Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/8fbf5c-ef51-4fd0-9d3a-330b8ad424bd/1/ZZqXGnxEBhLfDD9lB7yOqiX8_H0.roa
File: ZZqXGnxEBhLfDD9lB7yOqiX8_H0.roa (raw, json)
Hash identifier: AmgNgGv8HaEfNgQu4ILsUPklwcafU90+t65Aj2bSX9Y=
Subject key identifier: 65:9A:97:1A:7C:44:06:12:DF:0C:3F:65:07:BC:8E:AA:25:FC:FC:7D
Certificate issuer: /CN=a8f491f210c57bf46fb52d4af22e7ecf6f4cda80
Certificate serial: 019426D9AB0289E84521E5EF4B6918E37384
Authority key identifier: A8:F4:91:F2:10:C5:7B:F4:6F:B5:2D:4A:F2:2E:7E:CF:6F:4C:DA:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qPSR8hDFe_RvtS1K8i5-z29M2oA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/8fbf5c-ef51-4fd0-9d3a-330b8ad424bd/1/ZZqXGnxEBhLfDD9lB7yOqiX8_H0.roa
Signing time: Thu 02 Jan 2025 11:49:46 +0000
ROA not before: Thu 02 Jan 2025 11:49:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47202
IP address blocks: 89.31.224.0/21 maxlen: 21
94.126.144.0/21 maxlen: 21
103.117.124.0/22 maxlen: 22
185.124.124.0/22 maxlen: 22
185.136.52.0/22 maxlen: 22
193.218.156.0/22 maxlen: 22
195.184.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/8fbf5c-ef51-4fd0-9d3a-330b8ad424bd/1/qPSR8hDFe_RvtS1K8i5-z29M2oA.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/8fbf5c-ef51-4fd0-9d3a-330b8ad424bd/1/qPSR8hDFe_RvtS1K8i5-z29M2oA.mft
rsync://rpki.ripe.net/repository/DEFAULT/qPSR8hDFe_RvtS1K8i5-z29M2oA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 08:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:ab:02:89:e8:45:21:e5:ef:4b:69:18:e3:73:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8f491f210c57bf46fb52d4af22e7ecf6f4cda80
Validity
Not Before: Jan 2 11:49:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=659a971a7c440612df0c3f6507bc8eaa25fcfc7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:27:01:04:a3:33:48:54:ed:d9:85:ef:29:65:
28:fa:40:d4:15:1a:43:a3:68:76:c4:35:22:3f:23:
78:c7:5d:4b:f5:c5:0e:8a:51:ff:a8:29:54:0c:03:
b1:61:9f:6e:a6:4f:da:9e:cf:f2:e0:b9:e4:fd:fc:
6a:5f:30:ef:88:f4:b8:74:55:d7:b7:d8:0b:f4:ca:
68:43:f3:1b:00:e0:1c:ee:c3:d0:7a:b9:93:c7:4e:
2c:62:4f:75:f4:63:e2:37:95:52:89:6c:a8:e1:6e:
66:70:5f:f7:12:5d:25:08:c9:c4:63:bb:31:2b:9f:
11:da:bc:32:25:0e:29:76:47:b1:5c:f8:4e:ce:7d:
bf:12:a4:f5:6b:44:fa:75:fc:71:f2:08:cb:3a:34:
23:d8:09:4b:11:a6:ae:ab:a3:86:59:e1:2e:f8:6e:
6f:42:f7:60:53:18:3f:8e:22:33:6a:27:80:82:a3:
7f:20:e7:c5:31:0c:a7:71:ec:8b:e2:ba:3d:bd:df:
2b:f8:b5:2f:53:f7:a2:fe:5f:ec:5c:87:26:59:5f:
74:dd:fd:61:a6:3f:35:38:96:8c:40:01:e8:d8:11:
f7:29:91:b4:a0:b4:54:d2:11:c1:a6:dc:cc:65:14:
96:1b:f6:09:52:78:93:25:b5:75:1a:9c:6c:12:16:
84:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:9A:97:1A:7C:44:06:12:DF:0C:3F:65:07:BC:8E:AA:25:FC:FC:7D
X509v3 Authority Key Identifier:
keyid:A8:F4:91:F2:10:C5:7B:F4:6F:B5:2D:4A:F2:2E:7E:CF:6F:4C:DA:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qPSR8hDFe_RvtS1K8i5-z29M2oA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/8fbf5c-ef51-4fd0-9d3a-330b8ad424bd/1/ZZqXGnxEBhLfDD9lB7yOqiX8_H0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/8fbf5c-ef51-4fd0-9d3a-330b8ad424bd/1/qPSR8hDFe_RvtS1K8i5-z29M2oA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.31.224.0/21
94.126.144.0/21
103.117.124.0/22
185.124.124.0/22
185.136.52.0/22
193.218.156.0/22
195.184.240.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:57:59:dc:60:44:39:f9:8b:e0:7a:62:d9:19:b0:6f:ec:3d:
27:8b:b2:af:ca:7e:79:34:a3:d3:47:b7:8b:31:48:2d:99:9f:
67:47:26:81:06:70:48:e8:28:a6:f3:7e:21:16:ec:3e:1c:ab:
ec:75:86:ce:54:13:9a:97:cb:0a:ff:9a:a5:b0:70:c8:e4:ef:
e2:40:78:dd:09:88:a4:57:2d:15:29:eb:d8:ca:8c:ca:25:5c:
d3:c5:40:23:8a:e5:15:2d:b5:97:94:36:00:13:07:25:61:c2:
fd:b8:17:d0:5e:cf:49:a0:67:20:0d:d7:a0:cc:57:e2:ba:cc:
4d:ac:39:a4:48:e6:8d:60:66:2f:eb:81:52:2f:89:50:5d:57:
d6:87:96:07:da:e3:5d:30:9c:d5:01:98:ec:82:12:ee:e4:cc:
a2:b3:5d:eb:1b:5c:97:d1:5e:05:cf:40:9b:a9:77:b2:b6:0c:
a8:d8:c5:e6:f5:64:62:0f:2c:75:b3:cd:a3:45:f4:bf:be:7e:
13:f4:37:d5:88:ad:3f:e9:a1:1d:7f:a7:7f:5c:20:3d:d0:c9:
60:a7:c6:cd:57:5b:81:bd:c2:5c:e8:7b:57:61:f3:b3:f1:a9:
6a:73:b0:f5:43:f4:fa:ef:4d:c2:54:c0:8d:72:fd:9e:0e:f1:
26:ae:5a:c1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQm2asCiehFIeXvS2kY43OEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZjQ5MWYyMTBjNTdiZjQ2ZmI1MmQ0YWYyMmU3ZWNmNmY0
Y2RhODAwHhcNMjUwMTAyMTE0OTQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTlhOTcxYTdjNDQwNjEyZGYwYzNmNjUwN2JjOGVhYTI1ZmNmYzdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzScBBKMzSFTt2YXvKWUo+kDUFRpD
o2h2xDUiPyN4x11L9cUOilH/qClUDAOxYZ9upk/ans/y4Lnk/fxqXzDviPS4dFXX
t9gL9MpoQ/MbAOAc7sPQermTx04sYk919GPiN5VSiWyo4W5mcF/3El0lCMnEY7sx
K58R2rwyJQ4pdkexXPhOzn2/EqT1a0T6dfxx8gjLOjQj2AlLEaauq6OGWeEu+G5v
QvdgUxg/jiIzaieAgqN/IOfFMQynceyL4ro9vd8r+LUvU/ei/l/sXIcmWV903f1h
pj81OJaMQAHo2BH3KZG0oLRU0hHBptzMZRSWG/YJUniTJbV1GpxsEhaEXwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGWalxp8RAYS3ww/ZQe8jqol/Px9MB8GA1UdIwQY
MBaAFKj0kfIQxXv0b7UtSvIufs9vTNqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVBTUjhoREZlX1J2dFMxSzhpNS16MjlNMm9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS84ZmJmNWMtZWY1MS00ZmQwLTlkM2Et
MzMwYjhhZDQyNGJkLzEvWlpxWEdueEVCaExmREQ5bEI3eU9xaVg4X0gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS84ZmJmNWMtZWY1MS00ZmQwLTlkM2EtMzMwYjhhZDQyNGJk
LzEvcVBTUjhoREZlX1J2dFMxSzhpNS16MjlNMm9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDWR/gAwQD
Xn6QAwQCZ3V8AwQCuXx8AwQCuYg0AwQCwdqcAwQCw7jwMA0GCSqGSIb3DQEBCwUA
A4IBAQCnV1ncYEQ5+YvgemLZGbBv7D0ni7Kvyn55NKPTR7eLMUgtmZ9nRyaBBnBI
6Cim834hFuw+HKvsdYbOVBOal8sK/5qlsHDI5O/iQHjdCYikVy0VKevYyozKJVzT
xUAjiuUVLbWXlDYAEwclYcL9uBfQXs9JoGcgDdegzFfiusxNrDmkSOaNYGYv64FS
L4lQXVfWh5YH2uNdMJzVAZjsghLu5Myis13rG1yX0V4Fz0CbqXeytgyo2MXm9WRi
Dyx1s82jRfS/vn4T9DfViK0/6aEdf6d/XCA90Mlgp8bNV1uBvcJc6HtXYfOz8alq
c7D1Q/T6703CVMCNcv2eDvEmrlrB
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:56:30 2025 by rpki-client