Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0ba51c-1770-4dfa-8367-28f68a4a143b/1/ZQAyFws7DTZX8u1fY_j_CXtWmSw.roa
File: ZQAyFws7DTZX8u1fY_j_CXtWmSw.roa (raw, json)
Hash identifier: rqxW0DHYx0WB4ZZV6XWEMvjksg8LNQ4dfFaekkzMvBk=
Subject key identifier: 65:00:32:17:0B:3B:0D:36:57:F2:ED:5F:63:F8:FF:09:7B:56:99:2C
Certificate issuer: /CN=8d58406ad38b155c198e385a9c2f621bce21f877
Certificate serial: 019421B1B856891BF042432099973195FDCA
Authority key identifier: 8D:58:40:6A:D3:8B:15:5C:19:8E:38:5A:9C:2F:62:1B:CE:21:F8:77
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVhAatOLFVwZjjhanC9iG84h-Hc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0ba51c-1770-4dfa-8367-28f68a4a143b/1/ZQAyFws7DTZX8u1fY_j_CXtWmSw.roa
Signing time: Wed 01 Jan 2025 11:48:02 +0000
ROA not before: Wed 01 Jan 2025 11:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209573
IP address blocks: 139.28.64.0/22 maxlen: 22
139.28.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0ba51c-1770-4dfa-8367-28f68a4a143b/1/jVhAatOLFVwZjjhanC9iG84h-Hc.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/0ba51c-1770-4dfa-8367-28f68a4a143b/1/jVhAatOLFVwZjjhanC9iG84h-Hc.mft
rsync://rpki.ripe.net/repository/DEFAULT/jVhAatOLFVwZjjhanC9iG84h-Hc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:b8:56:89:1b:f0:42:43:20:99:97:31:95:fd:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d58406ad38b155c198e385a9c2f621bce21f877
Validity
Not Before: Jan 1 11:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=650032170b3b0d3657f2ed5f63f8ff097b56992c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:0e:64:b1:5e:dd:39:9c:2f:c8:7e:d2:69:19:
ac:cb:3e:b0:bd:0e:c7:68:4f:1a:b1:2b:e6:cc:5c:
dc:11:11:60:3e:9b:4c:ab:b6:ed:15:58:35:96:a4:
36:c4:ab:c2:ec:7f:4f:7d:cb:72:51:39:64:3e:17:
90:5c:9a:2f:8d:f5:fe:fe:55:af:82:47:cd:82:9b:
fb:c2:d1:96:1d:37:fb:9e:0c:6d:8f:a5:07:0c:e6:
dc:19:e0:8d:06:b9:09:14:13:a8:52:74:dd:36:62:
a7:41:e8:d0:1b:12:3d:09:ea:80:72:59:d3:cb:65:
33:0f:ac:8c:f3:7f:1f:43:8f:27:d7:b4:06:4b:27:
b4:48:86:07:04:4d:dc:8c:20:27:c3:86:1a:f3:47:
6e:ce:b0:59:98:67:a1:00:cf:da:63:14:db:31:06:
6b:74:88:2e:3d:e4:9e:f9:e9:e8:ab:70:13:8c:49:
7b:97:b4:e1:84:81:14:8f:d3:75:9c:3c:48:0d:82:
40:7d:7e:91:77:94:33:4e:fa:3e:dc:9b:8a:db:23:
51:d4:bd:b5:f1:85:cf:50:46:57:65:7b:22:67:5f:
5a:37:b3:a1:99:72:17:d5:43:4d:10:13:45:03:b7:
24:c8:ae:84:81:11:e4:95:2b:0d:7a:e4:3e:de:a7:
7a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:00:32:17:0B:3B:0D:36:57:F2:ED:5F:63:F8:FF:09:7B:56:99:2C
X509v3 Authority Key Identifier:
keyid:8D:58:40:6A:D3:8B:15:5C:19:8E:38:5A:9C:2F:62:1B:CE:21:F8:77
