Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/zkFI0q7jFUcpvcC1_CEihR1YV24.roa
File: zkFI0q7jFUcpvcC1_CEihR1YV24.roa (raw, json)
Hash identifier: 783T5wgYEpPQMcRoCX4E0P3B8Y6FUugL0p43iJWmXrI=
Subject key identifier: CE:41:48:D2:AE:E3:15:47:29:BD:C0:B5:FC:21:22:85:1D:58:57:6E
Certificate issuer: /CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Certificate serial: 0194266A202308A3688369B46407DB49DD8F
Authority key identifier: 6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/zkFI0q7jFUcpvcC1_CEihR1YV24.roa
Signing time: Thu 02 Jan 2025 09:47:56 +0000
ROA not before: Thu 02 Jan 2025 09:47:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44387
IP address blocks: 178.16.80.0/20 maxlen: 20
178.16.80.0/21 maxlen: 21
178.16.88.0/21 maxlen: 21
178.16.88.0/24 maxlen: 24
185.28.236.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6a:20:23:08:a3:68:83:69:b4:64:07:db:49:dd:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a8df7776b16d282e04c696e258aa4f9f9ce9c98
Validity
Not Before: Jan 2 09:47:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce4148d2aee3154729bdc0b5fc2122851d58576e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9d:55:5f:ae:f2:37:e1:2c:f1:5e:02:59:70:
5e:2e:9b:94:98:ca:23:02:be:de:66:74:e0:8b:49:
b5:08:80:11:31:97:c5:8a:3d:6d:da:66:b0:06:0f:
7d:70:63:47:bd:e5:50:c7:8b:1e:3e:6a:9e:54:44:
39:41:f4:74:99:98:1d:69:51:b4:cc:07:b7:70:b8:
6f:8f:49:24:35:6e:3d:52:05:82:7d:4a:a6:41:ea:
63:8d:c4:08:cb:8f:6b:c5:ad:8e:3d:86:b5:9a:bd:
6c:4b:9b:cd:2b:d0:2c:7f:62:42:1b:87:be:69:81:
7a:11:ae:52:12:03:76:2e:26:e3:3c:13:40:15:5f:
da:09:3a:50:a3:0d:9d:a5:42:ad:ba:31:10:f4:3a:
1d:36:ca:77:be:89:5a:a2:db:8d:fe:85:28:73:b6:
69:73:86:ac:16:81:e8:ac:7c:22:fa:e1:db:1f:4d:
fa:5f:b8:84:93:7a:51:11:01:c1:c7:55:c2:8f:b9:
26:c3:a8:eb:df:25:28:07:29:53:98:db:85:93:c6:
7c:f1:46:31:31:35:2f:5f:88:d6:16:81:61:1d:0c:
ca:85:9d:20:6d:51:82:63:ca:ca:b1:d6:2f:81:b9:
50:e5:ba:8e:0c:99:10:d0:bd:62:b5:48:41:25:ca:
c0:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:41:48:D2:AE:E3:15:47:29:BD:C0:B5:FC:21:22:85:1D:58:57:6E
X509v3 Authority Key Identifier:
keyid:6A:8D:F7:77:6B:16:D2:82:E0:4C:69:6E:25:8A:A4:F9:F9:CE:9C:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ao33d2sW0oLgTGluJYqk-fnOnJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/zkFI0q7jFUcpvcC1_CEihR1YV24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/d301cd-f513-4995-9d55-1b38b02245c1/1/ao33d2sW0oLgTGluJYqk-fnOnJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.16.80.0/20
