Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/zwwQDmkjyzkHQoSt9yvuLKYH4g4.roa
File: zwwQDmkjyzkHQoSt9yvuLKYH4g4.roa (raw, json)
Hash identifier: EbdIlUIf/V4IPQb4IjhvCPCvUZmRh/sZMHvATjYb0m8=
Subject key identifier: CF:0C:10:0E:69:23:CB:39:07:42:84:AD:F7:2B:EE:2C:A6:07:E2:0E
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01945034A5DE16FE3B54230FACBB8D343BB5
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/zwwQDmkjyzkHQoSt9yvuLKYH4g4.roa
Signing time: Fri 10 Jan 2025 12:33:35 +0000
ROA not before: Fri 10 Jan 2025 12:33:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49687
IP address blocks: 5.157.136.0/21 maxlen: 21
5.157.137.0/24 maxlen: 24
5.157.138.0/24 maxlen: 24
5.157.140.0/22 maxlen: 22
5.157.144.0/21 maxlen: 21
5.157.224.0/22 maxlen: 22
37.35.44.0/22 maxlen: 22
146.66.216.0/23 maxlen: 23
178.157.127.0/24 maxlen: 24
188.74.153.0/24 maxlen: 24
188.74.154.0/23 maxlen: 23
188.74.170.0/24 maxlen: 24
188.119.176.0/22 maxlen: 22
2a03:8800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 18:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:50:34:a5:de:16:fe:3b:54:23:0f:ac:bb:8d:34:3b:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jan 10 12:33:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf0c100e6923cb39074284adf72bee2ca607e20e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:7b:b7:3e:b1:ad:36:b6:3d:c3:11:e2:f2:c6:
e3:53:59:39:9c:fb:f3:b0:4b:9e:cb:7e:dc:17:68:
7a:ca:80:df:ff:bc:51:67:c7:3c:95:50:21:17:55:
25:bc:f2:7f:79:00:1e:15:81:36:f4:37:60:5d:b4:
87:31:01:d6:08:3d:8a:fb:7c:6f:e1:93:0f:67:f0:
a6:39:d1:55:00:22:84:98:22:75:aa:55:42:a6:d9:
81:3c:4c:d3:61:e2:75:2f:63:b5:a8:8a:fa:11:67:
33:6c:d0:95:59:60:f0:31:7d:b2:ec:b0:fd:47:d4:
2e:6b:12:b0:bc:83:ca:fd:58:d3:24:75:3a:cb:18:
49:71:78:a7:62:c5:1f:dc:b7:9b:8a:eb:b6:90:61:
16:d0:29:df:8c:03:d4:24:8f:30:88:0c:38:6a:94:
79:ea:41:c2:7d:fa:ec:38:9b:fa:b2:27:c1:5e:64:
8f:ff:a4:59:82:3a:f2:a7:e6:ae:a4:2f:4c:9d:0b:
a9:26:d5:f0:90:59:f2:65:06:45:1b:b3:46:83:43:
00:b0:39:c7:2a:7f:43:47:08:af:d2:7b:6f:2c:07:
ae:12:34:8a:bd:b7:97:8f:3d:3c:72:a0:b0:7b:8a:
62:f9:44:94:32:31:39:38:02:fb:6c:0d:ec:68:66:
59:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:0C:10:0E:69:23:CB:39:07:42:84:AD:F7:2B:EE:2C:A6:07:E2:0E
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/zwwQDmkjyzkHQoSt9yvuLKYH4g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.136.0-5.157.151.255
5.157.224.0/22
