Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/Zc78epUkS8U-1FtfX_63z7MoHBM.roa
File: Zc78epUkS8U-1FtfX_63z7MoHBM.roa (raw, json)
Hash identifier: wP4gUHnjnAKGxxZilLo7m/NopoiQQ/4fltpez27ziD8=
Subject key identifier: 65:CE:FC:7A:95:24:4B:C5:3E:D4:5B:5F:5F:FE:B7:CF:B3:28:1C:13
Certificate issuer: /CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Certificate serial: 019421B18A597880C243D29A165FE39CDB16
Authority key identifier: 9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/Zc78epUkS8U-1FtfX_63z7MoHBM.roa
Signing time: Wed 01 Jan 2025 11:47:50 +0000
ROA not before: Wed 01 Jan 2025 11:47:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 174
IP address blocks: 84.247.104.0/24 maxlen: 24
84.247.106.0/24 maxlen: 24
84.247.107.0/24 maxlen: 24
84.247.108.0/24 maxlen: 24
84.247.109.0/24 maxlen: 24
84.247.110.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 04:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:8a:59:78:80:c2:43:d2:9a:16:5f:e3:9c:db:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e459aa4602bffa2d2650ba66818458c89fc4582
Validity
Not Before: Jan 1 11:47:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65cefc7a95244bc53ed45b5f5ffeb7cfb3281c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3c:ae:41:02:7c:15:b0:e2:9a:2c:d3:cb:d9:
2d:ac:c5:6d:2f:16:ef:f2:28:1b:d3:72:3e:d8:10:
35:02:5d:b2:70:a9:04:cf:96:f1:a3:00:19:eb:48:
18:be:b8:3e:6f:17:cc:ac:75:e1:3f:b2:69:91:52:
3d:95:84:94:e1:da:dd:d0:1f:79:f0:11:8e:e3:e3:
16:9b:30:8b:ac:70:95:b6:3b:5b:fe:24:35:e9:79:
4e:f6:9e:32:81:01:53:5f:06:40:fe:ae:f7:c5:23:
2a:4d:ab:91:02:59:ca:a6:02:d3:b7:43:3b:17:5c:
57:24:32:c2:95:89:0c:a6:1a:3b:c3:e8:e9:33:f3:
f6:05:de:31:2b:c2:bc:ab:64:10:57:45:47:d0:7b:
06:1a:38:60:f8:4e:a4:74:60:9d:40:48:4f:1c:17:
13:5c:31:ad:b8:8a:4f:7f:ee:e9:89:e4:c3:67:e8:
b5:84:0c:7c:2b:cd:fa:4b:1c:a0:8d:2b:43:2c:5b:
98:bb:4d:4d:1a:ea:b2:af:fd:60:8b:fd:1a:51:71:
07:d7:92:98:d1:f2:55:ab:ab:75:db:f4:a2:37:13:
56:72:be:0a:77:5b:71:ff:da:1b:4b:db:7b:fc:6a:
b9:f5:23:75:30:98:3f:5a:61:dc:aa:18:f1:ad:78:
1a:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:CE:FC:7A:95:24:4B:C5:3E:D4:5B:5F:5F:FE:B7:CF:B3:28:1C:13
X509v3 Authority Key Identifier:
keyid:9E:45:9A:A4:60:2B:FF:A2:D2:65:0B:A6:68:18:45:8C:89:FC:45:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nkWapGAr_6LSZQumaBhFjIn8RYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/Zc78epUkS8U-1FtfX_63z7MoHBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/9cc333-68d5-4692-9c5b-28a841da0bfd/1/nkWapGAr_6LSZQumaBhFjIn8RYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.247.104.0/24
