Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/bvQIlNNUMWVZpOuBbfjV2n2JcQc.roa
File: bvQIlNNUMWVZpOuBbfjV2n2JcQc.roa (raw, json)
Hash identifier: +U+GqW9E3/QilFEP3Lx61JZ31UwKUTwHB5insO0pkVk=
Subject key identifier: 6E:F4:08:94:D3:54:31:65:59:A4:EB:81:6D:F8:D5:DA:7D:89:71:07
Certificate issuer: /CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Certificate serial: 0196CAEA3B872895F315E697989A6F69DB37
Authority key identifier: 89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/bvQIlNNUMWVZpOuBbfjV2n2JcQc.roa
Signing time: Tue 13 May 2025 18:31:10 +0000
ROA not before: Tue 13 May 2025 18:31:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208969
IP address blocks: 45.151.96.0/23 maxlen: 24
94.137.90.0/23 maxlen: 24
2a05:c440:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 16 May 2025 06:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:ca:ea:3b:87:28:95:f3:15:e6:97:98:9a:6f:69:db:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89ac0acbfdb7a274ef36c16f5860ada2a2470697
Validity
Not Before: May 13 18:31:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ef40894d354316559a4eb816df8d5da7d897107
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:df:f8:39:6e:8b:28:5b:0b:5d:75:26:26:c3:
28:7b:fe:97:bd:fc:71:df:fd:43:ac:43:79:17:09:
96:d5:86:13:7f:f6:51:f7:48:11:e6:5f:5e:ef:9d:
57:8c:a0:c1:ba:e8:60:8d:e1:02:ee:3c:f1:45:6f:
8a:86:c2:54:c3:5e:6d:74:3d:a1:8b:df:8a:88:f9:
38:93:a1:f0:a8:69:f2:de:59:30:23:c8:af:e5:83:
9d:f7:e4:de:a9:9f:24:96:5b:7c:ad:c7:4d:f6:79:
3f:26:45:54:b1:f7:61:14:a4:e6:f7:70:a3:45:ad:
28:c1:a8:cf:66:3d:c9:3d:c2:1e:45:85:00:08:06:
3c:e4:99:3f:f0:99:fb:d9:be:17:eb:8c:85:d2:49:
67:d3:fc:fb:39:5e:ae:9d:ea:e1:d1:f4:d8:f9:2d:
3a:cc:0e:15:cf:e9:fd:b2:51:5f:31:0f:8c:9e:b4:
5e:68:1f:0b:d2:f7:de:89:46:58:7f:91:c5:13:1c:
6e:1a:61:db:2c:4c:3c:27:40:07:74:ae:3c:13:ae:
f4:35:c7:38:34:5e:22:b9:8e:1d:7f:44:c7:5a:3b:
c9:0d:17:d9:46:c3:58:12:82:68:54:f7:b0:eb:d2:
3a:be:4d:b0:bb:19:e3:42:c6:db:1a:5c:2b:fe:e9:
57:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:F4:08:94:D3:54:31:65:59:A4:EB:81:6D:F8:D5:DA:7D:89:71:07
X509v3 Authority Key Identifier:
keyid:89:AC:0A:CB:FD:B7:A2:74:EF:36:C1:6F:58:60:AD:A2:A2:47:06:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iawKy_23onTvNsFvWGCtoqJHBpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/bvQIlNNUMWVZpOuBbfjV2n2JcQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/93a768-2677-48d6-914c-d4dbf7066fd3/1/iawKy_23onTvNsFvWGCtoqJHBpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.96.0/23
