Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/ZchGG8A8nhqHRHzSz8wIeuBKy7A.roa
File: ZchGG8A8nhqHRHzSz8wIeuBKy7A.roa (raw, json)
Hash identifier: fyy0T0JEDqACIzgC4O1cOibFQ+4m6gfIvZEPpikdJzY=
Subject key identifier: 65:C8:46:1B:C0:3C:9E:1A:87:44:7C:D2:CF:CC:08:7A:E0:4A:CB:B0
Certificate issuer: /CN=e6596e1552fc0a5884a881b352817d0b73009083
Certificate serial: 01942823E4354B55A3F3B445798BF4ACDB13
Authority key identifier: E6:59:6E:15:52:FC:0A:58:84:A8:81:B3:52:81:7D:0B:73:00:90:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5lluFVL8CliEqIGzUoF9C3MAkIM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/ZchGG8A8nhqHRHzSz8wIeuBKy7A.roa
Signing time: Thu 02 Jan 2025 17:50:28 +0000
ROA not before: Thu 02 Jan 2025 17:50:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20849
IP address blocks: 80.72.128.0/20 maxlen: 20
147.78.92.0/22 maxlen: 22
217.22.192.0/20 maxlen: 20
2a02:2958::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/5lluFVL8CliEqIGzUoF9C3MAkIM.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/5lluFVL8CliEqIGzUoF9C3MAkIM.mft
rsync://rpki.ripe.net/repository/DEFAULT/5lluFVL8CliEqIGzUoF9C3MAkIM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 17:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:23:e4:35:4b:55:a3:f3:b4:45:79:8b:f4:ac:db:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6596e1552fc0a5884a881b352817d0b73009083
Validity
Not Before: Jan 2 17:50:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65c8461bc03c9e1a87447cd2cfcc087ae04acbb0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e3:e7:11:0e:d9:9e:dc:89:54:89:02:63:5a:
00:01:34:6e:02:84:2f:10:2e:c8:39:7a:0b:f6:66:
2d:5d:d6:a6:26:6d:3d:6b:04:f6:2d:1a:c9:8a:75:
04:07:b2:24:f6:e5:4f:a4:95:46:32:4f:02:41:27:
bd:0a:85:1d:8c:80:ba:03:9e:00:65:68:63:fa:a3:
5b:57:8a:66:bc:4e:ea:65:5e:72:44:68:6c:4e:7c:
a1:65:90:69:67:ed:64:f8:a3:05:93:8f:1b:95:eb:
84:b4:f5:40:5d:ef:93:b4:41:8c:35:ec:5e:e7:33:
7f:6b:1f:1b:56:89:78:7c:e7:ee:ce:1c:63:c5:94:
e8:e8:20:d2:2c:0d:7c:e0:c9:d0:81:dc:80:63:56:
ee:9f:af:f7:31:00:a5:0e:59:fc:64:16:3c:f7:6d:
f6:0b:86:ac:64:c1:32:6f:98:67:78:dd:fb:95:84:
a9:e9:64:06:6f:4a:fa:7b:e5:73:eb:8f:d3:f2:b1:
19:57:03:8d:c0:ce:11:9f:de:46:20:6c:ba:3c:86:
2c:41:8a:53:a9:bd:13:0e:c0:1f:74:92:a3:a6:e7:
4e:10:3f:00:2a:8a:a0:54:71:9f:c0:dd:1f:5a:85:
a0:34:53:a1:9c:da:8a:94:bb:bf:02:6e:06:b0:56:
a5:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C8:46:1B:C0:3C:9E:1A:87:44:7C:D2:CF:CC:08:7A:E0:4A:CB:B0
X509v3 Authority Key Identifier:
keyid:E6:59:6E:15:52:FC:0A:58:84:A8:81:B3:52:81:7D:0B:73:00:90:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5lluFVL8CliEqIGzUoF9C3MAkIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/ZchGG8A8nhqHRHzSz8wIeuBKy7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/0ca287-3eef-414c-883a-081691257a26/1/5lluFVL8CliEqIGzUoF9C3MAkIM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.72.128.0/20
