Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ZNEFFlcPlAO4XN3n9rK_RrD2iJ0.roa
File: ZNEFFlcPlAO4XN3n9rK_RrD2iJ0.roa (raw, json)
Hash identifier: tTkx7N+L1HHyAWCBJYr5NlVwC1Nqv5zzctLVRs5zAsI=
Subject key identifier: 64:D1:05:16:57:0F:94:03:B8:5C:DD:E7:F6:B2:BF:46:B0:F6:88:9D
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420683C0A917124D222CE30862EE20E3A
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ZNEFFlcPlAO4XN3n9rK_RrD2iJ0.roa
Signing time: Wed 01 Jan 2025 05:48:09 +0000
ROA not before: Wed 01 Jan 2025 05:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 147.45.34.0/24 maxlen: 24
147.45.36.0/24 maxlen: 24
147.45.192.0/24 maxlen: 24
147.45.207.0/24 maxlen: 24
193.233.30.0/24 maxlen: 24
193.233.61.0/24 maxlen: 24
193.233.197.0/24 maxlen: 24
193.233.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:01:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:3c:0a:91:71:24:d2:22:ce:30:86:2e:e2:0e:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64d10516570f9403b85cdde7f6b2bf46b0f6889d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:d3:43:ee:76:e0:c1:f7:19:c1:42:e9:1f:b1:
66:50:fa:8c:a2:3a:7e:d7:b7:fc:1b:83:ee:ec:93:
f0:60:a9:8b:86:61:33:e3:5a:ed:1a:02:48:33:e9:
9a:8f:e9:df:0d:cf:fe:3a:b0:99:c3:cf:50:fc:d9:
db:96:06:47:c3:25:aa:34:b4:91:96:38:c8:22:57:
72:98:78:80:16:26:aa:bf:5d:ad:83:ae:8e:3a:b2:
8d:79:ef:90:e1:9b:40:dc:95:ea:05:f7:82:61:2d:
f1:dd:54:0c:07:6f:c3:29:a9:b2:e1:4b:cb:63:36:
09:13:3e:f3:24:e7:f5:63:aa:92:8c:69:41:ae:68:
b0:6a:87:c5:11:42:f6:fc:15:14:19:02:ef:52:bc:
33:60:92:b5:d4:22:1e:82:6a:24:fe:64:c5:42:25:
c9:71:8e:a1:c0:83:3a:b9:c5:b6:0f:78:a3:b9:7d:
d5:71:cc:bf:39:90:f8:81:53:11:7d:e5:bb:76:c6:
af:c8:b0:5b:13:9e:c9:3c:0c:03:a3:a6:4c:3b:d7:
7d:bb:6d:55:0a:0e:cb:ca:16:39:52:03:88:f1:d9:
99:77:27:2b:e8:6a:62:16:18:6b:bd:a0:79:75:fa:
ce:86:ab:e6:09:84:c0:83:03:0c:70:4c:6c:4a:54:
1d:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:D1:05:16:57:0F:94:03:B8:5C:DD:E7:F6:B2:BF:46:B0:F6:88:9D
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/ZNEFFlcPlAO4XN3n9rK_RrD2iJ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.34.0/24
147.45.36.0/24
147.45.192.0/24
147.45.207.0/24
193.233.30.0/24
193.233.61.0/24
193.233.197.0/24
193.233.234.0/24
Signature Algorithm: sha256WithRSAEncryption
37:d7:07:23:20:e5:6d:b8:99:52:dd:cf:72:df:fc:87:fe:f5:
5c:39:09:22:e8:4f:f7:8a:28:99:2a:28:4c:31:73:15:f2:09:
cc:82:31:46:bf:75:6a:a6:d2:71:b2:76:d5:0d:4f:8b:cc:7e:
c2:2b:1e:69:4f:c3:ae:ac:d6:6c:4e:3e:30:e4:0f:cd:8f:46:
11:e1:8e:22:2e:29:79:65:90:d0:ba:68:e8:8b:fd:0f:a2:94:
35:bf:1d:e3:c1:63:e1:d4:b7:47:0e:fd:55:7f:42:ed:f0:55:
cc:4a:61:8c:20:3c:10:da:0c:01:d0:ba:99:b9:f0:42:60:78:
c0:b7:04:aa:39:9b:8d:5d:5c:9f:26:e4:17:e1:3d:03:05:22:
74:01:a6:46:c5:90:97:54:38:3f:f1:bc:47:74:b7:9c:e1:69:
84:6e:48:38:a3:cb:b0:ba:d8:44:3f:f2:bd:7a:92:72:f8:b7:
11:67:9f:8e:f8:4f:6b:05:ec:fd:5f:4b:0c:33:3f:55:e4:bf:
41:47:f4:66:e6:6c:ed:44:0a:c0:5a:94:e7:23:e5:2b:b8:b0:
8b:ff:c3:d9:ce:82:0d:eb:66:1a:a0:09:e4:1d:1b:3b:65:5c:
25:53:58:9f:c5:63:53:fc:1b:ad:9e:a9:b0:bb:e3:49:cc:08:
7c:a9:1e:b2
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQgaDwKkXEk0iLOMIYu4g46MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGQxMDUxNjU3MGY5NDAzYjg1Y2RkZTdmNmIyYmY0NmIwZjY4ODlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1tND7nbgwfcZwULpH7FmUPqMojp+
17f8G4Pu7JPwYKmLhmEz41rtGgJIM+maj+nfDc/+OrCZw89Q/NnblgZHwyWqNLSR
ljjIIldymHiAFiaqv12tg66OOrKNee+Q4ZtA3JXqBfeCYS3x3VQMB2/DKamy4UvL
YzYJEz7zJOf1Y6qSjGlBrmiwaofFEUL2/BUUGQLvUrwzYJK11CIegmok/mTFQiXJ
cY6hwIM6ucW2D3ijuX3Vccy/OZD4gVMRfeW7dsavyLBbE57JPAwDo6ZMO9d9u21V
Cg7LyhY5UgOI8dmZdycr6GpiFhhrvaB5dfrOhqvmCYTAgwMMcExsSlQdmwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFGTRBRZXD5QDuFzd5/ayv0aw9oidMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvWk5FRkZsY1BsQU80WE4zbjlyS19SckQyaUowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAky0iAwQA
ky0kAwQAky3AAwQAky3PAwQAwekeAwQAwek9AwQAwenFAwQAwenqMA0GCSqGSIb3
DQEBCwUAA4IBAQA31wcjIOVtuJlS3c9y3/yH/vVcOQki6E/3iiiZKihMMXMV8gnM
gjFGv3VqptJxsnbVDU+LzH7CKx5pT8OurNZsTj4w5A/Nj0YR4Y4iLil5ZZDQumjo
i/0PopQ1vx3jwWPh1LdHDv1Vf0Lt8FXMSmGMIDwQ2gwB0LqZufBCYHjAtwSqOZuN
XVyfJuQX4T0DBSJ0AaZGxZCXVDg/8bxHdLec4WmEbkg4o8uwuthEP/K9epJy+LcR
Z5+O+E9rBez9X0sMMz9V5L9BR/Rm5mztRArAWpTnI+UruLCL/8PZzoIN62YaoAnk
HRs7ZVwlU1ifxWNT/Butnqmwu+NJzAh8qR6y
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:18:25 2025 by rpki-client