Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/1-zaXNM8IjBevuapBNy17UgtMDPI.roa
File: 1-zaXNM8IjBevuapBNy17UgtMDPI.roa (raw, json)
Hash identifier: qqGCZZPHpyNcqi3nXwcUIZYDresP/fXUbRojoE1EMpQ=
Subject key identifier: FB:36:97:34:CF:08:8C:17:AF:B9:AA:41:37:2D:7B:52:0B:4C:0C:F2
Certificate issuer: /CN=2dbdb89fb4118ffa55fafdbf45e19282be0e7acf
Certificate serial: 0194F443EFC4911A7E9CFB0C08B0BDA1C953
Authority key identifier: 2D:BD:B8:9F:B4:11:8F:FA:55:FA:FD:BF:45:E1:92:82:BE:0E:7A:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Lb24n7QRj_pV-v2_ReGSgr4Oes8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/1-zaXNM8IjBevuapBNy17UgtMDPI.roa
Signing time: Tue 11 Feb 2025 09:08:00 +0000
ROA not before: Tue 11 Feb 2025 09:08:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13030
IP address blocks: 185.240.172.0/22 maxlen: 22
2a00:5640::/32 maxlen: 32
2a00:5641::/32 maxlen: 32
2a00:5642::/32 maxlen: 32
2a00:5646::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/Lb24n7QRj_pV-v2_ReGSgr4Oes8.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/Lb24n7QRj_pV-v2_ReGSgr4Oes8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Lb24n7QRj_pV-v2_ReGSgr4Oes8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:f4:43:ef:c4:91:1a:7e:9c:fb:0c:08:b0:bd:a1:c9:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dbdb89fb4118ffa55fafdbf45e19282be0e7acf
Validity
Not Before: Feb 11 09:08:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fb369734cf088c17afb9aa41372d7b520b4c0cf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:7b:f4:fc:70:41:9b:65:ab:a7:52:be:98:93:
00:f9:57:24:45:e9:0b:cd:86:c3:61:c4:ba:aa:ed:
a1:1c:ef:f4:d5:7c:91:a2:36:b1:c5:2a:9c:72:5c:
89:36:70:bc:c9:56:f1:03:9e:e5:fa:6f:67:97:d3:
4d:28:58:e2:62:60:6c:a6:a2:66:3f:00:c2:86:cc:
96:27:60:29:9d:2a:ae:b4:ba:90:43:b1:18:29:15:
c1:6a:30:88:de:0a:e6:c3:44:9a:16:08:8e:db:fc:
37:48:93:da:0d:57:b9:fd:72:a9:55:00:35:cd:11:
bb:d3:30:48:e7:bd:2c:a9:20:56:85:1a:9d:21:3e:
2d:42:b6:c5:5b:c9:00:21:14:b2:12:7a:9e:62:5c:
fc:78:91:fb:6f:b7:0d:75:fe:31:2e:a8:a5:4d:1e:
d7:11:a6:32:4c:3e:12:7a:35:87:2e:c7:8f:a2:99:
cc:81:a1:cd:81:c0:ee:69:36:d6:aa:8a:b4:a9:64:
2d:13:81:ac:72:bd:ab:02:ac:53:5a:df:74:72:5e:
f0:84:79:4d:eb:ee:94:74:a8:3b:dc:74:70:41:66:
28:d4:b3:5f:03:20:7b:43:5a:9e:ef:56:3f:b2:83:
71:70:07:0c:70:d8:55:02:fe:7f:ad:d7:f3:1a:9f:
b4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:36:97:34:CF:08:8C:17:AF:B9:AA:41:37:2D:7B:52:0B:4C:0C:F2
X509v3 Authority Key Identifier:
keyid:2D:BD:B8:9F:B4:11:8F:FA:55:FA:FD:BF:45:E1:92:82:BE:0E:7A:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Lb24n7QRj_pV-v2_ReGSgr4Oes8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/1-zaXNM8IjBevuapBNy17UgtMDPI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/f00ccc-ec3f-40df-a9fc-7cc79917300a/1/Lb24n7QRj_pV-v2_ReGSgr4Oes8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.240.172.0/22
