Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/zZ4Hlb2x-3mX0RpLcIDR2DBRVWM.roa
File: zZ4Hlb2x-3mX0RpLcIDR2DBRVWM.roa (raw, json)
Hash identifier: rtcchc9xlTzl7W167gpB0l7rHLuWsqswJuQgbOgsw/0=
Subject key identifier: CD:9E:07:95:BD:B1:FB:79:97:D1:1A:4B:70:80:D1:D8:30:51:55:63
Certificate issuer: /CN=269b8a3748440c9d5c2c508bd03b46d7273eee56
Certificate serial: 019422FC35B845CF9C55C279A8E708FE0EED
Authority key identifier: 26:9B:8A:37:48:44:0C:9D:5C:2C:50:8B:D0:3B:46:D7:27:3E:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JpuKN0hEDJ1cLFCL0DtG1yc-7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/zZ4Hlb2x-3mX0RpLcIDR2DBRVWM.roa
Signing time: Wed 01 Jan 2025 17:49:01 +0000
ROA not before: Wed 01 Jan 2025 17:49:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62119
IP address blocks: 185.244.160.0/24 maxlen: 24
2a12:42c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/JpuKN0hEDJ1cLFCL0DtG1yc-7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/JpuKN0hEDJ1cLFCL0DtG1yc-7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/JpuKN0hEDJ1cLFCL0DtG1yc-7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:35:b8:45:cf:9c:55:c2:79:a8:e7:08:fe:0e:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=269b8a3748440c9d5c2c508bd03b46d7273eee56
Validity
Not Before: Jan 1 17:49:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd9e0795bdb1fb7997d11a4b7080d1d830515563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:f4:be:dc:cc:7f:9c:12:a9:de:9c:ef:53:b8:
0f:73:c5:32:89:5f:e8:4d:96:3e:f6:79:ad:5d:c9:
8e:44:32:b1:44:3e:6d:d0:55:2a:cf:7f:06:71:d3:
a6:c4:0c:6f:1d:5e:36:e5:3d:f2:0f:b5:c1:67:21:
0e:c3:80:41:83:27:14:fa:73:fc:58:8f:b4:98:14:
f9:55:97:e4:5d:b8:e0:fd:d9:7b:07:01:a9:6c:8c:
ee:a8:9c:74:8c:c5:aa:ba:65:df:3c:5f:66:1e:75:
a2:aa:f4:8d:79:3f:e9:3e:32:ab:b1:d0:07:3e:9f:
52:54:c0:c0:0e:66:49:f3:f3:1d:58:ee:e3:c6:a9:
45:31:d7:56:33:f4:22:ed:58:b9:a1:13:7c:b3:1e:
7f:67:12:20:3c:7b:a5:4f:cd:8c:f2:7e:9b:1c:cb:
e7:18:09:3e:0c:4a:89:74:dc:ac:68:3d:13:25:5b:
b7:ec:cd:bd:e5:2a:4f:ac:e4:d3:fd:9d:0c:b0:1d:
aa:3d:ff:44:0f:00:5e:df:63:38:c6:26:90:4e:4d:
28:e2:70:2a:83:2d:a2:3b:30:19:c4:2c:6c:a0:eb:
b4:98:54:23:4e:ad:20:2f:40:74:cc:94:90:95:e9:
36:85:3c:4b:31:b9:4f:5c:3c:24:86:0f:f8:40:16:
f7:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:9E:07:95:BD:B1:FB:79:97:D1:1A:4B:70:80:D1:D8:30:51:55:63
X509v3 Authority Key Identifier:
keyid:26:9B:8A:37:48:44:0C:9D:5C:2C:50:8B:D0:3B:46:D7:27:3E:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JpuKN0hEDJ1cLFCL0DtG1yc-7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/zZ4Hlb2x-3mX0RpLcIDR2DBRVWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/94aae4-771c-429a-a7cd-f87bc173d2aa/1/JpuKN0hEDJ1cLFCL0DtG1yc-7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.160.0/24
