Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/znDGyTFXHxgds03YiKxu855yeHM.roa
File: znDGyTFXHxgds03YiKxu855yeHM.roa (raw, json)
Hash identifier: PokYry9XBN7Hw+cBZPUeLE2rCoMZAI1GoWKG5QQBoBg=
Subject key identifier: CE:70:C6:C9:31:57:1F:18:1D:B3:4D:D8:88:AC:6E:F3:9E:72:78:73
Certificate issuer: /CN=0384e88fb79a3776cb0583e2b67a0bec6dfc68b8
Certificate serial: 01942748543D1E410DDE6C33F25F4DE41844
Authority key identifier: 03:84:E8:8F:B7:9A:37:76:CB:05:83:E2:B6:7A:0B:EC:6D:FC:68:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/A4Toj7eaN3bLBYPitnoL7G38aLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/znDGyTFXHxgds03YiKxu855yeHM.roa
Signing time: Thu 02 Jan 2025 13:50:39 +0000
ROA not before: Thu 02 Jan 2025 13:50:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44486
IP address blocks: 176.118.193.0/24 maxlen: 24
185.115.205.0/24 maxlen: 24
2a0c:a300::/29 maxlen: 29
2a12:ea80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/A4Toj7eaN3bLBYPitnoL7G38aLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/A4Toj7eaN3bLBYPitnoL7G38aLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/A4Toj7eaN3bLBYPitnoL7G38aLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:54:3d:1e:41:0d:de:6c:33:f2:5f:4d:e4:18:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0384e88fb79a3776cb0583e2b67a0bec6dfc68b8
Validity
Not Before: Jan 2 13:50:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce70c6c931571f181db34dd888ac6ef39e727873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:dc:e5:94:4d:24:41:01:26:12:35:d2:c3:a1:
a1:90:a6:a8:71:62:d0:59:4b:8e:ff:7c:d9:30:4d:
42:88:1d:11:af:1d:4d:6b:c7:d6:3f:81:e7:e9:6b:
76:33:2e:a6:f3:12:c7:35:0e:b8:62:8b:18:11:5d:
11:40:b0:4e:44:38:a6:49:35:32:7d:34:d2:ca:2a:
56:df:d7:17:f8:73:cd:8e:62:f6:d5:17:ee:0c:ee:
88:50:10:5d:b2:72:46:db:61:07:0f:6d:b7:94:2f:
9b:32:5c:bd:70:ad:d1:8b:dc:37:a2:43:75:f3:8a:
a9:eb:1f:cf:cb:3e:28:89:c5:11:f3:0e:95:05:80:
5a:b4:19:1a:e7:29:1e:2e:ba:8a:9b:bd:3e:c0:58:
e9:f8:f3:e6:cd:b2:89:d9:22:34:5a:81:ec:17:ad:
66:ae:c8:d6:64:21:64:40:e6:d5:2c:15:ed:e5:ea:
31:56:be:06:69:74:24:5a:e2:a8:d7:31:ca:56:0a:
97:4b:ff:3c:51:15:83:fc:df:bd:d4:74:58:67:ef:
33:47:1a:63:c4:69:8d:7d:cb:11:ec:e5:3b:bf:5f:
ea:0e:1d:dc:64:c5:f5:86:82:72:cc:ec:82:69:df:
57:40:88:f0:10:d5:62:fa:3e:99:69:8e:00:27:e0:
c1:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:70:C6:C9:31:57:1F:18:1D:B3:4D:D8:88:AC:6E:F3:9E:72:78:73
X509v3 Authority Key Identifier:
keyid:03:84:E8:8F:B7:9A:37:76:CB:05:83:E2:B6:7A:0B:EC:6D:FC:68:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/A4Toj7eaN3bLBYPitnoL7G38aLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/znDGyTFXHxgds03YiKxu855yeHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/7a0151-ce20-48e6-9053-333a384d417d/1/A4Toj7eaN3bLBYPitnoL7G38aLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.118.193.0/24