IPv6:
2a00:5640::-2a00:5642:ffff:ffff:ffff:ffff:ffff:ffff
2a00:5646::/32
Signature Algorithm: sha256WithRSAEncryption
53:85:cd:98:55:53:09:34:54:d0:43:ab:96:13:61:e8:69:5f:
ff:4f:ed:c0:2e:bd:20:1c:c9:91:c1:3e:13:0b:f2:3e:cb:7a:
b9:c0:f5:46:75:a2:22:d4:b1:9b:52:1f:7d:22:3a:a5:b0:e0:
b5:47:31:2d:88:14:f8:5e:08:90:46:06:b6:81:2f:4f:fa:b0:
b0:c7:d5:87:72:62:fd:b7:46:f1:cd:3f:66:58:61:9d:03:e9:
85:20:ce:2d:83:66:97:2a:ac:40:8a:8b:0e:16:03:4d:b4:32:
01:d5:3c:a9:6a:b5:d2:6e:7f:d7:ed:2e:8a:7b:6f:01:b5:03:
76:18:fc:c0:ce:4a:64:7d:4d:30:a9:84:06:8a:50:c4:e8:c6:
ab:a9:89:3f:62:aa:82:ec:95:9f:72:80:38:36:5c:17:58:3e:
d8:88:1d:28:af:ec:45:b3:8c:85:74:d7:dc:9a:22:54:b1:4b:
69:b7:d4:f4:b6:39:58:f7:a3:ec:ae:41:04:53:8a:59:ee:05:
c2:fb:52:2a:b7:6c:f9:bb:b3:30:39:d8:bb:29:6e:aa:be:7a:
c6:38:45:6c:98:33:cf:9e:c7:0a:20:2c:ea:3c:f8:cc:b5:9d:
f7:d7:59:7d:37:87:d3:8c:e0:73:b8:e3:9f:7d:b6:3a:24:40:
cc:a4:20:91
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZT0Q+/EkRp+nPsMCLC9oclTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkYmRiODlmYjQxMThmZmE1NWZhZmRiZjQ1ZTE5MjgyYmUw
ZTdhY2YwHhcNMjUwMjExMDkwODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYjM2OTczNGNmMDg4YzE3YWZiOWFhNDEzNzJkN2I1MjBiNGMwY2YyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2Xv0/HBBm2Wrp1K+mJMA+VckRekL
zYbDYcS6qu2hHO/01XyRojaxxSqcclyJNnC8yVbxA57l+m9nl9NNKFjiYmBspqJm
PwDChsyWJ2ApnSqutLqQQ7EYKRXBajCI3grmw0SaFgiO2/w3SJPaDVe5/XKpVQA1
zRG70zBI570sqSBWhRqdIT4tQrbFW8kAIRSyEnqeYlz8eJH7b7cNdf4xLqilTR7X
EaYyTD4SejWHLsePopnMgaHNgcDuaTbWqoq0qWQtE4Gscr2rAqxTWt90cl7whHlN
6+6UdKg73HRwQWYo1LNfAyB7Q1qe71Y/soNxcAcMcNhVAv5/rdfzGp+0cwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFPs2lzTPCIwXr7mqQTcte1ILTAzyMB8GA1UdIwQY
MBaAFC29uJ+0EY/6Vfr9v0XhkoK+DnrPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGIyNG43UVJqX3BWLXYyX1JlR1NncjRPZXM4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9mMDBjY2MtZWMzZi00MGRmLWE5ZmMt
N2NjNzk5MTczMDBhLzEvMS16YVhOTThJakJldnVhcEJOeTE3VWd0TURQSS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDIvZjAwY2NjLWVjM2YtNDBkZi1hOWZjLTdjYzc5OTE3MzAw
YS8xL0xiMjRuN1FSal9wVi12Ml9SZUdTZ3I0T2VzOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA+BggrBgEFBQcBBwEB/wQvMC0wDAQCAAEwBgMEArnwrDAd
BAIAAjAXMA4DBQYqAFZAAwUAKgBWQgMFACoAVkYwDQYJKoZIhvcNAQELBQADggEB
AFOFzZhVUwk0VNBDq5YTYehpX/9P7cAuvSAcyZHBPhML8j7LernA9UZ1oiLUsZtS
H30iOqWw4LVHMS2IFPheCJBGBraBL0/6sLDH1YdyYv23RvHNP2ZYYZ0D6YUgzi2D
ZpcqrECKiw4WA020MgHVPKlqtdJuf9ftLop7bwG1A3YY/MDOSmR9TTCphAaKUMTo
xqupiT9iqoLslZ9ygDg2XBdYPtiIHSiv7EWzjIV019yaIlSxS2m31PS2OVj3o+yu
QQRTilnuBcL7Uiq3bPm7szA52Lspbqq+esY4RWyYM8+exwogLOo8+My1nffXWX03
h9OM4HO44599tjokQMykIJE=
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:48:14 2025 by rpki-client