185.28.236.0/22
Signature Algorithm: sha256WithRSAEncryption
2b:69:b7:91:73:84:1e:a7:63:95:3a:96:f9:14:e5:5c:5c:7a:
1f:ff:57:a0:38:ba:5d:aa:cf:6e:80:02:94:b8:9d:70:3f:68:
24:01:0f:4a:dc:f4:3c:c4:c2:b3:b0:30:8e:e7:18:b6:ce:cf:
54:1d:0c:aa:44:76:7e:a0:07:ae:7d:a4:87:26:fe:bb:55:0e:
bc:61:f3:a7:76:d6:68:c2:c3:7b:42:be:ec:2f:76:57:66:e6:
ec:50:5a:de:8c:41:36:02:93:50:d9:96:0a:6f:96:94:65:6d:
67:69:3a:6e:06:f4:09:6c:3c:37:57:c3:56:78:62:bb:1f:36:
d6:13:53:57:fc:0e:84:45:f2:54:e7:c6:13:c1:a0:18:d9:09:
81:7c:21:79:bf:5c:5c:47:51:ee:2e:a6:95:15:b8:7d:40:fc:
53:c7:58:b1:74:cd:3b:2c:76:51:49:0d:ac:59:bd:de:4a:fb:
3e:6d:89:ad:34:79:84:82:52:58:04:b6:3f:b2:c7:81:32:eb:
7f:3b:4c:7b:5f:55:e2:f5:53:8c:eb:16:fa:08:28:d4:53:82:
90:f8:0e:ea:18:f3:ed:1e:33:7d:15:c1:74:38:45:d2:d0:36:
08:6a:29:38:a5:99:cf:8d:32:09:55:ef:4a:26:ac:4a:77:cd:
a6:da:71:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQmaiAjCKNog2m0ZAfbSd2PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhOGRmNzc3NmIxNmQyODJlMDRjNjk2ZTI1OGFhNGY5Zjlj
ZTljOTgwHhcNMjUwMTAyMDk0NzU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTQxNDhkMmFlZTMxNTQ3MjliZGMwYjVmYzIxMjI4NTFkNTg1NzZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0p1VX67yN+Es8V4CWXBeLpuUmMoj
Ar7eZnTgi0m1CIARMZfFij1t2mawBg99cGNHveVQx4sePmqeVEQ5QfR0mZgdaVG0
zAe3cLhvj0kkNW49UgWCfUqmQepjjcQIy49rxa2OPYa1mr1sS5vNK9Asf2JCG4e+
aYF6Ea5SEgN2LibjPBNAFV/aCTpQow2dpUKtujEQ9DodNsp3volaotuN/oUoc7Zp
c4asFoHorHwi+uHbH036X7iEk3pREQHBx1XCj7kmw6jr3yUoBylTmNuFk8Z88UYx
MTUvX4jWFoFhHQzKhZ0gbVGCY8rKsdYvgblQ5bqODJkQ0L1itUhBJcrAnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM5BSNKu4xVHKb3AtfwhIoUdWFduMB8GA1UdIwQY
MBaAFGqN93drFtKC4ExpbiWKpPn5zpyYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUt
MWIzOGIwMjI0NWMxLzEvemtGSTBxN2pGVWNwdmNDMV9DRWloUjFZVjI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kMzAxY2QtZjUxMy00OTk1LTlkNTUtMWIzOGIwMjI0NWMx
LzEvYW8zM2Qyc1cwb0xnVEdsdUpZcWstZm5PbkpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEshBQAwQC
uRzsMA0GCSqGSIb3DQEBCwUAA4IBAQArabeRc4Qep2OVOpb5FOVcXHof/1egOLpd
qs9ugAKUuJ1wP2gkAQ9K3PQ8xMKzsDCO5xi2zs9UHQyqRHZ+oAeufaSHJv67VQ68
YfOndtZowsN7Qr7sL3ZXZubsUFrejEE2ApNQ2ZYKb5aUZW1naTpuBvQJbDw3V8NW
eGK7HzbWE1NX/A6ERfJU58YTwaAY2QmBfCF5v1xcR1HuLqaVFbh9QPxTx1ixdM07
LHZRSQ2sWb3eSvs+bYmtNHmEglJYBLY/sseBMut/O0x7X1Xi9VOM6xb6CCjUU4KQ
+A7qGPPtHjN9FcF0OEXS0DYIaik4pZnPjTIJVe9KJqxKd82m2nGe
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:49:08 2025 by rpki-client