Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/ZFUmkI5Si20CHGaDBK-ZoNXIfEk.roa
File: ZFUmkI5Si20CHGaDBK-ZoNXIfEk.roa (raw, json)
Hash identifier: 4y56G8cf16t1jWavTqKOCy9B29Mw+jTHj1dGwOZOhA0=
Subject key identifier: 64:55:26:90:8E:52:8B:6D:02:1C:66:83:04:AF:99:A0:D5:C8:7C:49
Certificate issuer: /CN=fb987244611b5230536744b6a89f044f32f462ea
Certificate serial: 0194266BF5BC5C2E744415F818661A24B27E
Authority key identifier: FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/ZFUmkI5Si20CHGaDBK-ZoNXIfEk.roa
Signing time: Thu 02 Jan 2025 09:49:56 +0000
ROA not before: Thu 02 Jan 2025 09:49:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198651
IP address blocks: 88.119.176.0/22 maxlen: 22
88.119.176.0/24 maxlen: 24
88.119.177.0/24 maxlen: 24
88.119.178.0/24 maxlen: 24
88.119.179.0/24 maxlen: 24
195.12.188.0/24 maxlen: 24
195.12.189.0/24 maxlen: 24
195.12.190.0/24 maxlen: 24
195.12.191.0/24 maxlen: 24
2a00:1eb8:c000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 20:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:f5:bc:5c:2e:74:44:15:f8:18:66:1a:24:b2:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb987244611b5230536744b6a89f044f32f462ea
Validity
Not Before: Jan 2 09:49:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=645526908e528b6d021c668304af99a0d5c87c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:ed:34:a4:88:d3:3c:fe:5d:a2:5f:8d:cd:e7:
b4:1a:7a:38:45:94:3b:03:11:42:31:d5:74:3e:84:
3b:ad:31:fb:7e:c9:9a:d2:ac:f2:11:f8:08:65:0d:
36:c3:3c:ff:d1:cb:24:57:3c:c5:19:1e:4a:16:15:
e7:ca:ef:70:3a:8e:51:55:5f:73:49:e3:48:42:b3:
76:08:f0:dc:c8:cf:9a:c8:21:34:2d:28:ad:ae:48:
79:a4:17:f1:e8:7e:25:35:51:79:8a:65:9a:ff:82:
e9:e6:48:a3:31:cb:96:f1:8c:74:f5:b0:24:d7:ae:
b5:a2:d6:a5:7d:84:b9:53:c5:5a:fb:10:22:79:c5:
64:f3:3b:bc:97:6c:e0:10:56:80:e6:2c:70:74:b0:
f1:dd:a0:9e:77:a8:86:b9:ed:ee:43:99:24:9c:eb:
ca:eb:cc:9f:7f:36:33:34:d6:96:20:1d:f4:71:65:
fd:15:fa:4c:c3:81:85:32:49:4a:19:85:58:4e:2d:
d9:2c:c0:11:d9:b5:a0:a9:7b:36:4f:f4:2e:1d:99:
dc:fa:bc:6e:ed:c9:42:80:a7:3c:89:d0:4a:20:e2:
5b:36:8e:6f:0d:56:7b:60:ce:f4:64:8c:9a:7b:11:
b2:57:a4:e9:c6:5d:7e:e4:d4:b2:e3:bc:3d:82:1d:
30:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:55:26:90:8E:52:8B:6D:02:1C:66:83:04:AF:99:A0:D5:C8:7C:49
X509v3 Authority Key Identifier:
keyid:FB:98:72:44:61:1B:52:30:53:67:44:B6:A8:9F:04:4F:32:F4:62:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/ZFUmkI5Si20CHGaDBK-ZoNXIfEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/319d7c-7e76-4308-bc00-be5832d5f7aa/1/1-5hyRGEbUjBTZ0S2qJ8ETzL0Yuo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.119.176.0/22
