Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zBKbgcGhH4RazAqRvhwr44jLkco.roa
File: zBKbgcGhH4RazAqRvhwr44jLkco.roa (raw, json)
Hash identifier: 0lHoMP+aJlsd4q1JweCJTmw3UQbxbHafxonIKF81Od4=
Subject key identifier: CC:12:9B:81:C1:A1:1F:84:5A:CC:0A:91:BE:1C:2B:E3:88:CB:91:CA
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019420683BDE5A9B673B0D589B34AB4FA664
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zBKbgcGhH4RazAqRvhwr44jLkco.roa
Signing time: Wed 01 Jan 2025 05:48:09 +0000
ROA not before: Wed 01 Jan 2025 05:48:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26548
IP address blocks: 193.233.82.0/23 maxlen: 23
193.233.136.0/22 maxlen: 22
193.233.140.0/22 maxlen: 22
193.233.210.0/23 maxlen: 23
193.233.228.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:3b:de:5a:9b:67:3b:0d:58:9b:34:ab:4f:a6:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jan 1 05:48:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc129b81c1a11f845acc0a91be1c2be388cb91ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:b9:f3:ff:2b:af:d2:5e:a8:94:59:cb:b9:f8:
2b:ad:64:2a:cf:d9:0a:99:3a:f0:09:e3:c6:fb:6e:
92:45:80:66:c6:5b:38:17:9f:ed:78:da:5b:e2:07:
9e:68:57:8a:cb:43:3f:b3:a7:a9:12:e1:c3:b4:7a:
7d:8f:74:13:ca:92:f7:4a:7d:c2:fe:2c:b5:9d:8d:
8a:20:cf:13:64:a8:76:db:51:02:9a:4d:37:59:84:
8a:68:c7:d2:09:50:86:bc:70:be:53:e4:01:1c:56:
ab:6d:b1:33:58:25:26:7f:9c:8a:a7:a6:a8:61:70:
41:71:a8:d9:f5:b0:4c:02:2e:34:1f:cf:f8:5b:41:
eb:aa:fd:82:eb:7b:d6:65:3c:57:bc:2b:92:da:65:
72:fa:9b:0e:df:30:fc:92:db:7a:06:8e:23:40:66:
62:4e:e1:e0:53:01:08:eb:08:a5:b5:4e:4b:13:3a:
4c:a9:70:c6:9d:26:11:9e:4d:fc:e1:26:03:26:ce:
e4:1b:0e:be:85:6f:cc:f2:87:cb:4c:3d:4c:87:57:
c8:bd:6f:85:75:b7:5d:4a:a6:3e:86:45:d8:20:86:
49:f9:a5:fc:df:c7:49:07:71:f7:e1:2e:3e:c5:a8:
ea:82:7e:0c:11:e8:a9:e1:b1:85:5a:8f:a6:a2:e6:
12:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:12:9B:81:C1:A1:1F:84:5A:CC:0A:91:BE:1C:2B:E3:88:CB:91:CA
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/zBKbgcGhH4RazAqRvhwr44jLkco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.233.82.0/23
193.233.136.0/21
193.233.210.0/23
193.233.228.0/22
Signature Algorithm: sha256WithRSAEncryption
3c:2f:de:27:fc:45:99:5c:ed:83:8f:98:a3:33:61:c7:00:51:
39:10:34:64:7e:05:c7:ff:de:18:d6:0e:47:33:61:46:70:bb:
08:15:8e:5a:d5:d4:cf:df:41:f7:f1:c4:1a:ae:a4:b6:85:cb:
c7:58:47:aa:f1:3e:1b:61:57:41:bb:cc:f5:ed:33:9c:cd:b5:
f1:ba:d9:11:81:2c:23:29:09:f1:8d:2e:00:e0:bf:ac:b6:1a:
3d:ae:02:84:3e:5a:af:21:10:b4:29:42:0d:0d:57:08:c9:0b:
a9:72:38:e2:50:a6:31:94:dc:82:fd:56:25:c6:a8:a4:4f:d5:
99:57:89:cf:f9:b6:68:73:1d:bf:b9:ac:41:28:57:0f:2b:17:
ee:32:06:a2:9e:6d:86:59:3c:e5:97:a9:84:ce:1e:26:a1:09:
bb:6d:85:e2:2c:c8:96:5f:b8:2e:4b:4b:f1:82:80:ea:4e:05:
6f:53:9a:ac:61:97:3c:9b:4c:16:8e:5b:72:96:b9:eb:a2:a1:
3f:ed:75:5b:31:78:9f:7a:d8:8a:0a:79:67:74:4a:c4:5e:9b:
e7:8f:a3:db:30:52:b2:fe:c7:7c:0c:4e:44:8c:ae:fe:cb:d7:
ca:01:e1:b8:7a:b6:3a:3e:e5:da:aa:e9:5c:e2:21:82:63:31:
ae:24:fe:2f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQgaDveWptnOw1YmzSrT6ZkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjUwMTAxMDU0ODA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzEyOWI4MWMxYTExZjg0NWFjYzBhOTFiZTFjMmJlMzg4Y2I5MWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxrnz/yuv0l6olFnLufgrrWQqz9kK
mTrwCePG+26SRYBmxls4F5/teNpb4geeaFeKy0M/s6epEuHDtHp9j3QTypL3Sn3C
/iy1nY2KIM8TZKh221ECmk03WYSKaMfSCVCGvHC+U+QBHFarbbEzWCUmf5yKp6ao
YXBBcajZ9bBMAi40H8/4W0Hrqv2C63vWZTxXvCuS2mVy+psO3zD8ktt6Bo4jQGZi
TuHgUwEI6wiltU5LEzpMqXDGnSYRnk384SYDJs7kGw6+hW/M8ofLTD1Mh1fIvW+F
dbddSqY+hkXYIIZJ+aX838dJB3H34S4+xajqgn4MEeip4bGFWo+mouYSEwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMwSm4HBoR+EWswKkb4cK+OIy5HKMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvekJLYmdjR2hINFJhekFxUnZod3I0NGpMa2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwelSAwQD
wemIAwQBwenSAwQCwenkMA0GCSqGSIb3DQEBCwUAA4IBAQA8L94n/EWZXO2Dj5ij
M2HHAFE5EDRkfgXH/94Y1g5HM2FGcLsIFY5a1dTP30H38cQarqS2hcvHWEeq8T4b
YVdBu8z17TOczbXxutkRgSwjKQnxjS4A4L+stho9rgKEPlqvIRC0KUINDVcIyQup
cjjiUKYxlNyC/VYlxqikT9WZV4nP+bZocx2/uaxBKFcPKxfuMgainm2GWTzll6mE
zh4moQm7bYXiLMiWX7guS0vxgoDqTgVvU5qsYZc8m0wWjltylrnroqE/7XVbMXif
etiKCnlndErEXpvnj6PbMFKy/sd8DE5EjK7+y9fKAeG4erY6PuXaqulc4iGCYzGu
JP4v
-----END CERTIFICATE-----
Generated at Sat Apr 5 03:50:45 2025 by rpki-client