Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/zq6R1CnWZYXNrJ9Nu3qaClXC_EI.roa
File: zq6R1CnWZYXNrJ9Nu3qaClXC_EI.roa (raw, json)
Hash identifier: ak8xaUb5ScJnJTZZZkylfOFl3x6iHQeLyCotCjAzekI=
Subject key identifier: CE:AE:91:D4:29:D6:65:85:CD:AC:9F:4D:BB:7A:9A:0A:55:C2:FC:42
Certificate issuer: /CN=a724383490a105bdc0d21597bfb1478ef04630b1
Certificate serial: 01950469936A3AFA23CE0D69D0BA5CD9A8C0
Authority key identifier: A7:24:38:34:90:A1:05:BD:C0:D2:15:97:BF:B1:47:8E:F0:46:30:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pyQ4NJChBb3A0hWXv7FHjvBGMLE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/zq6R1CnWZYXNrJ9Nu3qaClXC_EI.roa
Signing time: Fri 14 Feb 2025 12:23:02 +0000
ROA not before: Fri 14 Feb 2025 12:23:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50588
IP address blocks: 45.145.120.0/23 maxlen: 23
185.149.12.0/23 maxlen: 23
193.109.63.0/24 maxlen: 24
2a12:f7c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/pyQ4NJChBb3A0hWXv7FHjvBGMLE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/pyQ4NJChBb3A0hWXv7FHjvBGMLE.mft
rsync://rpki.ripe.net/repository/DEFAULT/pyQ4NJChBb3A0hWXv7FHjvBGMLE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 09:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:04:69:93:6a:3a:fa:23:ce:0d:69:d0:ba:5c:d9:a8:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a724383490a105bdc0d21597bfb1478ef04630b1
Validity
Not Before: Feb 14 12:23:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ceae91d429d66585cdac9f4dbb7a9a0a55c2fc42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:c9:33:53:69:72:b9:c6:55:66:75:d8:41:3b:
97:45:c1:99:57:e9:86:54:95:6d:17:fe:69:b3:31:
77:ea:2a:e1:cd:b3:7d:aa:75:cd:4f:03:1c:1f:dd:
0b:89:2d:33:76:f4:51:26:cc:96:c7:67:4b:16:9d:
d3:c3:cf:81:0c:7f:be:8b:ff:94:8e:b4:69:ba:97:
6a:c7:e7:f7:10:79:a1:4f:ed:51:1e:c6:cf:f5:c5:
0d:2e:51:b2:d0:5a:12:24:ed:b0:00:63:0d:dc:da:
07:cb:ed:ca:2b:ca:37:f3:f0:4c:e0:02:0d:89:28:
a2:fc:01:10:58:81:2e:55:21:e1:fc:98:91:d0:93:
37:6e:75:f1:28:b0:a3:20:51:73:3a:35:03:4c:5e:
c8:e7:2b:8a:42:9d:dd:ea:46:42:e7:1c:7a:e1:71:
11:1d:92:92:eb:10:77:0b:66:f0:a2:70:73:6f:18:
65:64:a0:00:17:73:38:ab:bf:af:b3:a4:9e:30:fe:
52:fa:e3:e3:3b:ac:6a:a7:6e:68:56:51:e1:5f:c6:
ca:24:07:44:ed:f6:ad:db:c2:9b:31:ad:59:09:36:
56:fc:85:c9:38:0c:31:d8:c4:05:17:a7:2b:d2:70:
39:74:65:7d:11:0c:b5:60:53:ae:ad:1c:9c:3e:92:
f5:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AE:91:D4:29:D6:65:85:CD:AC:9F:4D:BB:7A:9A:0A:55:C2:FC:42
X509v3 Authority Key Identifier:
keyid:A7:24:38:34:90:A1:05:BD:C0:D2:15:97:BF:B1:47:8E:F0:46:30:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pyQ4NJChBb3A0hWXv7FHjvBGMLE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/zq6R1CnWZYXNrJ9Nu3qaClXC_EI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/305360-2203-4a21-a2fd-91e8599ddbf7/1/pyQ4NJChBb3A0hWXv7FHjvBGMLE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.120.0/23
