Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/BGF23n1tWLaGSyVWldicXKis1yY.roa
File: BGF23n1tWLaGSyVWldicXKis1yY.roa (raw, json)
Hash identifier: KgzFG00NHLPWSN+cpvun2QYmLvnrmB27TCoN+ieCYRo=
Subject key identifier: 04:61:76:DE:7D:6D:58:B6:86:4B:25:56:95:D8:9C:5C:A8:AC:D7:26
Certificate issuer: /CN=1372e0c2b83dd5109013c7f1c0bb9716d3618dd2
Certificate serial: 0196C518AB26539124DBD43974BF73029EF3
Authority key identifier: 13:72:E0:C2:B8:3D:D5:10:90:13:C7:F1:C0:BB:97:16:D3:61:8D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/BGF23n1tWLaGSyVWldicXKis1yY.roa
Signing time: Mon 12 May 2025 15:24:10 +0000
ROA not before: Mon 12 May 2025 15:24:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 2.56.148.0/24 maxlen: 24
2.56.149.0/24 maxlen: 24
2.56.150.0/24 maxlen: 24
5.252.198.0/24 maxlen: 24
5.252.199.0/24 maxlen: 24
45.146.122.0/24 maxlen: 24
45.146.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 14 May 2025 09:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c5:18:ab:26:53:91:24:db:d4:39:74:bf:73:02:9e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1372e0c2b83dd5109013c7f1c0bb9716d3618dd2
Validity
Not Before: May 12 15:24:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=046176de7d6d58b6864b255695d89c5ca8acd726
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9a:ef:05:c5:f1:f8:a0:e0:13:d2:34:e9:e8:
a2:0a:af:d2:4e:73:29:21:d7:1a:da:2e:7a:3b:61:
ef:80:12:a8:bc:51:b2:a9:69:ce:6d:31:0f:73:5d:
fa:56:a1:e1:8d:5b:fb:8e:cc:84:74:d5:16:d9:cd:
f0:35:28:f1:80:2c:a6:e0:47:1e:f2:55:b1:32:f9:
40:73:59:ec:12:f9:db:f2:b2:4f:db:2f:5d:d5:8f:
d1:49:8d:6f:6b:96:23:bf:b5:d6:1a:04:34:b2:21:
2f:98:45:39:9a:ed:53:19:78:94:4b:2c:9f:a2:2a:
cc:3f:10:21:ca:ff:0f:e7:e9:76:29:d9:f1:ed:67:
24:84:a9:8b:56:50:f4:d2:ff:91:02:f1:31:cc:dc:
05:d2:d5:b4:24:3c:b3:d4:1f:ea:f4:29:f8:5e:4a:
c1:20:8b:0f:5f:07:4e:ce:2f:b3:b8:1d:12:6e:8b:
6c:f1:0e:e6:28:df:dc:1a:d4:7b:ac:1a:03:b3:fe:
fe:af:9c:0a:ec:49:f0:fd:59:b6:fe:69:b6:a9:f9:
09:28:bb:8d:e5:46:65:8d:91:2c:6a:3f:03:c8:27:
29:00:a9:7f:f2:9d:e3:38:64:5f:68:2e:b2:e2:9b:
41:97:f5:7d:00:38:27:7d:ef:b3:e8:f8:c1:26:4c:
21:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:61:76:DE:7D:6D:58:B6:86:4B:25:56:95:D8:9C:5C:A8:AC:D7:26
X509v3 Authority Key Identifier:
keyid:13:72:E0:C2:B8:3D:D5:10:90:13:C7:F1:C0:BB:97:16:D3:61:8D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E3Lgwrg91RCQE8fxwLuXFtNhjdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/BGF23n1tWLaGSyVWldicXKis1yY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/221fd6-e4f6-43e3-946d-dd1ec57d7e74/1/E3Lgwrg91RCQE8fxwLuXFtNhjdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.148.0-2.56.150.255
