Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/HzNyysceRKeRdA1hjWYRZPbP3bg.roa
File: HzNyysceRKeRdA1hjWYRZPbP3bg.roa (raw, json)
Hash identifier: LjbMsGUdE/LEpP15YVSK6PhMb+v41cEg4eSzCdw3tFc=
Subject key identifier: 1F:33:72:CA:C7:1E:44:A7:91:74:0D:61:8D:66:11:64:F6:CF:DD:B8
Certificate issuer: /CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Certificate serial: 0194221F6EA355A51649D37AD97D063B6F7E
Authority key identifier: CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/HzNyysceRKeRdA1hjWYRZPbP3bg.roa
Signing time: Wed 01 Jan 2025 13:47:52 +0000
ROA not before: Wed 01 Jan 2025 13:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51964
IP address blocks: 57.7.0.0/16 maxlen: 24
57.21.0.0/16 maxlen: 24
57.35.0.0/16 maxlen: 24
57.66.0.0/15 maxlen: 32
57.68.0.0/15 maxlen: 32
57.70.0.0/16 maxlen: 32
57.72.0.0/15 maxlen: 32
57.74.0.0/16 maxlen: 32
57.76.0.0/14 maxlen: 32
57.80.0.0/14 maxlen: 32
57.86.0.0/15 maxlen: 32
57.90.0.0/16 maxlen: 32
57.92.0.0/16 maxlen: 24
57.96.0.0/15 maxlen: 24
57.98.0.0/16 maxlen: 24
57.100.0.0/16 maxlen: 24
57.194.0.0/15 maxlen: 24
57.197.0.0/16 maxlen: 24
57.199.0.0/16 maxlen: 24
57.200.0.0/16 maxlen: 24
57.202.0.0/15 maxlen: 24
57.205.0.0/16 maxlen: 24
57.207.0.0/16 maxlen: 24
57.208.0.0/12 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.mft
rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:6e:a3:55:a5:16:49:d3:7a:d9:7d:06:3b:6f:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdb83cfe5489835f294d0af4dd4db6e3dc25f1f3
Validity
Not Before: Jan 1 13:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f3372cac71e44a791740d618d661164f6cfddb8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:6f:69:ef:ab:8f:58:a0:4c:91:21:36:52:d0:
7a:a1:4a:14:3c:b9:91:2a:7a:8e:f0:cc:2d:81:d9:
f0:a2:d9:e4:af:49:75:90:50:b2:51:79:29:74:68:
cb:f6:72:b4:a3:4e:5c:39:29:56:8b:7c:bb:70:5f:
17:1f:7b:72:35:e3:49:02:b7:66:64:0a:58:f2:14:
77:46:80:93:cc:12:fd:1a:bc:25:f7:54:9e:09:ed:
a4:97:06:76:7f:6c:4c:3b:41:f4:1d:4b:4a:95:ba:
9f:a6:33:be:eb:f5:f1:6f:db:47:f1:d6:cc:46:53:
e4:be:8f:aa:04:85:b5:ce:6e:bb:cf:5c:7d:37:3a:
86:7b:8f:05:33:b8:bf:c0:9b:e9:9a:6c:75:d4:39:
d5:43:f5:b1:b3:90:b7:1f:28:88:b6:49:bc:a1:40:
af:71:f8:c9:19:9b:79:41:fe:04:c9:d2:3a:c0:ff:
77:33:ef:d8:b2:35:bd:d8:fe:dc:91:61:56:f5:5f:
f3:38:86:78:c0:13:d1:9b:14:3a:ea:70:7d:f8:37:
6d:5e:98:b2:83:d5:ec:39:6f:c4:34:1a:8d:ff:50:
ed:9c:15:dd:20:da:2e:11:d8:2f:37:c2:bf:83:ed:
db:a6:3a:ea:3c:2d:56:fa:35:84:21:dc:81:0e:d0:
bf:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:33:72:CA:C7:1E:44:A7:91:74:0D:61:8D:66:11:64:F6:CF:DD:B8
X509v3 Authority Key Identifier:
keyid:CD:B8:3C:FE:54:89:83:5F:29:4D:0A:F4:DD:4D:B6:E3:DC:25:F1:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zbg8_lSJg18pTQr03U2249wl8fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/HzNyysceRKeRdA1hjWYRZPbP3bg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/739716-9af2-47f5-a6f1-a3b74f9641ac/1/zbg8_lSJg18pTQr03U2249wl8fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
