Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/897061-9217-403c-a0e5-13d28c653efe/1/ZlBFUMrqWyJ1f9C3aR4sBP6gUL0.roa
File: ZlBFUMrqWyJ1f9C3aR4sBP6gUL0.roa (raw, json)
Hash identifier: L66QtV8+gK0iZvhmAjOgmhX+WJL07FLGyP9vbRpU12c=
Subject key identifier: 66:50:45:50:CA:EA:5B:22:75:7F:D0:B7:69:1E:2C:04:FE:A0:50:BD
Certificate issuer: /CN=64f906653fb6732a556ad35528d1d5938d1b0e98
Certificate serial: 019420D63BFDB9EEFC2FA190AD142FC931D6
Authority key identifier: 64:F9:06:65:3F:B6:73:2A:55:6A:D3:55:28:D1:D5:93:8D:1B:0E:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZPkGZT-2cypVatNVKNHVk40bDpg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/897061-9217-403c-a0e5-13d28c653efe/1/ZlBFUMrqWyJ1f9C3aR4sBP6gUL0.roa
Signing time: Wed 01 Jan 2025 07:48:18 +0000
ROA not before: Wed 01 Jan 2025 07:48:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60022
IP address blocks: 45.133.160.0/22 maxlen: 24
185.62.68.0/22 maxlen: 24
2a03:60::/32 maxlen: 48
2a03:61::/32 maxlen: 48
2a03:62::/32 maxlen: 48
2a03:63::/32 maxlen: 48
2a03:64::/32 maxlen: 48
2a03:65::/32 maxlen: 48
2a03:66::/32 maxlen: 48
2a03:67::/32 maxlen: 48
2a0e:7640::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/897061-9217-403c-a0e5-13d28c653efe/1/ZPkGZT-2cypVatNVKNHVk40bDpg.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/897061-9217-403c-a0e5-13d28c653efe/1/ZPkGZT-2cypVatNVKNHVk40bDpg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZPkGZT-2cypVatNVKNHVk40bDpg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:3b:fd:b9:ee:fc:2f:a1:90:ad:14:2f:c9:31:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64f906653fb6732a556ad35528d1d5938d1b0e98
Validity
Not Before: Jan 1 07:48:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66504550caea5b22757fd0b7691e2c04fea050bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e8:4f:36:32:6b:8a:07:4e:c9:1a:0b:a9:c7:
b7:2a:f8:d6:30:7f:71:3c:f5:f1:bc:e8:6d:d6:53:
b8:53:7a:c3:8b:58:bf:aa:cb:72:29:4b:04:b4:f7:
d0:a2:44:d1:02:5c:57:02:70:35:f8:00:06:e7:08:
f7:67:06:7b:4e:3b:3c:49:3d:07:1e:1e:ee:e7:70:
2d:3d:44:1c:3f:2c:e4:51:b1:4a:c0:dd:87:24:1e:
e2:96:dd:47:c6:f8:c1:cb:ab:9c:89:f5:a9:6f:ab:
7c:2d:88:3b:ce:71:3a:5d:47:4a:2f:40:1d:1a:50:
ab:e2:49:25:63:85:83:c8:14:d3:50:71:54:fc:25:
75:7f:9f:8b:ae:27:7b:a0:b2:7d:69:91:30:79:b0:
ef:99:99:49:cb:aa:c6:3d:57:cf:c2:14:ab:75:fb:
de:e8:38:5f:75:07:8d:28:a6:41:dc:9f:e8:86:ce:
11:94:1e:fd:36:8a:2b:13:5a:6d:3f:ad:1e:d9:17:
36:cc:e0:a9:5d:15:88:12:8f:55:40:8b:ad:62:6c:
4e:1c:b8:93:df:e3:0a:ea:b6:3a:28:f0:3b:f7:86:
d7:a1:e6:94:6e:f4:f6:a7:f7:6a:01:5f:7f:21:25:
89:b8:aa:af:9a:e0:e1:d7:23:59:f1:78:95:c0:d6:
38:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:50:45:50:CA:EA:5B:22:75:7F:D0:B7:69:1E:2C:04:FE:A0:50:BD
X509v3 Authority Key Identifier:
