Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/zxXrJCgqT81AO-d4vpKnqCQPEGE.roa
File: zxXrJCgqT81AO-d4vpKnqCQPEGE.roa (raw, json)
Hash identifier: WugT5zcayhMYDSTA/kF2PldTCBDPYZiQht5Wqh3j65Y=
Subject key identifier: CF:15:EB:24:28:2A:4F:CD:40:3B:E7:78:BE:92:A7:A8:24:0F:10:61
Certificate issuer: /CN=dee72c8faecb7052c841201b25f6a018e477b1c2
Certificate serial: 019426D92AD816914D8801C7A460D50169A1
Authority key identifier: DE:E7:2C:8F:AE:CB:70:52:C8:41:20:1B:25:F6:A0:18:E4:77:B1:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/zxXrJCgqT81AO-d4vpKnqCQPEGE.roa
Signing time: Thu 02 Jan 2025 11:49:13 +0000
ROA not before: Thu 02 Jan 2025 11:49:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47216
IP address blocks: 193.111.236.0/24 maxlen: 24
194.59.215.0/24 maxlen: 24
2a11:7bc0::/29 maxlen: 29
2a11:7bc0:b001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/3ucsj67LcFLIQSAbJfagGOR3scI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/3ucsj67LcFLIQSAbJfagGOR3scI.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:2a:d8:16:91:4d:88:01:c7:a4:60:d5:01:69:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dee72c8faecb7052c841201b25f6a018e477b1c2
Validity
Not Before: Jan 2 11:49:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf15eb24282a4fcd403be778be92a7a8240f1061
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:84:ed:2d:21:01:38:34:ed:d0:f7:9a:82:c8:
a1:02:e3:e4:d2:f0:e1:eb:c5:24:6a:35:cb:66:e0:
90:b3:41:e7:67:3d:0e:d3:1a:a0:9f:61:d5:58:b6:
18:17:e6:12:36:ac:a3:ee:01:a9:ec:37:fa:c0:fc:
be:68:dd:01:ba:a2:19:b2:95:bd:bd:dc:4d:a5:ec:
ad:34:65:24:c2:96:eb:37:63:ba:c3:4b:47:9c:ea:
2c:1e:e0:c3:f5:ee:c1:91:e8:8c:97:26:16:d4:bc:
9e:5d:d9:bf:0f:f0:d3:48:05:18:20:52:ea:b1:6c:
e2:57:ef:a0:f1:f3:8f:18:17:88:0a:4e:3a:fc:84:
80:b4:d0:a7:c5:4e:12:9f:11:c6:17:66:bd:f5:ac:
5b:ac:a7:db:c6:f4:38:d9:84:7e:d7:b0:36:cd:f3:
52:0d:f1:8e:13:30:ae:71:8d:63:61:be:3b:0d:5d:
9f:38:e7:aa:9d:f1:24:a5:db:eb:bf:78:ad:56:e6:
e2:24:63:8b:70:b4:04:69:c7:06:d3:77:46:fb:e5:
80:78:b7:cd:6f:0d:e8:73:bf:5c:d1:3d:c6:de:3f:
5b:fa:54:d3:0c:4b:97:63:09:c8:00:67:1a:1b:ae:
2d:47:2c:7c:b4:17:1d:12:44:bc:68:70:e4:c5:0c:
28:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:15:EB:24:28:2A:4F:CD:40:3B:E7:78:BE:92:A7:A8:24:0F:10:61
X509v3 Authority Key Identifier:
keyid:DE:E7:2C:8F:AE:CB:70:52:C8:41:20:1B:25:F6:A0:18:E4:77:B1:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/zxXrJCgqT81AO-d4vpKnqCQPEGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/3ucsj67LcFLIQSAbJfagGOR3scI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.236.0/24
194.59.215.0/24
