Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/Z-7u2MA1CjZD5hYP8TfU-VSZNR8.roa
File: Z-7u2MA1CjZD5hYP8TfU-VSZNR8.roa (raw, json)
Hash identifier: /80xhWNAq5Vxx5IxhDuQbH3UW7oLWMSaFXrTwbB6FYA=
Subject key identifier: 67:EE:EE:D8:C0:35:0A:36:43:E6:16:0F:F1:37:D4:F9:54:99:35:1F
Certificate issuer: /CN=1dd5cd2a0261e1e6069dd775894d826ee8836c1e
Certificate serial: 0194228E3CD6FEBFF0415EC252B1F77704FC
Authority key identifier: 1D:D5:CD:2A:02:61:E1:E6:06:9D:D7:75:89:4D:82:6E:E8:83:6C:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HdXNKgJh4eYGndd1iU2CbuiDbB4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/Z-7u2MA1CjZD5hYP8TfU-VSZNR8.roa
Signing time: Wed 01 Jan 2025 15:48:54 +0000
ROA not before: Wed 01 Jan 2025 15:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204958
IP address blocks: 185.232.236.0/22 maxlen: 22
185.232.236.0/24 maxlen: 24
185.232.237.0/24 maxlen: 24
185.232.238.0/24 maxlen: 24
185.232.239.0/24 maxlen: 24
2a07:ff00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/HdXNKgJh4eYGndd1iU2CbuiDbB4.crl
rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/HdXNKgJh4eYGndd1iU2CbuiDbB4.mft
rsync://rpki.ripe.net/repository/DEFAULT/HdXNKgJh4eYGndd1iU2CbuiDbB4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 03:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:3c:d6:fe:bf:f0:41:5e:c2:52:b1:f7:77:04:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1dd5cd2a0261e1e6069dd775894d826ee8836c1e
Validity
Not Before: Jan 1 15:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67eeeed8c0350a3643e6160ff137d4f95499351f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:97:ce:2c:53:4b:5c:e4:5a:8a:c1:0d:0b:88:
59:9a:89:3f:e3:d5:e2:22:97:6b:22:f5:a5:fb:16:
ad:3b:4e:1f:44:52:47:95:02:61:6d:4c:5f:a6:43:
25:ff:4f:83:5d:48:fb:24:a8:58:01:99:c5:16:bb:
06:fe:0d:09:68:ce:ce:e7:f3:76:7f:89:06:d3:4d:
b3:ff:b5:8c:e0:d3:36:a5:6e:96:7c:02:2d:dd:f5:
a4:7a:0d:72:48:e2:0b:9a:d6:e1:d1:d0:41:af:71:
d7:20:30:bb:7f:ba:54:1d:82:03:6f:c7:f0:a7:5c:
4e:0c:5f:ae:63:07:a3:a7:67:de:ea:ed:df:fd:51:
cf:ea:93:92:a9:3d:5d:bd:48:2c:23:cf:21:97:f8:
56:80:a2:67:8c:7d:f8:1e:10:8b:d2:b3:1b:57:e2:
22:b0:4c:70:9b:ef:bc:f2:ae:8b:a4:2c:c3:62:65:
36:8b:c1:53:2b:bf:94:8c:aa:8c:ef:3e:77:88:55:
8e:8c:11:09:01:e7:c5:a4:1f:f2:eb:24:1f:03:d6:
9c:60:e9:bd:96:2c:ef:34:8e:40:57:df:cc:7e:80:
c1:c1:cc:75:97:9f:49:6c:f7:dd:00:72:68:aa:f1:
0e:7a:14:db:bb:2c:4b:bb:ef:3a:fa:05:79:bf:e3:
bc:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EE:EE:D8:C0:35:0A:36:43:E6:16:0F:F1:37:D4:F9:54:99:35:1F
X509v3 Authority Key Identifier:
keyid:1D:D5:CD:2A:02:61:E1:E6:06:9D:D7:75:89:4D:82:6E:E8:83:6C:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HdXNKgJh4eYGndd1iU2CbuiDbB4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/Z-7u2MA1CjZD5hYP8TfU-VSZNR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/4fe983-7152-4933-9f36-d86cadd610b8/1/HdXNKgJh4eYGndd1iU2CbuiDbB4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.232.236.0/22
