Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/qzzHZUBjcSRGFasL_IeeyUOUJ98.roa
File: qzzHZUBjcSRGFasL_IeeyUOUJ98.roa (raw, json)
Hash identifier: Lhbg0pCg1KfB+dSdb+vO645LuzkQlZQdXs3opMNsPwc=
Subject key identifier: AB:3C:C7:65:40:63:71:24:46:15:AB:0B:FC:87:9E:C9:43:94:27:DF
Certificate issuer: /CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Certificate serial: 019426D9B6082395CEB2D5D15A24B2227598
Authority key identifier: 4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/qzzHZUBjcSRGFasL_IeeyUOUJ98.roa
Signing time: Thu 02 Jan 2025 11:49:49 +0000
ROA not before: Thu 02 Jan 2025 11:49:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8990
IP address blocks: 45.88.204.0/22 maxlen: 22
82.150.32.0/19 maxlen: 19
91.144.64.0/18 maxlen: 24
91.144.121.0/24 maxlen: 24
95.171.64.0/19 maxlen: 19
109.199.32.0/19 maxlen: 24
109.199.46.0/24 maxlen: 24
109.199.57.0/24 maxlen: 24
109.199.58.0/24 maxlen: 24
109.199.61.0/24 maxlen: 24
109.199.62.0/24 maxlen: 24
212.92.0.0/19 maxlen: 19
2a03:9900::/32 maxlen: 32
2a03:9900:1::/48 maxlen: 48
2a03:9900:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:b6:08:23:95:ce:b2:d5:d1:5a:24:b2:22:75:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f36103344fcd3b5759f2db3f3c7071376f9e233
Validity
Not Before: Jan 2 11:49:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab3cc765406371244615ab0bfc879ec9439427df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:0f:f1:58:e7:77:70:28:77:59:43:14:0a:93:
8c:97:95:f4:44:df:97:e5:4c:f2:4f:16:d9:94:0b:
ee:9c:57:a7:cd:c8:fb:1c:99:ff:dd:4c:8e:13:1f:
2c:a2:56:2d:f0:90:43:79:9c:27:07:f2:29:2f:ad:
2c:ea:27:4a:3a:d2:0b:04:39:1f:70:67:9a:bd:c7:
f6:fc:20:35:a9:76:50:2c:4d:e3:a3:30:ec:05:ab:
dd:c2:c2:b2:55:9b:a7:f0:33:66:f9:17:3e:88:89:
42:49:25:64:78:c6:8b:13:c3:75:2d:db:bf:17:3c:
f6:12:79:6d:c4:d3:4c:fe:64:ae:de:cc:61:90:28:
fb:a0:69:3d:38:19:c5:2e:bb:d8:1c:47:f8:0b:71:
ec:58:a0:1d:0d:65:68:9a:b1:fb:d6:f1:c7:25:f4:
9c:82:c9:ee:41:07:38:00:b6:5c:f9:61:82:18:1f:
2d:11:e2:fa:7f:2c:5a:57:86:c2:e7:de:52:53:11:
9c:5d:70:e8:a6:74:cc:3c:54:46:9d:14:9c:50:2a:
f3:09:86:f9:6a:e8:0f:4c:48:03:b1:88:b4:ce:0f:
92:21:f4:16:33:cd:0a:b0:3a:e4:e4:cb:39:f9:30:
e5:45:3d:78:0f:e6:95:0b:5a:15:b8:b3:f6:7f:f6:
9c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:3C:C7:65:40:63:71:24:46:15:AB:0B:FC:87:9E:C9:43:94:27:DF
X509v3 Authority Key Identifier:
keyid:4F:36:10:33:44:FC:D3:B5:75:9F:2D:B3:F3:C7:07:13:76:F9:E2:33
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TzYQM0T807V1ny2z88cHE3b54jM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/qzzHZUBjcSRGFasL_IeeyUOUJ98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/80d9df-eaf3-48b6-8fd5-0acc892b11d2/1/TzYQM0T807V1ny2z88cHE3b54jM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.88.204.0/22
