Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/ZLZClTfuDKfBFAb78-Sh9gGUq9o.roa
File: ZLZClTfuDKfBFAb78-Sh9gGUq9o.roa (raw, json)
Hash identifier: ZjgvTzOG0NWN+AmJ71kj5d0LbF11Gt0UdOZExqIqebk=
Subject key identifier: 64:B6:42:95:37:EE:0C:A7:C1:14:06:FB:F3:E4:A1:F6:01:94:AB:DA
Certificate issuer: /CN=49e44eeea26569d0ddbd0e8637f12cf505a4ede9
Certificate serial: 019426D8B2859CDF7939D5EC9CB6BAB6BAFB
Authority key identifier: 49:E4:4E:EE:A2:65:69:D0:DD:BD:0E:86:37:F1:2C:F5:05:A4:ED:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeRO7qJladDdvQ6GN_Es9QWk7ek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/ZLZClTfuDKfBFAb78-Sh9gGUq9o.roa
Signing time: Thu 02 Jan 2025 11:48:43 +0000
ROA not before: Thu 02 Jan 2025 11:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35676
IP address blocks: 178.213.64.0/22 maxlen: 24
178.213.68.0/22 maxlen: 24
185.16.252.0/22 maxlen: 24
194.5.88.0/23 maxlen: 24
2a03:6f80::/32 maxlen: 33
2a03:6f80:100::/40 maxlen: 40
2a03:6f80:200::/40 maxlen: 40
2a03:6f80:300::/40 maxlen: 40
2a03:6f80:400::/40 maxlen: 40
2a03:6f80:500::/40 maxlen: 40
2a03:6f80:600::/40 maxlen: 40
2a03:6f80:700::/40 maxlen: 40
2a03:6f80:800::/40 maxlen: 40
2a03:6f80:900::/40 maxlen: 40
2a03:6f81::/32 maxlen: 33
2a03:6f81::/40 maxlen: 40
2a03:6f81:100::/40 maxlen: 40
2a03:6f81:200::/40 maxlen: 40
2a03:6f81:300::/40 maxlen: 40
2a03:6f81:400::/40 maxlen: 40
2a03:6f81:500::/40 maxlen: 40
2a03:6f81:600::/40 maxlen: 40
2a03:6f81:700::/40 maxlen: 40
2a03:6f82::/32 maxlen: 33
2a03:6f82:100::/40 maxlen: 40
2a03:6f82:200::/40 maxlen: 40
2a03:6f82:300::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/SeRO7qJladDdvQ6GN_Es9QWk7ek.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/SeRO7qJladDdvQ6GN_Es9QWk7ek.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeRO7qJladDdvQ6GN_Es9QWk7ek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:b2:85:9c:df:79:39:d5:ec:9c:b6:ba:b6:ba:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e44eeea26569d0ddbd0e8637f12cf505a4ede9
Validity
Not Before: Jan 2 11:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64b6429537ee0ca7c11406fbf3e4a1f60194abda
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:e6:3b:9e:03:d1:7d:4f:9e:ee:07:59:dc:75:
c9:fb:b5:e8:e5:0f:1b:1f:22:4b:ad:d9:43:ad:0d:
47:d8:fb:d9:58:a5:4b:9f:88:e2:09:c8:32:af:3d:
f9:e6:02:50:c7:94:fe:a5:ec:e0:6c:c8:e5:1d:34:
7b:e1:48:5b:0c:38:07:84:29:0d:55:3f:5b:7e:54:
ab:5e:3a:80:ba:81:a1:f8:04:7b:f4:e5:e9:ec:1d:
15:f0:fb:73:b0:3f:d6:ea:28:24:e6:1e:53:a7:23:
7c:69:62:6c:69:9d:6b:a1:2b:d4:5e:78:d9:38:a7:
ba:2d:d4:5a:0a:ac:5e:90:38:c8:ed:00:f7:a0:4d:
03:b8:0e:84:87:bf:59:30:33:90:30:bb:27:c2:47:
9e:9f:b9:3a:07:91:d9:8d:c3:35:57:75:6b:e0:01:
5f:c7:99:70:cb:71:e1:0b:8a:cf:c9:22:da:c5:f3:
77:e3:e9:cd:b4:84:38:22:c5:61:51:55:db:26:aa:
a8:b4:4e:a7:0d:6e:54:02:82:1f:5f:ac:0f:f5:c4:
97:98:0b:59:14:51:bf:14:4a:15:3d:06:8f:8b:36:
6c:e5:81:47:89:aa:bf:b3:49:8c:fc:b2:c9:bb:de:
de:20:77:6d:38:05:7e:0b:30:2e:99:97:a2:e9:47:
6c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:B6:42:95:37:EE:0C:A7:C1:14:06:FB:F3:E4:A1:F6:01:94:AB:DA
