Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/mizpW-CedPrysq20puaRplVzBas.roa
File: mizpW-CedPrysq20puaRplVzBas.roa (raw, json)
Hash identifier: ZhIE+FWiXGSht5bpIKov+Ga9kyrb4wRzjNebEuN3tlM=
Subject key identifier: 9A:2C:E9:5B:E0:9E:74:FA:F2:B2:AD:B4:A6:E6:91:A6:55:73:05:AB
Certificate issuer: /CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa
Certificate serial: 019421B23CDFE72917E4FCA11C0129CE0883
Authority key identifier: D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/mizpW-CedPrysq20puaRplVzBas.roa
Signing time: Wed 01 Jan 2025 11:48:36 +0000
ROA not before: Wed 01 Jan 2025 11:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8339
IP address blocks: 62.40.128.0/17 maxlen: 24
81.217.0.0/16 maxlen: 24
82.149.96.0/19 maxlen: 24
82.218.0.0/16 maxlen: 24
89.104.0.0/19 maxlen: 24
92.62.16.0/20 maxlen: 24
94.16.32.0/19 maxlen: 24
95.143.224.0/20 maxlen: 24
176.120.160.0/21 maxlen: 21
178.18.160.0/20 maxlen: 24
185.100.96.0/22 maxlen: 24
194.106.224.0/19 maxlen: 24
195.202.128.0/19 maxlen: 24
195.202.160.0/19 maxlen: 24
195.230.160.0/19 maxlen: 24
202.170.80.0/21 maxlen: 24
2a00:1b38::/32 maxlen: 32
2a02:e200::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b2:3c:df:e7:29:17:e4:fc:a1:1c:01:29:ce:08:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2f1c8842e7cf891b234d3a1e0e2e0ef73e842aa
Validity
Not Before: Jan 1 11:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a2ce95be09e74faf2b2adb4a6e691a6557305ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:7d:7f:d8:e4:c2:7b:eb:48:35:0b:1f:bb:df:
06:bb:19:ca:2f:74:52:14:f8:2a:43:cf:0f:32:5c:
31:45:77:0b:fe:01:f5:45:70:aa:75:1b:d4:6f:f7:
0a:08:dc:1a:26:e6:a3:04:c7:6b:bf:ea:54:75:02:
54:7e:3c:ae:f9:49:4d:79:34:f5:de:f6:94:ba:5a:
e0:e0:c9:83:33:35:00:20:85:0e:e6:00:78:50:88:
a0:44:cb:65:36:3d:de:63:51:12:a7:58:c9:3b:92:
13:27:0e:7f:af:13:93:6c:b1:e5:72:d1:49:0d:db:
b1:e6:c5:af:27:de:7e:7e:ff:2a:1c:9c:78:29:51:
71:1c:db:62:79:c1:20:03:99:58:3e:88:81:34:22:
47:3a:cc:28:6e:8f:7f:08:80:54:60:38:72:a0:72:
17:9d:0d:60:11:12:27:4c:f1:51:ac:ed:4c:9d:be:
d2:e6:a5:52:ca:b8:70:85:a8:c4:2d:67:4b:24:8d:
77:ad:04:95:07:7e:ed:47:78:e7:32:ae:9f:00:a6:
9b:85:f5:9c:98:d8:f7:11:2d:80:b0:b9:29:33:8f:
b0:e1:17:f0:60:fd:f0:14:a6:eb:66:a6:37:a8:d9:
7a:82:b5:94:25:21:2f:17:88:cf:be:cc:b6:f9:fb:
af:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2C:E9:5B:E0:9E:74:FA:F2:B2:AD:B4:A6:E6:91:A6:55:73:05:AB
X509v3 Authority Key Identifier:
keyid:D2:F1:C8:84:2E:7C:F8:91:B2:34:D3:A1:E0:E2:E0:EF:73:E8:42:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0vHIhC58-JGyNNOh4OLg73PoQqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/mizpW-CedPrysq20puaRplVzBas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/c99ae7-b671-40b9-bb1e-a19444f7a337/1/0vHIhC58-JGyNNOh4OLg73PoQqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.40.128.0/17
81.217.0.0/16
82.149.96.0/19
82.218.0.0/16
