Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/mza84PKMv0aUDroEfzQZip-9Um8.roa
File: mza84PKMv0aUDroEfzQZip-9Um8.roa (raw, json)
Hash identifier: xfLnRg1sIPVix0oNDyz6FdqLtVqmjxCCvOykxKOTB0s=
Subject key identifier: 9B:36:BC:E0:F2:8C:BF:46:94:0E:BA:04:7F:34:19:8A:9F:BD:52:6F
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 019420D64A2587BE5390D280A7CEC03473B6
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/mza84PKMv0aUDroEfzQZip-9Um8.roa
Signing time: Wed 01 Jan 2025 07:48:22 +0000
ROA not before: Wed 01 Jan 2025 07:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20884
IP address blocks: 160.218.96.0/21 maxlen: 21
160.218.104.0/21 maxlen: 21
160.218.112.0/20 maxlen: 20
160.218.176.0/21 maxlen: 21
160.218.184.0/21 maxlen: 21
160.218.212.0/22 maxlen: 22
160.218.244.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:4a:25:87:be:53:90:d2:80:a7:ce:c0:34:73:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Jan 1 07:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b36bce0f28cbf46940eba047f34198a9fbd526f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:fb:34:54:d2:bd:88:02:02:c7:f6:41:e0:7d:
22:7c:ca:fb:de:5e:eb:db:74:6d:c5:19:60:f0:63:
de:0f:2b:91:92:03:5e:1b:1f:47:b7:de:9c:a0:f4:
dc:47:0a:27:40:97:80:67:9c:de:01:c1:96:23:3a:
01:35:3e:e6:13:bd:fd:04:5e:b1:c9:9a:36:77:82:
f5:9d:df:6c:7c:67:21:97:87:33:4b:6b:cc:8b:cc:
9a:c0:71:cb:6f:8a:2c:d8:bd:2a:53:f6:8f:5f:63:
b2:7b:df:a3:d8:7a:d3:51:44:85:6f:f3:42:7f:a1:
74:f6:1b:80:cf:ec:cf:9d:cd:c2:49:2f:57:b5:8a:
1e:a2:1c:1d:a0:c6:88:4b:5a:ba:01:d6:7a:8e:48:
ec:a9:d9:12:87:f3:5a:6d:2e:0f:74:45:ad:be:ec:
b7:2a:e0:00:88:ba:4e:f8:05:69:3f:89:0e:16:20:
66:8d:a2:5b:58:08:58:e9:8d:f5:e5:0a:15:8e:65:
92:8d:1e:6d:84:40:bd:75:11:cc:b6:df:87:d6:ff:
b0:17:2d:b9:5b:e7:f2:77:8f:6b:f2:c0:9b:32:af:
04:44:ed:e9:3d:45:81:00:a6:3a:7f:71:fc:78:49:
f3:07:01:9c:1e:63:34:bc:34:07:e7:61:64:8b:01:
7c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:36:BC:E0:F2:8C:BF:46:94:0E:BA:04:7F:34:19:8A:9F:BD:52:6F
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/mza84PKMv0aUDroEfzQZip-9Um8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.218.96.0/19
160.218.176.0/20
160.218.212.0/22
160.218.244.0/22
Signature Algorithm: sha256WithRSAEncryption
27:67:d1:73:d9:ef:88:d8:54:94:69:34:4e:5a:8d:b1:d6:38:
fe:58:ea:1e:30:49:f7:2a:6e:2f:3d:81:35:6b:0a:ad:a5:de:
b9:00:d9:fb:8e:d2:8c:19:62:2e:81:89:7e:d1:da:de:ca:ef:
ae:0c:a0:09:86:0a:d1:92:f1:2c:71:b4:43:3c:bf:a2:ca:4e:
b5:a9:a3:3c:87:97:33:0c:a1:bb:7b:5e:3c:7b:24:7d:95:1c:
e0:51:2f:55:4e:50:8b:9d:97:fe:d7:94:63:f5:53:1a:14:94:
f1:f8:40:80:d9:04:f0:d2:e4:ab:26:e7:ae:3f:bc:a6:0b:1c:
73:7a:7e:54:48:48:3d:42:55:c5:67:d6:33:1c:81:bb:ca:53:
4c:55:34:37:c0:4b:d1:28:5c:a7:7d:a2:69:14:e8:38:fa:8c:
95:6f:1d:b0:bd:a9:6d:07:e1:4d:f9:e4:21:9e:76:74:58:46:
a1:aa:ef:8f:63:50:d1:e9:fc:dc:82:7e:33:5e:bc:93:b1:17:
74:6d:85:99:79:90:83:cc:4f:87:36:43:6d:2d:da:fb:1d:9b:
ee:fa:13:ad:68:19:2e:ff:2a:29:27:83:1a:25:1d:54:30:ac:
16:a7:7a:ce:94:11:42:20:a2:a5:60:b5:9b:6f:0e:f3:91:43:
89:e4:63:61
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQg1kolh75TkNKAp87ANHO2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjUwMTAxMDc0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjM2YmNlMGYyOGNiZjQ2OTQwZWJhMDQ3ZjM0MTk4YTlmYmQ1MjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArPs0VNK9iAICx/ZB4H0ifMr73l7r
23RtxRlg8GPeDyuRkgNeGx9Ht96coPTcRwonQJeAZ5zeAcGWIzoBNT7mE739BF6x
yZo2d4L1nd9sfGchl4czS2vMi8yawHHLb4os2L0qU/aPX2Oye9+j2HrTUUSFb/NC
f6F09huAz+zPnc3CSS9XtYoeohwdoMaIS1q6AdZ6jkjsqdkSh/NabS4PdEWtvuy3
KuAAiLpO+AVpP4kOFiBmjaJbWAhY6Y315QoVjmWSjR5thEC9dRHMtt+H1v+wFy25
W+fyd49r8sCbMq8ERO3pPUWBAKY6f3H8eEnzBwGcHmM0vDQH52FkiwF8GwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFJs2vODyjL9GlA66BH80GYqfvVJvMB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvbXphODRQS012MGFVRHJvRWZ6UVppcC05VW04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFoNpgAwQE
oNqwAwQCoNrUAwQCoNr0MA0GCSqGSIb3DQEBCwUAA4IBAQAnZ9Fz2e+I2FSUaTRO
Wo2x1jj+WOoeMEn3Km4vPYE1awqtpd65ANn7jtKMGWIugYl+0dreyu+uDKAJhgrR
kvEscbRDPL+iyk61qaM8h5czDKG7e148eyR9lRzgUS9VTlCLnZf+15Rj9VMaFJTx
+ECA2QTw0uSrJueuP7ymCxxzen5USEg9QlXFZ9YzHIG7ylNMVTQ3wEvRKFynfaJp
FOg4+oyVbx2wvaltB+FN+eQhnnZ0WEahqu+PY1DR6fzcgn4zXryTsRd0bYWZeZCD
zE+HNkNtLdr7HZvu+hOtaBku/yopJ4MaJR1UMKwWp3rOlBFCIKKlYLWbbw7zkUOJ
5GNh
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:58:35 2025 by rpki-client