Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/ZiUU0LAQUdekvKrpQSjBY1Oftsg.roa
File: ZiUU0LAQUdekvKrpQSjBY1Oftsg.roa (raw, json)
Hash identifier: eey2iwghFKFKbO9hPjwH1yrsZ5doRQuR4x7dcQ+lD9k=
Subject key identifier: 66:25:14:D0:B0:10:51:D7:A4:BC:AA:E9:41:28:C1:63:53:9F:B6:C8
Certificate issuer: /CN=844969780141824cd0acbfa5a784611eeb0a7ddb
Certificate serial: 01954C77E1A1F535979BD3DBB1755719D4BF
Authority key identifier: 84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/ZiUU0LAQUdekvKrpQSjBY1Oftsg.roa
Signing time: Fri 28 Feb 2025 12:11:19 +0000
ROA not before: Fri 28 Feb 2025 12:11:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216192
IP address blocks: 188.125.165.0/24 maxlen: 24
188.125.174.0/24 maxlen: 24
194.177.14.0/24 maxlen: 24
2a13:f6c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.mft
rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4c:77:e1:a1:f5:35:97:9b:d3:db:b1:75:57:19:d4:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=844969780141824cd0acbfa5a784611eeb0a7ddb
Validity
Not Before: Feb 28 12:11:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=662514d0b01051d7a4bcaae94128c163539fb6c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:25:7e:73:fe:31:e6:bb:3b:f1:5b:5e:13:5b:
af:e3:c1:2d:68:87:95:a7:49:9a:b1:8c:85:a8:ba:
8d:05:c7:30:5b:df:28:f4:7d:31:e4:73:18:47:78:
7b:c4:f7:f7:76:17:e6:f6:c6:46:19:ef:e7:ee:3f:
0e:1b:81:23:f2:58:d3:e9:b4:58:6b:73:1c:9e:7a:
ed:4a:b0:64:b8:bc:54:69:ad:42:86:dc:24:0e:79:
66:a2:dc:37:50:e0:56:39:43:17:97:f4:6a:7b:24:
b1:8c:92:41:95:74:53:f2:81:32:c3:02:35:5b:1e:
6c:2b:8e:7c:b2:55:10:72:5e:4c:14:68:22:ea:5d:
5f:59:7c:9f:5c:d7:a6:13:92:19:dc:7d:1f:1b:6a:
0e:22:7e:b3:73:71:d7:ce:a4:4c:af:63:59:28:f8:
70:7b:b5:4c:50:d6:2d:a6:46:93:a4:96:38:b7:2d:
93:9a:5d:5f:5f:1a:f5:9f:45:45:8c:01:8b:6b:0e:
ac:2d:28:2c:2f:cc:78:4c:a7:ab:7a:f3:da:f2:e9:
a7:9d:05:7e:2a:cc:18:fc:43:2d:ef:74:4e:2d:82:
ef:3b:54:8c:19:ce:1a:a0:ba:3d:93:84:4d:43:35:
c1:17:6f:d0:ab:c3:d9:98:9c:74:6f:d9:27:41:69:
0c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:25:14:D0:B0:10:51:D7:A4:BC:AA:E9:41:28:C1:63:53:9F:B6:C8
X509v3 Authority Key Identifier:
keyid:84:49:69:78:01:41:82:4C:D0:AC:BF:A5:A7:84:61:1E:EB:0A:7D:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hElpeAFBgkzQrL-lp4RhHusKfds.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/ZiUU0LAQUdekvKrpQSjBY1Oftsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e62f95-abbd-430d-8160-04ac17881aa9/1/hElpeAFBgkzQrL-lp4RhHusKfds.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.125.165.0/24
