Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/z9pLNQSZNKFYtIVw9GxMfA_dzlc.roa
File: z9pLNQSZNKFYtIVw9GxMfA_dzlc.roa (raw, json)
Hash identifier: ceBAqvnBw6p+b98UNKLSzZv2TyxRWLOoeu9xMf4knvE=
Subject key identifier: CF:DA:4B:35:04:99:34:A1:58:B4:85:70:F4:6C:4C:7C:0F:DD:CE:57
Certificate issuer: /CN=aa70110d30d52e8a6969588b3f621416bcdf644b
Certificate serial: 019600272F40DA9D786E9693C52D3C649153
Authority key identifier: AA:70:11:0D:30:D5:2E:8A:69:69:58:8B:3F:62:14:16:BC:DF:64:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qnARDTDVLoppaViLP2IUFrzfZEs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/z9pLNQSZNKFYtIVw9GxMfA_dzlc.roa
Signing time: Fri 04 Apr 2025 09:34:50 +0000
ROA not before: Fri 04 Apr 2025 09:34:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57227
IP address blocks: 81.24.85.0/24 maxlen: 24
81.24.88.0/22 maxlen: 22
81.163.32.0/19 maxlen: 19
81.163.63.0/24 maxlen: 24
176.120.192.0/19 maxlen: 19
185.110.44.0/22 maxlen: 22
185.110.44.0/23 maxlen: 23
185.110.46.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/qnARDTDVLoppaViLP2IUFrzfZEs.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/qnARDTDVLoppaViLP2IUFrzfZEs.mft
rsync://rpki.ripe.net/repository/DEFAULT/qnARDTDVLoppaViLP2IUFrzfZEs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 18:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:00:27:2f:40:da:9d:78:6e:96:93:c5:2d:3c:64:91:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aa70110d30d52e8a6969588b3f621416bcdf644b
Validity
Not Before: Apr 4 09:34:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cfda4b35049934a158b48570f46c4c7c0fddce57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fe:06:2e:37:c3:3d:07:1a:61:a4:4b:88:6d:
09:9f:9c:9c:91:27:0e:d9:32:13:15:bc:d9:f1:b6:
84:b4:65:b9:77:db:d1:56:a6:51:f1:c1:fd:a4:f0:
dc:1a:8c:30:c2:ec:22:5c:db:c4:f4:0d:8d:ae:f6:
b7:88:45:bc:66:37:c3:37:4a:4e:ff:89:92:3f:ea:
7c:69:62:ce:dd:c1:bb:73:fd:85:90:ac:f7:65:27:
8f:6a:7b:bd:28:f2:fc:ae:31:49:5d:25:fb:99:24:
71:c6:61:92:b5:96:80:93:41:3c:2e:05:1e:d1:73:
41:8d:3b:2a:fb:e3:91:67:4c:4c:1f:4b:79:43:67:
b5:29:5e:3b:be:e3:24:a6:19:39:64:57:2e:26:55:
5b:2f:96:20:b0:40:ff:d8:f0:78:97:eb:9a:89:08:
69:9a:c3:f8:da:39:2d:fb:3d:98:47:8a:b0:9f:15:
7f:47:2b:91:4d:61:0c:e1:77:b0:a9:09:29:f6:47:
05:da:4a:f6:af:e4:bc:de:8d:32:e5:07:c0:96:c3:
a8:3b:ec:eb:10:35:1f:31:e2:e8:a1:25:dd:02:b7:
f2:a6:77:bb:82:77:7c:c3:02:64:d6:3a:b5:40:bc:
d2:ff:b7:21:18:59:e0:d1:01:4d:07:03:71:5c:d7:
31:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:DA:4B:35:04:99:34:A1:58:B4:85:70:F4:6C:4C:7C:0F:DD:CE:57
X509v3 Authority Key Identifier:
keyid:AA:70:11:0D:30:D5:2E:8A:69:69:58:8B:3F:62:14:16:BC:DF:64:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qnARDTDVLoppaViLP2IUFrzfZEs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/z9pLNQSZNKFYtIVw9GxMfA_dzlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/fb7e67-5425-4c4f-b46a-8243aef6fe5a/1/qnARDTDVLoppaViLP2IUFrzfZEs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.24.85.0/24
