Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/Zu3SmHOhZpwuSSti9wdImp6Ga-Q.roa
File: Zu3SmHOhZpwuSSti9wdImp6Ga-Q.roa (raw, json)
Hash identifier: 5ZnrCuNHa1wjQpFfQY/Zj6DgGr5ywhEPGA9N3saHG2U=
Subject key identifier: 66:ED:D2:98:73:A1:66:9C:2E:49:2B:62:F7:07:48:9A:9E:86:6B:E4
Certificate issuer: /CN=7a350d024af01f8eaf125717caa03aafad184e1d
Certificate serial: 019421B1A350A7096929DEEC0A863A884A9C
Authority key identifier: 7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/Zu3SmHOhZpwuSSti9wdImp6Ga-Q.roa
Signing time: Wed 01 Jan 2025 11:47:57 +0000
ROA not before: Wed 01 Jan 2025 11:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60706
IP address blocks: 109.104.252.0/22 maxlen: 22
109.104.252.0/23 maxlen: 23
109.104.252.0/24 maxlen: 24
109.104.253.0/24 maxlen: 24
109.104.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 02:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:a3:50:a7:09:69:29:de:ec:0a:86:3a:88:4a:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7a350d024af01f8eaf125717caa03aafad184e1d
Validity
Not Before: Jan 1 11:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66edd29873a1669c2e492b62f707489a9e866be4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:6c:99:06:cb:14:3d:97:b5:e6:ef:cd:b2:78:
ca:aa:9a:97:7d:9e:a8:fc:0e:0c:6e:94:74:32:1f:
89:8c:10:74:66:b9:da:80:67:f7:b9:92:17:d4:0f:
a6:a2:c6:e2:e0:3c:45:69:d0:9c:61:9a:a7:cf:a4:
50:97:a3:eb:d1:87:17:0b:9f:60:e6:58:66:dc:e3:
2e:60:f6:a0:b2:1a:ee:ae:5e:37:de:c5:59:4e:8c:
65:ca:31:4f:87:64:7e:eb:f3:cb:7c:f6:22:63:aa:
f4:5e:e4:56:72:da:c6:98:51:96:d5:0f:2b:4d:ec:
1c:a9:f1:a6:12:7f:f1:01:ed:e8:34:a8:fe:fc:be:
b8:83:07:b9:74:56:5a:8c:49:4e:c2:77:ec:5f:98:
b2:f7:21:c3:6f:55:8d:cd:e1:eb:0b:76:c5:22:27:
69:6e:75:8a:72:d0:0f:ad:c6:0e:d8:9a:10:a4:c3:
11:65:e6:da:d4:38:4e:e3:20:a0:46:80:13:6e:fd:
71:79:6a:db:09:48:7e:02:2a:d9:52:63:1f:3e:3c:
3f:4d:67:0f:ca:ad:28:38:63:2b:3b:c6:47:56:14:
82:26:91:cd:ee:5c:c7:0d:49:66:b6:fe:12:48:05:
2b:a8:c7:f4:cf:c0:79:bd:ce:39:60:5d:6a:b8:54:
b6:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:ED:D2:98:73:A1:66:9C:2E:49:2B:62:F7:07:48:9A:9E:86:6B:E4
X509v3 Authority Key Identifier:
keyid:7A:35:0D:02:4A:F0:1F:8E:AF:12:57:17:CA:A0:3A:AF:AD:18:4E:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ejUNAkrwH46vElcXyqA6r60YTh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/Zu3SmHOhZpwuSSti9wdImp6Ga-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/7966ae-9c88-43e9-b899-d003e56fe753/1/ejUNAkrwH46vElcXyqA6r60YTh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.104.252.0/22