5.252.198.0/23
45.146.122.0/23
Signature Algorithm: sha256WithRSAEncryption
79:68:1d:4b:1c:c2:68:08:52:e7:7a:a9:11:43:cd:98:75:5d:
6f:63:f3:31:81:b1:90:1d:2f:52:59:78:28:a6:56:1a:e6:be:
6b:d2:89:57:05:44:90:56:ff:09:e1:86:11:85:d2:6d:f6:0a:
aa:16:a7:16:4e:e9:f5:5e:43:1a:33:a2:a7:05:ee:cb:cb:3e:
7c:b5:00:fb:97:2b:83:b6:66:5e:0e:90:54:f3:00:25:88:dc:
40:28:66:7b:0c:14:ac:c1:03:60:5a:c4:90:fd:a4:a9:26:e8:
37:9a:42:8b:12:ce:cf:92:c2:49:c4:91:d9:fd:e6:9d:67:3b:
ca:a9:91:f4:ed:93:84:d3:e4:a3:71:66:5c:09:ce:62:da:dc:
ed:af:81:a0:a1:08:6f:6e:2b:0a:cc:4d:41:02:ea:7f:9b:00:
55:63:b8:9e:9d:33:df:25:78:99:76:cc:81:d2:f2:44:51:bf:
a4:25:eb:c5:df:7f:22:e1:4a:81:a9:3b:81:8c:3a:6e:ac:ad:
70:ce:c3:4b:5b:b7:80:26:dd:f4:3f:ac:70:06:d3:aa:54:ef:
73:b8:f7:91:15:cb:2a:84:05:e6:30:33:3c:e0:b1:da:f2:19:
8b:e4:d1:76:f8:0d:2e:bf:52:08:d2:92:3b:2e:1e:6b:16:7a:
0e:30:aa:4b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZbFGKsmU5Ek29Q5dL9zAp7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNzJlMGMyYjgzZGQ1MTA5MDEzYzdmMWMwYmI5NzE2ZDM2
MThkZDIwHhcNMjUwNTEyMTUyNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNDYxNzZkZTdkNmQ1OGI2ODY0YjI1NTY5NWQ4OWM1Y2E4YWNkNzI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq5rvBcXx+KDgE9I06eiiCq/STnMp
Idca2i56O2HvgBKovFGyqWnObTEPc136VqHhjVv7jsyEdNUW2c3wNSjxgCym4Ece
8lWxMvlAc1nsEvnb8rJP2y9d1Y/RSY1va5Yjv7XWGgQ0siEvmEU5mu1TGXiUSyyf
oirMPxAhyv8P5+l2Kdnx7WckhKmLVlD00v+RAvExzNwF0tW0JDyz1B/q9Cn4XkrB
IIsPXwdOzi+zuB0Sbots8Q7mKN/cGtR7rBoDs/7+r5wK7Enw/Vm2/mm2qfkJKLuN
5UZljZEsaj8DyCcpAKl/8p3jOGRfaC6y4ptBl/V9ADgnfe+z6PjBJkwhYwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFARhdt59bVi2hkslVpXYnFyorNcmMB8GA1UdIwQY
MBaAFBNy4MK4PdUQkBPH8cC7lxbTYY3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTNMZ3dyZzkxUkNRRThmeHdMdVhGdE5oamRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yMjFmZDYtZTRmNi00M2UzLTk0NmQt
ZGQxZWM1N2Q3ZTc0LzEvQkdGMjNuMXRXTGFHU3lWV2xkaWNYS2lzMXlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yMjFmZDYtZTRmNi00M2UzLTk0NmQtZGQxZWM1N2Q3ZTc0
LzEvRTNMZ3dyZzkxUkNRRThmeHdMdVhGdE5oamRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAICOJQD
BAACOJYDBAEF/MYDBAEtknowDQYJKoZIhvcNAQELBQADggEBAHloHUscwmgIUud6
qRFDzZh1XW9j8zGBsZAdL1JZeCimVhrmvmvSiVcFRJBW/wnhhhGF0m32CqoWpxZO
6fVeQxozoqcF7svLPny1APuXK4O2Zl4OkFTzACWI3EAoZnsMFKzBA2BaxJD9pKkm
6DeaQosSzs+SwknEkdn95p1nO8qpkfTtk4TT5KNxZlwJzmLa3O2vgaChCG9uKwrM
TUEC6n+bAFVjuJ6dM98leJl2zIHS8kRRv6Ql68XffyLhSoGpO4GMOm6srXDOw0tb
t4Am3fQ/rHAG06pU73O495EVyyqEBeYwMzzgsdryGYvk0Xb4DS6/UgjSkjsuHmsW
eg4wqks=
-----END CERTIFICATE-----
Generated at Tue May 13 17:40:39 2025 by rpki-client