Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/zJzkzhEHh5iCKShvFrkOwPKYR2U.roa
File: zJzkzhEHh5iCKShvFrkOwPKYR2U.roa (raw, json)
Hash identifier: l2tLYSV2hK6uaLIrHqnfajZM8CBVZInCAsyfW/dDlC0=
Subject key identifier: CC:9C:E4:CE:11:07:87:98:82:29:28:6F:16:B9:0E:C0:F2:98:47:65
Certificate issuer: /CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Certificate serial: 019426D97EE0C7FEBB8300599750AFA29499
Authority key identifier: 05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/zJzkzhEHh5iCKShvFrkOwPKYR2U.roa
Signing time: Thu 02 Jan 2025 11:49:35 +0000
ROA not before: Thu 02 Jan 2025 11:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201924
IP address blocks: 195.146.0.0/24 maxlen: 24
195.146.1.0/24 maxlen: 24
195.146.2.0/24 maxlen: 24
195.146.4.0/24 maxlen: 24
195.146.5.0/24 maxlen: 24
195.146.6.0/24 maxlen: 24
195.146.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:16:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:7e:e0:c7:fe:bb:83:00:59:97:50:af:a2:94:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0562d5a67b7a20f865e753163a6ed0e5f347e839
Validity
Not Before: Jan 2 11:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc9ce4ce110787988229286f16b90ec0f2984765
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:38:b8:cd:2b:ae:3a:ce:e5:43:fa:aa:f0:e6:
d1:fd:13:8a:95:c0:8d:81:fa:ff:1b:b9:84:e9:4d:
2a:64:a1:33:cb:14:e4:3a:39:8e:63:b3:ea:00:dd:
fe:9c:1b:74:b5:77:39:a5:b4:41:de:7d:cd:08:8f:
8f:16:09:b2:32:bb:ca:dd:d2:cf:30:9c:3e:e9:cc:
3a:e7:1c:41:5a:7b:d3:5c:30:d3:25:8c:2c:2d:08:
d0:32:3e:25:36:70:1d:80:54:30:3b:b3:e2:1e:08:
cc:c0:64:7c:6e:73:d9:59:9a:bf:2c:6e:95:b2:85:
6a:88:79:36:da:ed:d2:95:74:71:e3:62:56:5d:64:
9c:d4:28:8f:9f:d4:f4:06:57:a4:93:14:e5:3d:ad:
a9:f6:20:69:b5:4b:84:93:38:de:e9:f9:6d:b6:cd:
c2:5f:f9:b5:a5:aa:51:0b:e8:a3:cc:94:5b:06:42:
82:9e:b1:ed:14:de:c9:16:74:c8:ed:c8:8c:81:b2:
43:fe:ec:94:1f:e1:92:09:bb:70:6b:a0:15:21:4d:
bb:65:f0:dc:77:80:21:3b:e4:f3:45:70:e9:5b:80:
98:71:7d:a5:d4:2f:e9:59:77:fa:c3:4c:75:1e:fc:
93:7f:07:85:63:91:86:64:b0:63:56:03:47:c2:ff:
8d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:9C:E4:CE:11:07:87:98:82:29:28:6F:16:B9:0E:C0:F2:98:47:65
X509v3 Authority Key Identifier:
keyid:05:62:D5:A6:7B:7A:20:F8:65:E7:53:16:3A:6E:D0:E5:F3:47:E8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/zJzkzhEHh5iCKShvFrkOwPKYR2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/8b01c2-ecbe-4f88-ae37-504c8fc220ea/1/BWLVpnt6IPhl51MWOm7Q5fNH6Dk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.146.0.0-195.146.2.255
