Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/ztCPKk8w1aeaQKuLHJz_e0TSo9Y.roa
File: ztCPKk8w1aeaQKuLHJz_e0TSo9Y.roa (raw, json)
Hash identifier: eX6lgcMXGHHyxYwjBqAxjQIWBeaf2J3CyUG15tvpJ0o=
Subject key identifier: CE:D0:8F:2A:4F:30:D5:A7:9A:40:AB:8B:1C:9C:FF:7B:44:D2:A3:D6
Certificate issuer: /CN=0b8fb1deb09e72425b309a1414917daf893bef59
Certificate serial: 01942746CEA309DC361C057346A31473B937
Authority key identifier: 0B:8F:B1:DE:B0:9E:72:42:5B:30:9A:14:14:91:7D:AF:89:3B:EF:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C4-x3rCeckJbMJoUFJF9r4k771k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/ztCPKk8w1aeaQKuLHJz_e0TSo9Y.roa
Signing time: Thu 02 Jan 2025 13:48:59 +0000
ROA not before: Thu 02 Jan 2025 13:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48324
IP address blocks: 37.17.224.0/21 maxlen: 21
88.82.224.0/19 maxlen: 19
89.44.8.0/24 maxlen: 24
185.10.70.0/24 maxlen: 24
185.30.32.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/C4-x3rCeckJbMJoUFJF9r4k771k.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/C4-x3rCeckJbMJoUFJF9r4k771k.mft
rsync://rpki.ripe.net/repository/DEFAULT/C4-x3rCeckJbMJoUFJF9r4k771k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Mar 2025 21:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:46:ce:a3:09:dc:36:1c:05:73:46:a3:14:73:b9:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b8fb1deb09e72425b309a1414917daf893bef59
Validity
Not Before: Jan 2 13:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ced08f2a4f30d5a79a40ab8b1c9cff7b44d2a3d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:76:f4:db:77:18:c9:1a:c4:7e:20:10:86:54:
7d:cf:17:4d:2d:f7:6d:af:ac:96:eb:5f:1c:5b:2e:
d1:b3:e8:e4:1e:b1:bb:0d:af:50:b9:c1:4f:14:22:
fc:b4:30:38:10:09:37:1c:1a:a6:a4:39:2f:48:7e:
41:ab:93:b5:35:02:1b:54:4a:6a:23:8b:22:91:31:
88:7f:5c:4c:a4:b7:1d:ea:ec:c2:99:01:0d:b9:ba:
1f:88:7c:cf:88:48:9b:ed:95:a2:53:b9:e8:ee:ae:
8c:96:e8:ec:6b:55:67:29:66:7b:32:ff:d8:00:24:
d4:41:ec:8f:45:fc:54:09:6a:d6:19:87:1b:34:96:
90:8a:02:d5:13:97:9c:a3:c4:75:0b:28:76:62:20:
06:3a:cc:4c:08:65:b0:6c:f4:21:25:70:97:da:b3:
a2:1c:56:fb:aa:c2:ce:d2:d4:c5:d4:d2:57:ee:a8:
cb:ff:b2:26:20:cd:b1:39:bb:45:19:9b:d9:e7:d8:
c5:c3:a2:82:28:04:20:1b:49:2d:76:32:1c:e9:c3:
08:eb:12:be:4c:87:cf:72:a9:4e:cb:af:e0:01:0f:
bf:15:d2:ef:14:12:dc:83:26:10:d2:e2:7e:21:1d:
9b:c8:da:f3:83:51:96:83:4d:f3:f0:62:b9:13:db:
47:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D0:8F:2A:4F:30:D5:A7:9A:40:AB:8B:1C:9C:FF:7B:44:D2:A3:D6
X509v3 Authority Key Identifier:
keyid:0B:8F:B1:DE:B0:9E:72:42:5B:30:9A:14:14:91:7D:AF:89:3B:EF:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C4-x3rCeckJbMJoUFJF9r4k771k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/ztCPKk8w1aeaQKuLHJz_e0TSo9Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fc763b-83e6-4bd1-b93a-f8785a58106c/1/C4-x3rCeckJbMJoUFJF9r4k771k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.17.224.0/21
