Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/zmjoSn5I0WFyArKYL3CNzyTYt3k.roa
File: zmjoSn5I0WFyArKYL3CNzyTYt3k.roa (raw, json)
Hash identifier: 3JgC94x9YK1uKOSZibC092euWjVyeADbWW/A4EEbNv4=
Subject key identifier: CE:68:E8:4A:7E:48:D1:61:72:02:B2:98:2F:70:8D:CF:24:D8:B7:79
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 019425FD24BE0F559CE4DBD6EFC04FE91041
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/zmjoSn5I0WFyArKYL3CNzyTYt3k.roa
Signing time: Thu 02 Jan 2025 07:48:54 +0000
ROA not before: Thu 02 Jan 2025 07:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 150445
IP address blocks: 64.137.75.0/24 maxlen: 24
64.137.84.0/24 maxlen: 24
64.137.90.0/24 maxlen: 24
64.137.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:fd:24:be:0f:55:9c:e4:db:d6:ef:c0:4f:e9:10:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Jan 2 07:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce68e84a7e48d1617202b2982f708dcf24d8b779
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:33:3d:2a:91:d7:42:58:4d:90:2c:cb:15:43:
63:50:8e:b9:12:84:21:91:31:88:8a:49:23:2d:e7:
d9:45:47:b7:8c:e8:b6:19:d6:13:87:c5:a5:0a:7a:
e1:5a:1c:6b:01:c7:b2:79:79:47:56:a9:a7:0a:e2:
90:26:b3:41:25:c5:23:4a:a1:eb:01:ef:fa:20:17:
ef:95:94:2d:d9:26:e9:96:c6:fb:e4:84:68:ab:70:
79:84:de:7c:78:06:dc:bd:a3:0f:fd:b7:67:7e:b9:
cb:23:e0:9f:9a:b4:2e:a2:c5:1e:e0:c4:d9:15:32:
0c:b1:ad:d9:21:94:84:de:b2:3c:e9:e2:73:d1:76:
c2:f9:69:00:a4:3d:64:3b:37:fc:f8:43:90:e7:42:
f2:09:91:28:87:54:2a:b4:64:61:5d:56:02:86:3b:
ce:8c:70:30:c6:2c:c1:8b:f9:d8:81:0b:d5:2b:4f:
90:50:9c:5a:59:91:e0:e5:87:34:ea:ec:c5:97:79:
a8:a9:d5:49:34:bf:6d:db:41:a0:d1:be:ba:a9:25:
2d:06:5a:b4:95:d1:e6:ec:f8:de:95:a0:a3:a5:2b:
80:3c:0a:89:5c:3a:80:b6:c9:db:a7:57:76:65:df:
2b:ff:f8:fe:86:50:de:36:86:2b:23:70:42:ce:23:
4e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:68:E8:4A:7E:48:D1:61:72:02:B2:98:2F:70:8D:CF:24:D8:B7:79
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/zmjoSn5I0WFyArKYL3CNzyTYt3k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.137.75.0/24
64.137.84.0/24
64.137.90.0/24
64.137.126.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:60:8e:20:d4:33:93:11:ca:0d:0d:b1:b5:28:01:b7:93:56:
9d:91:7c:a6:28:03:45:67:54:f0:4d:e8:25:d5:6f:30:06:03:
4f:ff:ad:b2:4c:97:81:49:62:55:65:f5:c2:0e:dd:7a:75:b6:
30:29:ed:c0:88:93:2f:84:fa:f7:1a:78:61:b9:02:8e:32:16:
be:57:0e:6a:c5:f2:d8:26:3f:53:37:d6:00:f9:33:4c:1c:cc:
2d:dc:c1:03:06:85:d6:d0:de:51:9e:26:b1:e8:6e:1c:da:8d:
79:ba:9f:0e:2b:c9:67:1b:3b:02:eb:29:32:3a:e2:69:0e:fc:
a0:1e:ec:24:97:be:eb:35:5c:47:0c:d9:43:85:c4:3e:83:93:
61:fd:b2:68:9b:6d:9c:69:fd:51:a5:7e:25:3c:b7:b0:27:e8:
50:76:ca:c4:b2:5d:2e:e5:3e:61:cf:66:75:60:18:09:7d:cf:
d1:27:7e:dd:c7:af:7b:cf:b6:20:4b:0f:86:e8:71:e8:b4:a6:
b0:34:81:44:5b:82:0b:8c:d1:ef:7c:74:21:a3:97:29:56:7e:
ca:82:e3:55:db:e9:4e:2d:42:89:b2:1e:99:33:13:5d:47:02:
a2:1b:f6:81:5e:8f:85:2b:b1:64:df:6f:0b:46:bf:9a:54:15:
0d:f9:4f:3c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQl/SS+D1Wc5NvW78BP6RBBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUwMTAyMDc0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTY4ZTg0YTdlNDhkMTYxNzIwMmIyOTgyZjcwOGRjZjI0ZDhiNzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxzM9KpHXQlhNkCzLFUNjUI65EoQh
kTGIikkjLefZRUe3jOi2GdYTh8WlCnrhWhxrAceyeXlHVqmnCuKQJrNBJcUjSqHr
Ae/6IBfvlZQt2Sbplsb75IRoq3B5hN58eAbcvaMP/bdnfrnLI+CfmrQuosUe4MTZ
FTIMsa3ZIZSE3rI86eJz0XbC+WkApD1kOzf8+EOQ50LyCZEoh1QqtGRhXVYChjvO
jHAwxizBi/nYgQvVK0+QUJxaWZHg5Yc06uzFl3moqdVJNL9t20Gg0b66qSUtBlq0
ldHm7PjelaCjpSuAPAqJXDqAtsnbp1d2Zd8r//j+hlDeNoYrI3BCziNOXwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM5o6Ep+SNFhcgKymC9wjc8k2Ld5MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvem1qb1NuNUkwV0Z5QXJLWUwzQ056eVRZdDNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQIlLAwQA
QIlUAwQAQIlaAwQAQIl+MA0GCSqGSIb3DQEBCwUAA4IBAQAbYI4g1DOTEcoNDbG1
KAG3k1adkXymKANFZ1TwTegl1W8wBgNP/62yTJeBSWJVZfXCDt16dbYwKe3AiJMv
hPr3GnhhuQKOMha+Vw5qxfLYJj9TN9YA+TNMHMwt3MEDBoXW0N5Rniax6G4c2o15
up8OK8lnGzsC6ykyOuJpDvygHuwkl77rNVxHDNlDhcQ+g5Nh/bJom22caf1RpX4l
PLewJ+hQdsrEsl0u5T5hz2Z1YBgJfc/RJ37dx697z7YgSw+G6HHotKawNIFEW4IL
jNHvfHQho5cpVn7KguNV2+lOLUKJsh6ZMxNdRwKiG/aBXo+FK7Fk328LRr+aVBUN
+U88
-----END CERTIFICATE-----
Generated at Sun Apr 6 19:25:02 2025 by rpki-client