195.146.4.0/22
Signature Algorithm: sha256WithRSAEncryption
58:69:1c:20:6b:26:1a:6f:cc:cc:eb:89:26:cb:d2:85:55:bf:
60:06:80:c8:2c:2d:e9:21:7b:58:70:7c:e8:2e:cd:bb:20:ce:
a8:a3:39:81:08:cf:3f:7d:00:e7:72:64:97:3d:49:4e:8a:86:
8f:d5:3f:71:a5:d1:08:91:4d:bd:92:73:5c:63:64:87:19:aa:
23:29:df:fe:48:cd:93:89:b7:67:0a:0d:7d:e0:64:6e:5f:b6:
63:72:bb:c1:e1:dc:3c:ea:69:78:11:dd:02:55:a8:14:65:4a:
28:81:71:63:54:6e:64:20:8e:75:b7:76:36:d9:c9:fd:b2:6c:
2c:61:85:08:8b:5c:34:b6:05:a7:e9:d6:b2:24:0f:07:57:04:
81:4a:fb:5a:c1:d8:8a:d3:87:2f:57:48:d6:e6:84:da:fb:51:
f7:21:f6:fb:6d:7c:ee:82:10:60:ae:0f:09:79:8a:57:77:4d:
ad:9d:fa:67:2d:15:40:e4:d8:24:04:0b:5a:da:ac:4e:8d:dc:
65:9f:dd:8c:7e:2c:64:1b:3a:92:7a:f7:98:7a:54:cb:39:70:
41:50:3b:a3:5f:4a:ea:d6:42:35:52:d6:1d:07:6c:e3:b8:81:
f8:e9:8b:48:2f:da:1e:a2:da:b7:72:90:a7:76:ec:8b:78:4d:
5d:e5:61:8a
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAZQm2X7gx/67gwBZl1CvopSZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NjJkNWE2N2I3YTIwZjg2NWU3NTMxNjNhNmVkMGU1ZjM0
N2U4MzkwHhcNMjUwMTAyMTE0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzljZTRjZTExMDc4Nzk4ODIyOTI4NmYxNmI5MGVjMGYyOTg0NzY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Di4zSuuOs7lQ/qq8ObR/ROKlcCN
gfr/G7mE6U0qZKEzyxTkOjmOY7PqAN3+nBt0tXc5pbRB3n3NCI+PFgmyMrvK3dLP
MJw+6cw65xxBWnvTXDDTJYwsLQjQMj4lNnAdgFQwO7PiHgjMwGR8bnPZWZq/LG6V
soVqiHk22u3SlXRx42JWXWSc1CiPn9T0BlekkxTlPa2p9iBptUuEkzje6fltts3C
X/m1papRC+ijzJRbBkKCnrHtFN7JFnTI7ciMgbJD/uyUH+GSCbtwa6AVIU27ZfDc
d4AhO+TzRXDpW4CYcX2l1C/pWXf6w0x1HvyTfweFY5GGZLBjVgNHwv+NbwIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFMyc5M4RB4eYgikobxa5DsDymEdlMB8GA1UdIwQY
MBaAFAVi1aZ7eiD4ZedTFjpu0OXzR+g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzct
NTA0YzhmYzIyMGVhLzEvekp6a3poRUhoNWlDS1NodkZya093UEtZUjJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi84YjAxYzItZWNiZS00Zjg4LWFlMzctNTA0YzhmYzIyMGVh
LzEvQldMVnBudDZJUGhsNTFNV09tN1E1Zk5INkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCwGCCsGAQUFBwEHAQH/BB0wGzAZBAIAATATMAsDAwHDkgME
AMOSAgMEAsOSBDANBgkqhkiG9w0BAQsFAAOCAQEAWGkcIGsmGm/MzOuJJsvShVW/
YAaAyCwt6SF7WHB86C7NuyDOqKM5gQjPP30A53Jklz1JToqGj9U/caXRCJFNvZJz
XGNkhxmqIynf/kjNk4m3ZwoNfeBkbl+2Y3K7weHcPOppeBHdAlWoFGVKKIFxY1Ru
ZCCOdbd2NtnJ/bJsLGGFCItcNLYFp+nWsiQPB1cEgUr7WsHYitOHL1dI1uaE2vtR
9yH2+2187oIQYK4PCXmKV3dNrZ36Zy0VQOTYJAQLWtqsTo3cZZ/djH4sZBs6knr3
mHpUyzlwQVA7o19K6tZCNVLWHQds47iB+OmLSC/aHqLat3KQp3bsi3hNXeVhig==
-----END CERTIFICATE-----
Generated at Thu Apr 17 01:46:06 2025 by rpki-client