Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/ZllHOFY_PgpOxzOT4Q2RudzM6t4.roa
File: ZllHOFY_PgpOxzOT4Q2RudzM6t4.roa (raw, json)
Hash identifier: TN32M7RxY+57PDosFpZdyPaIy1h6+U9oN98Epgj3jE4=
Subject key identifier: 66:59:47:38:56:3F:3E:0A:4E:C7:33:93:E1:0D:91:B9:DC:CC:EA:DE
Certificate issuer: /CN=cddd902a1271270027e4577778ea35883b4515f6
Certificate serial: 019424B33E011CACE530906DE8BA26513F39
Authority key identifier: CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/ZllHOFY_PgpOxzOT4Q2RudzM6t4.roa
Signing time: Thu 02 Jan 2025 01:48:34 +0000
ROA not before: Thu 02 Jan 2025 01:48:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48577
IP address blocks: 2.59.4.0/24 maxlen: 24
2.59.5.0/24 maxlen: 24
2.59.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:3e:01:1c:ac:e5:30:90:6d:e8:ba:26:51:3f:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddd902a1271270027e4577778ea35883b4515f6
Validity
Not Before: Jan 2 01:48:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66594738563f3e0a4ec73393e10d91b9dccceade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:76:53:c5:ed:53:58:ab:61:8f:aa:bf:b7:18:
1f:9e:94:bc:40:55:bf:40:83:ff:79:f9:9e:30:9e:
f6:07:b3:c7:71:57:fd:a7:4c:1e:f8:78:4b:9b:c8:
1e:4b:cd:45:08:e3:06:a9:18:ea:2d:bb:14:4e:36:
de:2f:e9:d3:79:58:f1:bf:ea:23:22:c0:ce:5a:70:
25:b6:48:84:5d:33:5d:5c:09:03:26:a9:66:6b:47:
55:a5:e3:8f:11:08:bf:89:62:65:f9:47:54:3e:eb:
83:89:b4:e5:c0:5c:b9:63:7a:3a:19:70:c5:03:c0:
f5:8f:d5:fe:73:0d:0d:37:72:19:f3:ca:1b:47:40:
2d:7a:57:47:7b:8f:91:57:91:29:56:2f:c9:cf:ad:
93:f3:57:7b:15:47:34:55:19:1c:ea:c4:79:00:99:
5b:b1:92:e3:36:4a:05:d2:f0:e6:03:67:5d:94:71:
5d:d5:55:b9:aa:d4:e5:70:f7:e1:3d:9e:c7:43:fd:
36:4b:10:33:96:08:b1:ad:fe:98:01:53:d5:23:1b:
c7:25:d8:3f:c6:41:7f:03:d2:33:8d:ff:2b:bd:2d:
d6:b7:2e:32:ab:a7:c2:9b:26:8c:d4:65:b8:fb:93:
93:d4:ee:da:c7:16:c1:28:84:85:cf:c5:62:2d:1f:
6c:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:59:47:38:56:3F:3E:0A:4E:C7:33:93:E1:0D:91:B9:DC:CC:EA:DE
X509v3 Authority Key Identifier:
keyid:CD:DD:90:2A:12:71:27:00:27:E4:57:77:78:EA:35:88:3B:45:15:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/ZllHOFY_PgpOxzOT4Q2RudzM6t4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/7a1eb4-290a-4686-8bba-dc7542138952/1/zd2QKhJxJwAn5Fd3eOo1iDtFFfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.4.0/23
2.59.7.0/24
Signature Algorithm: sha256WithRSAEncryption