X509v3 Authority Key Identifier:
keyid:49:E4:4E:EE:A2:65:69:D0:DD:BD:0E:86:37:F1:2C:F5:05:A4:ED:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeRO7qJladDdvQ6GN_Es9QWk7ek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/ZLZClTfuDKfBFAb78-Sh9gGUq9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/c3dc1b-d1ee-4ff2-a5aa-f0c4be8e240a/1/SeRO7qJladDdvQ6GN_Es9QWk7ek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.213.64.0/21
185.16.252.0/22
194.5.88.0/23
IPv6:
2a03:6f80::-2a03:6f82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2e:55:12:2f:d7:a9:ac:d2:45:ef:f7:75:04:9f:ff:6b:11:29:
32:e5:54:35:27:4c:ff:ad:83:23:04:3f:d2:c7:31:0d:1f:f4:
cc:31:7e:39:17:d4:20:43:ae:72:66:94:dc:92:41:3b:83:8c:
15:8d:e0:0a:68:58:e8:40:ca:3c:a0:8e:82:21:6d:ac:4a:34:
dc:18:39:62:30:ad:95:b2:e6:4f:fa:c4:2d:8f:25:f6:0c:8c:
6d:00:65:fa:d9:78:d8:4e:51:2e:4d:b1:60:02:44:90:fc:d8:
e7:91:a4:87:66:b3:11:87:07:ad:c3:10:24:79:4c:d2:34:b0:
50:a0:d6:fc:81:2a:38:03:29:98:3e:59:c7:51:a0:43:a9:02:
5a:ff:5c:3d:14:2c:d3:60:df:c5:94:25:25:88:16:61:e9:32:
1b:2c:d9:48:f2:8c:65:ca:2c:eb:3c:f3:61:0a:ce:a8:04:76:
a7:f0:29:32:9d:44:1e:40:a8:79:58:e5:35:5c:e9:dd:c6:5f:
45:9a:96:f0:ca:97:1e:1e:1f:42:c0:5e:6d:e2:a7:89:61:35:
47:da:19:b4:ec:e9:58:c7:9b:e7:fc:83:92:ee:92:30:3c:11:
32:d8:af:4f:b1:13:22:9c:eb:a8:3b:6c:34:68:59:77:4d:c7:
e2:b2:24:d1
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQm2LKFnN95OdXsnLa6trr7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTQ0ZWVlYTI2NTY5ZDBkZGJkMGU4NjM3ZjEyY2Y1MDVh
NGVkZTkwHhcNMjUwMTAyMTE0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGI2NDI5NTM3ZWUwY2E3YzExNDA2ZmJmM2U0YTFmNjAxOTRhYmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy+Y7ngPRfU+e7gdZ3HXJ+7Xo5Q8b
HyJLrdlDrQ1H2PvZWKVLn4jiCcgyrz355gJQx5T+pezgbMjlHTR74UhbDDgHhCkN
VT9bflSrXjqAuoGh+AR79OXp7B0V8PtzsD/W6igk5h5TpyN8aWJsaZ1roSvUXnjZ
OKe6LdRaCqxekDjI7QD3oE0DuA6Eh79ZMDOQMLsnwkeen7k6B5HZjcM1V3Vr4AFf
x5lwy3HhC4rPySLaxfN34+nNtIQ4IsVhUVXbJqqotE6nDW5UAoIfX6wP9cSXmAtZ
FFG/FEoVPQaPizZs5YFHiaq/s0mM/LLJu97eIHdtOAV+CzAumZei6UdsbwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGS2QpU37gynwRQG+/PkofYBlKvaMB8GA1UdIwQY
MBaAFEnkTu6iZWnQ3b0OhjfxLPUFpO3pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VSTzdxSmxhZERkdlE2R05fRXM5UVdrN2VrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS9jM2RjMWItZDFlZS00ZmYyLWE1YWEt
ZjBjNGJlOGUyNDBhLzEvWkxaQ2xUZnVES2ZCRkFiNzgtU2g5Z0dVcTlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS9jM2RjMWItZDFlZS00ZmYyLWE1YWEtZjBjNGJlOGUyNDBh
LzEvU2VSTzdxSmxhZERkdlE2R05fRXM5UVdrN2VrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQDstVAAwQC
uRD8AwQBwgVYMBYEAgACMBAwDgMFByoDb4ADBQAqA2+CMA0GCSqGSIb3DQEBCwUA
A4IBAQAuVRIv16ms0kXv93UEn/9rESky5VQ1J0z/rYMjBD/SxzENH/TMMX45F9Qg
Q65yZpTckkE7g4wVjeAKaFjoQMo8oI6CIW2sSjTcGDliMK2VsuZP+sQtjyX2DIxt
AGX62XjYTlEuTbFgAkSQ/NjnkaSHZrMRhwetwxAkeUzSNLBQoNb8gSo4AymYPlnH
UaBDqQJa/1w9FCzTYN/FlCUliBZh6TIbLNlI8oxlyizrPPNhCs6oBHan8CkynUQe
QKh5WOU1XOndxl9FmpbwypceHh9CwF5t4qeJYTVH2hm07OlYx5vn/IOS7pIwPBEy
2K9PsRMinOuoO2w0aFl3TcfisiTR
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:11:21 2025 by rpki-client