37.35.44.0/22
146.66.216.0/23
178.157.127.0/24
188.74.153.0-188.74.155.255
188.74.170.0/24
188.119.176.0/22
IPv6:
2a03:8800::/32
Signature Algorithm: sha256WithRSAEncryption
83:46:94:2d:c1:4b:8d:3e:4f:76:5f:e8:a6:29:5f:be:87:49:
7c:37:da:7e:0b:f6:b3:63:55:bd:3d:86:8a:d6:3d:9f:c5:fd:
30:68:61:f7:33:36:ca:49:ca:82:7f:52:cc:a4:b9:10:24:a2:
83:78:52:e9:48:71:55:fa:b6:c5:51:83:6c:23:0e:1b:79:53:
51:b4:21:4c:7f:21:20:21:32:42:97:40:b7:e9:fd:50:c8:13:
7a:24:43:60:46:08:87:31:78:5b:3d:76:8f:be:e8:88:3b:14:
6d:be:6d:02:be:95:b4:e2:98:12:d7:e3:58:a7:14:03:d7:d4:
06:df:3d:9a:fd:33:57:44:3c:03:fa:ca:2e:4a:c9:52:d1:cd:
c2:ee:ac:28:5e:91:61:31:aa:f5:ae:0f:8d:7d:49:a3:99:6b:
2d:8f:ef:20:f4:02:98:e1:52:58:2f:7c:65:79:9a:1e:b1:64:
74:4a:ac:4b:e7:12:6d:4f:71:a4:82:96:03:fd:16:85:2a:f4:
7a:a3:37:1a:36:06:c0:6c:9d:c2:33:3e:99:38:72:c0:97:f2:
46:e2:16:de:8d:66:31:12:69:f0:f9:d1:10:1b:2d:00:8c:b0:
43:ce:f8:ef:71:34:52:e1:42:b2:0d:b6:4c:d4:fa:93:24:e2:
1f:04:79:d2
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZRQNKXeFv47VCMPrLuNNDu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwMTEwMTIzMzM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjBjMTAwZTY5MjNjYjM5MDc0Mjg0YWRmNzJiZWUyY2E2MDdlMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXu3PrGtNrY9wxHi8sbjU1k5nPvz
sEuey37cF2h6yoDf/7xRZ8c8lVAhF1UlvPJ/eQAeFYE29DdgXbSHMQHWCD2K+3xv
4ZMPZ/CmOdFVACKEmCJ1qlVCptmBPEzTYeJ1L2O1qIr6EWczbNCVWWDwMX2y7LD9
R9QuaxKwvIPK/VjTJHU6yxhJcXinYsUf3Lebiuu2kGEW0CnfjAPUJI8wiAw4apR5
6kHCffrsOJv6sifBXmSP/6RZgjryp+aupC9MnQupJtXwkFnyZQZFG7NGg0MAsDnH
Kn9DRwiv0ntvLAeuEjSKvbeXjz08cqCwe4pi+USUMjE5OAL7bA3saGZZkQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFM8MEA5pI8s5B0KErfcr7iymB+IOMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvend3UURta2p5emtIUW9TdDl5dnVMS1lINGc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzBGBAIAATBAMAwDBAMFnYgD
BAMFnZADBAIFneADBAIlIywDBAGSQtgDBACynX8wDAMEALxKmQMEArxKmAMEALxK
qgMEArx3sDANBAIAAjAHAwUAKgOIADANBgkqhkiG9w0BAQsFAAOCAQEAg0aULcFL
jT5Pdl/opilfvodJfDfafgv2s2NVvT2GitY9n8X9MGhh9zM2yknKgn9SzKS5ECSi
g3hS6UhxVfq2xVGDbCMOG3lTUbQhTH8hICEyQpdAt+n9UMgTeiRDYEYIhzF4Wz12
j77oiDsUbb5tAr6VtOKYEtfjWKcUA9fUBt89mv0zV0Q8A/rKLkrJUtHNwu6sKF6R
YTGq9a4PjX1Jo5lrLY/vIPQCmOFSWC98ZXmaHrFkdEqsS+cSbU9xpIKWA/0WhSr0
eqM3GjYGwGydwjM+mThywJfyRuIW3o1mMRJp8PnREBstAIywQ87473E0UuFCsg22
TNT6kyTiHwR50g==
-----END CERTIFICATE-----
Generated at Mon Apr 7 03:16:59 2025 by rpki-client