147.78.92.0/22
217.22.192.0/20
IPv6:
2a02:2958::/32
Signature Algorithm: sha256WithRSAEncryption
44:1f:d4:04:55:81:98:9f:2f:93:9e:12:f5:6f:51:1a:b2:08:
68:8e:76:0f:9d:fd:a7:52:d4:35:f9:60:67:32:2b:a6:aa:74:
4f:95:97:4a:eb:03:f6:16:ea:ab:79:24:4f:9c:9e:71:8e:b3:
b2:8b:32:85:4a:5f:e0:92:9b:4f:3b:3d:20:84:e3:5a:ad:fe:
ec:c4:3e:d0:61:e0:26:0e:1f:81:43:75:54:a8:37:b0:a5:33:
fa:19:23:3b:e2:13:29:ae:2a:f9:cf:c6:a2:24:de:be:1b:0c:
ad:43:c7:ea:48:70:82:f9:27:84:06:cc:f4:a0:02:93:cb:0d:
dd:6d:31:ea:f2:dd:fc:e9:75:fb:64:f7:2a:0d:9c:36:70:fd:
23:92:c5:a0:6a:90:5e:b7:90:0a:3a:e0:89:45:08:c4:2a:01:
f4:f3:75:ac:3b:4d:0b:7b:77:dd:35:1a:fe:fc:71:f4:ea:dd:
b3:20:d3:92:1c:d9:34:a3:5b:4a:d2:56:b6:17:1b:37:6e:63:
d2:9b:0d:c6:72:f8:b1:60:d9:29:18:13:c9:4d:72:3c:e7:f3:
11:84:07:ef:45:80:5c:ae:64:0d:ae:d4:02:db:21:1a:be:0b:
e9:2d:92:05:4b:3e:69:1c:f5:e5:d2:66:86:20:72:62:ff:8a:
ff:2a:fb:39
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQoI+Q1S1Wj87RFeYv0rNsTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2NTk2ZTE1NTJmYzBhNTg4NGE4ODFiMzUyODE3ZDBiNzMw
MDkwODMwHhcNMjUwMTAyMTc1MDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWM4NDYxYmMwM2M5ZTFhODc0NDdjZDJjZmNjMDg3YWUwNGFjYmIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uPnEQ7ZntyJVIkCY1oAATRuAoQv
EC7IOXoL9mYtXdamJm09awT2LRrJinUEB7Ik9uVPpJVGMk8CQSe9CoUdjIC6A54A
ZWhj+qNbV4pmvE7qZV5yRGhsTnyhZZBpZ+1k+KMFk48bleuEtPVAXe+TtEGMNexe
5zN/ax8bVol4fOfuzhxjxZTo6CDSLA184MnQgdyAY1bun6/3MQClDln8ZBY89232
C4asZMEyb5hneN37lYSp6WQGb0r6e+Vz64/T8rEZVwONwM4Rn95GIGy6PIYsQYpT
qb0TDsAfdJKjpudOED8AKoqgVHGfwN0fWoWgNFOhnNqKlLu/Am4GsFalBQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGXIRhvAPJ4ah0R80s/MCHrgSsuwMB8GA1UdIwQY
MBaAFOZZbhVS/ApYhKiBs1KBfQtzAJCDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWxsdUZWTDhDbGlFcUlHelVvRjlDM01Ba0lNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8wY2EyODctM2VlZi00MTRjLTg4M2Et
MDgxNjkxMjU3YTI2LzEvWmNoR0c4QThuaHFIUkh6U3o4d0lldUJLeTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8wY2EyODctM2VlZi00MTRjLTg4M2EtMDgxNjkxMjU3YTI2
LzEvNWxsdUZWTDhDbGlFcUlHelVvRjlDM01Ba0lNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUEiAAwQC
k05cAwQE2RbAMA0EAgACMAcDBQAqAilYMA0GCSqGSIb3DQEBCwUAA4IBAQBEH9QE
VYGYny+TnhL1b1EasghojnYPnf2nUtQ1+WBnMiumqnRPlZdK6wP2FuqreSRPnJ5x
jrOyizKFSl/gkptPOz0ghONarf7sxD7QYeAmDh+BQ3VUqDewpTP6GSM74hMprir5
z8aiJN6+GwytQ8fqSHCC+SeEBsz0oAKTyw3dbTHq8t386XX7ZPcqDZw2cP0jksWg
apBet5AKOuCJRQjEKgH083WsO00Le3fdNRr+/HH06t2zINOSHNk0o1tK0la2Fxs3
bmPSmw3GcvixYNkpGBPJTXI85/MRhAfvRYBcrmQNrtQC2yEavgvpLZIFSz5pHPXl
0maGIHJi/4r/Kvs5
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:31 2025 by rpki-client