185.149.12.0/23
193.109.63.0/24
IPv6:
2a12:f7c0::/29
Signature Algorithm: sha256WithRSAEncryption
14:e3:00:99:bf:7e:d1:0e:e1:00:50:6f:2d:47:c5:92:05:12:
5c:be:f9:a6:90:c1:65:f4:14:7e:da:06:97:4c:7c:75:76:96:
f0:81:a5:9c:a6:c7:71:40:9b:e4:0b:56:3c:93:19:a5:9c:c5:
34:4b:cd:41:6e:72:09:79:ed:11:2c:74:b3:c5:b5:5a:17:72:
c6:28:b2:36:7d:c0:64:b4:ce:e8:d0:97:9f:a0:b4:e6:6d:38:
c8:34:6d:e7:2d:9f:dd:e8:79:d1:28:08:c2:c0:44:6d:f0:ee:
01:aa:b1:65:65:b1:20:fd:42:70:4a:f3:0c:ce:66:c6:1f:a2:
e3:55:40:73:e4:94:30:dd:07:3f:0f:d7:33:57:32:0b:e7:c1:
7a:7f:a6:33:2c:12:01:9b:4a:e6:6b:f0:0d:80:39:74:f0:a1:
6d:6f:ab:6f:19:d4:10:24:b5:2a:52:65:34:a0:2f:a5:b8:5a:
31:7c:ff:5d:a4:57:89:41:36:ec:77:1a:ba:dc:43:1c:53:40:
c5:4b:07:46:0c:19:cf:9a:b5:23:26:e8:e9:1a:c5:2f:18:f3:
ac:8d:a4:8a:76:bf:b3:fa:66:16:ed:68:43:73:2f:d4:95:89:
be:ed:34:df:45:0d:31:a4:7f:de:40:d4:13:17:71:64:3d:73:
de:98:b0:5c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZUEaZNqOvojzg1p0Lpc2ajAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3MjQzODM0OTBhMTA1YmRjMGQyMTU5N2JmYjE0NzhlZjA0
NjMwYjEwHhcNMjUwMjE0MTIyMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWFlOTFkNDI5ZDY2NTg1Y2RhYzlmNGRiYjdhOWEwYTU1YzJmYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsckzU2lyucZVZnXYQTuXRcGZV+mG
VJVtF/5pszF36irhzbN9qnXNTwMcH90LiS0zdvRRJsyWx2dLFp3Tw8+BDH++i/+U
jrRpupdqx+f3EHmhT+1RHsbP9cUNLlGy0FoSJO2wAGMN3NoHy+3KK8o38/BM4AIN
iSii/AEQWIEuVSHh/JiR0JM3bnXxKLCjIFFzOjUDTF7I5yuKQp3d6kZC5xx64XER
HZKS6xB3C2bwonBzbxhlZKAAF3M4q7+vs6SeMP5S+uPjO6xqp25oVlHhX8bKJAdE
7fat28KbMa1ZCTZW/IXJOAwx2MQFF6cr0nA5dGV9EQy1YFOurRycPpL1CwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM6ukdQp1mWFzayfTbt6mgpVwvxCMB8GA1UdIwQY
MBaAFKckODSQoQW9wNIVl7+xR47wRjCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHlRNE5KQ2hCYjNBMGhXWHY3RkhqdkJHTUxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi8zMDUzNjAtMjIwMy00YTIxLWEyZmQt
OTFlODU5OWRkYmY3LzEvenE2UjFDbldaWVhOcko5TnUzcWFDbFhDX0VJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi8zMDUzNjAtMjIwMy00YTIxLWEyZmQtOTFlODU5OWRkYmY3
LzEvcHlRNE5KQ2hCYjNBMGhXWHY3RkhqdkJHTUxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBLZF4AwQB
uZUMAwQAwW0/MA0EAgACMAcDBQMqEvfAMA0GCSqGSIb3DQEBCwUAA4IBAQAU4wCZ
v37RDuEAUG8tR8WSBRJcvvmmkMFl9BR+2gaXTHx1dpbwgaWcpsdxQJvkC1Y8kxml
nMU0S81BbnIJee0RLHSzxbVaF3LGKLI2fcBktM7o0JefoLTmbTjING3nLZ/d6HnR
KAjCwERt8O4BqrFlZbEg/UJwSvMMzmbGH6LjVUBz5JQw3Qc/D9czVzIL58F6f6Yz
LBIBm0rma/ANgDl08KFtb6tvGdQQJLUqUmU0oC+luFoxfP9dpFeJQTbsdxq63EMc
U0DFSwdGDBnPmrUjJujpGsUvGPOsjaSKdr+z+mYW7WhDcy/UlYm+7TTfRQ0xpH/e
QNQTF3FkPXPemLBc
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:30:06 2025 by rpki-client