185.115.205.0/24
IPv6:
2a0c:a300::/29
2a12:ea80::/29
Signature Algorithm: sha256WithRSAEncryption
a5:22:1a:6e:82:87:01:5c:c9:98:4d:a3:cc:d2:13:51:b9:78:
aa:f4:54:96:e5:b2:a9:29:db:8b:7c:1f:59:4f:49:d1:64:3c:
56:31:cb:58:87:5f:e0:b7:fb:35:10:b5:5e:02:12:8f:5a:b1:
cb:12:69:a7:c1:20:a9:5c:0e:7f:ac:72:2c:64:eb:21:a1:b3:
ec:23:fb:7c:d4:e4:6d:95:6d:81:18:2d:75:2c:a0:5e:a7:22:
62:e8:b3:93:6f:a1:81:34:ed:c9:1f:e0:65:1f:fb:a3:44:e4:
8b:d9:c5:0a:cb:1a:9f:9d:3a:37:6b:c8:29:fb:a4:65:f3:1e:
9c:bb:e2:9c:8c:72:5a:81:8c:11:b0:e8:51:e5:ce:71:42:cb:
27:81:1c:b5:99:42:dd:a4:7e:f3:6f:44:c5:e8:77:2c:f0:a8:
13:c9:ce:a1:b7:7e:29:57:aa:63:87:ee:1a:0d:95:9e:04:23:
f3:da:71:38:73:60:f5:e7:52:e8:5c:09:91:2d:a7:28:f1:d2:
cf:e5:da:09:37:ef:60:6c:fa:0a:e3:93:8b:ca:3e:60:9e:94:
bc:c9:49:15:8b:76:6e:57:32:ae:33:31:19:e0:47:80:61:2e:
35:aa:4e:49:2d:c7:ff:ce:21:21:7e:fa:f8:2c:47:8c:cd:21:
16:99:99:09
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZQnSFQ9HkEN3mwz8l9N5BhEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAzODRlODhmYjc5YTM3NzZjYjA1ODNlMmI2N2EwYmVjNmRm
YzY4YjgwHhcNMjUwMTAyMTM1MDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTcwYzZjOTMxNTcxZjE4MWRiMzRkZDg4OGFjNmVmMzllNzI3ODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdzllE0kQQEmEjXSw6GhkKaocWLQ
WUuO/3zZME1CiB0Rrx1Na8fWP4Hn6Wt2My6m8xLHNQ64YosYEV0RQLBORDimSTUy
fTTSyipW39cX+HPNjmL21RfuDO6IUBBdsnJG22EHD223lC+bMly9cK3Ri9w3okN1
84qp6x/Pyz4oicUR8w6VBYBatBka5ykeLrqKm70+wFjp+PPmzbKJ2SI0WoHsF61m
rsjWZCFkQObVLBXt5eoxVr4GaXQkWuKo1zHKVgqXS/88URWD/N+91HRYZ+8zRxpj
xGmNfcsR7OU7v1/qDh3cZMX1hoJyzOyCad9XQIjwENVi+j6ZaY4AJ+DB7QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFM5wxskxVx8YHbNN2IisbvOecnhzMB8GA1UdIwQY
MBaAFAOE6I+3mjd2ywWD4rZ6C+xt/Gi4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQTRUb2o3ZWFOM2JMQllQaXRub0w3RzM4YUxnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS83YTAxNTEtY2UyMC00OGU2LTkwNTMt
MzMzYTM4NGQ0MTdkLzEvem5ER3lURlhIeGdkczAzWWlLeHU4NTV5ZUhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS83YTAxNTEtY2UyMC00OGU2LTkwNTMtMzMzYTM4NGQ0MTdk
LzEvQTRUb2o3ZWFOM2JMQllQaXRub0w3RzM4YUxnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAsHbBAwQA
uXPNMBQEAgACMA4DBQMqDKMAAwUDKhLqgDANBgkqhkiG9w0BAQsFAAOCAQEApSIa
boKHAVzJmE2jzNITUbl4qvRUluWyqSnbi3wfWU9J0WQ8VjHLWIdf4Lf7NRC1XgIS
j1qxyxJpp8EgqVwOf6xyLGTrIaGz7CP7fNTkbZVtgRgtdSygXqciYuizk2+hgTTt
yR/gZR/7o0Tki9nFCssan506N2vIKfukZfMenLvinIxyWoGMEbDoUeXOcULLJ4Ec
tZlC3aR+829Exeh3LPCoE8nOobd+KVeqY4fuGg2VngQj89pxOHNg9edS6FwJkS2n
KPHSz+XaCTfvYGz6CuOTi8o+YJ6UvMlJFYt2blcyrjMxGeBHgGEuNapOSS3H/84h
IX76+CxHjM0hFpmZCQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:22:40 2025 by rpki-client