Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/pzeazRaM8Z6SjrjO6Q79mNPUlRs.roa
File: pzeazRaM8Z6SjrjO6Q79mNPUlRs.roa (raw, json)
Hash identifier: /9lKkXVgAMejZaK+X1dNcf57k6lh360Swbxh+XCM3Ik=
Subject key identifier: A7:37:9A:CD:16:8C:F1:9E:92:8E:B8:CE:E9:0E:FD:98:D3:D4:95:1B
Certificate issuer: /CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Certificate serial: 01941F8C78C7F6851BFC24159E5A2D0FCA91
Authority key identifier: C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/pzeazRaM8Z6SjrjO6Q79mNPUlRs.roa
Signing time: Wed 01 Jan 2025 01:48:07 +0000
ROA not before: Wed 01 Jan 2025 01:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33845
IP address blocks: 131.102.0.0/16 maxlen: 24
149.126.48.0/21 maxlen: 24
162.23.0.0/16 maxlen: 24
193.5.216.0/21 maxlen: 24
2a07:2900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.mft
rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 14 Apr 2025 17:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:78:c7:f6:85:1b:fc:24:15:9e:5a:2d:0f:ca:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c45c683cb1eb9c0f49b967e3bd9b8b84cf099bb8
Validity
Not Before: Jan 1 01:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a7379acd168cf19e928eb8cee90efd98d3d4951b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:83:c0:8e:5e:df:e6:06:49:b0:3c:87:27:bf:
ea:99:fa:3e:56:e7:14:d9:1f:fa:47:b7:07:27:9d:
2a:74:ea:b2:e1:75:9b:f9:b1:9a:e8:d3:d7:1f:f1:
ea:1d:c2:ad:7e:07:11:44:dc:56:ff:3c:d6:d1:a8:
45:81:b5:89:65:17:4e:70:ea:4c:31:be:75:e2:b4:
12:b5:af:e4:d9:78:4b:d0:a7:64:ec:68:97:28:32:
38:2f:3f:77:70:d8:9f:d8:c4:a5:9b:8d:52:3d:6d:
27:d1:76:5a:93:fb:10:85:cf:e2:8d:d8:12:df:5f:
22:46:8a:f6:58:6d:02:f5:47:37:9a:6f:d3:ad:ce:
42:a6:1b:1e:4c:54:4a:e0:64:6d:c7:c8:d8:0b:3b:
cd:91:df:f2:3e:ea:92:dc:a2:03:7c:7d:a1:63:b9:
6d:9e:87:03:b0:79:e9:8e:8c:d2:b2:df:41:a3:58:
70:f4:c5:60:51:02:91:8b:19:b9:c1:c4:b0:b0:38:
f2:58:09:ca:cf:07:6b:63:a7:01:3e:fa:20:52:a9:
49:60:5c:91:f5:04:16:fc:dc:50:d6:50:3f:f6:77:
e7:ad:25:be:28:35:eb:91:cd:32:5a:9f:e7:be:64:
5e:57:de:46:55:af:6e:e5:7e:ba:33:bf:d9:bd:c7:
81:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:37:9A:CD:16:8C:F1:9E:92:8E:B8:CE:E9:0E:FD:98:D3:D4:95:1B
X509v3 Authority Key Identifier:
keyid:C4:5C:68:3C:B1:EB:9C:0F:49:B9:67:E3:BD:9B:8B:84:CF:09:9B:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/pzeazRaM8Z6SjrjO6Q79mNPUlRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/439a10-60c4-4c28-91bf-88d2df10d15b/1/xFxoPLHrnA9JuWfjvZuLhM8Jm7g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
131.102.0.0/16