188.125.174.0/24
194.177.14.0/24
IPv6:
2a13:f6c0::/29
Signature Algorithm: sha256WithRSAEncryption
8e:26:13:1b:d5:57:ae:ff:72:48:0d:9e:2f:2f:86:e7:fb:98:
66:7d:b8:46:b1:a9:a2:21:10:3d:23:97:cf:3e:29:3c:e5:18:
de:9c:9e:db:f2:d9:48:fb:f1:ec:60:14:ed:c3:a9:df:60:80:
de:2a:57:aa:57:99:1d:ab:c4:11:b8:1d:61:f5:18:c6:74:83:
b2:d4:35:6e:ef:92:85:74:3f:29:b3:75:83:8e:59:13:08:5b:
32:0f:a9:dd:88:8c:e2:49:d4:7e:1f:b3:5c:9e:1a:4f:62:b5:
22:3c:eb:98:0e:a2:ae:df:5f:82:7b:5f:1f:6f:38:80:a8:ef:
a8:7c:61:6d:b2:fd:d5:18:67:d1:99:62:24:08:d5:31:1c:b0:
34:09:70:f9:6b:bf:9c:07:81:a3:f0:b4:17:a8:1f:48:40:d0:
1c:20:75:15:ba:a3:15:e4:69:f8:1f:28:d4:26:64:15:1f:3b:
6a:d1:2d:26:4b:c5:a7:19:59:c0:99:fa:eb:55:9e:28:bf:b6:
db:1f:7a:4c:cc:03:ea:bb:81:b6:92:d6:e5:22:02:d4:dc:5f:
bd:1f:71:5f:1b:64:ff:bd:c0:77:09:88:35:91:0b:8f:25:00:
63:fe:11:a5:20:3b:c7:b0:b9:07:5c:7a:e6:bf:96:b8:54:49:
4f:c4:24:b7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZVMd+Gh9TWXm9PbsXVXGdS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0NDk2OTc4MDE0MTgyNGNkMGFjYmZhNWE3ODQ2MTFlZWIw
YTdkZGIwHhcNMjUwMjI4MTIxMTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjI1MTRkMGIwMTA1MWQ3YTRiY2FhZTk0MTI4YzE2MzUzOWZiNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuyV+c/4x5rs78VteE1uv48EtaIeV
p0masYyFqLqNBccwW98o9H0x5HMYR3h7xPf3dhfm9sZGGe/n7j8OG4Ej8ljT6bRY
a3McnnrtSrBkuLxUaa1ChtwkDnlmotw3UOBWOUMXl/RqeySxjJJBlXRT8oEywwI1
Wx5sK458slUQcl5MFGgi6l1fWXyfXNemE5IZ3H0fG2oOIn6zc3HXzqRMr2NZKPhw
e7VMUNYtpkaTpJY4ty2Tml1fXxr1n0VFjAGLaw6sLSgsL8x4TKerevPa8umnnQV+
KswY/EMt73ROLYLvO1SMGc4aoLo9k4RNQzXBF2/Qq8PZmJx0b9knQWkM9QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGYlFNCwEFHXpLyq6UEowWNTn7bIMB8GA1UdIwQY
MBaAFIRJaXgBQYJM0Ky/paeEYR7rCn3bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAt
MDRhYzE3ODgxYWE5LzEvWmlVVTBMQVFVZGVrdktycFFTakJZMU9mdHNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lNjJmOTUtYWJiZC00MzBkLTgxNjAtMDRhYzE3ODgxYWE5
LzEvaEVscGVBRkJna3pRckwtbHA0UmhIdXNLZmRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAvH2lAwQA
vH2uAwQAwrEOMA0EAgACMAcDBQMqE/bAMA0GCSqGSIb3DQEBCwUAA4IBAQCOJhMb
1Veu/3JIDZ4vL4bn+5hmfbhGsamiIRA9I5fPPik85RjenJ7b8tlI+/HsYBTtw6nf
YIDeKleqV5kdq8QRuB1h9RjGdIOy1DVu75KFdD8ps3WDjlkTCFsyD6ndiIziSdR+
H7NcnhpPYrUiPOuYDqKu31+Ce18fbziAqO+ofGFtsv3VGGfRmWIkCNUxHLA0CXD5
a7+cB4Gj8LQXqB9IQNAcIHUVuqMV5Gn4HyjUJmQVHztq0S0mS8WnGVnAmfrrVZ4o
v7bbH3pMzAPqu4G2ktblIgLU3F+9H3FfG2T/vcB3CYg1kQuPJQBj/hGlIDvHsLkH
XHrmv5a4VElPxCS3
-----END CERTIFICATE-----
Generated at Tue Apr 22 03:26:50 2025 by rpki-client