Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/ZcvBTfoXIkdWjCXtigYCRkxwU_E.roa
File: ZcvBTfoXIkdWjCXtigYCRkxwU_E.roa (raw, json)
Hash identifier: OrUuvu33nOrNM9H7GJKTSRXbyuxdfvDLNi4s7scTDWk=
Subject key identifier: 65:CB:C1:4D:FA:17:22:47:56:8C:25:ED:8A:06:02:46:4C:70:53:F1
Certificate issuer: /CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Certificate serial: 019425FC458105562B48F9273C5018A8B24C
Authority key identifier: 91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/ZcvBTfoXIkdWjCXtigYCRkxwU_E.roa
Signing time: Thu 02 Jan 2025 07:47:57 +0000
ROA not before: Thu 02 Jan 2025 07:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35197
IP address blocks: 45.142.137.0/24 maxlen: 24
185.128.125.0/24 maxlen: 24
185.187.129.0/24 maxlen: 24
185.187.130.0/24 maxlen: 24
185.187.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.crl
rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.mft
rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fc:45:81:05:56:2b:48:f9:27:3c:50:18:a8:b2:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=918901662a8ec5ff4d3f48d29099230a0575ec8a
Validity
Not Before: Jan 2 07:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65cbc14dfa172247568c25ed8a0602464c7053f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a9:ae:5e:48:49:03:c7:cc:a5:ce:68:87:71:
59:c5:17:88:bb:f5:b5:82:12:31:9a:25:44:17:fa:
0a:43:54:1f:eb:a0:c4:1d:cf:a9:0e:29:4d:cb:75:
82:0d:5a:cf:0b:c0:98:1a:de:76:97:2d:af:63:eb:
2f:49:b7:68:7f:ca:68:7f:01:70:2d:ea:fb:5b:26:
df:83:8f:19:65:9a:00:a8:d5:b8:0f:16:51:61:c6:
8d:d8:ea:68:64:e5:09:29:fc:f1:9d:ff:7a:4c:3f:
30:4d:bf:90:c4:05:27:cf:bb:88:cd:82:5b:e2:08:
95:eb:a4:6e:8e:30:f4:32:97:f1:d9:13:60:2c:25:
f8:67:ee:54:e2:e1:0d:6e:81:8f:38:73:ee:ea:73:
05:39:51:59:73:f7:d3:eb:75:52:8c:22:d5:e8:db:
25:e2:9d:a7:3b:56:7f:12:32:3a:09:6f:bb:d8:68:
da:bf:dd:0c:13:90:e1:19:3e:a5:47:51:cd:c4:12:
9d:a5:58:f7:1c:e5:ad:14:da:5b:c9:21:a7:a1:76:
ff:e0:98:69:8b:e7:9e:10:35:1d:c5:6c:f6:08:d4:
6f:2f:77:02:80:90:1a:73:1b:32:cc:9f:bf:c3:08:
45:b8:fb:af:e4:27:7c:b1:f7:d8:b6:81:03:38:2b:
a7:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:CB:C1:4D:FA:17:22:47:56:8C:25:ED:8A:06:02:46:4C:70:53:F1
X509v3 Authority Key Identifier:
keyid:91:89:01:66:2A:8E:C5:FF:4D:3F:48:D2:90:99:23:0A:05:75:EC:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kYkBZiqOxf9NP0jSkJkjCgV17Io.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/ZcvBTfoXIkdWjCXtigYCRkxwU_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/50/5b92a7-2837-469e-8214-e811e23c1804/1/kYkBZiqOxf9NP0jSkJkjCgV17Io.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.137.0/24