41:7a:47:ae:79:99:25:48:d7:74:1c:89:07:8c:e2:2d:02:13:
96:7d:41:a3:a9:d6:63:97:c1:84:84:6d:35:8c:e0:54:b8:cf:
57:89:1a:ff:f7:78:01:91:01:ef:b5:ca:37:94:72:67:23:b3:
e5:6c:c7:ea:f8:46:03:69:f0:43:49:c1:28:4f:3d:37:58:90:
58:ce:28:a9:48:da:d2:87:d8:4b:7e:e3:16:0f:b7:79:9e:2d:
64:db:53:bb:0a:cd:28:ad:47:d0:07:07:cb:e0:ea:e3:56:b7:
a7:1c:1b:5f:89:fb:05:04:25:a9:1b:c3:3f:0f:91:04:ec:7a:
6d:99:a1:c2:88:b0:e4:03:88:df:b6:13:59:8a:54:6f:cd:20:
a8:40:8d:be:e5:59:99:f8:57:15:ec:ae:4f:7b:76:21:1b:18:
9e:a6:60:2e:96:5c:ef:79:60:c1:62:f1:d5:26:ae:db:f4:36:
07:ff:ab:00:28:2d:b4:9a:94:25:a4:f5:99:7a:a9:9f:57:db:
5f:95:de:45:b0:0b:0f:52:01:f5:28:26:17:2d:2a:c1:f6:7e:
10:b9:83:50:36:ef:0a:c1:0a:d2:2c:9a:5f:60:94:7b:4d:17:
23:4f:28:8e:7e:3b:45:cd:2f:f7:f7:29:13:e7:0e:05:ea:a2:
10:20:26:6e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQksz4BHKzlMJBt6LomUT85MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGQ5MDJhMTI3MTI3MDAyN2U0NTc3Nzc4ZWEzNTg4M2I0
NTE1ZjYwHhcNMjUwMTAyMDE0ODM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjU5NDczODU2M2YzZTBhNGVjNzMzOTNlMTBkOTFiOWRjY2NlYWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4nZTxe1TWKthj6q/txgfnpS8QFW/
QIP/efmeMJ72B7PHcVf9p0we+HhLm8geS81FCOMGqRjqLbsUTjbeL+nTeVjxv+oj
IsDOWnAltkiEXTNdXAkDJqlma0dVpeOPEQi/iWJl+UdUPuuDibTlwFy5Y3o6GXDF
A8D1j9X+cw0NN3IZ88obR0AteldHe4+RV5EpVi/Jz62T81d7FUc0VRkc6sR5AJlb
sZLjNkoF0vDmA2ddlHFd1VW5qtTlcPfhPZ7HQ/02SxAzlgixrf6YAVPVIxvHJdg/
xkF/A9Izjf8rvS3Wty4yq6fCmyaM1GW4+5OT1O7axxbBKISFz8ViLR9sdwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGZZRzhWPz4KTsczk+ENkbnczOreMB8GA1UdIwQY
MBaAFM3dkCoScScAJ+RXd3jqNYg7RRX2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEt
ZGM3NTQyMTM4OTUyLzEvWmxsSE9GWV9QZ3BPeHpPVDRRMlJ1ZHpNNnQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS83YTFlYjQtMjkwYS00Njg2LThiYmEtZGM3NTQyMTM4OTUy
LzEvemQyUUtoSnhKd0FuNUZkM2VPbzFpRHRGRmZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBAjsEAwQA
AjsHMA0GCSqGSIb3DQEBCwUAA4IBAQBBekeueZklSNd0HIkHjOItAhOWfUGjqdZj
l8GEhG01jOBUuM9XiRr/93gBkQHvtco3lHJnI7PlbMfq+EYDafBDScEoTz03WJBY
ziipSNrSh9hLfuMWD7d5ni1k21O7Cs0orUfQBwfL4OrjVrenHBtfifsFBCWpG8M/
D5EE7HptmaHCiLDkA4jfthNZilRvzSCoQI2+5VmZ+FcV7K5Pe3YhGxiepmAullzv
eWDBYvHVJq7b9DYH/6sAKC20mpQlpPWZeqmfV9tfld5FsAsPUgH1KCYXLSrB9n4Q
uYNQNu8KwQrSLJpfYJR7TRcjTyiOfjtFzS/39ykT5w4F6qIQICZu
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:58:29 2025 by rpki-client