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVhAatOLFVwZjjhanC9iG84h-Hc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0ba51c-1770-4dfa-8367-28f68a4a143b/1/ZQAyFws7DTZX8u1fY_j_CXtWmSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0ba51c-1770-4dfa-8367-28f68a4a143b/1/jVhAatOLFVwZjjhanC9iG84h-Hc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.28.64.0/22
Signature Algorithm: sha256WithRSAEncryption
98:3a:f5:19:fa:76:54:0d:59:b7:b2:09:7e:1c:38:bb:8a:91:
50:c0:b5:1a:7c:bf:66:21:d5:4c:db:04:b0:57:43:b5:e2:23:
ee:38:b7:8a:96:95:b9:e9:ba:ff:24:f1:3e:46:83:cf:a4:16:
05:25:8d:a1:26:6b:ac:2f:a7:a4:05:e5:21:39:b1:e8:74:da:
01:39:ae:50:aa:1f:da:41:bc:93:8d:bc:5f:67:3b:84:a5:bd:
0c:a8:7e:36:a0:74:ff:17:b4:b3:3b:98:80:8b:90:d7:89:e0:
0d:07:9c:b5:f7:1e:d9:37:99:df:68:60:56:a2:b3:02:2e:aa:
43:44:4d:ef:86:cd:57:af:01:e0:7d:7d:32:a6:97:9c:12:25:
8c:f0:4b:e3:fe:29:d0:ef:6d:18:fa:b9:84:8a:5a:d1:03:6b:
b2:8e:d3:fb:34:7c:c2:09:b3:6b:a0:7e:e0:f1:bc:34:f9:c9:
a8:95:c4:3a:36:05:c1:41:eb:e7:7b:49:f6:d7:f7:49:4c:0b:
13:cf:67:bf:53:89:79:1c:13:95:da:82:30:9b:00:a3:a4:ee:
40:78:fc:81:7f:eb:ce:30:3b:8d:d9:cd:ad:d1:e7:9c:ac:58:
fa:47:d2:fc:7c:f7:67:dd:f5:c9:df:9b:59:88:5d:c2:a0:af:
b6:23:c7:b5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsbhWiRvwQkMgmZcxlf3KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTg0MDZhZDM4YjE1NWMxOThlMzg1YTljMmY2MjFiY2Uy
MWY4NzcwHhcNMjUwMTAxMTE0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTAwMzIxNzBiM2IwZDM2NTdmMmVkNWY2M2Y4ZmYwOTdiNTY5OTJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQ5ksV7dOZwvyH7SaRmsyz6wvQ7H
aE8asSvmzFzcERFgPptMq7btFVg1lqQ2xKvC7H9PfctyUTlkPheQXJovjfX+/lWv
gkfNgpv7wtGWHTf7ngxtj6UHDObcGeCNBrkJFBOoUnTdNmKnQejQGxI9CeqAclnT
y2UzD6yM838fQ48n17QGSye0SIYHBE3cjCAnw4Ya80duzrBZmGehAM/aYxTbMQZr
dIguPeSe+enoq3ATjEl7l7ThhIEUj9N1nDxIDYJAfX6Rd5QzTvo+3JuK2yNR1L21
8YXPUEZXZXsiZ19aN7OhmXIX1UNNEBNFA7ckyK6EgRHklSsNeuQ+3qd62QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGUAMhcLOw02V/LtX2P4/wl7VpksMB8GA1UdIwQY
MBaAFI1YQGrTixVcGY44WpwvYhvOIfh3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZoQWF0T0xGVndaampoYW5DOWlHODRoLUhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYmE1MWMtMTc3MC00ZGZhLTgzNjct
MjhmNjhhNGExNDNiLzEvWlFBeUZ3czdEVFpYOHUxZllfal9DWHRXbVN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYmE1MWMtMTc3MC00ZGZhLTgzNjctMjhmNjhhNGExNDNi
LzEvalZoQWF0T0xGVndaampoYW5DOWlHODRoLUhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCixxAMA0G
CSqGSIb3DQEBCwUAA4IBAQCYOvUZ+nZUDVm3sgl+HDi7ipFQwLUafL9mIdVM2wSw
V0O14iPuOLeKlpW56br/JPE+RoPPpBYFJY2hJmusL6ekBeUhObHodNoBOa5Qqh/a
QbyTjbxfZzuEpb0MqH42oHT/F7SzO5iAi5DXieANB5y19x7ZN5nfaGBWorMCLqpD
RE3vhs1XrwHgfX0yppecEiWM8Evj/inQ720Y+rmEilrRA2uyjtP7NHzCCbNroH7g
8bw0+cmolcQ6NgXBQevne0n21/dJTAsTz2e/U4l5HBOV2oIwmwCjpO5AePyBf+vO
MDuN2c2t0eecrFj6R9L8fPdn3fXJ35tZiF3CoK+2I8e1
-----END CERTIFICATE-----
Generated at Mon Apr 21 15:03:12 2025 by rpki-client