Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ZFNPpkJjAEJqP0LzaHCbcOYgV2Q.roa
File: ZFNPpkJjAEJqP0LzaHCbcOYgV2Q.roa (raw, json)
Hash identifier: Zl0lVHMtT1Mdxmi4wDwpl3L8wvugA65MrAmdD5x0BTQ=
Subject key identifier: 64:53:4F:A6:42:63:00:42:6A:3F:42:F3:68:70:9B:70:E6:20:57:64
Certificate issuer: /CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Certificate serial: 01942445A63EF38B37EB250B28D32FC45AF6
Authority key identifier: 56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ZFNPpkJjAEJqP0LzaHCbcOYgV2Q.roa
Signing time: Wed 01 Jan 2025 23:48:51 +0000
ROA not before: Wed 01 Jan 2025 23:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207388
IP address blocks: 91.239.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 23:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:a6:3e:f3:8b:37:eb:25:0b:28:d3:2f:c4:5a:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56b98f83ccbda7c19f004151c98b57c59d268f54
Validity
Not Before: Jan 1 23:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64534fa6426300426a3f42f368709b70e6205764
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:95:3b:25:43:4a:ff:e6:19:b3:b3:e4:7f:34:
79:de:75:23:c0:94:c7:05:f5:56:a1:16:d9:3f:ce:
f9:e0:be:23:88:df:1d:ac:9a:84:bf:50:61:53:49:
2c:d2:5f:16:a4:62:b5:99:98:1f:fc:fe:c1:38:a2:
54:50:2e:5c:4b:bc:01:10:ef:2c:d0:28:08:d0:ea:
20:ba:a4:94:00:d2:b0:19:21:07:b0:47:71:46:4c:
7f:49:09:91:b1:63:61:21:c3:c5:e1:11:b9:48:0b:
88:bd:2c:26:ef:6a:93:20:ba:1e:82:41:8a:6e:00:
2d:2f:ad:6d:03:ff:9b:6d:a7:33:f9:61:72:b2:de:
b5:82:74:03:35:6d:8a:bf:1b:ae:da:b2:20:0f:53:
83:ed:ff:72:98:6d:48:44:2c:21:55:85:1c:18:68:
e5:a0:fc:65:fa:41:4a:df:ee:35:f6:1e:38:a4:8e:
36:8f:20:9a:c9:cf:02:a9:07:26:2b:da:08:83:c9:
2c:39:87:cd:c9:78:ab:1e:1f:d1:0a:0e:07:73:f5:
02:6d:97:a3:f9:0a:9f:85:52:c8:cd:86:d0:18:c0:
d9:36:4b:2d:e6:44:b8:86:46:82:bb:72:ce:e6:15:
0d:8a:63:3a:c7:03:b2:a1:38:db:ea:40:1f:ec:07:
97:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:53:4F:A6:42:63:00:42:6A:3F:42:F3:68:70:9B:70:E6:20:57:64
X509v3 Authority Key Identifier:
keyid:56:B9:8F:83:CC:BD:A7:C1:9F:00:41:51:C9:8B:57:C5:9D:26:8F:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/ZFNPpkJjAEJqP0LzaHCbcOYgV2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/83/8cb935-71a3-4db3-9f3f-7aa7fc359655/1/VrmPg8y9p8GfAEFRyYtXxZ0mj1Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.217.0/24
Signature Algorithm: sha256WithRSAEncryption
