Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/zShwLkkDPGWGSwVW1WaNYQqy4QY.roa
File: zShwLkkDPGWGSwVW1WaNYQqy4QY.roa (raw, json)
Hash identifier: cc7GaLAsHY9PJBKnUzOfoPoWS1viq2gLzvzxAmdtn+k=
Subject key identifier: CD:28:70:2E:49:03:3C:65:86:4B:05:56:D5:66:8D:61:0A:B2:E1:06
Certificate issuer: /CN=712f9cb3c298b150beb79080376f74bdeac438ac
Certificate serial: 0194258FA157BB12FE3BC8A511357EBB15DC
Authority key identifier: 71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/zShwLkkDPGWGSwVW1WaNYQqy4QY.roa
Signing time: Thu 02 Jan 2025 05:49:17 +0000
ROA not before: Thu 02 Jan 2025 05:49:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60983
IP address blocks: 185.22.128.0/22 maxlen: 24
193.169.46.0/23 maxlen: 24
2a00:6060::/32 maxlen: 32
2a00:6060:ca00::/48 maxlen: 48
2a00:6060:ee37::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.mft
rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 11:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a1:57:bb:12:fe:3b:c8:a5:11:35:7e:bb:15:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f9cb3c298b150beb79080376f74bdeac438ac
Validity
Not Before: Jan 2 05:49:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd28702e49033c65864b0556d5668d610ab2e106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:e8:66:71:45:16:ab:09:83:1d:49:fd:e3:f0:
52:ce:d8:8c:d2:ab:69:39:29:7e:c0:24:25:e6:af:
2d:0c:ea:27:a2:c4:e2:db:bf:4d:23:ef:6a:f3:cb:
52:c1:13:29:65:c5:40:66:ba:a9:07:66:28:bf:0a:
a0:4d:f8:46:37:63:f0:62:62:f0:61:0e:1b:ba:7a:
9e:a0:46:c0:00:5d:14:6e:af:67:a3:51:c9:45:ba:
d3:b9:5c:23:36:1f:35:5a:75:d1:83:62:b6:1d:f0:
cc:7e:72:6b:79:94:a4:1a:34:af:66:be:72:d4:8a:
1f:dc:c0:46:77:ec:99:b7:1d:67:56:77:70:09:68:
77:7e:01:16:e5:7a:f2:d1:e0:7a:6f:6d:69:98:59:
aa:15:e7:fd:41:e1:37:5e:0e:ec:93:c3:0b:1f:bc:
99:0b:cb:8d:21:71:93:b8:fe:0c:7b:b8:a3:fb:5a:
2c:b4:ee:04:c0:17:f4:01:79:16:5e:85:5b:64:6d:
a6:d3:da:b0:76:49:4d:7d:50:ae:31:5b:01:72:18:
82:a7:e0:db:f1:a2:db:a2:34:47:eb:24:73:60:17:
6b:aa:41:44:b4:19:f5:d8:fe:bc:2b:86:8c:6a:48:
e9:1d:50:03:61:e1:01:d0:bb:0e:49:7e:bf:40:9b:
60:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:28:70:2E:49:03:3C:65:86:4B:05:56:D5:66:8D:61:0A:B2:E1:06
X509v3 Authority Key Identifier:
keyid:71:2F:9C:B3:C2:98:B1:50:BE:B7:90:80:37:6F:74:BD:EA:C4:38:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS-cs8KYsVC-t5CAN290verEOKw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/zShwLkkDPGWGSwVW1WaNYQqy4QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/e2e119-fd78-4b1a-b16a-987da4392056/1/cS-cs8KYsVC-t5CAN290verEOKw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.22.128.0/22
