Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/8957eb-f492-43cb-a603-b626f331492f/1/ZYX1Qhws2vdCl-u2QXbSsdG6zUs.roa
File: ZYX1Qhws2vdCl-u2QXbSsdG6zUs.roa (raw, json)
Hash identifier: 1Yas72g5IvT1A6G5CoyKopOr6adZNC8arOgG6BPNF2I=
Subject key identifier: 65:85:F5:42:1C:2C:DA:F7:42:97:EB:B6:41:76:D2:B1:D1:BA:CD:4B
Certificate issuer: /CN=76b4d3e8971322c64d7a0458bab745a89ade4de5
Certificate serial: 01942747B5C268118A66454DE80EFFEFC74C
Authority key identifier: 76:B4:D3:E8:97:13:22:C6:4D:7A:04:58:BA:B7:45:A8:9A:DE:4D:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/drTT6JcTIsZNegRYurdFqJreTeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/8957eb-f492-43cb-a603-b626f331492f/1/ZYX1Qhws2vdCl-u2QXbSsdG6zUs.roa
Signing time: Thu 02 Jan 2025 13:49:58 +0000
ROA not before: Thu 02 Jan 2025 13:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48882
IP address blocks: 31.133.64.0/20 maxlen: 20
91.218.16.0/22 maxlen: 22
95.215.48.0/24 maxlen: 24
95.215.49.0/24 maxlen: 24
95.215.50.0/24 maxlen: 24
95.215.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/8957eb-f492-43cb-a603-b626f331492f/1/drTT6JcTIsZNegRYurdFqJreTeU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/8957eb-f492-43cb-a603-b626f331492f/1/drTT6JcTIsZNegRYurdFqJreTeU.mft
rsync://rpki.ripe.net/repository/DEFAULT/drTT6JcTIsZNegRYurdFqJreTeU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 10 Mar 2025 04:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:47:b5:c2:68:11:8a:66:45:4d:e8:0e:ff:ef:c7:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76b4d3e8971322c64d7a0458bab745a89ade4de5
Validity
Not Before: Jan 2 13:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6585f5421c2cdaf74297ebb64176d2b1d1bacd4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:42:22:0c:e8:c9:fe:b4:1f:3a:3e:97:5b:d5:
9f:1d:04:3f:5c:da:a4:e1:ea:53:37:b1:55:55:64:
c9:ba:dd:4b:8f:1f:00:cc:a5:4a:44:f8:cb:65:01:
5b:f4:8d:8c:5a:d9:02:09:94:c8:c7:bd:fb:20:dc:
b6:a0:2d:9c:6a:ac:2d:e3:7f:ca:38:52:bc:15:86:
3c:54:40:1b:86:ef:0d:15:7d:14:de:9d:1f:e2:23:
c1:de:94:9f:41:3e:df:9d:53:30:d1:db:f9:a1:ce:
98:9f:96:96:57:2d:df:66:fb:d1:32:a5:8d:aa:a8:
87:c5:d9:ff:aa:43:c8:da:44:f2:62:b1:9d:e5:ce:
a8:fb:96:1b:95:15:53:16:de:48:fd:52:5c:0f:ac:
ce:81:fb:18:28:4b:30:14:75:e6:04:bc:c0:04:e8:
a0:4d:79:f5:5c:93:c4:7b:16:50:0d:25:7c:32:24:
62:93:70:ef:16:ce:a3:a3:55:d5:f4:3b:77:d7:67:
bd:6d:10:2d:43:da:41:79:63:5e:87:c6:ec:e4:70:
cb:15:c8:df:47:d2:e7:9e:b0:62:8a:fa:a9:a5:ec:
e7:eb:5d:bd:57:d1:93:ad:eb:d8:e7:1e:36:44:3e:
15:cf:1e:75:ad:a7:67:55:9d:a5:4d:fd:1a:5b:4e:
a0:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:85:F5:42:1C:2C:DA:F7:42:97:EB:B6:41:76:D2:B1:D1:BA:CD:4B
X509v3 Authority Key Identifier:
