Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/ZFAYM9mu8jS6R0AyRbdSE1lnwbA.roa
File: ZFAYM9mu8jS6R0AyRbdSE1lnwbA.roa (raw, json)
Hash identifier: tJHXTlE43Al/Bk06k42NooyquRAu3ree+mY4auRgVIA=
Subject key identifier: 64:50:18:33:D9:AE:F2:34:BA:47:40:32:45:B7:52:13:59:67:C1:B0
Certificate issuer: /CN=321ec194107843848cd36330232b5f6a43791db4
Certificate serial: 01942067D5F67D8CA6CE40FBE543B675F635
Authority key identifier: 32:1E:C1:94:10:78:43:84:8C:D3:63:30:23:2B:5F:6A:43:79:1D:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Mh7BlBB4Q4SM02MwIytfakN5HbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/ZFAYM9mu8jS6R0AyRbdSE1lnwbA.roa
Signing time: Wed 01 Jan 2025 05:47:43 +0000
ROA not before: Wed 01 Jan 2025 05:47:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43519
IP address blocks: 194.227.193.0/24 maxlen: 24
194.227.194.0/24 maxlen: 24
194.227.195.0/24 maxlen: 24
212.148.211.0/24 maxlen: 24
212.148.212.0/24 maxlen: 24
212.148.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/Mh7BlBB4Q4SM02MwIytfakN5HbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/Mh7BlBB4Q4SM02MwIytfakN5HbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Mh7BlBB4Q4SM02MwIytfakN5HbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 02:01:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:67:d5:f6:7d:8c:a6:ce:40:fb:e5:43:b6:75:f6:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=321ec194107843848cd36330232b5f6a43791db4
Validity
Not Before: Jan 1 05:47:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64501833d9aef234ba47403245b752135967c1b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:f0:1d:3c:37:d7:91:91:a0:ac:07:46:4d:26:
70:81:15:26:c5:60:4a:03:d8:5e:fa:c4:3d:d2:f2:
ae:3d:f6:a0:87:4d:f0:0b:ee:6c:0e:4c:db:8d:6a:
25:be:f3:8a:a3:f2:6c:1e:c5:a4:3e:99:7c:cf:0d:
16:43:57:4f:4c:a8:37:7a:c4:4c:87:76:4f:07:4b:
b8:21:65:9a:cc:bd:18:f1:90:bb:77:56:2e:20:ca:
97:79:b7:90:64:f4:03:b6:9b:dc:fa:8b:b5:ef:20:
c6:f4:59:9d:15:3b:5d:fe:b4:8c:8d:d7:3b:7a:50:
cb:58:72:c5:cf:18:ac:6c:09:f6:d1:26:7f:c4:43:
be:bd:7d:f3:58:24:03:98:b7:6f:24:38:27:1c:90:
26:d3:cf:ed:a7:a0:21:1e:48:d8:02:b7:62:6b:a8:
e3:01:8a:26:c4:91:6f:5f:46:87:16:ef:dd:84:08:
00:5a:e3:2b:2b:10:d8:fb:7f:8f:2f:0b:54:6c:d6:
89:04:1a:79:0e:a4:01:fe:9e:2a:54:ef:7c:c0:64:
db:2f:10:d4:9d:89:3c:83:49:b9:fe:18:5c:31:58:
12:ab:af:9f:fc:c9:74:ed:13:e4:ea:fe:f5:2a:64:
10:a6:b8:97:d6:a2:36:27:9c:cc:f5:d2:17:01:2a:
da:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:50:18:33:D9:AE:F2:34:BA:47:40:32:45:B7:52:13:59:67:C1:B0
X509v3 Authority Key Identifier:
keyid:32:1E:C1:94:10:78:43:84:8C:D3:63:30:23:2B:5F:6A:43:79:1D:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Mh7BlBB4Q4SM02MwIytfakN5HbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/ZFAYM9mu8jS6R0AyRbdSE1lnwbA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/f1458f-bdc3-4e4b-9f68-3a611c093a2c/1/Mh7BlBB4Q4SM02MwIytfakN5HbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.227.193.0-194.227.195.255