88.82.224.0/19
89.44.8.0/24
185.10.70.0/24
185.30.32.0/22
Signature Algorithm: sha256WithRSAEncryption
56:43:13:6f:4f:76:01:86:73:84:71:7c:d7:43:69:0d:cf:0a:
b9:e8:e2:83:6d:7b:6d:82:04:87:09:51:09:c0:fc:8c:cb:6b:
88:41:85:84:b2:1b:9b:11:50:80:45:d3:02:49:4d:b3:b3:cf:
ce:4c:09:ea:cf:89:f9:54:15:1f:2c:14:0a:be:a5:f2:4d:ec:
8e:88:67:8d:c2:a4:8b:82:60:1c:17:c2:d6:4b:b0:3b:61:b1:
57:9e:50:58:6f:a1:67:ac:89:87:99:ae:8c:b7:4e:7d:91:cb:
7a:81:14:be:13:86:f5:1d:ce:03:26:0b:25:41:4f:0d:81:a4:
70:7c:96:0b:c4:e7:5e:0f:af:7a:62:00:5f:c6:5d:32:e1:38:
73:2c:4f:8b:cf:0a:4d:10:02:9f:8d:03:9d:26:00:20:28:f1:
aa:e7:dd:77:c9:20:e6:88:13:ff:20:5b:47:40:37:e1:3b:d6:
f8:b6:0f:34:2c:44:43:f7:84:f9:3a:5e:97:67:ef:2c:fd:4b:
f3:23:69:36:de:ad:1d:a9:17:b3:9f:8a:e8:69:0d:a9:e1:e4:
ef:c1:a8:f4:f5:51:bd:11:06:a1:28:ea:2f:14:10:47:f7:60:
ae:8a:28:5b:1d:eb:e8:cc:78:95:1a:fc:a8:67:af:5f:2a:cb:
1e:31:6a:76
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQnRs6jCdw2HAVzRqMUc7k3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiOGZiMWRlYjA5ZTcyNDI1YjMwOWExNDE0OTE3ZGFmODkz
YmVmNTkwHhcNMjUwMTAyMTM0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWQwOGYyYTRmMzBkNWE3OWE0MGFiOGIxYzljZmY3YjQ0ZDJhM2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3b023cYyRrEfiAQhlR9zxdNLfdt
r6yW618cWy7Rs+jkHrG7Da9QucFPFCL8tDA4EAk3HBqmpDkvSH5Bq5O1NQIbVEpq
I4sikTGIf1xMpLcd6uzCmQENubofiHzPiEib7ZWiU7no7q6Mlujsa1VnKWZ7Mv/Y
ACTUQeyPRfxUCWrWGYcbNJaQigLVE5eco8R1Cyh2YiAGOsxMCGWwbPQhJXCX2rOi
HFb7qsLO0tTF1NJX7qjL/7ImIM2xObtFGZvZ59jFw6KCKAQgG0ktdjIc6cMI6xK+
TIfPcqlOy6/gAQ+/FdLvFBLcgyYQ0uJ+IR2byNrzg1GWg03z8GK5E9tHDwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM7QjypPMNWnmkCrixyc/3tE0qPWMB8GA1UdIwQY
MBaAFAuPsd6wnnJCWzCaFBSRfa+JO+9ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzQteDNyQ2Vja0piTUpvVUZKRjlyNGs3NzFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mYzc2M2ItODNlNi00YmQxLWI5M2Et
Zjg3ODVhNTgxMDZjLzEvenRDUEtrOHcxYWVhUUt1TEhKel9lMFRTbzlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mYzc2M2ItODNlNi00YmQxLWI5M2EtZjg3ODVhNTgxMDZj
LzEvQzQteDNyQ2Vja0piTUpvVUZKRjlyNGs3NzFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJRHgAwQF
WFLgAwQAWSwIAwQAuQpGAwQCuR4gMA0GCSqGSIb3DQEBCwUAA4IBAQBWQxNvT3YB
hnOEcXzXQ2kNzwq56OKDbXttggSHCVEJwPyMy2uIQYWEshubEVCARdMCSU2zs8/O
TAnqz4n5VBUfLBQKvqXyTeyOiGeNwqSLgmAcF8LWS7A7YbFXnlBYb6FnrImHma6M
t059kct6gRS+E4b1Hc4DJgslQU8NgaRwfJYLxOdeD696YgBfxl0y4ThzLE+LzwpN
EAKfjQOdJgAgKPGq5913ySDmiBP/IFtHQDfhO9b4tg80LERD94T5Ol6XZ+8s/Uvz
I2k23q0dqRezn4roaQ2p4eTvwaj09VG9EQahKOovFBBH92CuiihbHevozHiVGvyo
Z69fKsseMWp2
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:06:51 2025 by rpki-client