Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/ZaC009aUj9MN6ETSOGz1XyMPjwg.roa
File: ZaC009aUj9MN6ETSOGz1XyMPjwg.roa (raw, json)
Hash identifier: Q0bT7ztDqeHwnN001uKVz8J8yZ/2DRRpodNKzrqG1qc=
Subject key identifier: 65:A0:B4:D3:D6:94:8F:D3:0D:E8:44:D2:38:6C:F5:5F:23:0F:8F:08
Certificate issuer: /CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Certificate serial: 0195228E8EF004B48C730140EEFDCBAB64F8
Authority key identifier: 24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/ZaC009aUj9MN6ETSOGz1XyMPjwg.roa
Signing time: Thu 20 Feb 2025 08:52:02 +0000
ROA not before: Thu 20 Feb 2025 08:52:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9141
IP address blocks: 31.178.0.0/17 maxlen: 17
31.178.128.0/17 maxlen: 17
31.179.0.0/17 maxlen: 17
31.179.128.0/17 maxlen: 24
31.186.192.0/19 maxlen: 19
77.236.0.0/21 maxlen: 21
77.236.8.0/21 maxlen: 21
77.236.16.0/21 maxlen: 21
77.236.24.0/21 maxlen: 21
83.175.176.0/20 maxlen: 20
85.222.0.0/19 maxlen: 19
85.222.32.0/19 maxlen: 19
85.222.52.0/22 maxlen: 22
85.222.64.0/19 maxlen: 19
85.222.96.0/19 maxlen: 19
89.68.0.0/14 maxlen: 14
89.70.108.0/22 maxlen: 22
89.72.0.0/14 maxlen: 14
89.72.228.0/22 maxlen: 22
89.77.216.0/22 maxlen: 22
195.34.210.0/23 maxlen: 23
217.119.64.0/20 maxlen: 20
2a02:a300::/29 maxlen: 29
2a02:a308::/29 maxlen: 29
2a02:a310::/32 maxlen: 32
2a02:a311::/32 maxlen: 32
2a02:a312::/32 maxlen: 32
2a02:a313::/32 maxlen: 32
2a02:a315:e500::/40 maxlen: 40
2a02:a316:e100::/40 maxlen: 40
2a02:a319:6000::/40 maxlen: 40
2a02:a31b:c400::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.mft
rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 20:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:22:8e:8e:f0:04:b4:8c:73:01:40:ee:fd:cb:ab:64:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24147c8b3f37850e9f9074993845c4e069f8efe2
Validity
Not Before: Feb 20 08:52:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65a0b4d3d6948fd30de844d2386cf55f230f8f08
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b4:07:5f:d9:99:0a:b7:6f:51:7a:d6:69:36:
41:a7:d9:ad:4f:59:74:9e:32:ab:a7:d3:fc:54:f3:
82:c3:2e:f8:9d:23:98:70:fe:52:36:77:87:13:fb:
69:86:eb:b2:31:1a:ba:e7:e7:68:03:f7:48:72:5d:
c7:68:51:4c:35:10:9d:03:d1:42:a4:a3:52:58:91:
29:d8:c0:32:ad:2a:c5:ad:c4:97:ba:87:bb:48:d0:
b9:0b:11:a5:1e:a0:d1:fb:ad:a7:c5:c0:30:1d:0e:
ca:9c:fd:76:17:95:48:13:9b:19:5f:58:13:c2:10:
cf:eb:36:ed:43:3c:75:f5:43:46:05:8b:0f:c4:b6:
48:9e:07:83:b8:6c:12:84:41:25:5e:c6:a0:3b:87:
19:11:07:1f:8d:6b:be:11:c7:80:74:5f:66:ff:ad:
fd:85:7f:0b:1c:4c:ec:5b:8e:66:3d:d7:99:cc:b3:
96:14:45:45:6b:75:bd:32:f2:a4:4a:c7:c8:b2:76:
b1:e2:e9:bc:4c:73:3e:cb:e0:53:40:92:06:4e:b6:
c0:79:e8:91:54:99:ce:4a:35:e4:4b:0c:42:63:03:
a1:a7:59:3a:8a:60:c0:e5:46:eb:62:92:e2:da:c8:
8c:ed:cd:50:cf:32:2c:51:60:4f:31:c3:09:58:3d:
7a:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A0:B4:D3:D6:94:8F:D3:0D:E8:44:D2:38:6C:F5:5F:23:0F:8F:08
X509v3 Authority Key Identifier:
