmcj7Go2W
Oqh0Jo90N5cbmQHKPOcrbyl2OLzGe0y4qlp1F/mICCfxB3bTxqSowz0fGR+yKNhK
IaziV96Vhx6ZjMXbzyNMod8gUnygj7r3mI3fN/I5dOVpHmJcfXwyIq01PksjdlRz
+WHTScHhLDXKymmRI6hdYjWTT4uqIHHX0NNc1XtDh/QXAHelTIotRVrgDLLEOtPW
JlF8Mz3Q9lNHi/RT3yCboOSWEoHcv+2p5DQvQWY8YAInhlRMJCSPZkESDWdk/UMF
kPuC2q7ksRaXHdhVFVo1cb528AoBFarCeRi6ZtMgLky7DUoE93Fw0OpbHQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGyYuNhZ8CajfIx+5m5ns+oQ71kPMB8GA1UdIwQY
MBaAFAtfjJRH1hS4YYJ2PZMzJQ4tlBLiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYt
OGE5NWU2Mzc3MzMyLzEvYkppNDJGbndKcU44akg3bWJtZXo2aER2V1E4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9mN2Y2YzAtMDlkMC00OTJjLTkyZTYtOGE5NWU2Mzc3MzMy
LzEvQzEtTWxFZldGTGhoZ25ZOWt6TWxEaTJVRXVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQALZWZAwQA
WZYxAwQAuSEaMA0GCSqGSIb3DQEBCwUAA4IBAQBeYE5VFVTjzP/9O7oPgZAvwFQ7
T1OkWGb6m2EtMnSbUoutXmURnBhNLSx6SBTD8Oobc14ah4oetnKSgrSDc5LKa/XG
gYxn+eN6vNFCV1DjAF9EDDWpHI5/m/9F5rgOMtzIsFngbA98Zom/4DZEZoZcDLwZ
yQ18SSuNzHiJ8IqsZpOjMEPbG/FZ6fZrmX520/SYqfSjyjtTCCHjZtP8+gNP1T6Z
T9++CaW2CA0YBTUnTW92NRJ0q0NmXo0ilTrWtVJgp0cJaiffHezm23jSqaYWE9pi
FS0nnGQz6EE1Aa/cBWnpGhbEjxCRLvLN8BDZmlOvKtqhmBkdGgu9UzyHIE29
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:32:46 2025 by rpki-client