Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/zmJ9lE5vi4Jqc9Z9iVsq8OjO3sw.roa
File: zmJ9lE5vi4Jqc9Z9iVsq8OjO3sw.roa (raw, json)
Hash identifier: b4eeLp19myrQzh9AuX2bzcABMyXzCxCR666FaiLOLYU=
Subject key identifier: CE:62:7D:94:4E:6F:8B:82:6A:73:D6:7D:89:5B:2A:F0:E8:CE:DE:CC
Certificate issuer: /CN=20b5100e798fab7577bf725ac9569ea80e6c2a04
Certificate serial: 0195FF4E335E4277405A117FB8E01CDE8EFC
Authority key identifier: 20:B5:10:0E:79:8F:AB:75:77:BF:72:5A:C9:56:9E:A8:0E:6C:2A:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/zmJ9lE5vi4Jqc9Z9iVsq8OjO3sw.roa
Signing time: Fri 04 Apr 2025 05:37:49 +0000
ROA not before: Fri 04 Apr 2025 05:37:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44703
IP address blocks: 85.115.64.0/19 maxlen: 19
85.115.64.0/24 maxlen: 24
85.115.65.0/24 maxlen: 24
85.115.70.0/24 maxlen: 24
85.115.71.0/24 maxlen: 24
85.115.72.0/21 maxlen: 21
85.115.80.0/21 maxlen: 21
85.115.88.0/24 maxlen: 24
85.115.93.0/24 maxlen: 24
85.115.94.0/24 maxlen: 24
85.115.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/ILUQDnmPq3V3v3JayVaeqA5sKgQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/ILUQDnmPq3V3v3JayVaeqA5sKgQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:ff:4e:33:5e:42:77:40:5a:11:7f:b8:e0:1c:de:8e:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20b5100e798fab7577bf725ac9569ea80e6c2a04
Validity
Not Before: Apr 4 05:37:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce627d944e6f8b826a73d67d895b2af0e8cedecc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ef:86:7e:c8:bb:dc:1c:f9:78:2c:84:f7:af:
8e:01:1b:5d:33:1e:07:d3:e8:47:49:7d:1b:ca:5e:
22:2b:98:76:84:d2:b4:9b:6a:4f:9f:c4:75:e1:67:
10:66:17:24:22:9a:7f:70:3c:eb:00:46:d6:62:f7:
74:fb:7d:5f:ae:7f:60:c8:46:54:d3:05:37:67:f2:
8a:56:75:52:4d:b5:55:c3:d9:7b:48:3a:f3:9d:84:
9f:1f:f7:b9:7f:43:0f:e8:0c:4c:7c:8d:b6:be:4f:
6d:4f:f3:d8:3c:c8:d0:0e:24:0f:36:3e:fc:a7:2f:
f7:5e:06:7f:31:eb:b7:01:12:5a:fc:d6:c1:a1:02:
de:34:b6:33:59:bf:b6:84:72:75:a6:c8:46:ce:87:
2d:68:0f:80:5e:b3:c8:ef:85:d3:3d:19:57:13:82:
66:21:b5:9f:c2:26:01:80:d8:1a:6b:8f:65:52:04:
1b:08:be:7b:c0:0b:7e:6b:34:67:ff:d7:54:c0:e4:
af:5a:df:49:00:82:97:7d:d4:72:d1:c1:8f:5e:4f:
c7:93:5b:a9:f0:25:b8:36:da:28:29:fb:57:e4:16:
b9:34:03:69:03:bb:be:69:2a:aa:27:cf:34:e9:e5:
0b:74:49:14:7c:11:85:21:40:6d:c1:86:aa:52:ba:
79:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:62:7D:94:4E:6F:8B:82:6A:73:D6:7D:89:5B:2A:F0:E8:CE:DE:CC
X509v3 Authority Key Identifier:
keyid:20:B5:10:0E:79:8F:AB:75:77:BF:72:5A:C9:56:9E:A8:0E:6C:2A:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ILUQDnmPq3V3v3JayVaeqA5sKgQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/zmJ9lE5vi4Jqc9Z9iVsq8OjO3sw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/9e49ff-4264-4647-95a4-8037965693a2/1/ILUQDnmPq3V3v3JayVaeqA5sKgQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.64.0/19