193.169.46.0/23
IPv6:
2a00:6060::/32
Signature Algorithm: sha256WithRSAEncryption
81:a0:7e:47:c6:93:65:bb:c2:d0:a7:6a:75:99:5e:74:a4:59:
7c:9d:3a:fe:59:52:c2:4d:6f:0b:12:c1:73:a0:3f:be:46:e2:
ee:7a:77:72:05:3e:07:07:43:47:7d:44:6b:87:5a:da:cc:4f:
0c:ed:65:6c:b2:9e:ba:09:20:42:0d:22:b7:7c:1b:fa:5b:ba:
2f:e7:ed:f3:dc:68:64:0f:61:a9:57:7a:f4:f7:f9:d3:8c:c0:
39:05:a4:a7:70:16:92:2a:46:dd:e3:b3:83:39:f6:42:5f:69:
02:3c:f9:87:31:86:30:c3:cd:ca:42:2a:94:3b:3f:7c:47:a8:
67:5c:72:ba:37:2a:b3:1a:35:89:cc:27:92:c3:1f:27:52:f2:
41:69:22:d9:30:d7:52:0a:5e:b6:4c:a1:cd:bf:da:36:1a:ea:
6b:4d:a3:8f:3d:ec:10:77:58:dd:64:34:4d:36:f5:9f:62:60:
2d:9e:b0:27:5a:22:d2:4d:7d:93:15:ff:d0:d9:29:27:3b:42:
fa:13:3b:b0:bb:cd:53:de:12:11:7c:3a:06:d3:18:1e:0c:05:
c0:b6:ed:96:28:fc:33:12:47:a1:cb:b1:e2:a9:14:78:51:ad:
e3:98:c4:2b:e2:8e:10:4a:39:ea:0e:06:6b:50:e7:b9:45:b7:
9a:b9:93:20
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQlj6FXuxL+O8ilETV+uxXcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmY5Y2IzYzI5OGIxNTBiZWI3OTA4MDM3NmY3NGJkZWFj
NDM4YWMwHhcNMjUwMTAyMDU0OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDI4NzAyZTQ5MDMzYzY1ODY0YjA1NTZkNTY2OGQ2MTBhYjJlMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsehmcUUWqwmDHUn94/BSztiM0qtp
OSl+wCQl5q8tDOonosTi279NI+9q88tSwRMpZcVAZrqpB2YovwqgTfhGN2PwYmLw
YQ4bunqeoEbAAF0Ubq9no1HJRbrTuVwjNh81WnXRg2K2HfDMfnJreZSkGjSvZr5y
1Iof3MBGd+yZtx1nVndwCWh3fgEW5Xry0eB6b21pmFmqFef9QeE3Xg7sk8MLH7yZ
C8uNIXGTuP4Me7ij+1ostO4EwBf0AXkWXoVbZG2m09qwdklNfVCuMVsBchiCp+Db
8aLbojRH6yRzYBdrqkFEtBn12P68K4aMakjpHVADYeEB0LsOSX6/QJtgsQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM0ocC5JAzxlhksFVtVmjWEKsuEGMB8GA1UdIwQY
MBaAFHEvnLPCmLFQvreQgDdvdL3qxDisMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEt
OTg3ZGE0MzkyMDU2LzEvelNod0xra0RQR1dHU3dWVzFXYU5ZUXF5NFFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS9lMmUxMTktZmQ3OC00YjFhLWIxNmEtOTg3ZGE0MzkyMDU2
LzEvY1MtY3M4S1lzVkMtdDVDQU4yOTB2ZXJFT0t3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuRaAAwQB
wakuMA0EAgACMAcDBQAqAGBgMA0GCSqGSIb3DQEBCwUAA4IBAQCBoH5HxpNlu8LQ
p2p1mV50pFl8nTr+WVLCTW8LEsFzoD++RuLuendyBT4HB0NHfURrh1razE8M7WVs
sp66CSBCDSK3fBv6W7ov5+3z3GhkD2GpV3r09/nTjMA5BaSncBaSKkbd47ODOfZC
X2kCPPmHMYYww83KQiqUOz98R6hnXHK6NyqzGjWJzCeSwx8nUvJBaSLZMNdSCl62
TKHNv9o2GuprTaOPPewQd1jdZDRNNvWfYmAtnrAnWiLSTX2TFf/Q2SknO0L6Ezuw
u81T3hIRfDoG0xgeDAXAtu2WKPwzEkehy7HiqRR4Ua3jmMQr4o4QSjnqDgZrUOe5
RbeauZMg
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:32:57 2025 by rpki-client