Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZnbzYHRBvUTbEjCixu-51iq0NfI.roa
File: ZnbzYHRBvUTbEjCixu-51iq0NfI.roa (raw, json)
Hash identifier: H6eoYf0qoCchu+RJjza0539v8DwbGRsxOIQiPaH7Gsc=
Subject key identifier: 66:76:F3:60:74:41:BD:44:DB:12:30:A2:C6:EF:B9:D6:2A:B4:35:F2
Certificate issuer: /CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Certificate serial: 0194244557A2C08302AA0E035E20A148DCFF
Authority key identifier: 36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZnbzYHRBvUTbEjCixu-51iq0NfI.roa
Signing time: Wed 01 Jan 2025 23:48:31 +0000
ROA not before: Wed 01 Jan 2025 23:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400909
IP address blocks: 185.199.148.0/23 maxlen: 23
185.199.212.0/23 maxlen: 23
185.225.170.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 10:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:57:a2:c0:83:02:aa:0e:03:5e:20:a1:48:dc:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=368bfb8a5eee49082ea628df25a4a5d50f3aa9b3
Validity
Not Before: Jan 1 23:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6676f3607441bd44db1230a2c6efb9d62ab435f2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:da:ba:91:05:c7:7a:bd:25:35:f2:7e:b0:28:
72:26:1d:dd:3b:df:22:c1:74:2d:97:55:a9:13:26:
c9:26:6c:01:73:0f:63:4b:27:ac:c8:c1:3b:fd:8a:
e8:a4:5b:3d:94:67:e1:0f:2a:55:8b:bd:b6:57:dd:
a9:0a:f2:70:3f:a2:61:11:7b:be:39:6d:b2:50:41:
8f:3b:8b:23:43:f7:c2:18:5a:7c:35:b6:b2:83:1d:
44:e0:ba:bc:86:23:1c:f5:02:b0:27:7d:51:a8:48:
c6:09:ca:a6:ea:6d:64:c5:d7:ce:e9:ac:b9:50:5d:
28:2c:bb:a7:b6:49:5e:01:57:2d:80:f7:ac:02:2c:
71:de:d1:f4:d1:6b:e8:3f:07:f7:eb:b3:c7:ba:f4:
37:d2:70:0c:22:81:8d:30:ae:95:99:ff:5b:76:c3:
90:05:40:58:17:91:28:47:ed:4e:56:cf:68:e8:32:
8b:5c:03:00:93:ac:8c:bf:a3:7c:d0:ef:b1:ab:48:
c3:be:18:f4:b3:e8:3a:3f:41:f9:87:95:5b:87:dd:
90:13:88:14:21:42:fa:23:7e:a8:90:8b:fd:80:f5:
34:ce:a1:0c:b2:3a:e9:ec:6c:17:e1:3a:fa:af:23:
d1:60:e9:39:c0:9a:7e:d6:7a:68:40:86:00:a1:b3:
fb:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:76:F3:60:74:41:BD:44:DB:12:30:A2:C6:EF:B9:D6:2A:B4:35:F2
X509v3 Authority Key Identifier:
keyid:36:8B:FB:8A:5E:EE:49:08:2E:A6:28:DF:25:A4:A5:D5:0F:3A:A9:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nov7il7uSQgupijfJaSl1Q86qbM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/ZnbzYHRBvUTbEjCixu-51iq0NfI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/aa58c3-e706-4a49-a7c5-0ae2e922a292/1/Nov7il7uSQgupijfJaSl1Q86qbM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.199.148.0/23
