Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/RcZOQzwVPzta74FZUHn3H3BrDfw.roa
File: RcZOQzwVPzta74FZUHn3H3BrDfw.roa (raw, json)
Hash identifier: V0krQJ1xo1MEn7oEhb7Dh/z9l1NykVrobd6V77UbzAQ=
Subject key identifier: 45:C6:4E:43:3C:15:3F:3B:5A:EF:81:59:50:79:F7:1F:70:6B:0D:FC
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 01954D9B05208B22501589CB914C38C903C5
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/RcZOQzwVPzta74FZUHn3H3BrDfw.roa
Signing time: Fri 28 Feb 2025 17:29:19 +0000
ROA not before: Fri 28 Feb 2025 17:29:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 2.59.22.0/24 maxlen: 24
86.54.28.0/24 maxlen: 24
86.54.29.0/24 maxlen: 24
86.54.31.0/24 maxlen: 24
212.104.141.0/24 maxlen: 24
2a01:e940::/48 maxlen: 48
2a01:e943::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:4d:9b:05:20:8b:22:50:15:89:cb:91:4c:38:c9:03:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Feb 28 17:29:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45c64e433c153f3b5aef81595079f71f706b0dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:1a:95:4f:ed:63:32:27:9e:e2:73:b4:3d:69:
f2:6d:ab:6c:94:a0:b2:a9:f2:0d:a6:a5:aa:ff:4e:
9c:33:8f:6b:e8:3f:36:d6:23:08:35:62:3d:71:73:
fa:2e:d5:b6:78:c9:5e:30:67:74:d1:b6:f0:10:df:
7d:eb:71:88:78:c7:e3:f7:b3:e8:1a:5b:0b:72:09:
a8:54:81:95:84:60:2f:5c:61:7f:67:09:6a:64:01:
74:d3:44:5d:b1:f6:c3:13:97:e8:fa:8b:43:67:52:
39:d3:78:f8:8f:90:6d:6d:72:32:36:12:16:56:04:
ba:d5:64:36:cb:dc:8e:f1:7d:50:a0:c8:9a:55:cc:
57:c4:f0:e3:5e:11:82:96:9a:51:52:4b:b6:4a:93:
40:54:2e:a0:76:72:63:47:5c:37:ba:a4:ed:9c:d8:
a9:98:2a:f7:b5:6a:24:11:bd:ef:ef:fc:62:49:0a:
1f:ed:06:e6:1d:13:d6:31:3d:8c:20:40:cb:b6:fb:
48:b0:ac:b0:09:34:f8:f2:b2:ff:b6:f0:c8:86:93:
d7:af:a3:9d:c1:e2:d9:21:f4:3d:79:e8:e9:3f:f3:
51:22:96:08:55:56:48:5e:ff:f4:ea:f1:68:e3:6b:
66:66:72:23:f9:ec:f2:73:6b:81:fb:62:99:47:74:
fc:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:C6:4E:43:3C:15:3F:3B:5A:EF:81:59:50:79:F7:1F:70:6B:0D:FC
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/RcZOQzwVPzta74FZUHn3H3BrDfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.22.0/24
86.54.28.0/23
86.54.31.0/24
212.104.141.0/24
IPv6:
2a01:e940::/48
2a01:e943::/48
Signature Algorithm: sha256WithRSAEncryption
c0:56:2d:2e:b0:7a:50:eb:0b:3e:40:a3:40:48:2b:5d:03:56:
01:71:a5:22:0f:36:3d:78:0f:fb:b9:10:22:46:18:74:dd:65:
6f:11:11:67:a7:4b:71:4c:48:27:74:88:75:92:94:1d:82:04:
2a:68:f0:cb:59:09:45:f0:8e:66:e5:45:a5:fb:cb:ae:88:04:
ae:e9:0a:ce:fa:d0:7c:3c:1e:a1:9f:73:9f:ce:27:8d:ae:5c:
21:1c:af:96:16:bb:1e:e4:48:78:87:0b:9d:1d:2a:a8:82:25:
28:25:56:da:53:b6:13:7e:26:59:ac:84:8a:b2:eb:fa:2a:78:
ff:de:71:f8:1a:87:c1:d8:10:01:09:d3:08:8e:d5:be:12:0f:
b3:f5:a2:82:13:73:ba:63:b4:d1:d1:83:fc:46:5f:cc:e2:8d:
ba:fc:47:98:fb:81:01:22:ab:57:30:46:2f:d2:c6:4f:83:cc:
ed:04:5c:3f:7f:b6:f4:b5:61:b4:e1:8e:a8:70:dc:0c:3d:52:
7a:db:84:da:fc:6c:c3:9e:48:bd:e0:ef:00:15:7d:3f:09:84:
a3:da:0f:62:11:a3:ba:7d:a8:53:16:ff:01:90:ba:a7:d3:61:
8c:7b:56:0a:5f:d0:d0:e1:8f:8d:71:d0:a7:dc:84:90:e0:cd:
36:f3:76:9b
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZVNmwUgiyJQFYnLkUw4yQPFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUwMjI4MTcyOTE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWM2NGU0MzNjMTUzZjNiNWFlZjgxNTk1MDc5ZjcxZjcwNmIwZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxqVT+1jMiee4nO0PWnybatslKCy
qfINpqWq/06cM49r6D821iMINWI9cXP6LtW2eMleMGd00bbwEN9963GIeMfj97Po
GlsLcgmoVIGVhGAvXGF/ZwlqZAF000RdsfbDE5fo+otDZ1I503j4j5BtbXIyNhIW
VgS61WQ2y9yO8X1QoMiaVcxXxPDjXhGClppRUku2SpNAVC6gdnJjR1w3uqTtnNip
mCr3tWokEb3v7/xiSQof7QbmHRPWMT2MIEDLtvtIsKywCTT48rL/tvDIhpPXr6Od
weLZIfQ9eejpP/NRIpYIVVZIXv/06vFo42tmZnIj+ezyc2uB+2KZR3T8gwIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFEXGTkM8FT87Wu+BWVB59x9waw38MB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvUmNaT1F6d1ZQenRhNzRGWlVIbjNIM0JyRGZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAAjsWAwQB
VjYcAwQAVjYfAwQA1GiNMBgEAgACMBIDBwAqAelAAAADBwAqAelDAAAwDQYJKoZI
hvcNAQELBQADggEBAMBWLS6welDrCz5Ao0BIK10DVgFxpSIPNj14D/u5ECJGGHTd
ZW8REWenS3FMSCd0iHWSlB2CBCpo8MtZCUXwjmblRaX7y66IBK7pCs760Hw8HqGf
c5/OJ42uXCEcr5YWux7kSHiHC50dKqiCJSglVtpTthN+JlmshIqy6/oqeP/ecfga
h8HYEAEJ0wiO1b4SD7P1ooITc7pjtNHRg/xGX8zijbr8R5j7gQEiq1cwRi/Sxk+D
zO0EXD9/tvS1YbThjqhw3Aw9UnrbhNr8bMOeSL3g7wAVfT8JhKPaD2IRo7p9qFMW
/wGQuqfTYYx7Vgpf0NDhj41x0KfchJDgzTbzdps=
-----END CERTIFICATE-----
Generated at Tue Apr 22 22:04:18 2025 by rpki-client