185.128.125.0/24
185.187.129.0-185.187.131.255
Signature Algorithm: sha256WithRSAEncryption
82:be:54:d2:01:ba:87:d4:d4:bb:dd:fd:cc:0b:78:9c:b8:c8:
72:06:02:1a:f3:29:99:47:be:84:91:77:90:b0:ce:69:3e:5a:
4b:75:ef:7c:61:69:81:c0:ae:a9:06:a7:55:e2:eb:6a:f1:3c:
bc:69:f0:05:b3:df:31:c3:0d:65:19:5b:3a:34:73:6f:90:4e:
3c:7b:77:45:93:4b:28:74:10:64:c9:3d:e2:02:7a:d7:b9:f4:
b7:96:56:75:41:98:c6:53:97:e6:d9:cd:48:63:c3:db:d3:1a:
f2:43:c1:68:89:5b:d2:aa:a2:5b:86:1a:9d:d1:4e:81:3d:5b:
ee:19:79:9f:63:e1:88:0f:da:40:2e:63:76:e4:e9:e4:cf:8f:
22:03:e9:6b:fa:1f:b0:65:f9:68:e4:e1:80:55:5b:ab:19:22:
d9:39:16:6d:75:51:5c:05:d2:91:12:9a:24:87:44:48:82:69:
68:fe:70:e6:be:c9:98:f7:67:a7:65:a9:02:77:e0:36:af:15:
66:5e:82:f3:9e:c4:9f:f7:99:8f:ad:2f:91:ec:5a:17:53:0f:
83:c5:9e:a1:77:c0:ee:85:fe:bd:37:d7:0e:23:4e:a8:15:98:
3d:92:7f:24:bd:80:9e:1d:ad:2f:66:9d:5b:f2:fa:9c:d9:73:
26:c7:5b:39
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZQl/EWBBVYrSPknPFAYqLJMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxODkwMTY2MmE4ZWM1ZmY0ZDNmNDhkMjkwOTkyMzBhMDU3
NWVjOGEwHhcNMjUwMTAyMDc0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWNiYzE0ZGZhMTcyMjQ3NTY4YzI1ZWQ4YTA2MDI0NjRjNzA1M2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKmuXkhJA8fMpc5oh3FZxReIu/W1
ghIxmiVEF/oKQ1Qf66DEHc+pDilNy3WCDVrPC8CYGt52ly2vY+svSbdof8pofwFw
Ler7Wybfg48ZZZoAqNW4DxZRYcaN2OpoZOUJKfzxnf96TD8wTb+QxAUnz7uIzYJb
4giV66RujjD0Mpfx2RNgLCX4Z+5U4uENboGPOHPu6nMFOVFZc/fT63VSjCLV6Nsl
4p2nO1Z/EjI6CW+72Gjav90ME5DhGT6lR1HNxBKdpVj3HOWtFNpbySGnoXb/4Jhp
i+eeEDUdxWz2CNRvL3cCgJAacxsyzJ+/wwhFuPuv5Cd8sffYtoEDOCunrwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFGXLwU36FyJHVowl7YoGAkZMcFPxMB8GA1UdIwQY
MBaAFJGJAWYqjsX/TT9I0pCZIwoFdeyKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1lrQlppcU94ZjlOUDBqU2tKa2pDZ1YxN0lvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MC81YjkyYTctMjgzNy00NjllLTgyMTQt
ZTgxMWUyM2MxODA0LzEvWmN2QlRmb1hJa2RXakNYdGlnWUNSa3h3VV9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MC81YjkyYTctMjgzNy00NjllLTgyMTQtZTgxMWUyM2MxODA0
LzEva1lrQlppcU94ZjlOUDBqU2tKa2pDZ1YxN0lvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALY6JAwQA
uYB9MAwDBAC5u4EDBAK5u4AwDQYJKoZIhvcNAQELBQADggEBAIK+VNIBuofU1Lvd
/cwLeJy4yHIGAhrzKZlHvoSRd5Cwzmk+Wkt173xhaYHArqkGp1Xi62rxPLxp8AWz
3zHDDWUZWzo0c2+QTjx7d0WTSyh0EGTJPeICete59LeWVnVBmMZTl+bZzUhjw9vT
GvJDwWiJW9KqoluGGp3RToE9W+4ZeZ9j4YgP2kAuY3bk6eTPjyID6Wv6H7Bl+Wjk
4YBVW6sZItk5Fm11UVwF0pESmiSHREiCaWj+cOa+yZj3Z6dlqQJ34DavFWZegvOe
xJ/3mY+tL5HsWhdTD4PFnqF3wO6F/r031w4jTqgVmD2SfyS9gJ4drS9mnVvy+pzZ
cybHWzk=
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:20:16 2025 by rpki-client