Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/z4IiemcHS1pMiHT-EsPFFeOITkw.roa
File: z4IiemcHS1pMiHT-EsPFFeOITkw.roa (raw, json)
Hash identifier: 0Cm5tDp/8EqZeA3+YLY/lnsQEFVnqQEXb0poa3VHvws=
Subject key identifier: CF:82:22:7A:67:07:4B:5A:4C:88:74:FE:12:C3:C5:15:E3:88:4E:4C
Certificate issuer: /CN=a92dc7bdbc9d097336de6243b550ab173375ea39
Certificate serial: 019423D6DE93A443CCD6445A2FA0DA448CA6
Authority key identifier: A9:2D:C7:BD:BC:9D:09:73:36:DE:62:43:B5:50:AB:17:33:75:EA:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qS3HvbydCXM23mJDtVCrFzN16jk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/z4IiemcHS1pMiHT-EsPFFeOITkw.roa
Signing time: Wed 01 Jan 2025 21:47:51 +0000
ROA not before: Wed 01 Jan 2025 21:47:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212632
IP address blocks: 212.39.32.0/21 maxlen: 21
212.39.32.0/22 maxlen: 22
212.39.32.0/24 maxlen: 24
212.39.34.0/24 maxlen: 24
212.39.63.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/qS3HvbydCXM23mJDtVCrFzN16jk.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/qS3HvbydCXM23mJDtVCrFzN16jk.mft
rsync://rpki.ripe.net/repository/DEFAULT/qS3HvbydCXM23mJDtVCrFzN16jk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 22:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d6:de:93:a4:43:cc:d6:44:5a:2f:a0:da:44:8c:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a92dc7bdbc9d097336de6243b550ab173375ea39
Validity
Not Before: Jan 1 21:47:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf82227a67074b5a4c8874fe12c3c515e3884e4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0f:a7:bd:d6:29:01:91:f5:8d:a9:b6:c4:4d:
fe:b4:9e:13:7b:ce:29:f6:bd:9b:f7:88:98:6e:96:
15:f4:aa:b4:89:37:10:67:26:c4:1d:27:ee:95:a5:
40:5c:f8:35:f9:28:a8:a4:89:0e:49:d1:38:e6:29:
32:4e:84:d7:ac:99:08:f6:bd:27:7f:64:01:e3:57:
d5:40:5e:72:3a:b0:50:c9:ee:da:7c:3d:fc:e9:77:
d8:30:1b:6b:19:30:a1:01:ca:ea:57:c0:45:8e:b9:
6b:b1:dc:3a:88:f1:56:49:7c:96:05:05:0e:c7:22:
7c:04:b4:be:98:17:e8:9f:ca:58:aa:b7:2b:e9:79:
fd:6b:6d:84:18:96:37:b8:a3:89:c6:5a:a5:ac:b1:
6d:6f:ea:86:52:28:16:34:34:04:29:f6:6b:2d:98:
71:22:8e:5a:39:c0:05:41:54:10:35:46:c2:c0:f7:
bd:11:03:14:fe:de:76:6b:71:fd:f2:30:a4:06:56:
f8:b6:04:1a:45:b6:79:d8:8e:6e:0c:62:ec:00:d2:
e3:04:09:db:db:47:8c:66:4a:b4:32:b5:5b:ea:9f:
18:09:0c:3e:a8:d6:df:8a:09:cf:8e:89:08:a4:55:
db:0f:9f:97:90:2b:df:3e:25:26:27:85:c4:42:77:
17:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:82:22:7A:67:07:4B:5A:4C:88:74:FE:12:C3:C5:15:E3:88:4E:4C
X509v3 Authority Key Identifier:
keyid:A9:2D:C7:BD:BC:9D:09:73:36:DE:62:43:B5:50:AB:17:33:75:EA:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qS3HvbydCXM23mJDtVCrFzN16jk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/z4IiemcHS1pMiHT-EsPFFeOITkw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/0b4629-39cc-4e6c-9e1c-991b7aee746c/1/qS3HvbydCXM23mJDtVCrFzN16jk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.39.32.0/21