keyid:24:14:7C:8B:3F:37:85:0E:9F:90:74:99:38:45:C4:E0:69:F8:EF:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JBR8iz83hQ6fkHSZOEXE4Gn47-I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/ZaC009aUj9MN6ETSOGz1XyMPjwg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/8da5fe-f405-4ce0-b2d1-b3535b4ca50f/1/JBR8iz83hQ6fkHSZOEXE4Gn47-I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.178.0.0/15
31.186.192.0/19
77.236.0.0/19
83.175.176.0/20
85.222.0.0/17
89.68.0.0-89.75.255.255
89.77.216.0/22
195.34.210.0/23
217.119.64.0/20
IPv6:
2a02:a300::-2a02:a313:ffff:ffff:ffff:ffff:ffff:ffff
2a02:a315:e500::/40
2a02:a316:e100::/40
2a02:a319:6000::/40
2a02:a31b:c400::/40
Signature Algorithm: sha256WithRSAEncryption
43:be:19:63:cd:18:32:71:3d:3a:00:a9:60:10:89:82:8a:ec:
c5:cb:eb:a5:8f:4b:d7:08:16:8b:47:d3:05:28:bc:01:26:48:
e9:1f:8f:23:48:93:6f:ba:74:09:17:cc:29:4b:4b:98:db:7d:
80:5c:b5:12:8a:e4:17:0d:31:12:4b:20:31:d9:11:c4:14:0e:
20:01:12:0f:a5:c0:26:bc:0a:02:7c:1c:9a:90:b8:1a:0f:bf:
29:15:f7:ab:d8:02:e4:de:6d:dc:33:8c:dc:66:66:98:4a:28:
3a:53:3b:3b:fe:e1:bb:45:e5:c9:ce:e9:d8:48:18:10:b0:34:
cd:c8:f7:e1:6e:83:a9:22:00:6f:44:57:43:a2:f5:4b:22:da:
dd:21:a1:4e:d5:6c:d9:c4:a9:8e:76:85:d4:88:91:ac:f2:26:
a2:0d:af:12:56:8e:23:06:90:f2:54:26:46:0e:b1:c7:fe:0b:
c5:0d:79:80:36:59:9b:77:81:1f:61:cf:fd:88:c1:5b:78:6e:
72:01:ea:7f:af:b7:c5:b1:a7:00:8b:59:ca:f8:aa:40:08:5c:
6d:bc:17:e3:96:d8:3b:83:8b:ac:60:41:cb:f6:c5:c3:d2:15:
11:34:e5:c0:dd:ab:8a:c9:6e:e8:80:db:b1:b8:f9:3a:b4:a4:
27:6d:c5:b3
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZUijo7wBLSMcwFA7v3Lq2T4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0MTQ3YzhiM2YzNzg1MGU5ZjkwNzQ5OTM4NDVjNGUwNjlm
OGVmZTIwHhcNMjUwMjIwMDg1MjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWEwYjRkM2Q2OTQ4ZmQzMGRlODQ0ZDIzODZjZjU1ZjIzMGY4ZjA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLQHX9mZCrdvUXrWaTZBp9mtT1l0
njKrp9P8VPOCwy74nSOYcP5SNneHE/tphuuyMRq65+doA/dIcl3HaFFMNRCdA9FC
pKNSWJEp2MAyrSrFrcSXuoe7SNC5CxGlHqDR+62nxcAwHQ7KnP12F5VIE5sZX1gT
whDP6zbtQzx19UNGBYsPxLZIngeDuGwShEElXsagO4cZEQcfjWu+EceAdF9m/639
hX8LHEzsW45mPdeZzLOWFEVFa3W9MvKkSsfIsnax4um8THM+y+BTQJIGTrbAeeiR
VJnOSjXkSwxCYwOhp1k6imDA5UbrYpLi2siM7c1QzzIsUWBPMcMJWD16rQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFGWgtNPWlI/TDehE0jhs9V8jD48IMB8GA1UdIwQY
MBaAFCQUfIs/N4UOn5B0mThFxOBp+O/iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEt
YjM1MzViNGNhNTBmLzEvWmFDMDA5YVVqOU1ONkVUU09HejFYeU1QandnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS84ZGE1ZmUtZjQwNS00Y2UwLWIyZDEtYjM1MzViNGNhNTBm
LzEvSkJSOGl6ODNoUTZma0hTWk9FWEU0R240Ny1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHowQQQCAAEwOwMDAR+yAwQF
H7rAAwQFTewAAwQEU6+wAwQHVd4AMAoDAwJZRAMDAllIAwQCWU3YAwQBwyLSAwQE
2XdAMDUEAgACMC8wDQMEACoCowMFAioCoxADBgAqAqMV5QMGACoCoxbhAwYAKgKj
GWADBgAqAqMbxDANBgkqhkiG9w0BAQsFAAOCAQEAQ74ZY80YMnE9OgCpYBCJgors
xcvrpY9L1wgWi0fTBSi8ASZI6R+PI0iTb7p0CRfMKUtLmNt9gFy1EorkFw0xEksg
MdkRxBQOIAESD6XAJrwKAnwcmpC4Gg+/KRX3q9gC5N5t3DOM3GZmmEooOlM7O/7h
u0Xlyc7p2EgYELA0zcj34W6DqSIAb0RXQ6L1SyLa3SGhTtVs2cSpjnaF1IiRrPIm
og2vElaOIwaQ8lQmRg6xx/4LxQ15gDZZm3eBH2HP/YjBW3hucgHqf6+3xbGnAItZ
yviqQAhcbbwX45bYO4OLrGBBy/bFw9IVETTlwN2rislu6IDbsbj5OrSkJ23Fsw==
-----END CERTIFICATE-----
Generated at Sat Feb 22 05:33:12 2025 by rpki-client