Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/zES562T2jGbv7XzrHC02CT1oz_k.roa
File: zES562T2jGbv7XzrHC02CT1oz_k.roa (raw, json)
Hash identifier: UbLmo0xCkOQvRcwSPHG5xE6YElRiJFtnaVmOwj9fHBo=
Subject key identifier: CC:44:B9:EB:64:F6:8C:66:EF:ED:7C:EB:1C:2D:36:09:3D:68:CF:F9
Certificate issuer: /CN=85bcb81dcd3f29318f403b8481be44ec1ff5502e
Certificate serial: 01941FFA52DC43663A52A0FB3F6173E70BFD
Authority key identifier: 85:BC:B8:1D:CD:3F:29:31:8F:40:3B:84:81:BE:44:EC:1F:F5:50:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hby4Hc0_KTGPQDuEgb5E7B_1UC4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/zES562T2jGbv7XzrHC02CT1oz_k.roa
Signing time: Wed 01 Jan 2025 03:48:06 +0000
ROA not before: Wed 01 Jan 2025 03:48:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3190
IP address blocks: 5.11.0.0/21 maxlen: 21
185.90.40.0/22 maxlen: 22
2a00:ebc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/hby4Hc0_KTGPQDuEgb5E7B_1UC4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/hby4Hc0_KTGPQDuEgb5E7B_1UC4.mft
rsync://rpki.ripe.net/repository/DEFAULT/hby4Hc0_KTGPQDuEgb5E7B_1UC4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 14 Mar 2025 00:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:52:dc:43:66:3a:52:a0:fb:3f:61:73:e7:0b:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85bcb81dcd3f29318f403b8481be44ec1ff5502e
Validity
Not Before: Jan 1 03:48:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc44b9eb64f68c66efed7ceb1c2d36093d68cff9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a4:15:a0:b9:07:ea:11:e8:81:0c:9b:97:f2:
1e:2b:9e:24:cb:e9:f4:66:90:52:7e:08:e5:ed:b3:
e9:55:6f:87:4a:4f:79:d6:08:d6:87:c1:9b:29:16:
07:d2:b3:a7:71:1a:cf:94:96:c8:5e:20:7b:6a:dc:
17:44:53:c0:93:a8:17:13:79:7a:aa:2d:42:dd:a2:
64:0e:7b:d0:7c:ba:8f:d6:79:c7:7c:63:43:8f:15:
44:79:05:54:5f:ac:39:b5:e9:1a:20:6b:5f:4d:52:
c6:99:4c:90:7a:c0:67:08:d5:a2:68:33:e8:77:1f:
d6:ce:80:67:95:97:ff:b2:fb:cf:a5:32:f3:b1:38:
61:11:2e:de:8a:c4:96:65:f7:fe:06:93:d5:6e:ec:
51:ca:9d:d0:ef:ef:98:ae:83:1b:43:60:18:37:29:
28:e2:ba:58:ce:19:52:54:c8:d5:0b:c8:08:20:11:
e8:34:d4:bc:bb:21:c4:25:61:44:34:01:66:67:eb:
e3:c4:f0:a1:fd:71:b2:c9:a7:6f:f5:97:b6:fb:a2:
7c:82:8a:88:9f:e6:e2:a1:9a:94:db:33:76:a0:ea:
e9:3a:b7:21:1a:60:93:9d:8a:74:e3:42:83:30:fc:
c6:a4:fd:44:24:62:ed:ef:9e:77:bf:84:8b:5c:be:
f1:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:44:B9:EB:64:F6:8C:66:EF:ED:7C:EB:1C:2D:36:09:3D:68:CF:F9
X509v3 Authority Key Identifier:
keyid:85:BC:B8:1D:CD:3F:29:31:8F:40:3B:84:81:BE:44:EC:1F:F5:50:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hby4Hc0_KTGPQDuEgb5E7B_1UC4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/zES562T2jGbv7XzrHC02CT1oz_k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/565065-da4d-4cbe-9061-8781c4fe011f/1/hby4Hc0_KTGPQDuEgb5E7B_1UC4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.11.0.0/21