81.24.88.0/22
81.163.32.0/19
176.120.192.0/19
185.110.44.0/22
Signature Algorithm: sha256WithRSAEncryption
3f:d8:18:27:b5:3f:b9:67:30:23:d2:e4:5f:e8:3b:1f:61:00:
38:58:96:32:2c:6b:98:cb:a7:ad:0d:65:e6:3c:d4:e3:0c:45:
c2:d1:c3:68:49:00:40:b7:2c:b2:6c:b9:3c:c8:6f:88:36:17:
75:3f:97:b7:f8:13:45:a6:60:93:c1:06:8d:b7:4d:70:77:a3:
d7:eb:ae:1c:8b:54:7c:ef:01:89:5d:15:0d:39:ce:f2:85:57:
74:7e:d1:af:bd:e2:89:7f:11:7f:e5:ad:ce:5c:60:54:78:88:
e3:24:31:a2:97:61:32:e6:52:03:e7:01:e1:f1:40:e0:0c:e0:
54:db:f1:f3:86:91:5e:9f:86:af:d2:55:55:ac:4b:7c:1a:0d:
1f:9d:22:7d:2e:4a:72:1f:bc:b3:79:16:8d:62:f1:00:1a:87:
67:58:32:67:13:b2:7a:c5:2c:db:84:18:bf:c7:da:b6:f5:62:
d0:07:f7:87:51:f8:7e:98:8b:a5:b8:f6:ae:7e:13:cd:70:4f:
da:7c:a2:71:28:17:99:e3:4c:52:82:43:47:68:fa:d8:53:51:
06:ac:62:42:5c:8b:1b:a3:16:c3:60:b3:05:78:bc:5e:33:99:
0c:11:06:c8:3e:27:e6:d1:32:3f:55:c9:74:11:7b:ca:0d:85:
d6:c1:b6:9d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZYAJy9A2p14bpaTxS08ZJFTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFhNzAxMTBkMzBkNTJlOGE2OTY5NTg4YjNmNjIxNDE2YmNk
ZjY0NGIwHhcNMjUwNDA0MDkzNDUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmRhNGIzNTA0OTkzNGExNThiNDg1NzBmNDZjNGM3YzBmZGRjZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/4GLjfDPQcaYaRLiG0Jn5yckScO
2TITFbzZ8baEtGW5d9vRVqZR8cH9pPDcGowwwuwiXNvE9A2Nrva3iEW8ZjfDN0pO
/4mSP+p8aWLO3cG7c/2FkKz3ZSePanu9KPL8rjFJXSX7mSRxxmGStZaAk0E8LgUe
0XNBjTsq++ORZ0xMH0t5Q2e1KV47vuMkphk5ZFcuJlVbL5YgsED/2PB4l+uaiQhp
msP42jkt+z2YR4qwnxV/RyuRTWEM4XewqQkp9kcF2kr2r+S83o0y5QfAlsOoO+zr
EDUfMeLooSXdArfypne7gnd8wwJk1jq1QLzS/7chGFng0QFNBwNxXNcxQQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM/aSzUEmTShWLSFcPRsTHwP3c5XMB8GA1UdIwQY
MBaAFKpwEQ0w1S6KaWlYiz9iFBa832RLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcW5BUkRURFZMb3BwYVZpTFAySVVGcnpmWkVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS9mYjdlNjctNTQyNS00YzRmLWI0NmEt
ODI0M2FlZjZmZTVhLzEvejlwTE5RU1pOS0ZZdElWdzlHeE1mQV9kemxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS9mYjdlNjctNTQyNS00YzRmLWI0NmEtODI0M2FlZjZmZTVh
LzEvcW5BUkRURFZMb3BwYVZpTFAySVVGcnpmWkVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAURhVAwQC
URhYAwQFUaMgAwQFsHjAAwQCuW4sMA0GCSqGSIb3DQEBCwUAA4IBAQA/2BgntT+5
ZzAj0uRf6DsfYQA4WJYyLGuYy6etDWXmPNTjDEXC0cNoSQBAtyyybLk8yG+INhd1
P5e3+BNFpmCTwQaNt01wd6PX664ci1R87wGJXRUNOc7yhVd0ftGvveKJfxF/5a3O
XGBUeIjjJDGil2Ey5lID5wHh8UDgDOBU2/HzhpFen4av0lVVrEt8Gg0fnSJ9Lkpy
H7yzeRaNYvEAGodnWDJnE7J6xSzbhBi/x9q29WLQB/eHUfh+mIuluPaufhPNcE/a
fKJxKBeZ40xSgkNHaPrYU1EGrGJCXIsboxbDYLMFeLxeM5kMEQbIPifm0TI/Vcl0
EXvKDYXWwbad
-----END CERTIFICATE-----
Generated at Wed Apr 23 04:13:59 2025 by rpki-client