Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/Zzn898alwJ-ZQ7BYnOoh1f9BcU0.roa
File: Zzn898alwJ-ZQ7BYnOoh1f9BcU0.roa (raw, json)
Hash identifier: ZfOULEhZA5KSiQObf0XfCp/rLlK21I+b+ae43OnFfqk=
Subject key identifier: 67:39:FC:F7:C6:A5:C0:9F:99:43:B0:58:9C:EA:21:D5:FF:41:71:4D
Certificate issuer: /CN=c7770135d0f0d30a868df551d8752d4b4badc2c1
Certificate serial: 019427B63D36E3D32013F07AEA28284441A0
Authority key identifier: C7:77:01:35:D0:F0:D3:0A:86:8D:F5:51:D8:75:2D:4B:4B:AD:C2:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x3cBNdDw0wqGjfVR2HUtS0utwsE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/Zzn898alwJ-ZQ7BYnOoh1f9BcU0.roa
Signing time: Thu 02 Jan 2025 15:50:42 +0000
ROA not before: Thu 02 Jan 2025 15:50:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51942
IP address blocks: 81.173.44.0/22 maxlen: 22
91.221.150.0/23 maxlen: 23
185.133.36.0/22 maxlen: 22
2001:67c:16b4::/48 maxlen: 48
2a06:21c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/x3cBNdDw0wqGjfVR2HUtS0utwsE.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/x3cBNdDw0wqGjfVR2HUtS0utwsE.mft
rsync://rpki.ripe.net/repository/DEFAULT/x3cBNdDw0wqGjfVR2HUtS0utwsE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:3d:36:e3:d3:20:13:f0:7a:ea:28:28:44:41:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7770135d0f0d30a868df551d8752d4b4badc2c1
Validity
Not Before: Jan 2 15:50:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6739fcf7c6a5c09f9943b0589cea21d5ff41714d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:45:c8:98:2b:08:a0:c7:ab:b8:5a:30:80:52:
65:51:bf:a5:f9:10:a6:98:62:53:4f:ca:57:da:db:
f9:9a:7a:12:0a:b4:db:2d:9b:e1:06:35:fd:7e:8b:
f4:a8:85:86:7f:0d:e3:f2:ab:bc:d6:33:a4:7c:8c:
e0:e2:97:58:73:6c:73:5c:b5:f9:b2:3c:db:bf:46:
b7:35:a4:14:27:3b:81:c0:4c:8c:3a:85:5f:6f:97:
c8:2a:c9:c2:ff:0e:62:b3:0f:94:46:fd:cd:d8:50:
2e:f6:86:74:81:a1:4c:0d:68:0a:b9:47:b7:8d:6e:
1d:82:d0:3b:13:ba:b5:39:ff:35:f7:68:be:24:75:
71:1a:83:cb:da:14:ea:78:77:eb:f2:fa:de:9a:42:
f6:f9:3a:3d:19:0c:f7:22:28:f2:18:06:27:54:98:
75:a3:64:a3:e9:c0:52:a8:84:cf:aa:40:e6:19:8d:
3f:24:27:6b:3e:9b:5f:c2:4c:4d:1e:7e:6c:1d:b4:
a9:0b:6e:43:16:43:d8:df:d9:cb:5e:90:8b:4d:d0:
d2:87:3b:55:50:38:a4:40:47:c5:ed:c7:e3:37:63:
8f:20:71:36:05:a6:f3:47:58:3f:44:17:8a:4e:e6:
0e:68:be:fc:8a:ec:db:0c:8c:36:26:bf:b5:cc:56:
2c:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:39:FC:F7:C6:A5:C0:9F:99:43:B0:58:9C:EA:21:D5:FF:41:71:4D
X509v3 Authority Key Identifier:
keyid:C7:77:01:35:D0:F0:D3:0A:86:8D:F5:51:D8:75:2D:4B:4B:AD:C2:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x3cBNdDw0wqGjfVR2HUtS0utwsE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/Zzn898alwJ-ZQ7BYnOoh1f9BcU0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/b97070-c5f4-4410-94b5-d64d75394037/1/x3cBNdDw0wqGjfVR2HUtS0utwsE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.173.44.0/22