84.247.106.0-84.247.110.255
Signature Algorithm: sha256WithRSAEncryption
5a:fc:69:77:6d:4d:e1:5f:d1:00:66:c5:73:2e:a9:1e:aa:46:
c8:18:52:c8:e5:f7:cd:38:47:6f:2f:28:9a:a9:02:dd:19:1d:
c6:4c:40:de:11:38:ff:1a:55:81:a3:ed:02:46:d2:a9:2a:b1:
93:db:e3:3f:bc:16:f8:b4:bf:8c:57:c3:7d:bf:0d:71:d6:bb:
18:d2:09:9e:46:13:43:5d:21:ce:6d:77:a3:42:c9:3a:09:4f:
ce:f9:09:5d:46:63:ac:46:0b:0d:27:0e:2d:0a:37:06:38:ae:
5b:10:25:bd:95:c1:32:cf:7d:aa:70:31:00:4c:bc:d9:3e:a2:
57:64:b7:6d:5d:3d:a9:af:f5:8b:3f:e7:2c:99:64:c3:bc:e2:
d7:9a:30:a2:8c:07:52:84:6a:83:5f:0b:9d:93:b0:03:67:66:
0f:e0:3e:81:47:ab:ab:c8:e5:73:13:68:f0:1f:d8:ff:ed:f4:
b4:06:9d:56:d4:3c:5d:a6:8e:9c:a7:9d:1d:d5:46:2e:27:4d:
dc:8a:d4:b7:d2:84:85:3c:76:ae:83:8a:88:f7:b9:ad:0e:b5:
59:b4:27:97:3b:a6:c9:4e:3f:83:4f:61:7e:89:97:59:0f:5f:
77:66:8b:b4:2c:d9:aa:7f:46:89:5c:7e:8f:48:4a:fb:a9:a0:
fe:2e:34:5e
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQhsYpZeIDCQ9KaFl/jnNsWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNDU5YWE0NjAyYmZmYTJkMjY1MGJhNjY4MTg0NThjODlm
YzQ1ODIwHhcNMjUwMTAxMTE0NzUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWNlZmM3YTk1MjQ0YmM1M2VkNDViNWY1ZmZlYjdjZmIzMjgxYzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjyuQQJ8FbDimizTy9ktrMVtLxbv
8igb03I+2BA1Al2ycKkEz5bxowAZ60gYvrg+bxfMrHXhP7JpkVI9lYSU4drd0B95
8BGO4+MWmzCLrHCVtjtb/iQ16XlO9p4ygQFTXwZA/q73xSMqTauRAlnKpgLTt0M7
F1xXJDLClYkMpho7w+jpM/P2Bd4xK8K8q2QQV0VH0HsGGjhg+E6kdGCdQEhPHBcT
XDGtuIpPf+7pieTDZ+i1hAx8K836SxygjStDLFuYu01NGuqyr/1gi/0aUXEH15KY
0fJVq6t12/SiNxNWcr4Kd1tx/9obS9t7/Gq59SN1MJg/WmHcqhjxrXgawQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFGXO/HqVJEvFPtRbX1/+t8+zKBwTMB8GA1UdIwQY
MBaAFJ5FmqRgK/+i0mULpmgYRYyJ/EWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWIt
MjhhODQxZGEwYmZkLzEvWmM3OGVwVWtTOFUtMUZ0ZlhfNjN6N01vSEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi85Y2MzMzMtNjhkNS00NjkyLTljNWItMjhhODQxZGEwYmZk
LzEvbmtXYXBHQXJfNkxTWlF1bWFCaEZqSW44UllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAVPdoMAwD
BAFU92oDBABU924wDQYJKoZIhvcNAQELBQADggEBAFr8aXdtTeFf0QBmxXMuqR6q
RsgYUsjl9804R28vKJqpAt0ZHcZMQN4ROP8aVYGj7QJG0qkqsZPb4z+8Fvi0v4xX
w32/DXHWuxjSCZ5GE0NdIc5td6NCyToJT875CV1GY6xGCw0nDi0KNwY4rlsQJb2V
wTLPfapwMQBMvNk+oldkt21dPamv9Ys/5yyZZMO84teaMKKMB1KEaoNfC52TsANn
Zg/gPoFHq6vI5XMTaPAf2P/t9LQGnVbUPF2mjpynnR3VRi4nTdyK1LfShIU8dq6D
ioj3ua0OtVm0J5c7pslOP4NPYX6Jl1kPX3dmi7Qs2ap/Rolcfo9ISvupoP4uNF4=
-----END CERTIFICATE-----
Generated at Wed Feb 5 10:58:43 2025 by rpki-client