keyid:64:F9:06:65:3F:B6:73:2A:55:6A:D3:55:28:D1:D5:93:8D:1B:0E:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZPkGZT-2cypVatNVKNHVk40bDpg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/897061-9217-403c-a0e5-13d28c653efe/1/ZlBFUMrqWyJ1f9C3aR4sBP6gUL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/897061-9217-403c-a0e5-13d28c653efe/1/ZPkGZT-2cypVatNVKNHVk40bDpg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.160.0/22
185.62.68.0/22
IPv6:
2a03:60::/29
2a0e:7640::/29
Signature Algorithm: sha256WithRSAEncryption
39:f5:ae:ff:5f:81:1f:99:68:85:3c:40:80:27:af:07:be:9a:
30:5d:f4:b7:14:e8:13:6b:e9:76:ae:69:23:db:67:dc:e0:2f:
e0:6b:3d:d0:2b:f0:b4:4c:c6:09:7c:a7:59:d1:eb:f3:b4:09:
24:4f:53:81:9e:c3:65:b8:89:f5:ad:1a:c8:64:e2:1c:4d:43:
0e:a1:39:ea:d9:91:c8:5d:44:31:8f:31:58:47:fe:64:12:25:
a0:2f:4f:8f:0e:91:c7:0a:03:85:38:cd:3f:0c:39:7e:e3:04:
ba:9e:ef:6f:85:e9:ec:b5:dc:9f:1c:32:ca:41:ed:7a:a2:54:
23:52:b3:24:e2:2b:62:0c:2d:b6:ff:c5:f7:40:ea:54:6c:6b:
35:09:fc:86:b5:19:a8:a9:58:c0:76:8c:1f:f7:c9:08:40:7e:
67:8b:4b:50:65:7e:a3:28:43:d2:1a:af:0d:b9:28:cb:f5:a3:
39:c1:95:bc:5e:57:ba:c1:98:7e:13:29:79:1d:70:ce:9e:95:
a2:8c:81:12:e9:88:40:b5:8d:9b:ae:dd:4d:ec:f2:82:78:32:
af:12:d6:09:81:94:23:8b:13:bf:e1:05:f6:59:d6:10:b9:ab:
d3:85:4e:19:b7:64:06:5a:ac:c9:a8:f2:68:53:d0:d9:9d:b1:
77:cc:26:ec
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQg1jv9ue78L6GQrRQvyTHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZjkwNjY1M2ZiNjczMmE1NTZhZDM1NTI4ZDFkNTkzOGQx
YjBlOTgwHhcNMjUwMTAxMDc0ODE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjUwNDU1MGNhZWE1YjIyNzU3ZmQwYjc2OTFlMmMwNGZlYTA1MGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq+hPNjJrigdOyRoLqce3KvjWMH9x
PPXxvOht1lO4U3rDi1i/qstyKUsEtPfQokTRAlxXAnA1+AAG5wj3ZwZ7Tjs8ST0H
Hh7u53AtPUQcPyzkUbFKwN2HJB7ilt1HxvjBy6ucifWpb6t8LYg7znE6XUdKL0Ad
GlCr4kklY4WDyBTTUHFU/CV1f5+Lrid7oLJ9aZEwebDvmZlJy6rGPVfPwhSrdfve
6DhfdQeNKKZB3J/ohs4RlB79NoorE1ptP60e2Rc2zOCpXRWIEo9VQIutYmxOHLiT
3+MK6rY6KPA794bXoeaUbvT2p/dqAV9/ISWJuKqvmuDh1yNZ8XiVwNY4VwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFGZQRVDK6lsidX/Qt2keLAT+oFC9MB8GA1UdIwQY
MBaAFGT5BmU/tnMqVWrTVSjR1ZONGw6YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlBrR1pULTJjeXBWYXROVktOSFZrNDBiRHBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi84OTcwNjEtOTIxNy00MDNjLWEwZTUt
MTNkMjhjNjUzZWZlLzEvWmxCRlVNcnFXeUoxZjlDM2FSNHNCUDZnVUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi84OTcwNjEtOTIxNy00MDNjLWEwZTUtMTNkMjhjNjUzZWZl
LzEvWlBrR1pULTJjeXBWYXROVktOSFZrNDBiRHBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCLYWgAwQC
uT5EMBQEAgACMA4DBQMqAwBgAwUDKg52QDANBgkqhkiG9w0BAQsFAAOCAQEAOfWu
/1+BH5lohTxAgCevB76aMF30txToE2vpdq5pI9tn3OAv4Gs90CvwtEzGCXynWdHr
87QJJE9TgZ7DZbiJ9a0ayGTiHE1DDqE56tmRyF1EMY8xWEf+ZBIloC9Pjw6RxwoD
hTjNPww5fuMEup7vb4Xp7LXcnxwyykHteqJUI1KzJOIrYgwttv/F90DqVGxrNQn8
hrUZqKlYwHaMH/fJCEB+Z4tLUGV+oyhD0hqvDbkoy/WjOcGVvF5XusGYfhMpeR1w
zp6VooyBEumIQLWNm67dTezygngyrxLWCYGUI4sTv+EF9lnWELmr04VOGbdkBlqs
yajyaFPQ2Z2xd8wm7A==
-----END CERTIFICATE-----
Generated at Wed Feb 5 06:05:20 2025 by rpki-client