91.221.150.0/23
185.133.36.0/22
IPv6:
2001:67c:16b4::/48
2a06:21c0::/29
Signature Algorithm: sha256WithRSAEncryption
40:a5:2d:e5:f0:bb:f9:54:50:61:fb:1e:f7:f7:a1:31:50:fa:
36:65:28:cc:d9:e5:3e:73:2f:d9:50:63:a2:71:23:7a:4f:aa:
c2:64:cc:f5:72:44:d1:8b:f9:2e:b1:b2:1b:be:0c:db:44:22:
2a:ee:7d:b5:6c:90:a1:7b:49:7e:00:fb:70:e6:99:96:91:ce:
33:dc:1a:fe:e9:95:37:db:ee:c4:3e:13:f7:ca:f4:8d:30:18:
55:9a:9b:65:d2:bd:5b:6f:f6:cc:91:f9:44:8b:52:de:0d:d3:
9f:22:11:05:d8:e6:3d:bd:60:94:b8:90:29:09:12:23:df:f5:
c8:4e:4a:33:c2:bf:f9:08:e1:fb:20:4f:af:6a:e1:a2:f9:95:
e6:43:d7:eb:3a:24:09:f9:dc:74:b7:2b:6c:cf:3d:e6:42:9b:
9f:f4:d6:52:ac:a4:74:44:f0:91:e0:ba:af:bf:5a:c3:8b:df:
96:53:13:ca:e0:db:ad:71:04:6b:c8:c0:df:d3:4e:25:15:91:
1e:49:6b:c0:4a:f9:50:32:56:f6:cb:2d:14:99:34:38:8a:84:
d2:d9:9c:03:c9:bb:87:1b:18:34:e9:22:a7:aa:c7:44:cb:75:
2c:21:85:20:6c:63:ee:f1:47:a1:ed:c9:f9:41:ba:fc:52:82:
3e:4e:46:1a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQntj0249MgE/B66igoREGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3NzcwMTM1ZDBmMGQzMGE4NjhkZjU1MWQ4NzUyZDRiNGJh
ZGMyYzEwHhcNMjUwMTAyMTU1MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzM5ZmNmN2M2YTVjMDlmOTk0M2IwNTg5Y2VhMjFkNWZmNDE3MTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuEXImCsIoMeruFowgFJlUb+l+RCm
mGJTT8pX2tv5mnoSCrTbLZvhBjX9fov0qIWGfw3j8qu81jOkfIzg4pdYc2xzXLX5
sjzbv0a3NaQUJzuBwEyMOoVfb5fIKsnC/w5isw+URv3N2FAu9oZ0gaFMDWgKuUe3
jW4dgtA7E7q1Of8192i+JHVxGoPL2hTqeHfr8vremkL2+To9GQz3IijyGAYnVJh1
o2Sj6cBSqITPqkDmGY0/JCdrPptfwkxNHn5sHbSpC25DFkPY39nLXpCLTdDShztV
UDikQEfF7cfjN2OPIHE2BabzR1g/RBeKTuYOaL78iuzbDIw2Jr+1zFYsEQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGc5/PfGpcCfmUOwWJzqIdX/QXFNMB8GA1UdIwQY
MBaAFMd3ATXQ8NMKho31Udh1LUtLrcLBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDNjQk5kRHcwd3FHamZWUjJIVXRTMHV0d3NFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9iOTcwNzAtYzVmNC00NDEwLTk0YjUt
ZDY0ZDc1Mzk0MDM3LzEvWnpuODk4YWx3Si1aUTdCWW5Pb2gxZjlCY1UwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9iOTcwNzAtYzVmNC00NDEwLTk0YjUtZDY0ZDc1Mzk0MDM3
LzEveDNjQk5kRHcwd3FHamZWUjJIVXRTMHV0d3NFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQCUa0sAwQB
W92WAwQCuYUkMBYEAgACMBADBwAgAQZ8FrQDBQMqBiHAMA0GCSqGSIb3DQEBCwUA
A4IBAQBApS3l8Lv5VFBh+x7396ExUPo2ZSjM2eU+cy/ZUGOicSN6T6rCZMz1ckTR
i/kusbIbvgzbRCIq7n21bJChe0l+APtw5pmWkc4z3Br+6ZU32+7EPhP3yvSNMBhV
mptl0r1bb/bMkflEi1LeDdOfIhEF2OY9vWCUuJApCRIj3/XITkozwr/5COH7IE+v
auGi+ZXmQ9frOiQJ+dx0tytszz3mQpuf9NZSrKR0RPCR4Lqvv1rDi9+WUxPK4Nut
cQRryMDf004lFZEeSWvASvlQMlb2yy0UmTQ4ioTS2ZwDybuHGxg06SKnqsdEy3Us
IYUgbGPu8Ueh7cn5Qbr8UoI+TkYa
-----END CERTIFICATE-----
Generated at Thu Mar 13 06:42:30 2025 by rpki-client