IPv6:
2a12:42c0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:6b:f1:7d:51:85:81:2e:58:cf:54:06:44:3b:ee:bc:90:b0:
18:7a:77:07:36:75:a4:d5:40:03:f9:2c:f8:d8:3c:7c:7a:89:
8f:b4:80:51:ab:1a:62:6f:8d:3a:be:8d:1b:e2:5a:cd:ec:f0:
a6:35:8f:50:3a:b1:05:f5:bb:c3:be:46:9e:40:dc:aa:4c:3f:
a0:3d:5e:3b:b8:5f:c7:6b:2f:36:3b:38:17:37:68:56:8a:8d:
80:49:b3:e0:90:3d:39:67:3b:fe:ed:28:69:7f:ef:df:52:40:
f4:aa:7a:9b:53:98:3a:86:6b:80:5d:92:44:8f:8b:f9:8b:37:
9e:5f:eb:9d:1f:09:37:fc:87:2e:a4:6e:ac:d3:36:ca:07:92:
cb:81:81:43:42:a1:cd:ee:da:fb:22:74:e8:12:d4:0b:f7:6a:
d6:52:cf:ce:d8:22:73:e2:6f:40:84:77:04:b7:66:3b:59:89:
3b:e3:b5:0e:07:d6:2d:5e:7a:bd:ec:19:39:37:a0:00:20:ab:
83:f6:46:3b:a0:ee:78:fc:a2:9a:8c:0c:11:ed:f6:c6:13:02:
61:56:be:ea:00:65:10:42:ef:8e:3c:2b:aa:eb:1c:fa:89:e4:
1a:5b:89:af:66:28:d2:17:c9:64:85:03:f0:cc:48:92:59:4e:
4b:4c:67:2d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZQi/DW4Rc+cVcJ5qOcI/g7tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2OWI4YTM3NDg0NDBjOWQ1YzJjNTA4YmQwM2I0NmQ3Mjcz
ZWVlNTYwHhcNMjUwMTAxMTc0OTAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDllMDc5NWJkYjFmYjc5OTdkMTFhNGI3MDgwZDFkODMwNTE1NTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/S+3Mx/nBKp3pzvU7gPc8UyiV/o
TZY+9nmtXcmORDKxRD5t0FUqz38GcdOmxAxvHV425T3yD7XBZyEOw4BBgycU+nP8
WI+0mBT5VZfkXbjg/dl7BwGpbIzuqJx0jMWqumXfPF9mHnWiqvSNeT/pPjKrsdAH
Pp9SVMDADmZJ8/MdWO7jxqlFMddWM/Qi7Vi5oRN8sx5/ZxIgPHulT82M8n6bHMvn
GAk+DEqJdNysaD0TJVu37M295SpPrOTT/Z0MsB2qPf9EDwBe32M4xiaQTk0o4nAq
gy2iOzAZxCxsoOu0mFQjTq0gL0B0zJSQlek2hTxLMblPXDwkhg/4QBb3rQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM2eB5W9sft5l9EaS3CA0dgwUVVjMB8GA1UdIwQY
MBaAFCabijdIRAydXCxQi9A7RtcnPu5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnB1S04waEVESjFjTEZDTDBEdEcxeWMtN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85NGFhZTQtNzcxYy00MjlhLWE3Y2Qt
Zjg3YmMxNzNkMmFhLzEvelo0SGxiMngtM21YMFJwTGNJRFIyREJSVldNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85NGFhZTQtNzcxYy00MjlhLWE3Y2QtZjg3YmMxNzNkMmFh
LzEvSnB1S04waEVESjFjTEZDTDBEdEcxeWMtN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufSgMA0E
AgACMAcDBQMqEkLAMA0GCSqGSIb3DQEBCwUAA4IBAQB6a/F9UYWBLljPVAZEO+68
kLAYencHNnWk1UAD+Sz42Dx8eomPtIBRqxpib406vo0b4lrN7PCmNY9QOrEF9bvD
vkaeQNyqTD+gPV47uF/Hay82OzgXN2hWio2ASbPgkD05Zzv+7Shpf+/fUkD0qnqb
U5g6hmuAXZJEj4v5izeeX+udHwk3/IcupG6s0zbKB5LLgYFDQqHN7tr7InToEtQL
92rWUs/O2CJz4m9AhHcEt2Y7WYk747UOB9YtXnq97Bk5N6AAIKuD9kY7oO54/KKa
jAwR7fbGEwJhVr7qAGUQQu+OPCuq6xz6ieQaW4mvZijSF8lkhQPwzEiSWU5LTGct
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:19:32 2025 by rpki-client