Signature Algorithm: sha256WithRSAEncryption
56:f1:3a:9c:39:7c:c7:b1:1c:8c:38:97:71:92:cb:2e:78:b8:
68:54:d1:63:ff:99:42:26:b1:de:b6:41:09:c5:1b:aa:cd:d9:
0a:bb:0e:3c:28:c9:4e:a2:e1:1c:1f:a7:98:d1:88:09:f4:5d:
4b:03:f4:e4:bc:de:18:30:95:4a:ea:c3:8a:56:bd:1e:a5:63:
2a:b3:40:77:f0:d0:cf:6e:e8:2b:11:6e:12:8d:ac:19:97:11:
d0:e6:b7:1e:02:5f:ea:df:8e:7f:cc:a0:7d:00:2a:f5:28:2f:
2d:c3:a6:e0:02:4e:60:40:9c:cd:31:90:3d:85:31:0b:11:6a:
2a:1f:65:70:a5:91:81:a9:45:b6:b6:8a:1d:68:25:63:7e:a8:
1f:47:3a:22:8d:d1:1d:db:2a:d2:9d:49:ef:ba:1c:52:4c:f0:
a5:38:4c:f0:ab:83:e0:d7:66:49:39:d8:79:df:8d:1a:d3:07:
29:36:ab:5a:5a:0d:94:66:5b:82:00:53:c2:9b:96:7c:5b:b2:
b5:26:48:16:67:7e:b2:40:65:01:bc:f8:cf:f5:79:6f:69:1f:
30:1d:b8:f7:8f:18:89:a4:0e:03:2f:57:1c:41:ae:17:12:75:
70:e9:7c:62:da:c1:f0:90:bd:11:44:0e:0a:cf:22:cc:07:1b:
e9:1e:0c:78
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhsaNQpwlpKd7sCoY6iEqcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhMzUwZDAyNGFmMDFmOGVhZjEyNTcxN2NhYTAzYWFmYWQx
ODRlMWQwHhcNMjUwMTAxMTE0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmVkZDI5ODczYTE2NjljMmU0OTJiNjJmNzA3NDg5YTllODY2YmU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2yZBssUPZe15u/NsnjKqpqXfZ6o
/A4MbpR0Mh+JjBB0ZrnagGf3uZIX1A+mosbi4DxFadCcYZqnz6RQl6Pr0YcXC59g
5lhm3OMuYPagshrurl433sVZToxlyjFPh2R+6/PLfPYiY6r0XuRWctrGmFGW1Q8r
TewcqfGmEn/xAe3oNKj+/L64gwe5dFZajElOwnfsX5iy9yHDb1WNzeHrC3bFIidp
bnWKctAPrcYO2JoQpMMRZeba1DhO4yCgRoATbv1xeWrbCUh+AirZUmMfPjw/TWcP
yq0oOGMrO8ZHVhSCJpHN7lzHDUlmtv4SSAUrqMf0z8B5vc45YF1quFS2+QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGbt0phzoWacLkkrYvcHSJqehmvkMB8GA1UdIwQY
MBaAFHo1DQJK8B+OrxJXF8qgOq+tGE4dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTkt
ZDAwM2U1NmZlNzUzLzEvWnUzU21IT2hacHd1U1N0aTl3ZEltcDZHYS1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi83OTY2YWUtOWM4OC00M2U5LWI4OTktZDAwM2U1NmZlNzUz
LzEvZWpVTkFrcndINDZ2RWxjWHlxQTZyNjBZVGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCbWj8MA0G
CSqGSIb3DQEBCwUAA4IBAQBW8TqcOXzHsRyMOJdxkssueLhoVNFj/5lCJrHetkEJ
xRuqzdkKuw48KMlOouEcH6eY0YgJ9F1LA/TkvN4YMJVK6sOKVr0epWMqs0B38NDP
bugrEW4SjawZlxHQ5rceAl/q345/zKB9ACr1KC8tw6bgAk5gQJzNMZA9hTELEWoq
H2VwpZGBqUW2toodaCVjfqgfRzoijdEd2yrSnUnvuhxSTPClOEzwq4Pg12ZJOdh5
340a0wcpNqtaWg2UZluCAFPCm5Z8W7K1JkgWZ36yQGUBvPjP9XlvaR8wHbj3jxiJ
pA4DL1ccQa4XEnVw6Xxi2sHwkL0RRA4KzyLMBxvpHgx4
-----END CERTIFICATE-----
Generated at Fri Mar 14 12:12:31 2025 by rpki-client