Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zFc-w0kyfCLjexA_gc5vZdXOhXM.roa
File: zFc-w0kyfCLjexA_gc5vZdXOhXM.roa (raw, json)
Hash identifier: Y+gT8yluh45ZLseEBt2dgYW2ms4tJrgg20SQbtN/mwM=
Subject key identifier: CC:57:3E:C3:49:32:7C:22:E3:7B:10:3F:81:CE:6F:65:D5:CE:85:73
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019421443A7F6822CD101014ED69220AF812
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zFc-w0kyfCLjexA_gc5vZdXOhXM.roa
Signing time: Wed 01 Jan 2025 09:48:27 +0000
ROA not before: Wed 01 Jan 2025 09:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 270564
IP address blocks: 89.213.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Feb 2025 21:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:44:3a:7f:68:22:cd:10:10:14:ed:69:22:0a:f8:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 1 09:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc573ec349327c22e37b103f81ce6f65d5ce8573
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:b5:30:c7:73:89:68:f0:b2:5d:90:f2:9c:75:
1c:53:cd:50:b0:e8:41:3e:af:40:5f:9f:84:eb:a3:
df:3c:77:99:64:d0:3c:5a:d6:4f:2d:b3:dd:7d:5b:
e2:4b:ec:31:89:cb:ef:52:ad:42:42:5e:5f:4c:00:
24:ba:f9:21:4c:92:39:5e:5e:ea:2b:05:51:4c:6b:
6e:e5:b7:76:da:f9:37:d4:40:cf:1c:98:4c:32:55:
68:ad:b3:68:f9:c1:f0:fb:c2:d9:11:fd:82:c2:50:
2b:26:25:91:35:60:71:b0:9c:da:e0:01:e4:5f:35:
20:57:70:29:47:38:01:e1:37:92:da:48:08:8e:2a:
59:cb:1a:39:66:35:18:1c:4b:d7:e1:9e:80:ed:6e:
43:04:3a:dc:44:63:88:1c:1c:e1:d5:06:6f:dc:a4:
cd:c7:5b:df:90:88:e4:09:4d:0f:b0:db:e3:30:94:
cb:36:ee:42:4b:59:f8:49:90:66:54:6a:ab:f0:98:
eb:8f:01:70:d5:46:5f:9a:59:a4:f1:4c:6a:94:e5:
48:06:2a:71:86:cf:35:22:cf:7e:ea:c2:41:39:77:
3d:91:0d:e0:3c:34:7f:7a:0d:fa:ce:05:a0:de:a2:
1b:f9:95:6c:ca:c8:18:6d:c9:07:7c:77:c4:c2:60:
6c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:57:3E:C3:49:32:7C:22:E3:7B:10:3F:81:CE:6F:65:D5:CE:85:73
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/zFc-w0kyfCLjexA_gc5vZdXOhXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.142.0/24
Signature Algorithm: sha256WithRSAEncryption
06:5e:30:98:df:9d:3a:b8:ac:3a:3b:e1:be:22:de:f5:36:cd:
03:e8:f8:6b:16:c0:d3:e5:b4:a3:be:28:fc:95:96:ed:d4:72:
41:88:b9:ed:bc:f7:f9:77:d0:cb:c4:ea:1a:d9:e7:68:63:6e:
4d:07:68:fa:12:a1:b1:50:b8:c9:36:eb:21:2d:3f:a5:8b:73:
2c:a5:59:f6:52:f3:c4:d7:69:49:9d:84:58:b2:21:89:c9:95:
68:78:4b:e2:7c:a1:f9:3b:6f:89:3d:66:f9:b9:b6:fe:4c:a2:
22:da:aa:a7:d0:1b:5d:b5:8a:ea:47:33:ab:a5:ea:1c:2a:0a:
bc:2e:59:38:a8:31:34:56:8f:1e:83:0c:25:cc:89:b2:c3:9d:
f5:9a:f0:1b:40:31:0f:50:8a:b0:5f:57:18:13:77:06:16:5e:
09:ed:b8:e0:44:15:0d:66:69:e5:8c:66:87:02:34:47:9c:a8:
3d:57:e3:f2:39:e6:f0:bf:f2:d4:41:2d:f6:26:32:9a:d4:bf:
92:18:e3:8c:74:91:1b:a6:77:b0:ca:de:9f:59:8f:22:6a:aa:
83:05:33:6c:d4:55:3c:0c:6e:48:55:89:97:2d:b8:49:50:6f:
96:72:c6:b4:0a:7c:19:c9:96:6b:55:3b:6c:20:0f:72:e1:cf:
1b:fa:08:25
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQhRDp/aCLNEBAU7WkiCvgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwMTAxMDk0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzU3M2VjMzQ5MzI3YzIyZTM3YjEwM2Y4MWNlNmY2NWQ1Y2U4NTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7Uwx3OJaPCyXZDynHUcU81QsOhB
Pq9AX5+E66PfPHeZZNA8WtZPLbPdfVviS+wxicvvUq1CQl5fTAAkuvkhTJI5Xl7q
KwVRTGtu5bd22vk31EDPHJhMMlVorbNo+cHw+8LZEf2CwlArJiWRNWBxsJza4AHk
XzUgV3ApRzgB4TeS2kgIjipZyxo5ZjUYHEvX4Z6A7W5DBDrcRGOIHBzh1QZv3KTN
x1vfkIjkCU0PsNvjMJTLNu5CS1n4SZBmVGqr8JjrjwFw1UZfmlmk8UxqlOVIBipx
hs81Is9+6sJBOXc9kQ3gPDR/eg36zgWg3qIb+ZVsysgYbckHfHfEwmBsrwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFMxXPsNJMnwi43sQP4HOb2XVzoVzMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvekZjLXcwa3lmQ0xqZXhBX2djNXZaZFhPaFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWOMA0G
CSqGSIb3DQEBCwUAA4IBAQAGXjCY3506uKw6O+G+It71Ns0D6PhrFsDT5bSjvij8
lZbt1HJBiLntvPf5d9DLxOoa2edoY25NB2j6EqGxULjJNushLT+li3MspVn2UvPE
12lJnYRYsiGJyZVoeEvifKH5O2+JPWb5ubb+TKIi2qqn0BtdtYrqRzOrpeocKgq8
Llk4qDE0Vo8egwwlzImyw531mvAbQDEPUIqwX1cYE3cGFl4J7bjgRBUNZmnljGaH
AjRHnKg9V+PyOebwv/LUQS32JjKa1L+SGOOMdJEbpnewyt6fWY8iaqqDBTNs1FU8
DG5IVYmXLbhJUG+Wcsa0CnwZyZZrVTtsIA9y4c8b+ggl
-----END CERTIFICATE-----
Generated at Wed Feb 5 07:41:17 2025 by rpki-client