Signature Algorithm: sha256WithRSAEncryption
67:57:0f:8b:ea:07:5a:56:ed:4e:ed:6c:58:42:7f:85:2a:70:
6b:9b:61:c7:47:4d:73:c3:06:15:12:0c:b3:db:1c:08:b1:aa:
93:43:66:0d:b0:d5:e3:d0:40:39:2d:c5:46:36:98:38:19:12:
ce:10:5c:1d:d0:62:c7:73:35:ee:e1:03:1b:6f:dd:0a:1a:aa:
fb:26:b4:2d:49:0e:bc:e3:84:34:29:b2:47:4a:f4:cc:e4:3b:
bb:ae:fc:d7:28:e6:38:83:be:7e:30:99:aa:8a:51:ea:b7:6e:
c1:4a:86:cd:7d:d0:47:10:12:bc:12:52:70:4e:da:7e:f8:5b:
56:b4:4d:7f:da:06:5b:6c:96:37:18:94:4b:13:dd:47:76:97:
04:0e:22:b0:0d:96:4c:0e:4b:20:2c:58:21:16:30:b5:2f:47:
f8:86:ca:02:7b:97:a6:d0:ad:ae:85:ef:d6:15:ac:69:b6:36:
e8:d5:0e:47:66:83:1b:36:e7:7b:e7:4d:18:0b:b8:d9:48:98:
f1:df:50:2a:a5:f0:aa:eb:6b:76:78:8e:70:80:81:85:74:54:
35:bb:2c:f7:ac:21:03:b2:e2:06:26:db:2a:df:d8:31:17:3d:
cc:b7:72:64:90:9a:74:39:07:ab:4e:8a:50:84:1d:d5:34:7c:
6e:8d:50:dc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZX/TjNeQndAWhF/uOAc3o78MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYjUxMDBlNzk4ZmFiNzU3N2JmNzI1YWM5NTY5ZWE4MGU2
YzJhMDQwHhcNMjUwNDA0MDUzNzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTYyN2Q5NDRlNmY4YjgyNmE3M2Q2N2Q4OTViMmFmMGU4Y2VkZWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr++Gfsi73Bz5eCyE96+OARtdMx4H
0+hHSX0byl4iK5h2hNK0m2pPn8R14WcQZhckIpp/cDzrAEbWYvd0+31frn9gyEZU
0wU3Z/KKVnVSTbVVw9l7SDrznYSfH/e5f0MP6AxMfI22vk9tT/PYPMjQDiQPNj78
py/3XgZ/Meu3ARJa/NbBoQLeNLYzWb+2hHJ1pshGzoctaA+AXrPI74XTPRlXE4Jm
IbWfwiYBgNgaa49lUgQbCL57wAt+azRn/9dUwOSvWt9JAIKXfdRy0cGPXk/Hk1up
8CW4NtooKftX5Ba5NANpA7u+aSqqJ8806eULdEkUfBGFIUBtwYaqUrp54QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM5ifZROb4uCanPWfYlbKvDozt7MMB8GA1UdIwQY
MBaAFCC1EA55j6t1d79yWslWnqgObCoEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUxVUURubVBxM1YzdjNKYXlWYWVxQTVzS2dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS85ZTQ5ZmYtNDI2NC00NjQ3LTk1YTQt
ODAzNzk2NTY5M2EyLzEvem1KOWxFNXZpNEpxYzlaOWlWc3E4T2pPM3N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS85ZTQ5ZmYtNDI2NC00NjQ3LTk1YTQtODAzNzk2NTY5M2Ey
LzEvSUxVUURubVBxM1YzdjNKYXlWYWVxQTVzS2dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFVXNAMA0G
CSqGSIb3DQEBCwUAA4IBAQBnVw+L6gdaVu1O7WxYQn+FKnBrm2HHR01zwwYVEgyz
2xwIsaqTQ2YNsNXj0EA5LcVGNpg4GRLOEFwd0GLHczXu4QMbb90KGqr7JrQtSQ68
44Q0KbJHSvTM5Du7rvzXKOY4g75+MJmqilHqt27BSobNfdBHEBK8ElJwTtp++FtW
tE1/2gZbbJY3GJRLE91HdpcEDiKwDZZMDksgLFghFjC1L0f4hsoCe5em0K2uhe/W
Faxptjbo1Q5HZoMbNud7500YC7jZSJjx31AqpfCq62t2eI5wgIGFdFQ1uyz3rCED
suIGJtsq39gxFz3Mt3JkkJp0OQerTopQhB3VNHxujVDc
-----END CERTIFICATE-----
Generated at Mon Apr 7 19:36:41 2025 by rpki-client