Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/ZBji9OX_VotOWmsBmNsHM021d9w.roa
File: ZBji9OX_VotOWmsBmNsHM021d9w.roa (raw, json)
Hash identifier: VbyaXchd5eBQYGJ65pdgdekBYkxDCu5DrAnwaoKvIrc=
Subject key identifier: 64:18:E2:F4:E5:FF:56:8B:4E:5A:6B:01:98:DB:07:33:4D:B5:77:DC
Certificate issuer: /CN=2ceadee58f864f472eb422b0b95497b85075a12b
Certificate serial: 019422FB23A7834C517AE8D23E6E268C6E8E
Authority key identifier: 2C:EA:DE:E5:8F:86:4F:47:2E:B4:22:B0:B9:54:97:B8:50:75:A1:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/ZBji9OX_VotOWmsBmNsHM021d9w.roa
Signing time: Wed 01 Jan 2025 17:47:51 +0000
ROA not before: Wed 01 Jan 2025 17:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59437
IP address blocks: 91.194.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/LOre5Y-GT0cutCKwuVSXuFB1oSs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/LOre5Y-GT0cutCKwuVSXuFB1oSs.mft
rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:23:a7:83:4c:51:7a:e8:d2:3e:6e:26:8c:6e:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ceadee58f864f472eb422b0b95497b85075a12b
Validity
Not Before: Jan 1 17:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6418e2f4e5ff568b4e5a6b0198db07334db577dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:14:c8:78:ba:b4:2a:ad:5e:27:54:bc:9e:da:
0a:a8:9b:f3:40:e8:a9:37:df:c5:4d:87:72:39:67:
9f:c2:ac:93:7d:77:42:3d:cb:8a:a7:57:20:d1:31:
35:bd:f7:a2:0a:d6:16:95:b6:26:d3:c8:cb:5a:56:
0c:76:04:ad:98:80:bf:a8:38:c4:40:1a:49:22:5f:
9f:db:fe:e2:7b:5e:8d:34:c6:7e:b2:46:16:6d:78:
f9:5d:6e:a4:3f:72:a9:c6:2b:5d:74:ef:fb:13:4d:
79:92:2d:10:82:3a:7e:74:64:09:dd:f9:48:cd:67:
dd:b3:d9:67:14:f5:be:cf:10:fb:e3:a5:1a:fd:33:
63:fd:13:be:55:02:cc:52:5e:c6:19:68:7c:53:d3:
d2:a3:b1:f1:3c:76:7b:1a:60:fc:71:c6:2c:91:32:
4f:b4:82:c8:54:0c:46:65:8b:f5:b0:73:8a:0a:62:
4a:cc:4d:20:f1:67:5a:f2:29:6c:15:12:6b:b4:5b:
d7:2e:72:bc:af:52:f3:be:8b:6a:16:97:c9:cc:60:
c7:02:73:9d:c4:c9:34:49:aa:8c:f7:19:77:ab:77:
ac:f6:8d:98:51:a9:6b:25:1e:bf:c6:5b:f7:55:61:
a9:60:c5:4c:5b:98:52:04:3b:a6:7e:19:93:9e:0d:
7a:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:18:E2:F4:E5:FF:56:8B:4E:5A:6B:01:98:DB:07:33:4D:B5:77:DC
X509v3 Authority Key Identifier:
keyid:2C:EA:DE:E5:8F:86:4F:47:2E:B4:22:B0:B9:54:97:B8:50:75:A1:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LOre5Y-GT0cutCKwuVSXuFB1oSs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/ZBji9OX_VotOWmsBmNsHM021d9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/7c2e84-e6cc-4751-887b-bc7a24c2e219/1/LOre5Y-GT0cutCKwuVSXuFB1oSs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.200.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:d0:4c:eb:0f:41:f1:ff:c4:89:eb:17:8c:56:64:7f:d3:0b:
dc:f4:b6:6f:bd:b2:0e:fc:bb:b1:e9:b7:91:ce:0c:66:7f:b0:
f5:ab:9c:fc:5a:6f:8a:0f:8c:5e:6e:a6:a7:60:df:4e:e7:72:
7c:f9:41:14:08:be:63:07:2b:b1:f4:d7:0f:18:6d:8e:67:5f:
2e:90:5e:db:82:1d:9a:7e:ac:5e:74:36:3f:7d:90:a8:a2:dd:
c2:4f:58:e7:ef:ab:2c:47:f7:89:ae:2e:c1:cf:e6:f9:ce:b9:
0d:1d:fd:b9:f0:f6:28:48:52:be:d1:7c:1c:ee:3b:ff:39:18:
ea:85:05:bd:3f:e0:45:87:78:ff:ea:b0:9e:68:3c:50:e7:77:
ac:83:43:32:40:b0:b6:5a:61:38:70:a3:0b:b1:41:66:93:8b:
05:17:83:2e:5f:a7:61:af:8a:c3:b7:da:87:ca:8b:2d:78:60:
cc:0f:39:cc:56:81:02:ae:73:b0:04:61:8d:81:27:bc:58:2b:
0a:0d:af:3f:81:58:27:6a:91:1e:6c:6e:22:58:42:7b:c4:48:
87:6a:2f:ae:66:33:c1:5d:fd:30:ff:f5:a5:2d:9a:77:ba:c1:
b8:77:ee:c9:dd:ce:ad:58:8b:d4:57:7e:49:8b:a4:0f:8d:21:
e2:35:4a:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+yOng0xReujSPm4mjG6OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjZWFkZWU1OGY4NjRmNDcyZWI0MjJiMGI5NTQ5N2I4NTA3
NWExMmIwHhcNMjUwMTAxMTc0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDE4ZTJmNGU1ZmY1NjhiNGU1YTZiMDE5OGRiMDczMzRkYjU3N2RjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7BTIeLq0Kq1eJ1S8ntoKqJvzQOip
N9/FTYdyOWefwqyTfXdCPcuKp1cg0TE1vfeiCtYWlbYm08jLWlYMdgStmIC/qDjE
QBpJIl+f2/7ie16NNMZ+skYWbXj5XW6kP3KpxitddO/7E015ki0Qgjp+dGQJ3flI
zWfds9lnFPW+zxD746Ua/TNj/RO+VQLMUl7GGWh8U9PSo7HxPHZ7GmD8ccYskTJP
tILIVAxGZYv1sHOKCmJKzE0g8Wda8ilsFRJrtFvXLnK8r1LzvotqFpfJzGDHAnOd
xMk0SaqM9xl3q3es9o2YUalrJR6/xlv3VWGpYMVMW5hSBDumfhmTng163wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQY4vTl/1aLTlprAZjbBzNNtXfcMB8GA1UdIwQY
MBaAFCzq3uWPhk9HLrQisLlUl7hQdaErMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTE9yZTVZLUdUMGN1dENLd3VWU1h1RkIxb1NzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi83YzJlODQtZTZjYy00NzUxLTg4N2It
YmM3YTI0YzJlMjE5LzEvWkJqaTlPWF9Wb3RPV21zQm1Oc0hNMDIxZDl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi83YzJlODQtZTZjYy00NzUxLTg4N2ItYmM3YTI0YzJlMjE5
LzEvTE9yZTVZLUdUMGN1dENLd3VWU1h1RkIxb1NzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW8LIMA0G
CSqGSIb3DQEBCwUAA4IBAQCl0EzrD0Hx/8SJ6xeMVmR/0wvc9LZvvbIO/Lux6beR
zgxmf7D1q5z8Wm+KD4xebqanYN9O53J8+UEUCL5jByux9NcPGG2OZ18ukF7bgh2a
fqxedDY/fZCoot3CT1jn76ssR/eJri7Bz+b5zrkNHf258PYoSFK+0Xwc7jv/ORjq
hQW9P+BFh3j/6rCeaDxQ53esg0MyQLC2WmE4cKMLsUFmk4sFF4MuX6dhr4rDt9qH
yosteGDMDznMVoECrnOwBGGNgSe8WCsKDa8/gVgnapEebG4iWEJ7xEiHai+uZjPB
Xf0w//WlLZp3usG4d+7J3c6tWIvUV35Ji6QPjSHiNUqA
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:53:09 2025 by rpki-client