149.126.48.0/21
162.23.0.0/16
193.5.216.0/21
IPv6:
2a07:2900::/32
Signature Algorithm: sha256WithRSAEncryption
78:d8:d6:27:c5:88:87:b0:fe:96:cb:c1:0f:2d:4b:74:2e:30:
9f:a6:82:2b:07:33:ee:51:63:75:2d:00:bb:5d:a7:d0:ff:27:
b6:b1:dd:81:09:ba:df:30:be:65:f8:32:e1:98:f3:b1:e5:b1:
63:71:16:da:1c:21:b5:9d:23:a1:2d:d7:01:31:e4:07:7f:95:
02:e3:68:c4:e6:ba:4c:24:0b:93:dd:5d:0d:6a:c0:aa:6c:fb:
64:89:0d:bd:d7:70:03:24:a9:d1:23:6d:65:ff:fc:c8:c1:4a:
19:ef:bc:29:4d:e9:31:7d:9b:84:7d:36:23:4d:5b:93:78:32:
79:62:4c:1a:75:6a:cb:f0:6a:63:68:2d:99:ea:a0:42:7e:e6:
11:cf:7b:4e:54:54:08:08:b1:06:e8:c2:4c:32:07:23:51:06:
86:2e:54:0d:86:8d:33:fa:d3:a3:52:c8:dd:3c:0b:59:96:70:
e7:5e:90:58:6c:16:51:7b:99:70:30:59:3e:c3:d8:31:0f:49:
42:91:c0:e7:64:cc:b0:18:58:58:98:69:b5:6e:0a:5a:34:62:
04:a8:53:b2:66:a4:1a:d3:61:18:ff:25:29:e3:22:dc:5e:75:
da:55:90:2d:21:6b:cf:78:33:c6:eb:e6:af:1c:6d:60:2d:ce:
a4:17:ae:74
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZQfjHjH9oUb/CQVnlotD8qRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0NWM2ODNjYjFlYjljMGY0OWI5NjdlM2JkOWI4Yjg0Y2Yw
OTliYjgwHhcNMjUwMTAxMDE0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzM3OWFjZDE2OGNmMTllOTI4ZWI4Y2VlOTBlZmQ5OGQzZDQ5NTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4PAjl7f5gZJsDyHJ7/qmfo+VucU
2R/6R7cHJ50qdOqy4XWb+bGa6NPXH/HqHcKtfgcRRNxW/zzW0ahFgbWJZRdOcOpM
Mb514rQSta/k2XhL0Kdk7GiXKDI4Lz93cNif2MSlm41SPW0n0XZak/sQhc/ijdgS
318iRor2WG0C9Uc3mm/Trc5CphseTFRK4GRtx8jYCzvNkd/yPuqS3KIDfH2hY7lt
nocDsHnpjozSst9Bo1hw9MVgUQKRixm5wcSwsDjyWAnKzwdrY6cBPvogUqlJYFyR
9QQW/NxQ1lA/9nfnrSW+KDXrkc0yWp/nvmReV95GVa9u5X66M7/ZvceB9wIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFKc3ms0WjPGeko64zukO/ZjT1JUbMB8GA1UdIwQY
MBaAFMRcaDyx65wPSbln472bi4TPCZu4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYt
ODhkMmRmMTBkMTViLzEvcHplYXpSYU04WjZTanJqTzZRNzltTlBVbFJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC80MzlhMTAtNjBjNC00YzI4LTkxYmYtODhkMmRmMTBkMTVi
LzEveEZ4b1BMSHJuQTlKdVdmanZadUxoTThKbTdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAcBAIAATAWAwMAg2YDBAOV
fjADAwCiFwMEA8EF2DANBAIAAjAHAwUAKgcpADANBgkqhkiG9w0BAQsFAAOCAQEA
eNjWJ8WIh7D+lsvBDy1LdC4wn6aCKwcz7lFjdS0Au12n0P8ntrHdgQm63zC+Zfgy
4ZjzseWxY3EW2hwhtZ0joS3XATHkB3+VAuNoxOa6TCQLk91dDWrAqmz7ZIkNvddw
AySp0SNtZf/8yMFKGe+8KU3pMX2bhH02I01bk3gyeWJMGnVqy/BqY2gtmeqgQn7m
Ec97TlRUCAixBujCTDIHI1EGhi5UDYaNM/rTo1LI3TwLWZZw516QWGwWUXuZcDBZ
PsPYMQ9JQpHA52TMsBhYWJhptW4KWjRiBKhTsmakGtNhGP8lKeMi3F512lWQLSFr
z3gzxuvmrxxtYC3OpBeudA==
-----END CERTIFICATE-----
Generated at Mon Apr 14 01:37:47 2025 by rpki-client