Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/z7k3v5cTM0ThR44Th_4mdqWGdT4.roa
File: z7k3v5cTM0ThR44Th_4mdqWGdT4.roa (raw, json)
Hash identifier: oYtKCVZhW7pK+PDGD5KjGu+1nVKSowcdo2Bp5FPzVUM=
Subject key identifier: CF:B9:37:BF:97:13:33:44:E1:47:8E:13:87:FE:26:76:A5:86:75:3E
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 019427483F8834D14F682069F44C034C232D
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/z7k3v5cTM0ThR44Th_4mdqWGdT4.roa
Signing time: Thu 02 Jan 2025 13:50:33 +0000
ROA not before: Thu 02 Jan 2025 13:50:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52468
IP address blocks: 46.29.28.0/24 maxlen: 24
94.125.137.0/24 maxlen: 24
201.77.53.0/24 maxlen: 24
201.77.55.0/24 maxlen: 24
217.76.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 08:26:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:3f:88:34:d1:4f:68:20:69:f4:4c:03:4c:23:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 2 13:50:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cfb937bf97133344e1478e1387fe2676a586753e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ac:71:5b:78:fe:fc:c7:57:b5:dd:58:c2:8c:
01:85:e2:cf:df:45:52:83:66:f8:48:27:4b:94:b7:
e0:98:8d:8e:1c:41:0d:d3:6f:94:ea:f5:12:e4:c4:
27:57:11:dd:81:74:d9:2d:68:0f:e7:e6:6d:c7:ea:
a9:ae:4d:64:ef:ee:df:8a:cd:ef:08:c9:bd:38:77:
84:fe:82:c7:89:55:d6:d3:7f:50:fe:44:ed:de:6a:
0c:fa:0a:a0:e8:da:13:b6:01:69:24:17:25:a4:9c:
15:79:ae:94:4d:7d:00:1b:8f:7d:0c:77:ae:27:90:
9f:61:25:6d:48:4d:ff:8d:8d:04:ab:42:7a:a2:22:
f5:d4:e5:f3:32:a1:1d:38:3b:b1:d4:d0:37:c3:ab:
d4:ff:3a:a7:bc:a1:4f:12:48:f1:9d:95:83:4b:29:
ea:9e:71:87:98:09:ae:f6:78:48:69:89:05:42:2e:
44:01:05:46:d8:e1:a5:e9:7a:47:9a:9d:0d:89:b8:
84:f8:3c:95:d7:8e:d1:a3:bf:8e:f6:de:60:be:79:
d3:df:03:75:89:47:81:9d:c5:15:7d:74:91:cf:58:
d1:52:7f:15:25:5d:e0:fa:97:18:1d:bb:b3:05:55:
5c:6a:a2:48:1c:33:1c:00:1c:bf:c3:49:eb:5c:80:
8e:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:B9:37:BF:97:13:33:44:E1:47:8E:13:87:FE:26:76:A5:86:75:3E
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/z7k3v5cTM0ThR44Th_4mdqWGdT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.28.0/24
94.125.137.0/24
201.77.53.0/24
201.77.55.0/24
217.76.240.0/24
Signature Algorithm: sha256WithRSAEncryption
19:82:c3:a6:5f:38:6d:6a:a8:6e:30:19:b1:a4:72:6e:0e:9f:
7a:7f:d8:1b:11:20:72:27:db:ae:3a:94:09:ee:c9:40:2c:08:
75:30:31:ed:8b:8a:22:e2:31:9f:51:de:08:8e:43:bd:2e:2c:
60:1f:7b:c0:01:3f:12:4b:54:15:00:88:52:28:67:8c:b7:f3:
e4:57:63:29:71:36:63:c8:28:f1:fb:3f:a5:c4:dc:79:8b:da:
10:ba:cb:83:19:90:50:7c:ad:5a:a9:5c:79:bc:30:25:21:ce:
d9:4b:0b:5e:83:37:34:d1:9d:cb:58:51:98:e8:aa:0e:34:46:
c0:0b:55:88:73:cf:cd:de:d4:b0:1b:c1:75:5e:05:1c:67:7e:
b3:e0:6c:5a:ce:06:37:2d:00:da:07:6b:11:2a:3e:57:04:06:
17:84:0c:d7:28:58:90:44:c7:50:53:d9:27:52:8f:6d:35:8d:
f6:3a:b4:db:8a:11:71:cd:b7:db:1b:d1:93:23:4e:7c:14:79:
68:e1:e8:a5:5a:6c:4e:e9:27:4b:86:bb:e7:af:49:d6:2a:93:
e3:49:03:8f:55:c8:40:bf:d3:5d:8a:1f:40:4b:6e:fc:41:cd:
e1:d7:55:48:69:4b:ab:71:d9:3f:c5:15:55:5a:fa:01:90:89:
ad:6d:cb:4f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnSD+INNFPaCBp9EwDTCMtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjUwMTAyMTM1MDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmI5MzdiZjk3MTMzMzQ0ZTE0NzhlMTM4N2ZlMjY3NmE1ODY3NTNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu6xxW3j+/MdXtd1YwowBheLP30VS
g2b4SCdLlLfgmI2OHEEN02+U6vUS5MQnVxHdgXTZLWgP5+Ztx+qprk1k7+7fis3v
CMm9OHeE/oLHiVXW039Q/kTt3moM+gqg6NoTtgFpJBclpJwVea6UTX0AG499DHeu
J5CfYSVtSE3/jY0Eq0J6oiL11OXzMqEdODux1NA3w6vU/zqnvKFPEkjxnZWDSynq
nnGHmAmu9nhIaYkFQi5EAQVG2OGl6XpHmp0NibiE+DyV147Ro7+O9t5gvnnT3wN1
iUeBncUVfXSRz1jRUn8VJV3g+pcYHbuzBVVcaqJIHDMcABy/w0nrXICORwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM+5N7+XEzNE4UeOE4f+JnalhnU+MB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvejdrM3Y1Y1RNMFRoUjQ0VGhfNG1kcVdHZFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALh0cAwQA
Xn2JAwQAyU01AwQAyU03AwQA2UzwMA0GCSqGSIb3DQEBCwUAA4IBAQAZgsOmXzht
aqhuMBmxpHJuDp96f9gbESByJ9uuOpQJ7slALAh1MDHti4oi4jGfUd4IjkO9Lixg
H3vAAT8SS1QVAIhSKGeMt/PkV2MpcTZjyCjx+z+lxNx5i9oQusuDGZBQfK1aqVx5
vDAlIc7ZSwtegzc00Z3LWFGY6KoONEbAC1WIc8/N3tSwG8F1XgUcZ36z4GxazgY3
LQDaB2sRKj5XBAYXhAzXKFiQRMdQU9knUo9tNY32OrTbihFxzbfbG9GTI058FHlo
4eilWmxO6SdLhrvnr0nWKpPjSQOPVchAv9Ndih9AS278Qc3h11VIaUurcdk/xRVV
WvoBkImtbctP
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:47:43 2025 by rpki-client