94.137.90.0/23
IPv6:
2a05:c440:4000::/36
Signature Algorithm: sha256WithRSAEncryption
36:94:4b:25:f8:f3:4d:6c:74:08:43:65:a3:ea:80:74:48:53:
81:5e:e1:e3:ee:86:b5:74:52:db:18:b3:ff:1e:34:5c:04:51:
12:2a:fd:a9:03:fb:86:bc:a4:d5:3e:c5:d0:9e:25:dc:59:6b:
69:9c:19:e1:f5:fa:2e:67:7f:3e:29:3f:e3:71:c1:c5:89:be:
26:aa:8f:70:21:c5:c0:1a:ba:b7:f1:c5:93:8e:f5:ca:38:0f:
bd:83:9c:51:fe:69:f0:9d:2a:fa:3f:d0:97:93:1d:0a:3c:68:
16:30:67:a0:17:10:8b:9e:83:a5:69:b7:8e:a3:d0:e4:60:2f:
34:f2:1a:b2:2b:1d:c3:8a:cd:83:ba:0a:3f:9d:b2:db:60:a2:
d9:99:bb:6f:32:7b:56:c1:a9:d8:ac:8b:ac:62:68:12:98:c3:
d2:9d:79:82:4a:5c:6c:b9:7a:20:83:cb:12:7f:ce:16:d8:89:
72:4e:90:bc:d1:1f:f4:12:11:31:6b:25:ac:e0:e6:95:91:57:
7b:dc:b7:c3:12:f5:70:5e:d6:2e:7e:34:b7:90:7b:f8:6a:49:
92:04:4a:6a:c9:b1:8e:01:19:20:c4:18:6c:a5:b2:89:f8:5f:
65:4b:af:77:02:e0:e1:6e:28:dc:3f:6c:b9:d1:85:7b:6c:bd:
bf:f7:3f:51
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZbK6juHKJXzFeaXmJpvads3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWMwYWNiZmRiN2EyNzRlZjM2YzE2ZjU4NjBhZGEyYTI0
NzA2OTcwHhcNMjUwNTEzMTgzMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZWY0MDg5NGQzNTQzMTY1NTlhNGViODE2ZGY4ZDVkYTdkODk3MTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqt/4OW6LKFsLXXUmJsMoe/6Xvfxx
3/1DrEN5FwmW1YYTf/ZR90gR5l9e751XjKDBuuhgjeEC7jzxRW+KhsJUw15tdD2h
i9+KiPk4k6HwqGny3lkwI8iv5YOd9+TeqZ8kllt8rcdN9nk/JkVUsfdhFKTm93Cj
Ra0owajPZj3JPcIeRYUACAY85Jk/8Jn72b4X64yF0kln0/z7OV6unerh0fTY+S06
zA4Vz+n9slFfMQ+MnrReaB8L0vfeiUZYf5HFExxuGmHbLEw8J0AHdK48E670Ncc4
NF4iuY4df0THWjvJDRfZRsNYEoJoVPew69I6vk2wuxnjQsbbGlwr/ulXSwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFG70CJTTVDFlWaTrgW341dp9iXEHMB8GA1UdIwQY
MBaAFImsCsv9t6J07zbBb1hgraKiRwaXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMt
ZDRkYmY3MDY2ZmQzLzEvYnZRSWxOTlVNV1ZacE91QmJmalYybjJKY1FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS85M2E3NjgtMjY3Ny00OGQ2LTkxNGMtZDRkYmY3MDY2ZmQz
LzEvaWF3S3lfMjNvblR2TnNGdldHQ3RvcUpIQnBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQBLZdgAwQB
XolaMA4EAgACMAgDBgQqBcRAQDANBgkqhkiG9w0BAQsFAAOCAQEANpRLJfjzTWx0
CENlo+qAdEhTgV7h4+6GtXRS2xiz/x40XARREir9qQP7hryk1T7F0J4l3FlraZwZ
4fX6Lmd/Pik/43HBxYm+JqqPcCHFwBq6t/HFk471yjgPvYOcUf5p8J0q+j/Ql5Md
CjxoFjBnoBcQi56DpWm3jqPQ5GAvNPIasisdw4rNg7oKP52y22Ci2Zm7bzJ7VsGp
2KyLrGJoEpjD0p15gkpcbLl6IIPLEn/OFtiJck6QvNEf9BIRMWslrODmlZFXe9y3
wxL1cF7WLn40t5B7+GpJkgRKasmxjgEZIMQYbKWyifhfZUuvdwLg4W4o3D9sudGF
e2y9v/c/UQ==
-----END CERTIFICATE-----
Generated at Thu May 15 10:28:25 2025 by rpki-client