212.39.63.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:dc:5d:3f:d6:75:9c:97:85:85:4e:3a:fa:ec:54:36:94:26:
c5:29:cd:a7:17:a5:4d:95:4b:bb:b1:da:95:4a:ab:49:8f:a5:
40:ee:0d:5d:b9:ec:9f:66:0c:42:bd:ba:ff:45:a8:dc:eb:74:
0d:37:32:32:00:1c:93:ca:76:9d:fe:22:9b:41:33:3a:07:b0:
f4:7d:fe:43:4d:a6:29:69:f2:83:86:11:34:49:08:ba:f6:5d:
1f:b2:61:c0:6f:ff:9b:36:c4:e6:e1:5a:1b:a5:ad:e3:6d:de:
8f:8b:f5:59:bb:23:b8:96:d5:1d:d6:40:93:e0:56:c6:b9:a8:
76:cc:25:b3:8f:32:22:77:a0:5c:3a:7b:e4:58:20:5f:d4:ee:
20:93:40:05:05:29:85:1f:a1:a5:6e:dc:72:64:cb:f7:6d:b7:
85:3f:f0:62:e9:96:f2:df:63:07:04:9e:89:a6:6b:05:1a:01:
cc:54:d3:05:be:32:68:47:b5:5e:df:fb:fc:01:12:1a:df:26:
02:60:d3:fc:cd:81:03:e4:a4:8e:79:1c:79:fa:88:7b:d1:7b:
79:e2:b8:88:d9:ea:69:15:50:da:01:19:7d:29:a2:7c:22:89:
7d:be:45:a4:80:71:d0:bb:fc:b1:be:ff:bf:a2:a7:b5:b2:e6:
4c:35:56:51
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQj1t6TpEPM1kRaL6DaRIymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5MmRjN2JkYmM5ZDA5NzMzNmRlNjI0M2I1NTBhYjE3MzM3
NWVhMzkwHhcNMjUwMTAxMjE0NzUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjgyMjI3YTY3MDc0YjVhNGM4ODc0ZmUxMmMzYzUxNWUzODg0ZTRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7g+nvdYpAZH1jam2xE3+tJ4Te84p
9r2b94iYbpYV9Kq0iTcQZybEHSfulaVAXPg1+SiopIkOSdE45ikyToTXrJkI9r0n
f2QB41fVQF5yOrBQye7afD386XfYMBtrGTChAcrqV8BFjrlrsdw6iPFWSXyWBQUO
xyJ8BLS+mBfon8pYqrcr6Xn9a22EGJY3uKOJxlqlrLFtb+qGUigWNDQEKfZrLZhx
Io5aOcAFQVQQNUbCwPe9EQMU/t52a3H98jCkBlb4tgQaRbZ52I5uDGLsANLjBAnb
20eMZkq0MrVb6p8YCQw+qNbfignPjokIpFXbD5+XkCvfPiUmJ4XEQncXwQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM+CInpnB0taTIh0/hLDxRXjiE5MMB8GA1UdIwQY
MBaAFKktx728nQlzNt5iQ7VQqxczdeo5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVMzSHZieWRDWE0yM21KRHRWQ3JGek4xNmprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8wYjQ2MjktMzljYy00ZTZjLTllMWMt
OTkxYjdhZWU3NDZjLzEvejRJaWVtY0hTMXBNaUhULUVzUEZGZU9JVGt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8wYjQ2MjktMzljYy00ZTZjLTllMWMtOTkxYjdhZWU3NDZj
LzEvcVMzSHZieWRDWE0yM21KRHRWQ3JGek4xNmprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQD1CcgAwQA
1Cc/MA0GCSqGSIb3DQEBCwUAA4IBAQB83F0/1nWcl4WFTjr67FQ2lCbFKc2nF6VN
lUu7sdqVSqtJj6VA7g1dueyfZgxCvbr/Rajc63QNNzIyAByTynad/iKbQTM6B7D0
ff5DTaYpafKDhhE0SQi69l0fsmHAb/+bNsTm4Vobpa3jbd6Pi/VZuyO4ltUd1kCT
4FbGuah2zCWzjzIid6BcOnvkWCBf1O4gk0AFBSmFH6GlbtxyZMv3bbeFP/Bi6Zby
32MHBJ6JpmsFGgHMVNMFvjJoR7Ve3/v8ARIa3yYCYNP8zYED5KSOeRx5+oh70Xt5
4riI2eppFVDaARl9KaJ8Iol9vkWkgHHQu/yxvv+/oqe1suZMNVZR
-----END CERTIFICATE-----
Generated at Wed Apr 9 03:11:04 2025 by rpki-client