Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/_ZOTa7OSJoloZx_FvOAMUx2j8cg.roa
File: _ZOTa7OSJoloZx_FvOAMUx2j8cg.roa (raw, json)
Hash identifier: qzZERM4SAkQ7zvnQlsMXK4toRNRj7HnzINNsMKuFMs0=
Subject key identifier: FD:93:93:6B:B3:92:26:89:68:67:1F:C5:BC:E0:0C:53:1D:A3:F1:C8
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0195E95B9D0467274C4DC0F54FC593982241
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/_ZOTa7OSJoloZx_FvOAMUx2j8cg.roa
Signing time: Sun 30 Mar 2025 23:20:49 +0000
ROA not before: Sun 30 Mar 2025 23:20:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 109.111.32.0/20 maxlen: 24
109.111.42.0/23 maxlen: 24
109.111.56.0/22 maxlen: 22
176.221.20.0/22 maxlen: 24
176.221.24.0/22 maxlen: 24
185.65.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 11:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:e9:5b:9d:04:67:27:4c:4d:c0:f5:4f:c5:93:98:22:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Mar 30 23:20:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd93936bb392268968671fc5bce00c531da3f1c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:12:f5:c4:b7:53:4f:f0:74:22:a0:2d:0d:4d:
9e:56:b5:72:aa:cf:47:1b:14:44:85:fe:4c:29:4e:
59:55:55:1c:c3:66:ba:9e:33:78:ee:01:88:58:81:
14:6b:c6:2f:7e:7f:3e:6e:e6:3f:9a:61:8f:81:f5:
64:99:ae:0e:d0:3f:e2:d6:8a:ad:1a:28:98:cd:0e:
5b:e7:12:01:e7:4e:3f:93:b0:b8:a8:e4:d8:6e:d0:
10:47:c1:0b:19:82:0a:c5:98:22:ca:ac:b2:b1:71:
b0:13:35:ab:23:ab:87:5d:cb:f6:3e:10:93:ff:4a:
7e:4e:09:c1:29:72:f7:63:09:51:9e:b6:ae:1b:d9:
ac:8d:62:3c:3f:1f:6d:f7:a3:c7:f1:cb:bb:aa:b3:
6c:ec:7e:9a:26:99:d7:c6:86:41:ef:e2:53:59:67:
0f:c7:bf:87:00:98:d8:c9:a1:1b:5a:82:03:9a:5f:
d9:5b:c4:2b:20:67:34:81:c1:22:99:e4:a7:36:f9:
dd:21:74:f7:10:b4:28:32:65:f6:66:e7:93:5a:46:
65:98:f6:45:0e:ff:b2:b2:ed:1d:26:43:70:30:b3:
48:fe:5a:1a:41:a3:75:a1:c5:8b:d3:74:82:e3:c0:
6a:f1:2a:a7:8a:05:85:bd:64:63:47:db:43:e1:70:
e5:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:93:93:6B:B3:92:26:89:68:67:1F:C5:BC:E0:0C:53:1D:A3:F1:C8
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/_ZOTa7OSJoloZx_FvOAMUx2j8cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.111.32.0/20
109.111.56.0/22
176.221.20.0-176.221.27.255
185.65.62.0/24
Signature Algorithm: sha256WithRSAEncryption
97:66:22:e3:9b:da:45:4b:7d:d9:13:69:d1:aa:c0:4f:de:c9:
cd:c6:30:71:49:37:50:e4:65:37:84:52:c4:4d:d1:03:5d:56:
0b:8f:79:a0:da:e2:d8:ed:55:01:26:a3:04:e4:a3:ae:bc:d6:
a9:97:cd:0c:ac:29:61:39:8a:9f:9e:78:03:cd:3b:6e:72:93:
d3:76:34:72:c8:82:e2:a3:19:41:e7:3d:9c:4f:f9:91:bb:f8:
df:e5:9b:1a:0d:38:d3:19:6c:85:09:f7:e8:cc:51:9f:8f:b3:
f8:c0:de:7d:4f:3f:45:97:8d:94:88:d3:29:db:b9:32:9f:7d:
b5:d7:40:44:d0:9c:7b:43:96:79:ce:13:93:cb:0d:3d:7d:b1:
f4:cd:2f:9c:12:73:e9:8d:c7:98:f0:b1:de:71:3b:37:d4:fb:
f4:c5:f0:b7:ea:d1:25:90:82:b0:99:db:02:06:d7:23:f3:5c:
72:a3:93:24:91:bb:83:30:bd:08:89:d1:5d:ca:d3:49:b7:77:
39:8f:0a:c6:f1:24:5e:d1:b7:f6:cb:f4:13:81:c0:c7:51:8c:
67:b4:a4:7e:43:9b:e9:49:af:d9:8a:cb:d4:ad:ec:2e:a7:71:
5a:28:62:1f:3f:a6:75:da:7a:e0:bd:aa:32:ba:9f:2a:c1:67:
9e:95:a8:6f
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZXpW50EZydMTcD1T8WTmCJBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjUwMzMwMjMyMDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDkzOTM2YmIzOTIyNjg5Njg2NzFmYzViY2UwMGM1MzFkYTNmMWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7RL1xLdTT/B0IqAtDU2eVrVyqs9H
GxREhf5MKU5ZVVUcw2a6njN47gGIWIEUa8Yvfn8+buY/mmGPgfVkma4O0D/i1oqt
GiiYzQ5b5xIB504/k7C4qOTYbtAQR8ELGYIKxZgiyqyysXGwEzWrI6uHXcv2PhCT
/0p+TgnBKXL3YwlRnrauG9msjWI8Px9t96PH8cu7qrNs7H6aJpnXxoZB7+JTWWcP
x7+HAJjYyaEbWoIDml/ZW8QrIGc0gcEimeSnNvndIXT3ELQoMmX2ZueTWkZlmPZF
Dv+ysu0dJkNwMLNI/loaQaN1ocWL03SC48Bq8SqnigWFvWRjR9tD4XDlyQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFP2Tk2uzkiaJaGcfxbzgDFMdo/HIMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvX1pPVGE3T1NKb2xvWnhfRnZPQU1VeDJqOGNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQEbW8gAwQC
bW84MAwDBAKw3RQDBAKw3RgDBAC5QT4wDQYJKoZIhvcNAQELBQADggEBAJdmIuOb
2kVLfdkTadGqwE/eyc3GMHFJN1DkZTeEUsRN0QNdVguPeaDa4tjtVQEmowTko668
1qmXzQysKWE5ip+eeAPNO25yk9N2NHLIguKjGUHnPZxP+ZG7+N/lmxoNONMZbIUJ
9+jMUZ+Ps/jA3n1PP0WXjZSI0ynbuTKffbXXQETQnHtDlnnOE5PLDT19sfTNL5wS
c+mNx5jwsd5xOzfU+/TF8Lfq0SWQgrCZ2wIG1yPzXHKjkySRu4MwvQiJ0V3K00m3
dzmPCsbxJF7Rt/bL9BOBwMdRjGe0pH5Dm+lJr9mKy9St7C6ncVooYh8/pnXaeuC9
qjK6nyrBZ56VqG8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 21:00:00 2025 by rpki-client