keyid:76:B4:D3:E8:97:13:22:C6:4D:7A:04:58:BA:B7:45:A8:9A:DE:4D:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/drTT6JcTIsZNegRYurdFqJreTeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8957eb-f492-43cb-a603-b626f331492f/1/ZYX1Qhws2vdCl-u2QXbSsdG6zUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/8957eb-f492-43cb-a603-b626f331492f/1/drTT6JcTIsZNegRYurdFqJreTeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.133.64.0/20
91.218.16.0/22
95.215.48.0/22
Signature Algorithm: sha256WithRSAEncryption
8c:13:ca:e9:62:59:f4:72:30:90:78:61:dc:78:1c:cf:d3:3a:
de:9e:ad:ad:09:03:f6:bc:8f:02:88:a2:ab:4b:80:b7:d7:8b:
8a:46:44:67:9f:56:0b:1e:a3:ae:d1:80:45:8e:8b:94:fa:77:
ef:b5:3e:8e:07:38:91:90:05:80:54:fd:e8:75:73:0c:60:69:
29:77:9c:21:d9:4d:96:e6:bd:89:4d:16:c4:9e:f7:51:46:df:
7d:f7:29:e2:f9:ed:3b:72:f7:6e:5b:89:f8:fb:e3:51:c8:9c:
26:8d:8e:33:a4:a8:6e:d6:0a:28:17:4d:f3:b0:34:b4:37:6c:
23:d7:da:4f:aa:13:12:68:cc:29:28:ba:b0:ab:9e:4a:22:aa:
cb:36:75:12:8f:56:cb:db:bb:96:c2:1f:7d:a1:ad:21:cd:3b:
29:be:08:b2:a5:55:e3:96:a4:ca:07:8e:ec:ed:8c:65:bb:17:
70:73:db:0a:2d:d6:c5:17:96:f2:44:e8:d9:f8:5b:35:cb:5b:
bf:59:20:e8:12:2a:c6:05:41:e8:94:1e:b3:7a:1f:04:22:18:
44:aa:b0:24:4d:35:6b:ea:13:0b:ad:7e:03:49:63:88:0c:11:
94:7e:2f:88:8c:89:61:26:d7:db:95:a0:97:68:53:76:e6:c3:
e5:ca:4b:c0
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnR7XCaBGKZkVN6A7/78dMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YjRkM2U4OTcxMzIyYzY0ZDdhMDQ1OGJhYjc0NWE4OWFk
ZTRkZTUwHhcNMjUwMTAyMTM0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTg1ZjU0MjFjMmNkYWY3NDI5N2ViYjY0MTc2ZDJiMWQxYmFjZDRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUIiDOjJ/rQfOj6XW9WfHQQ/XNqk
4epTN7FVVWTJut1Ljx8AzKVKRPjLZQFb9I2MWtkCCZTIx737INy2oC2caqwt43/K
OFK8FYY8VEAbhu8NFX0U3p0f4iPB3pSfQT7fnVMw0dv5oc6Yn5aWVy3fZvvRMqWN
qqiHxdn/qkPI2kTyYrGd5c6o+5YblRVTFt5I/VJcD6zOgfsYKEswFHXmBLzABOig
TXn1XJPEexZQDSV8MiRik3DvFs6jo1XV9Dt312e9bRAtQ9pBeWNeh8bs5HDLFcjf
R9LnnrBiivqppezn6129V9GTrevY5x42RD4Vzx51radnVZ2lTf0aW06gTwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGWF9UIcLNr3QpfrtkF20rHRus1LMB8GA1UdIwQY
MBaAFHa00+iXEyLGTXoEWLq3Raia3k3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHJUVDZKY1RJc1pOZWdSWXVyZEZxSnJlVGVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi84OTU3ZWItZjQ5Mi00M2NiLWE2MDMt
YjYyNmYzMzE0OTJmLzEvWllYMVFod3MydmRDbC11MlFYYlNzZEc2elVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi84OTU3ZWItZjQ5Mi00M2NiLWE2MDMtYjYyNmYzMzE0OTJm
LzEvZHJUVDZKY1RJc1pOZWdSWXVyZEZxSnJlVGVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQEH4VAAwQC
W9oQAwQCX9cwMA0GCSqGSIb3DQEBCwUAA4IBAQCME8rpYln0cjCQeGHceBzP0zre
nq2tCQP2vI8CiKKrS4C314uKRkRnn1YLHqOu0YBFjouU+nfvtT6OBziRkAWAVP3o
dXMMYGkpd5wh2U2W5r2JTRbEnvdRRt999yni+e07cvduW4n4++NRyJwmjY4zpKhu
1gooF03zsDS0N2wj19pPqhMSaMwpKLqwq55KIqrLNnUSj1bL27uWwh99oa0hzTsp
vgiypVXjlqTKB47s7Yxluxdwc9sKLdbFF5byROjZ+Fs1y1u/WSDoEirGBUHolB6z
eh8EIhhEqrAkTTVr6hMLrX4DSWOIDBGUfi+IjIlhJtfblaCXaFN25sPlykvA
-----END CERTIFICATE-----
Generated at Sun Mar 9 13:10:31 2025 by rpki-client