Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/4b2f88-3e20-4afa-b754-06a404435e50/1/ZTj2ZwJbmSTqqGkaHNeSOzaRucE.roa
File: ZTj2ZwJbmSTqqGkaHNeSOzaRucE.roa (raw, json)
Hash identifier: 5l3ZvQv6nxBKcaHiVSLVWyVMDLkrqNymK7dZBTsMLbU=
Subject key identifier: 65:38:F6:67:02:5B:99:24:EA:A8:69:1A:1C:D7:92:3B:36:91:B9:C1
Certificate issuer: /CN=ff8dd5fe4179e8bda28532561919f6d07877c63d
Certificate serial: 01961281AA83BA2175EE77542B89E157A7F8
Authority key identifier: FF:8D:D5:FE:41:79:E8:BD:A2:85:32:56:19:19:F6:D0:78:77:C6:3D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_43V_kF56L2ihTJWGRn20Hh3xj0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/4b2f88-3e20-4afa-b754-06a404435e50/1/ZTj2ZwJbmSTqqGkaHNeSOzaRucE.roa
Signing time: Mon 07 Apr 2025 23:06:49 +0000
ROA not before: Mon 07 Apr 2025 23:06:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 46.149.142.0/24 maxlen: 24
46.149.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/4b2f88-3e20-4afa-b754-06a404435e50/1/_43V_kF56L2ihTJWGRn20Hh3xj0.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/4b2f88-3e20-4afa-b754-06a404435e50/1/_43V_kF56L2ihTJWGRn20Hh3xj0.mft
rsync://rpki.ripe.net/repository/DEFAULT/_43V_kF56L2ihTJWGRn20Hh3xj0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 01:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:12:81:aa:83:ba:21:75:ee:77:54:2b:89:e1:57:a7:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ff8dd5fe4179e8bda28532561919f6d07877c63d
Validity
Not Before: Apr 7 23:06:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6538f667025b9924eaa8691a1cd7923b3691b9c1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:85:f9:41:0d:f8:eb:ab:44:b4:8a:a1:70:0c:
27:a2:db:53:fe:df:52:cf:ba:c3:12:2b:44:52:53:
b7:2e:7c:ac:3e:58:31:59:3d:f6:00:0f:04:4d:3e:
41:a4:5c:50:0b:37:26:8d:40:8e:a3:26:04:ea:cc:
57:62:c1:5a:83:98:b9:fb:11:15:ce:8a:b7:55:4a:
60:4a:4d:4b:c1:1a:32:7f:2f:28:78:77:11:6a:24:
dd:ff:10:ba:57:33:65:76:60:14:7f:9c:34:af:01:
50:4b:6a:78:04:80:74:e9:1b:25:af:b5:6d:7d:3e:
f1:02:a1:f5:7a:9a:8d:14:fb:82:89:6c:3b:4e:2e:
9d:3b:f5:5f:a6:98:1b:4a:b7:9c:1f:7f:28:0b:7d:
10:2f:12:e8:3b:c9:fb:70:41:db:56:5e:36:6b:5f:
66:c8:c4:36:4c:62:e8:93:37:86:1a:3e:a5:b3:ae:
5f:54:9f:bb:10:55:03:22:ae:29:26:8a:45:69:23:
b3:00:0d:91:3c:f9:dc:df:4b:d7:c3:7f:28:2b:a2:
52:e7:41:1a:5c:16:a1:9a:98:0e:99:8d:f0:93:93:
4f:7e:58:99:94:f6:95:fd:e7:83:ad:2b:ef:bb:77:
a7:fe:2b:5e:be:bc:2e:57:b6:c3:30:86:cd:72:54:
ad:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:38:F6:67:02:5B:99:24:EA:A8:69:1A:1C:D7:92:3B:36:91:B9:C1
X509v3 Authority Key Identifier:
keyid:FF:8D:D5:FE:41:79:E8:BD:A2:85:32:56:19:19:F6:D0:78:77:C6:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_43V_kF56L2ihTJWGRn20Hh3xj0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/4b2f88-3e20-4afa-b754-06a404435e50/1/ZTj2ZwJbmSTqqGkaHNeSOzaRucE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/4b2f88-3e20-4afa-b754-06a404435e50/1/_43V_kF56L2ihTJWGRn20Hh3xj0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.149.142.0/23
Signature Algorithm: sha256WithRSAEncryption
02:eb:8c:d9:42:a9:ed:a4:7e:63:d5:5b:74:e8:5f:84:26:3b:
4b:7b:20:92:5a:c3:d4:07:2c:71:7a:2f:c7:d0:5b:f6:7e:53:
2d:73:ea:d3:7f:9a:bc:1f:a7:70:91:27:50:76:a9:ec:50:ef:
b7:f4:1b:e7:09:39:ba:1b:b8:87:1f:de:38:87:30:c7:c6:07:
6a:de:da:03:ff:66:f1:22:39:fb:a7:75:3f:cd:fb:58:3b:07:
02:68:c1:e9:2d:e2:f7:f4:70:0f:e1:41:8e:06:d2:95:1d:c3:
bd:38:40:09:a0:0c:c8:9f:37:11:45:7c:4b:88:1b:7d:ed:e7:
2c:50:d2:65:2f:72:75:10:b6:e2:49:17:3a:c9:34:3a:2f:ba:
09:e8:4b:23:99:3f:c1:61:46:29:a0:21:d3:98:44:3e:b1:36:
ec:0a:24:43:50:5f:0a:22:e6:40:57:ca:5c:ed:f5:bd:33:ca:
80:71:b9:e7:41:a6:79:17:34:c3:3e:db:ba:cc:a3:74:a7:54:
c1:9e:d4:0e:9b:d3:86:e8:e5:0d:e3:9d:01:0d:36:48:84:cf:
7e:64:c7:63:2e:6a:b0:ce:42:9e:fb:73:f1:52:8a:c9:bd:fb:
b3:5c:55:48:c8:78:84:ac:b4:6e:3d:ee:fd:bc:12:0c:01:c1:
ec:b5:ec:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZYSgaqDuiF17ndUK4nhV6f4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmOGRkNWZlNDE3OWU4YmRhMjg1MzI1NjE5MTlmNmQwNzg3
N2M2M2QwHhcNMjUwNDA3MjMwNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTM4ZjY2NzAyNWI5OTI0ZWFhODY5MWExY2Q3OTIzYjM2OTFiOWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3oX5QQ3466tEtIqhcAwnottT/t9S
z7rDEitEUlO3LnysPlgxWT32AA8ETT5BpFxQCzcmjUCOoyYE6sxXYsFag5i5+xEV
zoq3VUpgSk1LwRoyfy8oeHcRaiTd/xC6VzNldmAUf5w0rwFQS2p4BIB06Rslr7Vt
fT7xAqH1epqNFPuCiWw7Ti6dO/VfppgbSrecH38oC30QLxLoO8n7cEHbVl42a19m
yMQ2TGLokzeGGj6ls65fVJ+7EFUDIq4pJopFaSOzAA2RPPnc30vXw38oK6JS50Ea
XBahmpgOmY3wk5NPfliZlPaV/eeDrSvvu3en/itevrwuV7bDMIbNclStWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGU49mcCW5kk6qhpGhzXkjs2kbnBMB8GA1UdIwQY
MBaAFP+N1f5Beei9ooUyVhkZ9tB4d8Y9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzQzVl9rRjU2TDJpaFRKV0dSbjIwSGgzeGowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS80YjJmODgtM2UyMC00YWZhLWI3NTQt
MDZhNDA0NDM1ZTUwLzEvWlRqMlp3SmJtU1RxcUdrYUhOZVNPemFSdWNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS80YjJmODgtM2UyMC00YWZhLWI3NTQtMDZhNDA0NDM1ZTUw
LzEvXzQzVl9rRjU2TDJpaFRKV0dSbjIwSGgzeGowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLpWOMA0G
CSqGSIb3DQEBCwUAA4IBAQAC64zZQqntpH5j1Vt06F+EJjtLeyCSWsPUByxxei/H
0Fv2flMtc+rTf5q8H6dwkSdQdqnsUO+39BvnCTm6G7iHH944hzDHxgdq3toD/2bx
Ijn7p3U/zftYOwcCaMHpLeL39HAP4UGOBtKVHcO9OEAJoAzInzcRRXxLiBt97ecs
UNJlL3J1ELbiSRc6yTQ6L7oJ6EsjmT/BYUYpoCHTmEQ+sTbsCiRDUF8KIuZAV8pc
7fW9M8qAcbnnQaZ5FzTDPtu6zKN0p1TBntQOm9OG6OUN450BDTZIhM9+ZMdjLmqw
zkKe+3PxUorJvfuzXFVIyHiErLRuPe79vBIMAcHsteyA
-----END CERTIFICATE-----
Generated at Mon Apr 21 06:14:32 2025 by rpki-client