212.148.211.0-212.148.213.255
Signature Algorithm: sha256WithRSAEncryption
6d:c0:ac:17:26:e6:e2:55:33:d6:52:e8:e8:2d:5c:26:5a:b8:
f7:d4:fe:10:cc:06:b8:aa:88:70:95:2e:11:bf:1f:3b:0c:82:
63:b2:31:ed:1f:a9:db:0d:90:e3:54:fb:27:ae:9a:d1:96:8a:
d5:ca:a9:25:71:09:4f:34:69:bd:4d:e6:48:c1:b9:25:e8:f9:
e7:21:60:d2:3f:13:ad:89:d7:9f:38:75:0c:5e:f1:4a:35:cd:
5d:42:4a:b8:cf:ae:60:98:47:1a:ae:d6:4a:8c:e2:c0:aa:01:
01:0a:a3:e3:d3:b6:ec:54:38:13:68:b0:07:50:43:62:7a:5e:
60:ef:e7:56:1d:00:69:d1:04:9a:d4:c0:84:fd:90:4b:ed:06:
11:9f:4f:3c:5b:14:c8:46:46:9e:0b:e1:fb:9d:12:0f:0c:93:
2d:2f:d9:e6:c5:09:80:e1:30:44:da:b1:e1:c9:b0:54:73:56:
2b:36:f1:e6:37:64:d3:5f:5d:77:b4:a4:c4:bc:15:f8:81:c9:
ba:7f:40:4e:4e:97:68:fe:d4:14:21:8d:f4:c0:1e:ba:79:9d:
77:86:7c:f8:23:78:21:58:ac:12:aa:97:39:3d:3d:cd:6c:ac:
f0:d8:af:47:67:66:bf:34:bb:cf:fd:f3:1d:b2:7e:35:d6:66:
ee:3d:f7:08
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZQgZ9X2fYymzkD75UO2dfY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyMWVjMTk0MTA3ODQzODQ4Y2QzNjMzMDIzMmI1ZjZhNDM3
OTFkYjQwHhcNMjUwMTAxMDU0NzQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDUwMTgzM2Q5YWVmMjM0YmE0NzQwMzI0NWI3NTIxMzU5NjdjMWIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvPAdPDfXkZGgrAdGTSZwgRUmxWBK
A9he+sQ90vKuPfagh03wC+5sDkzbjWolvvOKo/JsHsWkPpl8zw0WQ1dPTKg3esRM
h3ZPB0u4IWWazL0Y8ZC7d1YuIMqXebeQZPQDtpvc+ou17yDG9FmdFTtd/rSMjdc7
elDLWHLFzxisbAn20SZ/xEO+vX3zWCQDmLdvJDgnHJAm08/tp6AhHkjYArdia6jj
AYomxJFvX0aHFu/dhAgAWuMrKxDY+3+PLwtUbNaJBBp5DqQB/p4qVO98wGTbLxDU
nYk8g0m5/hhcMVgSq6+f/Ml07RPk6v71KmQQpriX1qI2J5zM9dIXASra1wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFGRQGDPZrvI0ukdAMkW3UhNZZ8GwMB8GA1UdIwQY
MBaAFDIewZQQeEOEjNNjMCMrX2pDeR20MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTWg3QmxCQjRRNFNNMDJNd0l5dGZha041SGJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9mMTQ1OGYtYmRjMy00ZTRiLTlmNjgt
M2E2MTFjMDkzYTJjLzEvWkZBWU05bXU4alM2UjBBeVJiZFNFMWxud2JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9mMTQ1OGYtYmRjMy00ZTRiLTlmNjgtM2E2MTFjMDkzYTJj
LzEvTWg3QmxCQjRRNFNNMDJNd0l5dGZha041SGJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBADC48ED
BALC48AwDAMEANSU0wMEAdSU1DANBgkqhkiG9w0BAQsFAAOCAQEAbcCsFybm4lUz
1lLo6C1cJlq499T+EMwGuKqIcJUuEb8fOwyCY7Ix7R+p2w2Q41T7J66a0ZaK1cqp
JXEJTzRpvU3mSMG5Jej55yFg0j8TrYnXnzh1DF7xSjXNXUJKuM+uYJhHGq7WSozi
wKoBAQqj49O27FQ4E2iwB1BDYnpeYO/nVh0AadEEmtTAhP2QS+0GEZ9PPFsUyEZG
ngvh+50SDwyTLS/Z5sUJgOEwRNqx4cmwVHNWKzbx5jdk019dd7SkxLwV+IHJun9A
Tk6XaP7UFCGN9MAeunmdd4Z8+CN4IVisEqqXOT09zWys8NivR2dmvzS7z/3zHbJ+
NdZm7j33CA==
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:50:49 2025 by rpki-client