IPv6:
2a07:ff00::/29
Signature Algorithm: sha256WithRSAEncryption
4b:a7:35:79:55:2b:a0:0c:2a:1b:f0:1e:2c:fe:5d:f2:ac:d8:
24:b8:c5:43:8e:56:b7:7e:9a:94:30:a4:26:2e:ac:f0:ba:6f:
80:e5:fc:36:e6:46:d9:7d:a6:3d:89:d3:8c:90:32:8e:84:de:
7b:8d:aa:91:9d:ac:3f:f5:17:76:fe:fe:2e:e6:a9:7b:9b:8b:
dc:f8:b6:98:dd:a0:55:80:b1:26:27:6e:0a:eb:44:04:18:e6:
b2:73:3c:a2:b1:2e:ee:9f:be:85:ed:06:e5:75:26:41:92:42:
86:af:49:ec:d0:40:57:c8:14:ef:a9:df:6a:a5:64:57:4f:cc:
36:c9:ec:02:62:10:31:1a:82:ed:7e:ac:d7:a0:df:5d:7f:9f:
e5:a9:7b:62:b2:8a:67:4e:33:08:47:27:26:a6:f4:80:7a:2a:
d1:a4:17:72:05:7d:54:5a:ab:2e:ee:87:5e:5c:23:65:3e:2f:
43:68:69:da:bc:b6:6e:51:66:ee:47:09:43:3d:15:20:b1:22:
ed:27:52:94:93:d9:70:36:ca:b4:eb:d0:e3:91:13:1f:2b:a2:
a2:80:39:bb:ee:b2:95:08:ba:5c:8a:a9:63:a4:f7:a9:49:05:
e5:a5:2a:f0:2c:18:0b:19:8e:b6:a1:21:58:25:59:65:66:24:
8d:df:ab:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQijjzW/r/wQV7CUrH3dwT8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFkZDVjZDJhMDI2MWUxZTYwNjlkZDc3NTg5NGQ4MjZlZTg4
MzZjMWUwHhcNMjUwMTAxMTU0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2VlZWVkOGMwMzUwYTM2NDNlNjE2MGZmMTM3ZDRmOTU0OTkzNTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4pfOLFNLXORaisENC4hZmok/49Xi
IpdrIvWl+xatO04fRFJHlQJhbUxfpkMl/0+DXUj7JKhYAZnFFrsG/g0JaM7O5/N2
f4kG002z/7WM4NM2pW6WfAIt3fWkeg1ySOILmtbh0dBBr3HXIDC7f7pUHYIDb8fw
p1xODF+uYwejp2fe6u3f/VHP6pOSqT1dvUgsI88hl/hWgKJnjH34HhCL0rMbV+Ii
sExwm++88q6LpCzDYmU2i8FTK7+UjKqM7z53iFWOjBEJAefFpB/y6yQfA9acYOm9
lizvNI5AV9/MfoDBwcx1l59JbPfdAHJoqvEOehTbuyxLu+86+gV5v+O8YwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGfu7tjANQo2Q+YWD/E31PlUmTUfMB8GA1UdIwQY
MBaAFB3VzSoCYeHmBp3XdYlNgm7og2weMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSGRYTktnSmg0ZVlHbmRkMWlVMkNidWlEYkI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi80ZmU5ODMtNzE1Mi00OTMzLTlmMzYt
ZDg2Y2FkZDYxMGI4LzEvWi03dTJNQTFDalpENWhZUDhUZlUtVlNaTlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi80ZmU5ODMtNzE1Mi00OTMzLTlmMzYtZDg2Y2FkZDYxMGI4
LzEvSGRYTktnSmg0ZVlHbmRkMWlVMkNidWlEYkI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuejsMA0E
AgACMAcDBQMqB/8AMA0GCSqGSIb3DQEBCwUAA4IBAQBLpzV5VSugDCob8B4s/l3y
rNgkuMVDjla3fpqUMKQmLqzwum+A5fw25kbZfaY9idOMkDKOhN57jaqRnaw/9Rd2
/v4u5ql7m4vc+LaY3aBVgLEmJ24K60QEGOayczyisS7un76F7QbldSZBkkKGr0ns
0EBXyBTvqd9qpWRXT8w2yewCYhAxGoLtfqzXoN9df5/lqXtisopnTjMIRycmpvSA
eirRpBdyBX1UWqsu7odeXCNlPi9DaGnavLZuUWbuRwlDPRUgsSLtJ1KUk9lwNsq0
69DjkRMfK6KigDm77rKVCLpciqljpPepSQXlpSrwLBgLGY62oSFYJVllZiSN36tl
-----END CERTIFICATE-----
Generated at Sun Apr 13 11:58:57 2025 by rpki-client