Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/564775-361a-4729-b953-a7d19ec07f13/1/rrzmdyWA4bgkSbtkgxt2VTc7jQc.roa
File: rrzmdyWA4bgkSbtkgxt2VTc7jQc.roa (raw, json)
Hash identifier: 3HCjVA9zph5GDxZYybmBotr1OhtKY80nics7udLMWag=
Subject key identifier: AE:BC:E6:77:25:80:E1:B8:24:49:BB:64:83:1B:76:55:37:3B:8D:07
Certificate issuer: /CN=7b03a9b20d2afd01d9a1c628d301b99c87cc5acd
Certificate serial: 0194228DF73BC51FB3CE14227F6487684DE2
Authority key identifier: 7B:03:A9:B2:0D:2A:FD:01:D9:A1:C6:28:D3:01:B9:9C:87:CC:5A:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ewOpsg0q_QHZocYo0wG5nIfMWs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/564775-361a-4729-b953-a7d19ec07f13/1/rrzmdyWA4bgkSbtkgxt2VTc7jQc.roa
Signing time: Wed 01 Jan 2025 15:48:36 +0000
ROA not before: Wed 01 Jan 2025 15:48:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57534
IP address blocks: 176.101.224.0/19 maxlen: 19
176.101.224.0/20 maxlen: 20
176.101.224.0/21 maxlen: 21
176.101.232.0/21 maxlen: 21
176.101.240.0/21 maxlen: 21
176.101.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/564775-361a-4729-b953-a7d19ec07f13/1/ewOpsg0q_QHZocYo0wG5nIfMWs0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/564775-361a-4729-b953-a7d19ec07f13/1/ewOpsg0q_QHZocYo0wG5nIfMWs0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ewOpsg0q_QHZocYo0wG5nIfMWs0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:f7:3b:c5:1f:b3:ce:14:22:7f:64:87:68:4d:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7b03a9b20d2afd01d9a1c628d301b99c87cc5acd
Validity
Not Before: Jan 1 15:48:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aebce6772580e1b82449bb64831b7655373b8d07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:38:63:48:8e:d0:0f:80:cc:96:55:d7:5c:15:
d3:b2:9f:89:b7:cc:d1:a2:13:74:a3:63:7f:32:24:
eb:f7:39:c0:e5:a7:3f:c9:03:51:7f:0f:36:75:66:
b0:ad:79:4f:aa:86:41:05:26:d8:ee:5e:b8:4f:91:
61:7a:ed:54:83:70:6e:16:5b:46:89:da:cd:08:2d:
25:05:4a:a1:2c:40:5b:ee:96:d2:30:22:4a:4a:1d:
83:62:b8:46:e7:51:7c:34:92:28:d0:71:b9:05:0e:
b7:bd:85:ff:e0:97:d2:0d:2e:38:99:c8:bb:ec:87:
71:e2:66:ed:5e:bd:4b:f6:da:d6:bf:0b:bd:c4:b0:
26:fa:ac:98:14:9f:96:1d:25:f9:31:c5:90:be:83:
39:b9:06:28:39:fa:2f:45:58:43:78:0b:55:3a:3e:
6d:a8:d0:ed:f0:57:c0:72:57:4f:b6:ad:f5:40:78:
d0:9f:fb:62:a8:c0:c6:2f:c2:6e:ea:52:74:fd:f2:
9d:f1:33:4f:96:9c:0a:b0:ee:90:93:56:27:ef:fd:
25:57:86:d9:16:a9:97:5a:64:a5:23:59:48:3a:21:
22:e1:00:84:15:23:67:1b:cd:5f:20:66:df:34:7f:
ab:79:86:7c:5e:8c:03:f3:31:fd:14:f8:63:8a:3f:
ed:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:BC:E6:77:25:80:E1:B8:24:49:BB:64:83:1B:76:55:37:3B:8D:07
X509v3 Authority Key Identifier:
keyid:7B:03:A9:B2:0D:2A:FD:01:D9:A1:C6:28:D3:01:B9:9C:87:CC:5A:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ewOpsg0q_QHZocYo0wG5nIfMWs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/564775-361a-4729-b953-a7d19ec07f13/1/rrzmdyWA4bgkSbtkgxt2VTc7jQc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/564775-361a-4729-b953-a7d19ec07f13/1/ewOpsg0q_QHZocYo0wG5nIfMWs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.101.224.0/19
Signature Algorithm: sha256WithRSAEncryption
43:8b:89:65:ab:5c:2b:b4:06:4e:99:71:ba:8f:0b:7b:33:16:
0e:d3:b9:a2:ff:10:54:8f:aa:56:1a:5d:37:05:94:4a:97:2b:
94:97:3b:ae:e4:72:10:33:74:9b:f3:70:fa:d0:76:3a:21:26:
35:08:06:fd:4c:db:b4:2c:b3:41:a4:d9:8c:9e:89:ef:5a:13:
0b:2f:f5:d8:1e:62:9f:ea:a3:81:b9:98:d6:cf:b9:3c:81:49:
19:9a:82:e0:d9:c6:e7:af:ca:b9:dd:82:af:27:86:37:7a:a5:
20:e2:cd:3a:ea:b6:e6:29:fa:ee:6b:42:00:8b:1e:7d:b7:d9:
97:4b:b2:ad:93:06:7a:34:c4:1e:dc:b5:d2:4b:01:c2:83:e9:
28:82:5e:73:04:3a:f4:12:bc:d9:eb:7f:31:3f:b4:2c:0d:c7:
74:db:6b:ad:83:ee:33:16:d4:4b:46:83:f3:0d:9a:20:fe:e7:
ab:9d:ee:e1:fc:ed:cc:aa:bb:17:7e:d3:a5:ac:f4:1c:cd:84:
55:f8:70:fd:69:ac:9c:e3:4f:d9:0e:05:b8:fa:fc:24:1a:eb:
3b:bd:cb:dc:56:b3:41:5a:96:24:5c:a3:09:5c:78:f0:b7:b1:
c6:bc:c3:84:4f:3d:46:91:e3:ca:38:5d:58:3e:fe:60:de:1e:
35:9d:ec:9f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQijfc7xR+zzhQif2SHaE3iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiMDNhOWIyMGQyYWZkMDFkOWExYzYyOGQzMDFiOTljODdj
YzVhY2QwHhcNMjUwMTAxMTU0ODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWJjZTY3NzI1ODBlMWI4MjQ0OWJiNjQ4MzFiNzY1NTM3M2I4ZDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwThjSI7QD4DMllXXXBXTsp+Jt8zR
ohN0o2N/MiTr9znA5ac/yQNRfw82dWawrXlPqoZBBSbY7l64T5Fheu1Ug3BuFltG
idrNCC0lBUqhLEBb7pbSMCJKSh2DYrhG51F8NJIo0HG5BQ63vYX/4JfSDS44mci7
7Idx4mbtXr1L9trWvwu9xLAm+qyYFJ+WHSX5McWQvoM5uQYoOfovRVhDeAtVOj5t
qNDt8FfAcldPtq31QHjQn/tiqMDGL8Ju6lJ0/fKd8TNPlpwKsO6Qk1Yn7/0lV4bZ
FqmXWmSlI1lIOiEi4QCEFSNnG81fIGbfNH+reYZ8XowD8zH9FPhjij/tLQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK685nclgOG4JEm7ZIMbdlU3O40HMB8GA1UdIwQY
MBaAFHsDqbINKv0B2aHGKNMBuZyHzFrNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXdPcHNnMHFfUUhab2NZbzB3RzVuSWZNV3MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy81NjQ3NzUtMzYxYS00NzI5LWI5NTMt
YTdkMTllYzA3ZjEzLzEvcnJ6bWR5V0E0YmdrU2J0a2d4dDJWVGM3alFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy81NjQ3NzUtMzYxYS00NzI5LWI5NTMtYTdkMTllYzA3ZjEz
LzEvZXdPcHNnMHFfUUhab2NZbzB3RzVuSWZNV3MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFsGXgMA0G
CSqGSIb3DQEBCwUAA4IBAQBDi4llq1wrtAZOmXG6jwt7MxYO07mi/xBUj6pWGl03
BZRKlyuUlzuu5HIQM3Sb83D60HY6ISY1CAb9TNu0LLNBpNmMnonvWhMLL/XYHmKf
6qOBuZjWz7k8gUkZmoLg2cbnr8q53YKvJ4Y3eqUg4s066rbmKfrua0IAix59t9mX
S7KtkwZ6NMQe3LXSSwHCg+kogl5zBDr0ErzZ638xP7QsDcd022utg+4zFtRLRoPz
DZog/uerne7h/O3MqrsXftOlrPQczYRV+HD9aayc40/ZDgW4+vwkGus7vcvcVrNB
WpYkXKMJXHjwt7HGvMOETz1GkePKOF1YPv5g3h41neyf
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:40:12 2025 by rpki-client