195.12.188.0/22
IPv6:
2a00:1eb8:c000::/48
Signature Algorithm: sha256WithRSAEncryption
01:e0:01:ff:69:2b:3c:8d:e1:59:90:df:1b:fa:81:54:58:eb:
a5:a4:37:9a:46:4d:0b:ad:05:db:ff:ea:88:ac:09:3d:81:87:
79:96:05:b7:18:13:a1:dc:df:aa:13:89:87:a3:7e:ea:6e:01:
c1:c4:ff:f6:70:d4:8b:51:24:c2:ab:b4:e5:69:55:8b:81:1e:
8c:dd:f8:ba:3a:fe:c8:40:59:49:91:89:d3:23:b0:02:6c:6a:
07:7a:9a:2f:a3:db:25:8e:f4:15:ca:35:1c:03:05:c9:5e:8a:
03:29:3f:28:a8:ed:0f:ce:5f:6d:96:a0:c6:e3:e6:44:ea:cb:
bb:db:73:4e:57:f3:38:9f:ae:46:21:ee:53:45:ad:e9:c6:39:
00:d5:16:b2:67:23:dc:ce:95:15:0a:11:90:a3:3b:95:a0:41:
55:08:34:a0:77:85:2c:6d:f9:f4:63:fc:36:79:33:c5:b4:68:
32:07:00:fc:bb:aa:1e:df:56:25:cd:c1:ae:67:e4:c5:66:80:
1e:a6:25:2a:5d:69:cc:31:0d:25:21:63:84:1e:8a:38:2e:7b:
df:79:26:ae:a0:10:94:bc:2c:2b:51:3a:9e:e9:71:df:5e:11:
cf:bf:f2:fd:0a:13:4c:41:ed:9f:c5:f4:1b:cf:9a:c4:04:ad:
40:16:7a:34
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZQma/W8XC50RBX4GGYaJLJ+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiOTg3MjQ0NjExYjUyMzA1MzY3NDRiNmE4OWYwNDRmMzJm
NDYyZWEwHhcNMjUwMTAyMDk0OTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDU1MjY5MDhlNTI4YjZkMDIxYzY2ODMwNGFmOTlhMGQ1Yzg3YzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAku00pIjTPP5dol+Nzee0Gno4RZQ7
AxFCMdV0PoQ7rTH7fsma0qzyEfgIZQ02wzz/0cskVzzFGR5KFhXnyu9wOo5RVV9z
SeNIQrN2CPDcyM+ayCE0LSitrkh5pBfx6H4lNVF5imWa/4Lp5kijMcuW8Yx09bAk
1661otalfYS5U8Va+xAiecVk8zu8l2zgEFaA5ixwdLDx3aCed6iGue3uQ5kknOvK
68yffzYzNNaWIB30cWX9FfpMw4GFMklKGYVYTi3ZLMAR2bWgqXs2T/QuHZnc+rxu
7clCgKc8idBKIOJbNo5vDVZ7YM70ZIyaexGyV6Tpxl1+5NSy47w9gh0wWwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFGRVJpCOUottAhxmgwSvmaDVyHxJMB8GA1UdIwQY
MBaAFPuYckRhG1IwU2dEtqifBE8y9GLqMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS01aHlSR0ViVWpCVFowUzJxSjhFVHpMMFl1by5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAw
LWJlNTgzMmQ1ZjdhYS8xL1pGVW1rSTVTaTIwQ0hHYURCSy1ab05YSWZFay5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDQvMzE5ZDdjLTdlNzYtNDMwOC1iYzAwLWJlNTgzMmQ1Zjdh
YS8xLzEtNWh5UkdFYlVqQlRaMFMycUo4RVR6TDBZdW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBAJYd7AD
BALDDLwwDwQCAAIwCQMHACoAHrjAADANBgkqhkiG9w0BAQsFAAOCAQEAAeAB/2kr
PI3hWZDfG/qBVFjrpaQ3mkZNC60F2//qiKwJPYGHeZYFtxgTodzfqhOJh6N+6m4B
wcT/9nDUi1Ekwqu05WlVi4EejN34ujr+yEBZSZGJ0yOwAmxqB3qaL6PbJY70Fco1
HAMFyV6KAyk/KKjtD85fbZagxuPmROrLu9tzTlfzOJ+uRiHuU0Wt6cY5ANUWsmcj
3M6VFQoRkKM7laBBVQg0oHeFLG359GP8NnkzxbRoMgcA/LuqHt9WJc3BrmfkxWaA
HqYlKl1pzDENJSFjhB6KOC5733kmrqAQlLwsK1E6nulx314Rz7/y/QoTTEHtn8X0
G8+axAStQBZ6NA==
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:15:08 2025 by rpki-client