Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/37de59-9ca4-447e-a510-e4a86b0ffd2e/1/zWlbMie9smiEiWEP03iooF2NKYI.roa
File: zWlbMie9smiEiWEP03iooF2NKYI.roa (raw, json)
Hash identifier: i3CosfERz9PWPOxFmY5jsq43lJm4fTA/Cty1Zgq6vks=
Subject key identifier: CD:69:5B:32:27:BD:B2:68:84:89:61:0F:D3:78:A8:A0:5D:8D:29:82
Certificate issuer: /CN=d094eb0e98987a2adf8f95a03e7865991a201855
Certificate serial: 0194258EE7DB301384C85863A6B5B85DA858
Authority key identifier: D0:94:EB:0E:98:98:7A:2A:DF:8F:95:A0:3E:78:65:99:1A:20:18:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0JTrDpiYeirfj5WgPnhlmRogGFU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/37de59-9ca4-447e-a510-e4a86b0ffd2e/1/zWlbMie9smiEiWEP03iooF2NKYI.roa
Signing time: Thu 02 Jan 2025 05:48:29 +0000
ROA not before: Thu 02 Jan 2025 05:48:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35454
IP address blocks: 178.21.56.0/21 maxlen: 21
178.21.56.0/24 maxlen: 24
178.21.57.0/24 maxlen: 24
178.21.58.0/24 maxlen: 24
178.21.59.0/24 maxlen: 24
178.21.60.0/24 maxlen: 24
178.21.61.0/24 maxlen: 24
178.21.62.0/24 maxlen: 24
178.21.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/37de59-9ca4-447e-a510-e4a86b0ffd2e/1/0JTrDpiYeirfj5WgPnhlmRogGFU.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/37de59-9ca4-447e-a510-e4a86b0ffd2e/1/0JTrDpiYeirfj5WgPnhlmRogGFU.mft
rsync://rpki.ripe.net/repository/DEFAULT/0JTrDpiYeirfj5WgPnhlmRogGFU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8e:e7:db:30:13:84:c8:58:63:a6:b5:b8:5d:a8:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d094eb0e98987a2adf8f95a03e7865991a201855
Validity
Not Before: Jan 2 05:48:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd695b3227bdb2688489610fd378a8a05d8d2982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fb:f4:5a:f7:7a:1f:91:9d:c2:d2:75:97:17:
a1:fd:38:67:5d:ea:7f:d4:d5:16:da:62:a3:19:f1:
34:17:b0:d2:ca:b9:6c:5c:23:52:52:5b:15:a3:16:
85:02:43:46:d6:45:3e:6e:60:7e:71:03:63:86:45:
30:72:d5:85:23:0f:64:07:d4:10:7e:e2:66:43:40:
d8:16:3f:c6:e5:7f:a7:4e:a7:60:ee:14:ba:79:88:
cb:e4:f1:85:3d:ab:7f:9e:fe:4b:ce:8e:43:20:4f:
13:6e:07:2f:b5:23:40:2a:0c:5f:94:af:c5:ee:28:
28:94:f7:24:14:e3:13:f3:99:45:99:fb:83:64:75:
ad:a6:ad:11:3c:22:30:0f:e0:87:eb:42:d4:23:1b:
7a:90:82:b7:8a:84:65:1d:a2:d9:4c:a6:1b:5e:a1:
09:bb:b8:ec:e2:76:d4:b3:b2:ee:57:39:67:d5:2f:
b0:9a:a1:18:06:bc:a4:4e:9d:55:fa:40:4a:a1:57:
41:a4:30:79:1f:09:a2:0b:80:10:a7:3d:09:1d:2a:
1f:5b:93:36:ba:63:c8:16:13:c2:62:d5:5d:b5:2d:
71:6b:67:5b:43:d8:4f:bb:12:b3:68:9d:f7:82:0e:
67:14:16:2e:d0:1d:f0:f0:b7:6a:c1:bc:3d:bc:2d:
fc:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:69:5B:32:27:BD:B2:68:84:89:61:0F:D3:78:A8:A0:5D:8D:29:82
X509v3 Authority Key Identifier:
