Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/0ZE_o3dIHj9flS2dCWrRGTJ97ms.roa
File: 0ZE_o3dIHj9flS2dCWrRGTJ97ms.roa (raw, json)
Hash identifier: 52fGS8LFs2gez+ax6QI/dNbYDxKzac5/dFyHugT7tiA=
Subject key identifier: D1:91:3F:A3:77:48:1E:3F:5F:95:2D:9D:09:6A:D1:19:32:7D:EE:6B
Certificate issuer: /CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Certificate serial: 01941FFA927779D09C05CF03E4A157995145
Authority key identifier: 58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/0ZE_o3dIHj9flS2dCWrRGTJ97ms.roa
Signing time: Wed 01 Jan 2025 03:48:22 +0000
ROA not before: Wed 01 Jan 2025 03:48:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34597
IP address blocks: 37.230.232.0/24 maxlen: 24
37.230.246.0/24 maxlen: 24
141.101.243.0/24 maxlen: 24
178.170.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 12:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:92:77:79:d0:9c:05:cf:03:e4:a1:57:99:51:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5885e884c2fc7a75d12dd1dea49ce2349c47067e
Validity
Not Before: Jan 1 03:48:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d1913fa377481e3f5f952d9d096ad119327dee6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:b0:d9:cd:3a:93:f9:64:24:1f:4b:a3:0e:8c:
94:91:35:ed:92:f3:4a:95:1e:50:6d:5c:d2:71:5f:
82:c1:82:0e:06:0a:e1:f9:aa:8c:4a:dc:8f:07:6b:
8d:d6:82:0a:41:28:47:47:c2:04:7d:db:ec:73:28:
d4:99:df:33:d1:26:8d:1d:3c:6e:4b:95:b4:1a:2f:
63:5e:73:86:7b:93:72:2d:b9:33:c6:d0:d5:15:95:
33:69:20:2c:70:9d:4b:64:32:d4:8d:43:92:62:0e:
5a:46:b2:21:f6:58:75:79:4b:04:5c:a6:6b:ba:3d:
62:8f:55:ec:67:14:6d:61:a0:f9:a8:09:8e:45:0d:
fe:44:5e:32:aa:e6:10:3b:85:26:c4:41:3c:69:62:
f3:2c:22:6d:3b:2b:03:b0:e6:dc:2e:a9:d5:ac:ea:
13:b0:74:4b:ed:a0:90:70:fc:07:41:c2:68:00:af:
8d:3e:45:16:37:48:3a:f6:4a:c8:07:09:df:e2:04:
c6:c1:99:94:d6:14:3d:c9:5a:f9:44:95:d0:06:74:
36:a4:a0:b0:ca:6c:9f:32:e0:5a:5e:99:28:93:0f:
36:9a:b9:2f:56:76:4d:53:cc:0f:1c:ea:b3:61:ce:
0a:34:40:2d:25:bb:b8:e2:c2:3d:90:ec:12:a7:60:
81:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:91:3F:A3:77:48:1E:3F:5F:95:2D:9D:09:6A:D1:19:32:7D:EE:6B
X509v3 Authority Key Identifier:
keyid:58:85:E8:84:C2:FC:7A:75:D1:2D:D1:DE:A4:9C:E2:34:9C:47:06:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WIXohML8enXRLdHepJziNJxHBn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/0ZE_o3dIHj9flS2dCWrRGTJ97ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/6c0bf7-5f13-44a2-9989-8c9581d96d8f/1/WIXohML8enXRLdHepJziNJxHBn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.230.232.0/24
