Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/RzCT0T6lenhrM__LsTG4BuTaY1c.roa
File: RzCT0T6lenhrM__LsTG4BuTaY1c.roa (raw, json)
Hash identifier: tV5Y+kdqm/i7NbITAbNfFa3giabHc3nUwFdTcDJkx8o=
Subject key identifier: 47:30:93:D1:3E:A5:7A:78:6B:33:FF:CB:B1:31:B8:06:E4:DA:63:57
Certificate issuer: /CN=efa842e67147252505f41551f0f735b7f72e3e97
Certificate serial: 019425220E3C8A60F31F541398D21E73A979
Authority key identifier: EF:A8:42:E6:71:47:25:25:05:F4:15:51:F0:F7:35:B7:F7:2E:3E:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/RzCT0T6lenhrM__LsTG4BuTaY1c.roa
Signing time: Thu 02 Jan 2025 03:49:36 +0000
ROA not before: Thu 02 Jan 2025 03:49:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 185.30.233.0/24 maxlen: 24
185.142.236.0/24 maxlen: 24
185.142.238.0/23 maxlen: 23
185.142.238.0/24 maxlen: 24
185.142.239.0/24 maxlen: 24
185.165.188.0/24 maxlen: 24
185.165.190.0/24 maxlen: 24
185.165.191.0/24 maxlen: 24
195.144.21.0/24 maxlen: 24
2a07:85c0::/48 maxlen: 48
2a07:85c1::/48 maxlen: 48
2a07:85c5::/48 maxlen: 48
2a07:85c6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 06:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:22:0e:3c:8a:60:f3:1f:54:13:98:d2:1e:73:a9:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa842e67147252505f41551f0f735b7f72e3e97
Validity
Not Before: Jan 2 03:49:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=473093d13ea57a786b33ffcbb131b806e4da6357
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a5:eb:c7:ae:6b:09:a4:61:cc:a5:2f:aa:38:
45:cd:35:a4:7c:1b:91:53:7c:2a:cc:bc:b5:fe:42:
82:bc:38:89:ac:cb:af:12:4d:85:af:2b:55:82:8f:
17:b1:cd:34:61:73:27:db:2b:42:64:cc:86:dd:4e:
12:ca:11:45:6a:2d:c3:cb:ad:3f:8e:34:14:44:a5:
b3:71:d1:4d:20:3a:b6:d6:6f:2d:fb:b3:dc:27:cb:
b8:b8:70:83:73:73:87:dc:5d:19:71:03:2d:5b:f5:
62:ee:d5:07:68:d2:07:59:2c:4b:8c:f4:52:44:f7:
f7:96:76:8a:55:68:e1:04:7a:5a:20:35:ab:c1:2d:
96:0c:b7:99:19:b4:f5:98:4d:4a:f5:db:ed:c7:40:
e3:86:4d:19:49:4e:2e:59:34:96:b9:4a:8e:d7:9a:
86:60:6c:e9:16:0b:7f:6a:f5:df:b6:77:5a:4d:55:
cb:7c:e5:1e:d2:70:32:d3:72:71:ff:7c:5e:d4:f2:
1f:ab:b8:7e:10:b6:5e:b3:f7:31:ac:69:3d:4b:fa:
fd:f1:54:87:13:3f:3e:f5:95:da:ac:c7:f4:0e:e6:
ea:aa:f4:e7:ba:06:1f:94:50:a9:df:83:b1:af:b4:
53:63:21:e2:c2:fb:88:5d:9b:5b:2a:cb:4c:6f:ca:
28:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:30:93:D1:3E:A5:7A:78:6B:33:FF:CB:B1:31:B8:06:E4:DA:63:57
X509v3 Authority Key Identifier:
keyid:EF:A8:42:E6:71:47:25:25:05:F4:15:51:F0:F7:35:B7:F7:2E:3E:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76hC5nFHJSUF9BVR8Pc1t_cuPpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/RzCT0T6lenhrM__LsTG4BuTaY1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/e9c8e9-b954-4d20-a426-8e0c31223db8/1/76hC5nFHJSUF9BVR8Pc1t_cuPpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.30.233.0/24