64:15:33:54:75:4f:1e:59:1a:d0:78:11:58:17:2d:51:62:41:
dc:86:11:6c:22:26:77:2d:b6:81:f5:27:3d:1a:d9:95:cc:15:
22:f4:3e:15:f2:9c:b5:c3:9d:bd:ec:16:10:df:6f:84:e7:f6:
f5:a2:59:20:6b:a2:26:56:91:e7:a1:a4:4a:e9:58:47:ca:bb:
50:99:96:a3:da:d8:35:f2:ab:97:cf:60:75:e5:9e:30:1f:cf:
d1:ac:4c:d8:c3:0b:f5:70:9d:25:23:83:60:09:59:1f:9f:ad:
84:ac:d6:51:0e:65:df:d0:c2:4c:12:1c:2c:bb:4a:65:70:b2:
61:af:bc:ea:e6:3c:7e:1e:b7:28:be:b1:19:7c:ad:d3:74:cf:
a1:46:39:03:41:91:4c:1e:18:bc:cd:07:f8:7f:bc:ff:26:27:
e6:ec:b1:f9:00:42:c5:4f:5c:16:54:e5:1c:3e:ae:54:ca:7f:
b2:b2:78:e3:d6:41:b9:f8:42:7d:40:8c:ed:0c:fc:1c:3d:1a:
27:97:21:5f:f2:67:fc:6f:5e:f7:45:aa:c2:80:c0:aa:f0:ff:
b0:97:fb:d4:28:16:05:92:35:5b:44:69:8b:65:bb:8d:83:aa:
46:54:50:5a:dc:74:bc:cf:62:95:6d:48:8e:d5:5d:27:8f:ae:
ba:42:df:26
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQkRaY+84s36yULKNMvxFr2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2Yjk4ZjgzY2NiZGE3YzE5ZjAwNDE1MWM5OGI1N2M1OWQy
NjhmNTQwHhcNMjUwMTAxMjM0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDUzNGZhNjQyNjMwMDQyNmEzZjQyZjM2ODcwOWI3MGU2MjA1NzY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JU7JUNK/+YZs7PkfzR53nUjwJTH
BfVWoRbZP8754L4jiN8drJqEv1BhU0ks0l8WpGK1mZgf/P7BOKJUUC5cS7wBEO8s
0CgI0OoguqSUANKwGSEHsEdxRkx/SQmRsWNhIcPF4RG5SAuIvSwm72qTILoegkGK
bgAtL61tA/+bbacz+WFyst61gnQDNW2Kvxuu2rIgD1OD7f9ymG1IRCwhVYUcGGjl
oPxl+kFK3+419h44pI42jyCayc8CqQcmK9oIg8ksOYfNyXirHh/RCg4Hc/UCbZej
+QqfhVLIzYbQGMDZNkst5kS4hkaCu3LO5hUNimM6xwOyoTjb6kAf7AeXfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGRTT6ZCYwBCaj9C82hwm3DmIFdkMB8GA1UdIwQY
MBaAFFa5j4PMvafBnwBBUcmLV8WdJo9UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2Yt
N2FhN2ZjMzU5NjU1LzEvWkZOUHBrSmpBRUpxUDBMemFIQ2JjT1lnVjJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84My84Y2I5MzUtNzFhMy00ZGIzLTlmM2YtN2FhN2ZjMzU5NjU1
LzEvVnJtUGc4eTlwOEdmQUVGUnlZdFh4WjBtajFRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW+/ZMA0G
CSqGSIb3DQEBCwUAA4IBAQBkFTNUdU8eWRrQeBFYFy1RYkHchhFsIiZ3LbaB9Sc9
GtmVzBUi9D4V8py1w5297BYQ32+E5/b1olkga6ImVpHnoaRK6VhHyrtQmZaj2tg1
8quXz2B15Z4wH8/RrEzYwwv1cJ0lI4NgCVkfn62ErNZRDmXf0MJMEhwsu0plcLJh
r7zq5jx+HrcovrEZfK3TdM+hRjkDQZFMHhi8zQf4f7z/Jifm7LH5AELFT1wWVOUc
Pq5Uyn+ysnjj1kG5+EJ9QIztDPwcPRonlyFf8mf8b173RarCgMCq8P+wl/vUKBYF
kjVbRGmLZbuNg6pGVFBa3HS8z2KVbUiO1V0nj666Qt8m
-----END CERTIFICATE-----
Generated at Mon Apr 7 06:22:17 2025 by rpki-client