37.230.246.0/24
141.101.243.0/24
178.170.173.0/24
Signature Algorithm: sha256WithRSAEncryption
80:f5:14:74:7e:9f:47:d4:85:c6:66:95:45:19:38:1b:b5:38:
ae:08:dc:27:df:a6:4e:40:3c:71:ce:2e:58:33:32:6d:81:ed:
81:9b:3a:51:0d:e7:d8:40:65:50:5f:4d:73:50:5b:0f:1f:4d:
24:ae:a5:57:cf:c6:54:c0:25:86:94:2c:17:7b:e4:2b:c7:4a:
a7:a9:ae:65:3f:ec:d2:fe:89:08:2f:38:bd:72:85:8d:04:ea:
ac:a7:e1:50:55:79:24:59:d3:85:b6:cc:86:37:ce:6a:01:b4:
d4:be:71:97:d2:ec:a9:b5:8a:bb:87:6d:2d:49:f6:04:55:d2:
2d:f4:90:d6:d3:92:61:b7:6d:2a:9a:a4:85:f1:72:ed:09:8a:
dc:dd:90:16:9d:67:4a:06:f6:34:fb:26:8f:c2:5f:ce:6b:9a:
64:2d:e8:11:69:b7:a4:c2:62:36:5b:6a:24:8f:01:6e:27:9f:
fb:00:15:bd:ac:7d:08:72:6d:4f:3c:bc:aa:6e:0a:fb:83:0c:
45:7d:d0:80:a2:0f:14:c0:24:93:5e:b6:4c:72:95:36:58:1e:
b2:ba:e9:55:51:d0:65:50:0f:3f:23:27:26:1d:f4:77:03:c8:
e7:7e:88:f0:45:fc:99:ad:d4:16:50:49:11:e0:07:28:bd:17:
c9:21:64:d1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQf+pJ3edCcBc8D5KFXmVFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4ODVlODg0YzJmYzdhNzVkMTJkZDFkZWE0OWNlMjM0OWM0
NzA2N2UwHhcNMjUwMTAxMDM0ODIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTkxM2ZhMzc3NDgxZTNmNWY5NTJkOWQwOTZhZDExOTMyN2RlZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu7DZzTqT+WQkH0ujDoyUkTXtkvNK
lR5QbVzScV+CwYIOBgrh+aqMStyPB2uN1oIKQShHR8IEfdvscyjUmd8z0SaNHTxu
S5W0Gi9jXnOGe5NyLbkzxtDVFZUzaSAscJ1LZDLUjUOSYg5aRrIh9lh1eUsEXKZr
uj1ij1XsZxRtYaD5qAmORQ3+RF4yquYQO4UmxEE8aWLzLCJtOysDsObcLqnVrOoT
sHRL7aCQcPwHQcJoAK+NPkUWN0g69krIBwnf4gTGwZmU1hQ9yVr5RJXQBnQ2pKCw
ymyfMuBaXpkokw82mrkvVnZNU8wPHOqzYc4KNEAtJbu44sI9kOwSp2CBdwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNGRP6N3SB4/X5UtnQlq0Rkyfe5rMB8GA1UdIwQY
MBaAFFiF6ITC/Hp10S3R3qSc4jScRwZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODkt
OGM5NTgxZDk2ZDhmLzEvMFpFX28zZElIajlmbFMyZENXclJHVEo5N21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni82YzBiZjctNWYxMy00NGEyLTk5ODktOGM5NTgxZDk2ZDhm
LzEvV0lYb2hNTDhlblhSTGRIZXBKemlOSnhIQm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAJeboAwQA
Jeb2AwQAjWXzAwQAsqqtMA0GCSqGSIb3DQEBCwUAA4IBAQCA9RR0fp9H1IXGZpVF
GTgbtTiuCNwn36ZOQDxxzi5YMzJtge2BmzpRDefYQGVQX01zUFsPH00krqVXz8ZU
wCWGlCwXe+Qrx0qnqa5lP+zS/okILzi9coWNBOqsp+FQVXkkWdOFtsyGN85qAbTU
vnGX0uyptYq7h20tSfYEVdIt9JDW05Jht20qmqSF8XLtCYrc3ZAWnWdKBvY0+yaP
wl/Oa5pkLegRabekwmI2W2okjwFuJ5/7ABW9rH0Icm1PPLyqbgr7gwxFfdCAog8U
wCSTXrZMcpU2WB6yuulVUdBlUA8/IycmHfR3A8jnfojwRfyZrdQWUEkR4AcovRfJ
IWTR
-----END CERTIFICATE-----
Generated at Wed Apr 9 17:14:46 2025 by rpki-client