Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/373eca-ca43-4d62-a10f-bc7fc719d31b/1/zfiw5E-qnyxqvOsxLYX9MrFyy84.roa
File: zfiw5E-qnyxqvOsxLYX9MrFyy84.roa (raw, json)
Hash identifier: 1/skm9ZEWKwE055qHT9FApOuyUCgE73YdLdPkqaA0Cg=
Subject key identifier: CD:F8:B0:E4:4F:AA:9F:2C:6A:BC:EB:31:2D:85:FD:32:B1:72:CB:CE
Certificate issuer: /CN=5a1d45edd7edde9a8b862a739ada8e78b7dc82b9
Certificate serial: 019420D64D988BF19B3BA77AEAACED5F09AC
Authority key identifier: 5A:1D:45:ED:D7:ED:DE:9A:8B:86:2A:73:9A:DA:8E:78:B7:DC:82:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wh1F7dft3pqLhipzmtqOeLfcgrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/373eca-ca43-4d62-a10f-bc7fc719d31b/1/zfiw5E-qnyxqvOsxLYX9MrFyy84.roa
Signing time: Wed 01 Jan 2025 07:48:22 +0000
ROA not before: Wed 01 Jan 2025 07:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211113
IP address blocks: 2.58.116.0/22 maxlen: 22
5.61.212.0/22 maxlen: 22
37.25.40.0/22 maxlen: 22
94.101.102.0/24 maxlen: 24
185.89.28.0/22 maxlen: 22
2a06:ea80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/373eca-ca43-4d62-a10f-bc7fc719d31b/1/Wh1F7dft3pqLhipzmtqOeLfcgrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/373eca-ca43-4d62-a10f-bc7fc719d31b/1/Wh1F7dft3pqLhipzmtqOeLfcgrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wh1F7dft3pqLhipzmtqOeLfcgrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 19:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:4d:98:8b:f1:9b:3b:a7:7a:ea:ac:ed:5f:09:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a1d45edd7edde9a8b862a739ada8e78b7dc82b9
Validity
Not Before: Jan 1 07:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cdf8b0e44faa9f2c6abceb312d85fd32b172cbce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:f1:ee:d8:f7:5e:a3:8e:d8:a6:89:d0:a4:9f:
04:7a:35:dc:bd:6c:fd:c1:95:df:25:44:78:49:85:
d7:8e:b7:02:3b:21:b4:63:7d:91:5d:5d:24:d8:75:
04:62:52:0e:b3:a9:32:8a:84:20:59:56:eb:dc:6c:
67:35:af:55:0c:ee:fd:5c:3e:f8:52:55:bb:ed:34:
94:6a:bc:24:8d:50:23:be:97:0e:3b:a4:ae:43:13:
94:41:0c:cc:fa:5c:fa:87:76:0a:d6:77:39:8e:71:
37:79:24:82:af:2f:23:4f:de:cc:73:22:44:52:2c:
d4:46:93:23:37:92:8a:52:a0:39:6a:c5:3c:31:9e:
f8:e3:0f:52:db:79:7d:27:56:ae:bf:b1:cf:3e:9f:
85:c3:49:b9:8b:76:e8:04:a0:d2:05:12:cf:a3:be:
c5:8c:55:e1:f4:7c:70:ea:ef:3e:64:d8:28:1e:77:
ba:d9:fe:74:e3:7f:68:50:38:ed:2b:44:fd:69:e1:
3f:e4:9e:74:94:6f:7e:6e:de:ee:4e:70:ae:65:9d:
b5:0f:b3:3c:ef:b2:54:5f:66:4c:44:b7:b1:49:a3:
c6:a5:9b:b1:77:7c:6c:3c:4c:47:cf:de:8e:b3:2f:
9e:1f:b9:38:04:58:da:49:46:d2:5c:cf:7c:ff:e2:
f0:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F8:B0:E4:4F:AA:9F:2C:6A:BC:EB:31:2D:85:FD:32:B1:72:CB:CE
X509v3 Authority Key Identifier:
keyid:5A:1D:45:ED:D7:ED:DE:9A:8B:86:2A:73:9A:DA:8E:78:B7:DC:82:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wh1F7dft3pqLhipzmtqOeLfcgrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/373eca-ca43-4d62-a10f-bc7fc719d31b/1/zfiw5E-qnyxqvOsxLYX9MrFyy84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/373eca-ca43-4d62-a10f-bc7fc719d31b/1/Wh1F7dft3pqLhipzmtqOeLfcgrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.116.0/22
5.61.212.0/22
37.25.40.0/22
94.101.102.0/24
185.89.28.0/22
IPv6:
2a06:ea80::/29
Signature Algorithm: sha256WithRSAEncryption
31:1b:f0:af:bf:db:8b:bc:18:e8:de:ad:6f:54:38:26:f8:5b:
41:60:93:5b:3d:00:ce:5a:6d:21:9f:64:92:b9:bb:d0:d0:8f:
49:7c:74:fa:e3:51:3d:6a:85:b8:55:26:11:e7:f8:29:31:fc:
d8:22:11:a1:8d:c5:0f:fa:49:e0:f3:1e:0d:a8:0a:b2:9b:9c:
20:84:25:79:72:9b:2c:19:21:b6:d3:2b:9d:4f:69:ab:e7:98:
c6:98:1a:fb:58:9b:ed:95:20:3e:0e:6a:24:8f:d7:f2:17:6d:
a4:6e:27:01:b4:00:52:b5:49:29:5e:64:f2:87:24:ef:99:37:
5b:1d:b5:cf:58:3f:d4:79:a0:d1:d8:8c:67:ab:a7:03:93:cb:
3e:6b:97:b3:c7:33:a1:7e:68:5d:a4:88:80:1b:87:b5:1e:63:
c5:04:65:ed:2e:4e:83:78:12:02:0b:0f:6c:08:48:5d:5c:b7:
3a:73:6f:bb:07:51:4a:2b:e7:f3:13:4a:39:cd:d5:27:09:a7:
b8:f5:03:48:36:ab:74:c1:d2:20:80:23:68:12:f5:c3:0f:57:
3c:23:32:9a:07:9c:bf:6b:59:fa:28:5d:81:76:61:89:0d:40:
47:02:79:aa:1f:51:99:19:19:36:c6:db:f0:fd:31:cb:f4:db:
f6:01:56:80
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQg1k2Yi/GbO6d66qztXwmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhMWQ0NWVkZDdlZGRlOWE4Yjg2MmE3MzlhZGE4ZTc4Yjdk
YzgyYjkwHhcNMjUwMTAxMDc0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGY4YjBlNDRmYWE5ZjJjNmFiY2ViMzEyZDg1ZmQzMmIxNzJjYmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfHu2Pdeo47YponQpJ8EejXcvWz9
wZXfJUR4SYXXjrcCOyG0Y32RXV0k2HUEYlIOs6kyioQgWVbr3GxnNa9VDO79XD74
UlW77TSUarwkjVAjvpcOO6SuQxOUQQzM+lz6h3YK1nc5jnE3eSSCry8jT97McyJE
UizURpMjN5KKUqA5asU8MZ744w9S23l9J1auv7HPPp+Fw0m5i3boBKDSBRLPo77F
jFXh9Hxw6u8+ZNgoHne62f50439oUDjtK0T9aeE/5J50lG9+bt7uTnCuZZ21D7M8
77JUX2ZMRLexSaPGpZuxd3xsPExHz96Osy+eH7k4BFjaSUbSXM98/+LwuwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFM34sORPqp8sarzrMS2F/TKxcsvOMB8GA1UdIwQY
MBaAFFodRe3X7d6ai4Yqc5rajni33IK5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2gxRjdkZnQzcHFMaGlwem10cU9lTGZjZ3JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zNzNlY2EtY2E0My00ZDYyLWExMGYt
YmM3ZmM3MTlkMzFiLzEvemZpdzVFLXFueXhxdk9zeExZWDlNckZ5eTg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zNzNlY2EtY2E0My00ZDYyLWExMGYtYmM3ZmM3MTlkMzFi
LzEvV2gxRjdkZnQzcHFMaGlwem10cU9lTGZjZ3JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCAjp0AwQC
BT3UAwQCJRkoAwQAXmVmAwQCuVkcMA0EAgACMAcDBQMqBuqAMA0GCSqGSIb3DQEB
CwUAA4IBAQAxG/Cvv9uLvBjo3q1vVDgm+FtBYJNbPQDOWm0hn2SSubvQ0I9JfHT6
41E9aoW4VSYR5/gpMfzYIhGhjcUP+kng8x4NqAqym5wghCV5cpssGSG20yudT2mr
55jGmBr7WJvtlSA+Dmokj9fyF22kbicBtABStUkpXmTyhyTvmTdbHbXPWD/UeaDR
2Ixnq6cDk8s+a5ezxzOhfmhdpIiAG4e1HmPFBGXtLk6DeBICCw9sCEhdXLc6c2+7
B1FKK+fzE0o5zdUnCae49QNINqt0wdIggCNoEvXDD1c8IzKaB5y/a1n6KF2BdmGJ
DUBHAnmqH1GZGRk2xtvw/THL9Nv2AVaA
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:55:14 2025 by rpki-client