185.90.40.0/22
IPv6:
2a00:ebc0::/32
Signature Algorithm: sha256WithRSAEncryption
0d:3b:66:09:75:05:18:91:0e:e2:a0:11:57:4d:43:36:ae:5d:
21:b4:fb:af:e1:0d:b4:4f:21:00:f0:c1:7c:40:7f:53:34:9b:
3f:f5:e2:ee:4b:7d:2a:35:f8:d1:af:14:b8:3d:3f:96:2d:02:
e2:69:9b:66:93:bc:bf:9e:23:04:72:0e:f2:08:0e:e8:fe:a1:
c1:c8:24:f6:6e:c9:12:41:1c:de:9b:1c:7c:67:56:eb:0a:61:
de:ba:8a:f0:7b:45:16:2b:d2:af:c8:34:12:36:7a:24:1b:dd:
38:3d:91:92:db:cb:3c:f8:3f:c1:1f:67:4d:c6:db:f4:bf:09:
a8:98:d0:e6:e5:5b:e5:3c:9a:73:d8:24:46:f7:b6:20:77:7e:
6f:80:16:c2:a0:a2:2a:68:7e:c1:da:f5:39:76:51:62:67:8a:
f9:c1:b8:32:fc:64:dd:da:ef:af:72:5e:32:84:cf:6e:02:11:
37:17:12:28:7f:ea:4a:eb:ae:60:43:5a:60:a8:c2:9f:18:46:
ac:db:5b:00:e8:04:f6:9c:93:fd:1a:c6:2f:f3:39:f0:bc:a3:
2a:34:65:68:a1:18:d3:ce:b7:c2:c4:1b:5c:4c:88:79:4b:1b:
5b:39:5d:7b:08:32:4a:9a:49:dc:2a:ad:e0:e9:2f:de:89:d1:
85:00:74:1a
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQf+lLcQ2Y6UqD7P2Fz5wv9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YmNiODFkY2QzZjI5MzE4ZjQwM2I4NDgxYmU0NGVjMWZm
NTUwMmUwHhcNMjUwMTAxMDM0ODA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzQ0YjllYjY0ZjY4YzY2ZWZlZDdjZWIxYzJkMzYwOTNkNjhjZmY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqQVoLkH6hHogQybl/IeK54ky+n0
ZpBSfgjl7bPpVW+HSk951gjWh8GbKRYH0rOncRrPlJbIXiB7atwXRFPAk6gXE3l6
qi1C3aJkDnvQfLqP1nnHfGNDjxVEeQVUX6w5tekaIGtfTVLGmUyQesBnCNWiaDPo
dx/WzoBnlZf/svvPpTLzsThhES7eisSWZff+BpPVbuxRyp3Q7++YroMbQ2AYNyko
4rpYzhlSVMjVC8gIIBHoNNS8uyHEJWFENAFmZ+vjxPCh/XGyyadv9Ze2+6J8goqI
n+bioZqU2zN2oOrpOrchGmCTnYp040KDMPzGpP1EJGLt7553v4SLXL7xIQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMxEuetk9oxm7+186xwtNgk9aM/5MB8GA1UdIwQY
MBaAFIW8uB3NPykxj0A7hIG+ROwf9VAuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGJ5NEhjMF9LVEdQUUR1RWdiNUU3Ql8xVUM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi81NjUwNjUtZGE0ZC00Y2JlLTkwNjEt
ODc4MWM0ZmUwMTFmLzEvekVTNTYyVDJqR2J2N1h6ckhDMDJDVDFvel9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi81NjUwNjUtZGE0ZC00Y2JlLTkwNjEtODc4MWM0ZmUwMTFm
LzEvaGJ5NEhjMF9LVEdQUUR1RWdiNUU3Ql8xVUM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDBQsAAwQC
uVooMA0EAgACMAcDBQAqAOvAMA0GCSqGSIb3DQEBCwUAA4IBAQANO2YJdQUYkQ7i
oBFXTUM2rl0htPuv4Q20TyEA8MF8QH9TNJs/9eLuS30qNfjRrxS4PT+WLQLiaZtm
k7y/niMEcg7yCA7o/qHByCT2bskSQRzemxx8Z1brCmHeuorwe0UWK9KvyDQSNnok
G904PZGS28s8+D/BH2dNxtv0vwmomNDm5VvlPJpz2CRG97Ygd35vgBbCoKIqaH7B
2vU5dlFiZ4r5wbgy/GTd2u+vcl4yhM9uAhE3FxIof+pK665gQ1pgqMKfGEas21sA
6AT2nJP9GsYv8znwvKMqNGVooRjTzrfCxBtcTIh5SxtbOV17CDJKmkncKq3g6S/e
idGFAHQa
-----END CERTIFICATE-----
Generated at Thu Mar 13 07:52:11 2025 by rpki-client