Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/zvde-1FktXCEIRB3FHyBiaah4JI.roa
File: zvde-1FktXCEIRB3FHyBiaah4JI.roa (raw, json)
Hash identifier: 6R+oudRdqFBVe7OQ/+aXtal9Y8TCWwoFCMfYuyQJNpY=
Subject key identifier: CE:F7:5E:FB:51:64:B5:70:84:21:10:77:14:7C:81:89:A6:A1:E0:92
Certificate issuer: /CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Certificate serial: 0194236A312425CFD1D726F7C9B7FFAFFB84
Authority key identifier: 19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/zvde-1FktXCEIRB3FHyBiaah4JI.roa
Signing time: Wed 01 Jan 2025 19:49:09 +0000
ROA not before: Wed 01 Jan 2025 19:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202246
IP address blocks: 109.204.176.0/20 maxlen: 20
109.204.176.0/22 maxlen: 22
109.204.180.0/23 maxlen: 23
109.204.184.0/22 maxlen: 22
109.204.188.0/23 maxlen: 23
171.22.241.0/24 maxlen: 24
185.25.200.0/22 maxlen: 24
185.128.16.0/22 maxlen: 22
2a10:a5c0::/29 maxlen: 29
2a10:a5c0::/32 maxlen: 32
2a10:a5c0::/36 maxlen: 36
2a10:a5c0:1000::/36 maxlen: 36
2a10:a5c0:4000::/36 maxlen: 36
2a10:a5c0:5000::/36 maxlen: 36
2a10:a5c0:8000::/36 maxlen: 36
2a10:a5c0:9000::/36 maxlen: 36
2a10:a5c0:c000::/36 maxlen: 36
2a10:a5c0:d000::/36 maxlen: 36
2a10:a5c1::/32 maxlen: 32
2a10:a5c2::/32 maxlen: 32
2a10:a5c3::/32 maxlen: 32
2a10:a5c4::/32 maxlen: 32
2a10:a5c5::/32 maxlen: 32
2a10:a5c6::/32 maxlen: 32
2a10:a5c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.mft
rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 22:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:6a:31:24:25:cf:d1:d7:26:f7:c9:b7:ff:af:fb:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Validity
Not Before: Jan 1 19:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cef75efb5164b57084211077147c8189a6a1e092
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4f:0d:21:9a:e5:a4:75:4a:f2:9d:a4:7c:a8:
24:4f:89:3e:3f:23:87:d8:28:4d:2f:9b:ca:fd:ef:
aa:6e:c5:31:cd:84:66:70:21:d8:91:c4:32:08:99:
21:67:9f:27:51:42:a1:06:40:2c:8d:c6:37:5e:3b:
5f:44:73:e3:82:14:b0:ef:a1:94:4b:ac:15:e5:d3:
86:23:d4:a6:b7:d6:71:54:2e:84:9a:cf:ea:5c:7b:
f9:89:b3:a8:bc:fb:b9:4e:44:b7:51:f0:6c:b3:fe:
00:77:f5:6f:54:26:22:91:99:de:a8:b4:e6:1e:81:
3d:4f:63:4f:04:da:95:ae:82:bf:04:90:92:bc:71:
33:1c:0f:96:61:6e:8d:60:85:c0:58:7a:bb:49:0d:
a7:d4:f0:34:44:19:9c:20:e8:a6:da:62:cc:67:a7:
0c:5e:6a:c8:36:c1:67:7a:78:05:9c:97:e3:72:e5:
92:a7:d0:9e:07:96:d2:ad:07:0e:38:b3:aa:bf:f7:
18:e4:f2:54:8b:f1:35:d7:ce:78:02:eb:62:15:82:
d3:0a:b8:7c:97:64:4f:8c:46:fe:8c:27:2a:15:7f:
6d:87:ad:c4:11:63:29:50:3d:93:73:f4:54:ed:ee:
3e:88:9c:66:7c:f2:41:f5:8f:0d:24:70:62:ac:05:
9c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:F7:5E:FB:51:64:B5:70:84:21:10:77:14:7C:81:89:A6:A1:E0:92