82.150.32.0/19
91.144.64.0/18
95.171.64.0/19
109.199.32.0/19
212.92.0.0/19
IPv6:
2a03:9900::/32
Signature Algorithm: sha256WithRSAEncryption
58:c1:11:70:ec:b3:be:22:60:fc:05:98:46:3d:20:de:25:62:
2d:41:93:28:7c:fe:11:ef:e2:31:32:af:90:7e:4d:dd:7c:23:
7f:4a:76:dd:d7:9f:f1:3b:ee:27:a2:28:17:31:c0:cf:25:ea:
c1:4e:67:e1:58:c7:f0:c7:36:45:79:36:31:79:4f:99:22:bc:
02:7a:b9:fb:03:8b:a9:0e:dc:d6:05:ec:cb:55:8e:91:8b:81:
77:5a:06:59:bf:e8:56:26:20:ac:23:67:c9:7b:34:2f:a5:4e:
2e:78:7d:60:39:f9:d3:a3:83:1e:1f:df:43:e7:f4:9f:e1:77:
00:fd:c9:85:c9:a2:68:2c:bd:9d:6f:6d:29:00:e2:de:50:8f:
27:9f:d5:31:5f:5a:30:06:d7:bc:d7:9e:ec:88:04:2e:b7:76:
09:54:2c:7d:5d:72:09:f7:4d:bc:1e:ca:ba:49:42:1a:56:a0:
f8:ae:35:57:aa:30:cb:86:2a:b9:d0:6d:67:e1:14:09:71:7b:
6d:9b:45:e6:b1:58:9f:b3:14:46:95:49:6f:76:76:c6:61:70:
74:58:6d:32:d7:8e:58:5b:85:15:29:c2:0c:0a:4a:8f:dc:0e:
7b:3f:a7:82:e6:93:29:cc:6e:b1:e9:d1:56:56:70:d3:15:b8:
96:71:c2:ff
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZQm2bYII5XOstXRWiSyInWYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMzYxMDMzNDRmY2QzYjU3NTlmMmRiM2YzYzcwNzEzNzZm
OWUyMzMwHhcNMjUwMTAyMTE0OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjNjYzc2NTQwNjM3MTI0NDYxNWFiMGJmYzg3OWVjOTQzOTQyN2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjw/xWOd3cCh3WUMUCpOMl5X0RN+X
5UzyTxbZlAvunFenzcj7HJn/3UyOEx8solYt8JBDeZwnB/IpL60s6idKOtILBDkf
cGeavcf2/CA1qXZQLE3jozDsBavdwsKyVZun8DNm+Rc+iIlCSSVkeMaLE8N1Ldu/
Fzz2EnltxNNM/mSu3sxhkCj7oGk9OBnFLrvYHEf4C3HsWKAdDWVomrH71vHHJfSc
gsnuQQc4ALZc+WGCGB8tEeL6fyxaV4bC595SUxGcXXDopnTMPFRGnRScUCrzCYb5
augPTEgDsYi0zg+SIfQWM80KsDrk5Ms5+TDlRT14D+aVC1oVuLP2f/acOQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFKs8x2VAY3EkRhWrC/yHnslDlCffMB8GA1UdIwQY
MBaAFE82EDNE/NO1dZ8ts/PHBxN2+eIzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUt
MGFjYzg5MmIxMWQyLzEvcXp6SFpVQmpjU1JHRmFzTF9JZWV5VU9VSjk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy84MGQ5ZGYtZWFmMy00OGI2LThmZDUtMGFjYzg5MmIxMWQy
LzEvVHpZUU0wVDgwN1Yxbnkyejg4Y0hFM2I1NGpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLVjMAwQF
UpYgAwQGW5BAAwQFX6tAAwQFbccgAwQF1FwAMA0EAgACMAcDBQAqA5kAMA0GCSqG
SIb3DQEBCwUAA4IBAQBYwRFw7LO+ImD8BZhGPSDeJWItQZMofP4R7+IxMq+Qfk3d
fCN/Snbd15/xO+4noigXMcDPJerBTmfhWMfwxzZFeTYxeU+ZIrwCern7A4upDtzW
BezLVY6Ri4F3WgZZv+hWJiCsI2fJezQvpU4ueH1gOfnTo4MeH99D5/Sf4XcA/cmF
yaJoLL2db20pAOLeUI8nn9UxX1owBte8157siAQut3YJVCx9XXIJ9028Hsq6SUIa
VqD4rjVXqjDLhiq50G1n4RQJcXttm0XmsVifsxRGlUlvdnbGYXB0WG0y145YW4UV
KcIMCkqP3A57P6eC5pMpzG6x6dFWVnDTFbiWccL/
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:57:50 2025 by rpki-client