Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Z0TXq9pVT25QZzfD-57lMRDlcGA.roa
File: Z0TXq9pVT25QZzfD-57lMRDlcGA.roa (raw, json)
Hash identifier: hYnJH93hitlb9nOTFR4G31BMVxcv5wRxyCBsoQfIZlk=
Subject key identifier: 67:44:D7:AB:DA:55:4F:6E:50:67:37:C3:FB:9E:E5:31:10:E5:70:60
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 019420D5A7E6CA50628597576A069764E9BF
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Z0TXq9pVT25QZzfD-57lMRDlcGA.roa
Signing time: Wed 01 Jan 2025 07:47:40 +0000
ROA not before: Wed 01 Jan 2025 07:47:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24600
IP address blocks: 193.252.117.0/24 maxlen: 24
193.252.118.0/24 maxlen: 24
193.252.121.0/24 maxlen: 24
193.252.122.0/24 maxlen: 24
193.252.123.0/24 maxlen: 24
2a01:c9c0:b0::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 07:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:a7:e6:ca:50:62:85:97:57:6a:06:97:64:e9:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 07:47:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6744d7abda554f6e506737c3fb9ee53110e57060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:1b:5a:59:79:67:52:02:ce:72:a2:c1:99:20:
36:40:0d:58:3c:6c:42:dc:ce:9f:03:1c:bd:fa:69:
c7:7c:b8:6b:6f:16:ec:17:93:1e:42:32:7c:2d:f8:
21:ac:41:60:74:1d:bf:65:d4:bb:26:c3:f0:26:24:
39:b5:96:73:80:4f:63:87:55:11:54:df:34:eb:d6:
d7:9a:c8:0a:b0:1d:93:c8:04:0c:9d:95:b4:69:57:
4c:ff:46:5e:94:0a:84:0c:f4:76:90:3f:cc:a0:d9:
0f:76:fb:40:89:a6:e3:24:f7:cb:98:e5:89:1e:7b:
ea:54:c3:ad:7f:5d:51:54:a3:c3:eb:c4:1b:92:69:
e4:78:c2:d3:58:d8:c7:8a:4b:ed:18:1a:a8:b5:00:
8d:7e:26:eb:0d:d6:b9:c6:b8:dd:86:7e:be:7e:2d:
08:63:2e:73:d7:ef:76:84:29:fb:1f:0f:87:53:6a:
dc:aa:69:e2:50:61:be:92:b7:60:d9:03:83:6d:1c:
55:0d:af:37:d0:8c:43:c6:4b:0d:58:0d:69:91:b2:
0c:2f:8f:ca:ed:9f:88:0b:08:03:d4:d5:e5:4d:71:
3b:9f:82:cd:22:b8:73:c7:e8:81:40:5d:d7:aa:66:
8a:e3:39:0f:88:6a:da:6d:6c:7b:3b:7e:56:15:25:
d6:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:44:D7:AB:DA:55:4F:6E:50:67:37:C3:FB:9E:E5:31:10:E5:70:60
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/Z0TXq9pVT25QZzfD-57lMRDlcGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.252.117.0-193.252.118.255
193.252.121.0-193.252.123.255
IPv6:
2a01:c9c0:b0::/44
Signature Algorithm: sha256WithRSAEncryption
87:d2:cd:9d:c1:63:73:86:d5:07:2e:e2:49:8d:fc:04:62:0f:
79:bb:47:02:eb:3f:3d:f4:1b:58:4f:7b:a0:09:7d:1a:ee:f1:
63:ab:72:ef:a4:d7:68:50:c9:96:a3:c5:8a:c7:05:3d:e9:3c:
5e:51:22:9c:27:6a:43:9f:e1:45:13:ae:4b:84:ae:e2:9e:07:
8d:6b:8c:bf:59:42:32:42:1d:31:6f:b0:e1:99:8f:ed:8a:66:
17:67:20:64:d0:e7:f9:85:58:8f:cd:6b:43:01:89:e6:4e:1a:
47:f7:78:b1:e8:7d:e4:91:e7:2e:83:98:99:d3:45:9b:a3:65:
c8:d7:c2:ab:7e:df:a6:db:ab:50:a6:dd:95:6f:6c:fc:f1:c9:
58:88:6d:07:29:6b:f8:52:b0:b5:53:ef:1e:ad:55:e5:72:64:
8b:60:94:e5:64:a0:23:d2:e5:a6:c6:d1:33:4f:21:50:01:90:
14:dc:24:8c:83:e8:d9:ec:b5:80:f7:77:b1:a2:5c:00:70:6f:
37:98:44:a0:cd:57:aa:3e:4e:07:4e:8c:4b:27:af:a3:03:5f:
c8:04:a9:56:7e:0c:24:e4:8c:c0:7c:e6:6b:d8:28:dd:04:41:
04:9e:c1:6b:4e:7a:f2:92:66:da:50:84:c1:32:36:17:ec:be:
26:38:75:58
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZQg1afmylBihZdXagaXZOm/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjUwMTAxMDc0NzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzQ0ZDdhYmRhNTU0ZjZlNTA2NzM3YzNmYjllZTUzMTEwZTU3MDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqxtaWXlnUgLOcqLBmSA2QA1YPGxC
3M6fAxy9+mnHfLhrbxbsF5MeQjJ8LfghrEFgdB2/ZdS7JsPwJiQ5tZZzgE9jh1UR
VN8069bXmsgKsB2TyAQMnZW0aVdM/0ZelAqEDPR2kD/MoNkPdvtAiabjJPfLmOWJ
HnvqVMOtf11RVKPD68QbkmnkeMLTWNjHikvtGBqotQCNfibrDda5xrjdhn6+fi0I
Yy5z1+92hCn7Hw+HU2rcqmniUGG+krdg2QODbRxVDa830IxDxksNWA1pkbIML4/K
7Z+ICwgD1NXlTXE7n4LNIrhzx+iBQF3XqmaK4zkPiGrabWx7O35WFSXWvwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFGdE16vaVU9uUGc3w/ue5TEQ5XBgMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvWjBUWHE5cFZUMjVRWnpmRC01N2xNUkRsY0dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAiBAIAATAcMAwDBADB/HUD
BADB/HYwDAMEAMH8eQMEAsH8eDAPBAIAAjAJAwcEKgHJwACwMA0GCSqGSIb3DQEB
CwUAA4IBAQCH0s2dwWNzhtUHLuJJjfwEYg95u0cC6z899BtYT3ugCX0a7vFjq3Lv
pNdoUMmWo8WKxwU96TxeUSKcJ2pDn+FFE65LhK7ingeNa4y/WUIyQh0xb7DhmY/t
imYXZyBk0Of5hViPzWtDAYnmThpH93ix6H3kkecug5iZ00Wbo2XI18Krft+m26tQ
pt2Vb2z88clYiG0HKWv4UrC1U+8erVXlcmSLYJTlZKAj0uWmxtEzTyFQAZAU3CSM
g+jZ7LWA93exolwAcG83mESgzVeqPk4HToxLJ6+jA1/IBKlWfgwk5IzAfOZr2Cjd
BEEEnsFrTnrykmbaUITBMjYX7L4mOHVY
-----END CERTIFICATE-----
Generated at Wed Apr 9 14:15:22 2025 by rpki-client