185.199.212.0/23
185.225.170.0/23
Signature Algorithm: sha256WithRSAEncryption
b4:b4:4f:ea:db:4b:43:9f:e3:e6:91:32:90:8d:46:57:c2:b9:
b3:c8:f3:4e:30:ed:53:6b:4f:ef:47:be:28:5d:6e:73:54:44:
10:58:30:4a:47:a6:f6:df:7b:66:36:f0:81:3d:34:94:3c:e6:
fe:93:b3:5a:75:cd:b5:e2:42:18:3a:51:0b:9c:21:ce:52:02:
15:e2:cc:2f:99:e2:b6:ea:30:b8:68:bb:1d:01:74:75:21:7d:
01:2f:3a:d3:55:e1:88:ee:a8:40:48:b4:01:bb:c2:0c:6a:2f:
1a:48:67:3b:a5:96:fb:ad:fa:e9:7b:b2:18:d5:69:99:a1:93:
73:3a:c1:15:43:7d:fd:43:81:70:00:9e:93:1f:50:fa:bd:4b:
74:58:9a:9d:54:60:42:8d:89:19:81:af:b0:2c:da:15:c6:19:
bf:e0:24:c9:28:d5:e7:f5:63:7a:3c:0a:7d:b8:1f:a4:28:ac:
c7:ee:1f:e7:c0:0d:01:47:28:23:60:2b:d3:a3:57:4b:2d:53:
15:29:52:78:44:77:9e:48:a9:27:f5:32:fb:59:51:34:1c:58:
eb:d7:35:b3:62:f5:45:87:0c:8b:7a:73:12:b3:fb:ff:af:e7:
7b:6c:d4:33:fa:ce:9a:47:8d:f0:c6:8e:3d:e7:f7:76:f9:1c:
8a:64:3c:55
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQkRVeiwIMCqg4DXiChSNz/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2OGJmYjhhNWVlZTQ5MDgyZWE2MjhkZjI1YTRhNWQ1MGYz
YWE5YjMwHhcNMjUwMTAxMjM0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Njc2ZjM2MDc0NDFiZDQ0ZGIxMjMwYTJjNmVmYjlkNjJhYjQzNWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNq6kQXHer0lNfJ+sChyJh3dO98i
wXQtl1WpEybJJmwBcw9jSyesyME7/YropFs9lGfhDypVi722V92pCvJwP6JhEXu+
OW2yUEGPO4sjQ/fCGFp8Nbaygx1E4Lq8hiMc9QKwJ31RqEjGCcqm6m1kxdfO6ay5
UF0oLLuntkleAVctgPesAixx3tH00WvoPwf367PHuvQ30nAMIoGNMK6Vmf9bdsOQ
BUBYF5EoR+1OVs9o6DKLXAMAk6yMv6N80O+xq0jDvhj0s+g6P0H5h5Vbh92QE4gU
IUL6I36okIv9gPU0zqEMsjrp7GwX4Tr6ryPRYOk5wJp+1npoQIYAobP75QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGZ282B0Qb1E2xIwosbvudYqtDXyMB8GA1UdIwQY
MBaAFDaL+4pe7kkILqYo3yWkpdUPOqmzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUt
MGFlMmU5MjJhMjkyLzEvWm5iellIUkJ2VVRiRWpDaXh1LTUxaXEwTmZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9hYTU4YzMtZTcwNi00YTQ5LWE3YzUtMGFlMmU5MjJhMjky
LzEvTm92N2lsN3VTUWd1cGlqZkphU2wxUTg2cWJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuceUAwQB
ucfUAwQBueGqMA0GCSqGSIb3DQEBCwUAA4IBAQC0tE/q20tDn+PmkTKQjUZXwrmz
yPNOMO1Ta0/vR74oXW5zVEQQWDBKR6b233tmNvCBPTSUPOb+k7Nadc214kIYOlEL
nCHOUgIV4swvmeK26jC4aLsdAXR1IX0BLzrTVeGI7qhASLQBu8IMai8aSGc7pZb7
rfrpe7IY1WmZoZNzOsEVQ339Q4FwAJ6TH1D6vUt0WJqdVGBCjYkZga+wLNoVxhm/
4CTJKNXn9WN6PAp9uB+kKKzH7h/nwA0BRygjYCvTo1dLLVMVKVJ4RHeeSKkn9TL7
WVE0HFjr1zWzYvVFhwyLenMSs/v/r+d7bNQz+s6aR43wxo495/d2+RyKZDxV
-----END CERTIFICATE-----
Generated at Wed Feb 5 18:55:43 2025 by rpki-client