185.142.236.0/24
185.142.238.0/23
185.165.188.0/24
185.165.190.0/23
195.144.21.0/24
IPv6:
2a07:85c0::/48
2a07:85c1::/48
2a07:85c5::/48
2a07:85c6::/48
Signature Algorithm: sha256WithRSAEncryption
a6:1b:dd:6a:5a:d0:97:34:75:35:48:f8:3e:56:3c:c9:fd:0f:
85:73:75:1a:79:9d:4c:df:92:cd:ef:94:76:d8:a1:16:d2:47:
20:e7:f5:2f:64:2e:f0:eb:eb:7e:9d:5b:6a:8e:e5:a4:23:89:
15:d8:61:b8:83:6d:ce:7e:17:24:a2:7f:ec:b0:41:c3:f0:30:
e8:f7:2d:5c:63:ec:89:34:52:0f:43:a1:01:91:f3:97:c0:e0:
61:62:21:92:5c:98:bd:a9:45:12:00:01:22:d5:c1:fb:9c:3b:
92:3a:a6:72:65:4c:07:65:02:be:03:a9:b6:10:e9:71:38:2c:
2d:75:91:49:8f:0a:22:40:46:6a:55:22:2f:ce:50:39:0c:fa:
9e:cc:e5:65:8f:79:7c:44:8e:e0:e4:0d:21:c5:9e:1c:3f:ec:
73:0e:72:00:3e:f4:01:84:aa:e7:f3:9b:f5:7d:1c:07:94:30:
b3:28:0b:fb:ee:44:5a:82:65:b8:20:40:62:3e:8c:fe:e9:56:
00:da:da:ea:a0:96:c3:20:03:8a:be:19:24:ea:42:96:d6:f0:
3d:de:5c:6e:48:7e:10:63:c0:7c:2e:e5:c5:01:42:88:e9:51:
41:ea:4a:50:84:2b:51:03:2f:8f:77:67:35:28:a5:b9:28:a9:
0d:c7:2e:ca
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZQlIg48imDzH1QTmNIec6l5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTg0MmU2NzE0NzI1MjUwNWY0MTU1MWYwZjczNWI3Zjcy
ZTNlOTcwHhcNMjUwMTAyMDM0OTM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzMwOTNkMTNlYTU3YTc4NmIzM2ZmY2JiMTMxYjgwNmU0ZGE2MzU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKXrx65rCaRhzKUvqjhFzTWkfBuR
U3wqzLy1/kKCvDiJrMuvEk2FrytVgo8Xsc00YXMn2ytCZMyG3U4SyhFFai3Dy60/
jjQURKWzcdFNIDq21m8t+7PcJ8u4uHCDc3OH3F0ZcQMtW/Vi7tUHaNIHWSxLjPRS
RPf3lnaKVWjhBHpaIDWrwS2WDLeZGbT1mE1K9dvtx0Djhk0ZSU4uWTSWuUqO15qG
YGzpFgt/avXftndaTVXLfOUe0nAy03Jx/3xe1PIfq7h+ELZes/cxrGk9S/r98VSH
Ez8+9ZXarMf0DubqqvTnugYflFCp34Oxr7RTYyHiwvuIXZtbKstMb8oopwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFEcwk9E+pXp4azP/y7ExuAbk2mNXMB8GA1UdIwQY
MBaAFO+oQuZxRyUlBfQVUfD3Nbf3Lj6XMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZoQzVuRkhKU1VGOUJWUjhQYzF0X2N1UHBjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9lOWM4ZTktYjk1NC00ZDIwLWE0MjYt
OGUwYzMxMjIzZGI4LzEvUnpDVDBUNmxlbmhyTV9fTHNURzRCdVRhWTFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9lOWM4ZTktYjk1NC00ZDIwLWE0MjYtOGUwYzMxMjIzZGI4
LzEvNzZoQzVuRkhKU1VGOUJWUjhQYzF0X2N1UHBjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDAqBAIAATAkAwQAuR7pAwQA
uY7sAwQBuY7uAwQAuaW8AwQBuaW+AwQAw5AVMCoEAgACMCQDBwAqB4XAAAADBwAq
B4XBAAADBwAqB4XFAAADBwAqB4XGAAAwDQYJKoZIhvcNAQELBQADggEBAKYb3Wpa
0Jc0dTVI+D5WPMn9D4VzdRp5nUzfks3vlHbYoRbSRyDn9S9kLvDr636dW2qO5aQj
iRXYYbiDbc5+FySif+ywQcPwMOj3LVxj7Ik0Ug9DoQGR85fA4GFiIZJcmL2pRRIA
ASLVwfucO5I6pnJlTAdlAr4DqbYQ6XE4LC11kUmPCiJARmpVIi/OUDkM+p7M5WWP
eXxEjuDkDSHFnhw/7HMOcgA+9AGEqufzm/V9HAeUMLMoC/vuRFqCZbggQGI+jP7p
VgDa2uqglsMgA4q+GSTqQpbW8D3eXG5IfhBjwHwu5cUBQojpUUHqSlCEK1EDL493
ZzUopbkoqQ3HLso=
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:55:37 2025 by rpki-client