IPv6:
2a11:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
65:30:0b:8d:c8:5a:ce:20:74:1e:4c:c2:ac:76:c0:a6:95:37:
51:38:1a:03:5e:c7:cd:8d:9f:2e:37:f0:a8:91:ab:8e:8f:6e:
8a:c3:1d:4d:58:c3:41:02:70:bc:27:07:78:12:df:e7:63:39:
cc:2e:66:7d:eb:99:1f:e0:81:c8:71:60:82:7f:a8:76:cc:4f:
14:03:ce:98:b9:af:e6:0d:52:e0:b0:45:12:a7:c1:17:42:73:
4a:58:2a:2e:1f:e2:a9:73:bd:a2:1a:83:aa:6f:8b:35:75:ee:
3c:fd:7c:cc:d0:d5:39:5d:3e:13:96:54:27:d7:2a:a1:aa:8d:
5c:08:41:e9:81:69:92:27:42:3f:b2:71:4e:d3:39:eb:ab:b4:
ab:19:af:38:3b:03:cb:53:73:5d:70:c5:2a:0f:f5:55:9e:1f:
5d:a6:5b:f9:5a:4e:ca:1c:43:d5:c6:03:66:6c:fe:27:21:4f:
ea:6c:5d:a6:dc:83:56:3b:57:94:f6:c0:99:ec:5e:85:12:59:
45:a1:5d:0f:4f:df:b7:6e:64:67:03:4b:ab:9b:c3:fe:7c:db:
b3:05:d6:1c:c4:d0:87:6b:58:9b:4d:21:37:8d:65:c0:a0:82:
94:a5:64:6c:ef:c4:49:75:f8:2c:eb:20:d7:9a:1d:55:70:e8:
5e:9a:ab:c0
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQm2SrYFpFNiAHHpGDVAWmhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTcyYzhmYWVjYjcwNTJjODQxMjAxYjI1ZjZhMDE4ZTQ3
N2IxYzIwHhcNMjUwMTAyMTE0OTEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjE1ZWIyNDI4MmE0ZmNkNDAzYmU3NzhiZTkyYTdhODI0MGYxMDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvITtLSEBODTt0PeagsihAuPk0vDh
68UkajXLZuCQs0HnZz0O0xqgn2HVWLYYF+YSNqyj7gGp7Df6wPy+aN0BuqIZspW9
vdxNpeytNGUkwpbrN2O6w0tHnOosHuDD9e7BkeiMlyYW1LyeXdm/D/DTSAUYIFLq
sWziV++g8fOPGBeICk46/ISAtNCnxU4SnxHGF2a99axbrKfbxvQ42YR+17A2zfNS
DfGOEzCucY1jYb47DV2fOOeqnfEkpdvrv3itVubiJGOLcLQEaccG03dG++WAeLfN
bw3oc79c0T3G3j9b+lTTDEuXYwnIAGcaG64tRyx8tBcdEkS8aHDkxQwoIwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFM8V6yQoKk/NQDvneL6Sp6gkDxBhMB8GA1UdIwQY
MBaAFN7nLI+uy3BSyEEgGyX2oBjkd7HCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Vjc2o2N0xjRkxJUVNBYkpmYWdHT1Izc2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lZjgyOWEtYWNmYy00NDAyLTk1Y2Ut
MzgzZmIyYjk1NGQ5LzEvenhYckpDZ3FUODFBTy1kNHZwS25xQ1FQRUdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lZjgyOWEtYWNmYy00NDAyLTk1Y2UtMzgzZmIyYjk1NGQ5
LzEvM3Vjc2o2N0xjRkxJUVNBYkpmYWdHT1Izc2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwW/sAwQA
wjvXMA0EAgACMAcDBQMqEXvAMA0GCSqGSIb3DQEBCwUAA4IBAQBlMAuNyFrOIHQe
TMKsdsCmlTdROBoDXsfNjZ8uN/CokauOj26Kwx1NWMNBAnC8Jwd4Et/nYznMLmZ9
65kf4IHIcWCCf6h2zE8UA86Yua/mDVLgsEUSp8EXQnNKWCouH+Kpc72iGoOqb4s1
de48/XzM0NU5XT4TllQn1yqhqo1cCEHpgWmSJ0I/snFO0znrq7SrGa84OwPLU3Nd
cMUqD/VVnh9dplv5Wk7KHEPVxgNmbP4nIU/qbF2m3INWO1eU9sCZ7F6FEllFoV0P
T9+3bmRnA0urm8P+fNuzBdYcxNCHa1ibTSE3jWXAoIKUpWRs78RJdfgs6yDXmh1V
cOhemqvA
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:36:45 2025 by rpki-client