89.104.0.0/19
92.62.16.0/20
94.16.32.0/19
95.143.224.0/20
176.120.160.0/21
178.18.160.0/20
185.100.96.0/22
194.106.224.0/19
195.202.128.0/18
195.230.160.0/19
202.170.80.0/21
IPv6:
2a00:1b38::/32
2a02:e200::/30
Signature Algorithm: sha256WithRSAEncryption
53:a9:e3:c2:51:81:91:be:3d:c0:b0:65:16:d0:a4:a8:05:20:
74:10:30:37:32:4f:70:fd:2d:3f:b0:77:89:dd:52:77:e9:5b:
e8:b8:5f:cf:6a:b0:84:79:70:d5:78:82:1b:5a:64:d6:c4:f3:
b2:b5:f0:f0:94:5d:ae:96:e1:25:2c:3b:ef:42:d3:4c:f9:dd:
3a:3c:f6:19:f8:91:6e:d4:bf:51:f7:76:b6:9a:e7:32:56:39:
d3:32:78:f4:e8:f1:ee:ab:d4:5e:50:64:0a:59:08:13:27:71:
9c:a5:8d:ec:22:41:47:7b:7d:ab:57:81:3a:5d:a2:7c:4e:4e:
0d:a9:f3:06:f8:c3:d1:41:9d:9c:2d:aa:6b:12:1a:32:fb:5b:
2d:9b:f8:80:b7:65:11:80:4b:55:e7:01:83:b4:14:01:b7:f2:
d4:af:14:0a:95:ae:e2:8f:eb:fb:ec:63:ee:f0:e9:9d:40:85:
ce:e0:fd:55:58:ba:6c:50:a4:e6:f6:cd:88:49:88:e3:dc:09:
a6:5a:c0:00:43:e4:13:f9:4a:09:86:f7:ba:de:f5:f0:1c:69:
30:b9:57:fd:b7:33:01:16:34:44:24:4b:7b:60:a9:86:f9:41:
78:5e:cb:44:08:37:46:bc:61:0d:83:4e:92:a1:0c:b7:cd:4d:
ff:6b:86:76
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZQhsjzf5ykX5PyhHAEpzgiDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyZjFjODg0MmU3Y2Y4OTFiMjM0ZDNhMWUwZTJlMGVmNzNl
ODQyYWEwHhcNMjUwMTAxMTE0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTJjZTk1YmUwOWU3NGZhZjJiMmFkYjRhNmU2OTFhNjU1NzMwNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwn1/2OTCe+tINQsfu98GuxnKL3RS
FPgqQ88PMlwxRXcL/gH1RXCqdRvUb/cKCNwaJuajBMdrv+pUdQJUfjyu+UlNeTT1
3vaUulrg4MmDMzUAIIUO5gB4UIigRMtlNj3eY1ESp1jJO5ITJw5/rxOTbLHlctFJ
Ddux5sWvJ95+fv8qHJx4KVFxHNtiecEgA5lYPoiBNCJHOswobo9/CIBUYDhyoHIX
nQ1gERInTPFRrO1Mnb7S5qVSyrhwhajELWdLJI13rQSVB37tR3jnMq6fAKabhfWc
mNj3ES2AsLkpM4+w4RfwYP3wFKbrZqY3qNl6grWUJSEvF4jPvsy2+fuvfwIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFJos6VvgnnT68rKttKbmkaZVcwWrMB8GA1UdIwQY
MBaAFNLxyIQufPiRsjTToeDi4O9z6EKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHZISWhDNTgtSkd5Tk5PaDRPTGc3M1BvUXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9jOTlhZTctYjY3MS00MGI5LWJiMWUt
YTE5NDQ0ZjdhMzM3LzEvbWl6cFctQ2VkUHJ5c3EyMHB1YVJwbFZ6QmFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9jOTlhZTctYjY3MS00MGI5LWJiMWUtYTE5NDQ0ZjdhMzM3
LzEvMHZISWhDNTgtSkd5Tk5PaDRPTGc3M1BvUXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwXgQCAAEwWAMEBz4ogAMD
AFHZAwQFUpVgAwMAUtoDBAVZaAADBARcPhADBAVeECADBARfj+ADBAOweKADBASy
EqADBAK5ZGADBAXCauADBAbDyoADBAXD5qADBAPKqlAwFAQCAAIwDgMFACoAGzgD
BQIqAuIAMA0GCSqGSIb3DQEBCwUAA4IBAQBTqePCUYGRvj3AsGUW0KSoBSB0EDA3
Mk9w/S0/sHeJ3VJ36VvouF/ParCEeXDVeIIbWmTWxPOytfDwlF2uluElLDvvQtNM
+d06PPYZ+JFu1L9R93a2mucyVjnTMnj06PHuq9ReUGQKWQgTJ3GcpY3sIkFHe32r
V4E6XaJ8Tk4NqfMG+MPRQZ2cLaprEhoy+1stm/iAt2URgEtV5wGDtBQBt/LUrxQK
la7ij+v77GPu8OmdQIXO4P1VWLpsUKTm9s2ISYjj3AmmWsAAQ+QT+UoJhve63vXw
HGkwuVf9tzMBFjREJEt7YKmG+UF4XstECDdGvGENg06SoQy3zU3/a4Z2
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:12:22 2025 by rpki-client