X509v3 Authority Key Identifier:
keyid:19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/zvde-1FktXCEIRB3FHyBiaah4JI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.204.176.0/20
171.22.241.0/24
185.25.200.0/22
185.128.16.0/22
IPv6:
2a10:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
12:58:b4:5b:0d:41:04:d1:57:0e:1f:a9:ed:8e:0e:11:79:69:
3c:40:d3:40:1b:03:1b:96:e8:6b:a6:4f:1e:67:ab:b1:b4:b1:
c8:50:a3:57:3d:19:7e:72:a3:5e:1f:cb:a4:88:c3:1b:ef:a0:
10:81:ea:87:e6:b4:c5:41:62:94:06:c7:6b:c6:a5:bb:d4:cc:
c1:e2:c9:64:b8:2a:1e:64:94:1e:01:b5:d0:c3:2e:57:0f:31:
b9:9f:b0:78:01:04:e1:cd:4f:ca:16:ed:3d:6e:d2:e2:c0:5c:
0f:12:7a:ce:28:78:ee:75:13:84:ef:14:f9:1e:f0:80:67:fb:
47:7e:27:60:bc:75:68:61:b5:d2:53:06:23:e4:de:b2:19:0c:
fe:5c:fd:83:3d:85:02:aa:95:1a:e4:ff:3e:b2:ff:5c:dd:50:
94:38:e0:f6:04:24:e6:f3:c9:23:7a:35:7d:de:7e:ff:8e:cd:
61:0d:58:4d:86:62:cc:1b:d0:68:f8:a9:04:31:fd:23:d3:e8:
76:1f:69:74:72:e2:40:26:ba:70:b5:5d:97:f7:56:b7:bb:1e:
26:69:89:cb:af:2e:6d:96:9c:cb:47:83:56:97:6c:35:87:00:
01:31:41:2a:b1:c4:af:b9:12:b7:24:8b:a1:4d:70:9b:69:94:
6b:51:4b:b8
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZQjajEkJc/R1yb3ybf/r/uEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MTNjYjQ4NTY4MjFkMTRjZDJlMGI3NjdjMjkzMWEyMmMx
NTRlN2MwHhcNMjUwMTAxMTk0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWY3NWVmYjUxNjRiNTcwODQyMTEwNzcxNDdjODE4OWE2YTFlMDkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk8NIZrlpHVK8p2kfKgkT4k+PyOH
2ChNL5vK/e+qbsUxzYRmcCHYkcQyCJkhZ58nUUKhBkAsjcY3XjtfRHPjghSw76GU
S6wV5dOGI9Smt9ZxVC6Ems/qXHv5ibOovPu5TkS3UfBss/4Ad/VvVCYikZneqLTm
HoE9T2NPBNqVroK/BJCSvHEzHA+WYW6NYIXAWHq7SQ2n1PA0RBmcIOim2mLMZ6cM
XmrINsFnengFnJfjcuWSp9CeB5bSrQcOOLOqv/cY5PJUi/E11854AutiFYLTCrh8
l2RPjEb+jCcqFX9th63EEWMpUD2Tc/RU7e4+iJxmfPJB9Y8NJHBirAWcnwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFM73XvtRZLVwhCEQdxR8gYmmoeCSMB8GA1UdIwQY
MBaAFBkTy0hWgh0UzS4LdnwpMaIsFU58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTkt
MDc3OWRmMWRkNjRkLzEvenZkZS0xRmt0WENFSVJCM0ZIeUJpYWFoNEpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTktMDc3OWRmMWRkNjRk
LzEvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEbcywAwQA
qxbxAwQCuRnIAwQCuYAQMA0EAgACMAcDBQMqEKXAMA0GCSqGSIb3DQEBCwUAA4IB
AQASWLRbDUEE0VcOH6ntjg4ReWk8QNNAGwMbluhrpk8eZ6uxtLHIUKNXPRl+cqNe
H8ukiMMb76AQgeqH5rTFQWKUBsdrxqW71MzB4slkuCoeZJQeAbXQwy5XDzG5n7B4
AQThzU/KFu09btLiwFwPEnrOKHjudROE7xT5HvCAZ/tHfidgvHVoYbXSUwYj5N6y
GQz+XP2DPYUCqpUa5P8+sv9c3VCUOOD2BCTm88kjejV93n7/js1hDVhNhmLMG9Bo
+KkEMf0j0+h2H2l0cuJAJrpwtV2X91a3ux4maYnLry5tlpzLR4NWl2w1hwABMUEq
scSvuRK3JIuhTXCbaZRrUUu4
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:39:42 2025 by rpki-client