57.7.0.0/16
57.21.0.0/16
57.35.0.0/16
57.66.0.0-57.70.255.255
57.72.0.0-57.74.255.255
57.76.0.0-57.83.255.255
57.86.0.0/15
57.90.0.0/16
57.92.0.0/16
57.96.0.0-57.98.255.255
57.100.0.0/16
57.194.0.0/15
57.197.0.0/16
57.199.0.0-57.200.255.255
57.202.0.0/15
57.205.0.0/16
57.207.0.0-57.223.255.255
Signature Algorithm: sha256WithRSAEncryption
d2:73:c9:4d:50:55:23:84:81:2c:9a:04:0a:47:2e:54:58:6d:
16:48:87:3e:5e:d2:71:20:70:c3:43:47:9a:3b:e5:93:75:cb:
72:7c:e4:33:84:4e:6d:c5:48:a3:92:6b:47:b6:06:c7:ef:4c:
b3:aa:fe:37:bd:4b:98:91:dc:47:15:1d:ef:38:85:7e:28:e7:
9f:fc:1b:99:00:a3:69:a6:3e:7e:ba:60:1b:80:d3:0a:f5:d4:
36:d8:b7:75:db:ba:ec:09:82:98:75:3d:c7:76:59:20:3d:7f:
a6:2f:32:e9:76:16:74:83:9d:37:6b:a5:d7:91:42:fe:76:f8:
8d:6e:9c:31:32:90:0b:a0:a5:ac:a6:38:de:38:e3:49:2e:1d:
06:79:d8:27:c1:73:92:95:53:68:f0:94:b8:f6:46:74:98:78:
2c:bc:fb:a7:8c:01:dd:38:9b:07:20:d6:08:84:64:96:b5:0d:
2b:39:6e:05:f4:ea:8f:e6:d6:fb:eb:65:e3:d7:cd:bd:ca:59:
66:47:6e:46:36:04:f9:92:07:dd:39:25:1f:1c:28:5b:51:06:
7a:ed:5d:73:ed:68:92:e6:3d:1d:23:e1:27:b4:7d:92:37:1a:
1b:61:1c:73:5e:dd:75:dc:89:b6:c3:4a:7b:c0:10:12:01:60:
59:b7:2f:d5
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAZQiH26jVaUWSdN62X0GO29+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYjgzY2ZlNTQ4OTgzNWYyOTRkMGFmNGRkNGRiNmUzZGMy
NWYxZjMwHhcNMjUwMTAxMTM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjMzNzJjYWM3MWU0NGE3OTE3NDBkNjE4ZDY2MTE2NGY2Y2ZkZGI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwW9p76uPWKBMkSE2UtB6oUoUPLmR
KnqO8Mwtgdnwotnkr0l1kFCyUXkpdGjL9nK0o05cOSlWi3y7cF8XH3tyNeNJArdm
ZApY8hR3RoCTzBL9Grwl91SeCe2klwZ2f2xMO0H0HUtKlbqfpjO+6/Xxb9tH8dbM
RlPkvo+qBIW1zm67z1x9NzqGe48FM7i/wJvpmmx11DnVQ/Wxs5C3HyiItkm8oUCv
cfjJGZt5Qf4EydI6wP93M+/YsjW92P7ckWFW9V/zOIZ4wBPRmxQ66nB9+DdtXpiy
g9XsOW/ENBqN/1DtnBXdINouEdgvN8K/g+3bpjrqPC1W+jWEIdyBDtC/1QIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFB8zcsrHHkSnkXQNYY1mEWT2z924MB8GA1UdIwQY
MBaAFM24PP5UiYNfKU0K9N1NtuPcJfHzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEt
YTNiNzRmOTY0MWFjLzEvSHpOeXlzY2VSS2VSZEExaGpXWVJaUGJQM2JnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS83Mzk3MTYtOWFmMi00N2Y1LWE2ZjEtYTNiNzRmOTY0MWFj
LzEvemJnOF9sU0pnMThwVFFyMDNVMjI0OXdsOGZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDCBhQQCAAEwfwMDADkH
AwMAORUDAwA5IzAKAwMBOUIDAwA5RjAKAwMDOUgDAwA5SjAKAwMCOUwDAwI5UAMD
ATlWAwMAOVoDAwA5XDAKAwMFOWADAwA5YgMDADlkAwMBOcIDAwA5xTAKAwMAOccD
AwA5yAMDATnKAwMAOc0wCgMDADnPAwMFOcAwDQYJKoZIhvcNAQELBQADggEBANJz
yU1QVSOEgSyaBApHLlRYbRZIhz5e0nEgcMNDR5o75ZN1y3J85DOETm3FSKOSa0e2
BsfvTLOq/je9S5iR3EcVHe84hX4o55/8G5kAo2mmPn66YBuA0wr11DbYt3XbuuwJ
gph1Pcd2WSA9f6YvMul2FnSDnTdrpdeRQv52+I1unDEykAugpaymON4440kuHQZ5
2CfBc5KVU2jwlLj2RnSYeCy8+6eMAd04mwcg1giEZJa1DSs5bgX06o/m1vvrZePX
zb3KWWZHbkY2BPmSB905JR8cKFtRBnrtXXPtaJLmPR0j4Se0fZI3GhthHHNe3XXc
ibbDSnvAEBIBYFm3L9U=
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:33:21 2025 by rpki-client