keyid:D0:94:EB:0E:98:98:7A:2A:DF:8F:95:A0:3E:78:65:99:1A:20:18:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0JTrDpiYeirfj5WgPnhlmRogGFU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37de59-9ca4-447e-a510-e4a86b0ffd2e/1/zWlbMie9smiEiWEP03iooF2NKYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/37de59-9ca4-447e-a510-e4a86b0ffd2e/1/0JTrDpiYeirfj5WgPnhlmRogGFU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.21.56.0/21
Signature Algorithm: sha256WithRSAEncryption
5f:90:27:87:b5:83:f6:75:23:1c:a6:b2:1c:b1:a5:64:80:b5:
21:e0:f6:1e:2f:38:dc:93:d7:91:90:9d:29:a1:22:37:7e:62:
86:51:dc:53:89:6a:b6:8d:cc:84:fa:ec:44:fb:8a:8b:6f:7e:
fd:3f:b6:34:d9:55:a4:8e:20:78:9a:91:b7:ed:e5:23:76:ef:
6d:78:d0:8a:b3:da:33:9f:11:81:23:85:73:78:38:b7:38:d9:
cb:a1:8d:46:ca:4d:e9:9b:58:29:97:52:61:e9:22:4d:75:81:
b7:b4:19:5c:27:27:31:2e:9e:bb:0f:fb:8c:9c:61:de:0d:df:
d1:de:19:13:e1:db:07:cb:f4:12:b1:ac:88:ac:2b:69:2f:85:
10:32:34:49:bd:a0:7c:14:05:76:6f:4c:07:d3:46:8c:80:b2:
e4:29:8c:5a:0f:76:7c:31:77:8f:48:c5:80:e9:b7:d3:fd:bc:
6a:16:62:17:7c:dd:0a:4b:46:21:15:67:37:24:5a:f0:f1:fc:
f6:c3:67:e3:26:5d:3e:65:d9:e3:e0:de:3b:0f:e3:15:43:f6:
9a:54:87:6f:dc:f8:a8:e8:23:4b:85:78:90:5c:db:75:dc:2e:
d2:de:46:ef:90:6c:17:2d:69:cc:d7:8f:3e:03:82:d8:c7:82:
e7:52:1f:ba
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQljufbMBOEyFhjprW4XahYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwOTRlYjBlOTg5ODdhMmFkZjhmOTVhMDNlNzg2NTk5MWEy
MDE4NTUwHhcNMjUwMTAyMDU0ODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDY5NWIzMjI3YmRiMjY4ODQ4OTYxMGZkMzc4YThhMDVkOGQyOTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/v0Wvd6H5GdwtJ1lxeh/ThnXep/
1NUW2mKjGfE0F7DSyrlsXCNSUlsVoxaFAkNG1kU+bmB+cQNjhkUwctWFIw9kB9QQ
fuJmQ0DYFj/G5X+nTqdg7hS6eYjL5PGFPat/nv5Lzo5DIE8TbgcvtSNAKgxflK/F
7igolPckFOMT85lFmfuDZHWtpq0RPCIwD+CH60LUIxt6kIK3ioRlHaLZTKYbXqEJ
u7js4nbUs7LuVzln1S+wmqEYBrykTp1V+kBKoVdBpDB5HwmiC4AQpz0JHSofW5M2
umPIFhPCYtVdtS1xa2dbQ9hPuxKzaJ33gg5nFBYu0B3w8Ldqwbw9vC38OQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM1pWzInvbJohIlhD9N4qKBdjSmCMB8GA1UdIwQY
MBaAFNCU6w6YmHoq34+VoD54ZZkaIBhVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEpUckRwaVllaXJmajVXZ1BuaGxtUm9nR0ZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi8zN2RlNTktOWNhNC00NDdlLWE1MTAt
ZTRhODZiMGZmZDJlLzEveldsYk1pZTlzbWlFaVdFUDAzaW9vRjJOS1lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi8zN2RlNTktOWNhNC00NDdlLWE1MTAtZTRhODZiMGZmZDJl
LzEvMEpUckRwaVllaXJmajVXZ1BuaGxtUm9nR0ZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDshU4MA0G
CSqGSIb3DQEBCwUAA4IBAQBfkCeHtYP2dSMcprIcsaVkgLUh4PYeLzjck9eRkJ0p
oSI3fmKGUdxTiWq2jcyE+uxE+4qLb379P7Y02VWkjiB4mpG37eUjdu9teNCKs9oz
nxGBI4VzeDi3ONnLoY1Gyk3pm1gpl1Jh6SJNdYG3tBlcJycxLp67D/uMnGHeDd/R
3hkT4dsHy/QSsayIrCtpL4UQMjRJvaB8FAV2b0wH00aMgLLkKYxaD3Z8MXePSMWA
6bfT/bxqFmIXfN0KS0YhFWc3JFrw8fz2w2fjJl0+Zdnj4N47D+MVQ/aaVIdv3Pio
6CNLhXiQXNt13C7S3kbvkGwXLWnM148+A4LYx4LnUh+6
-----END CERTIFICATE-----
Generated at Tue Apr 8 00:22:47 2025 by rpki-client