Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/Z3Go8saXwZXXMMYbEYiVPWGVRXk.roa
File: Z3Go8saXwZXXMMYbEYiVPWGVRXk.roa (raw, json)
Hash identifier: XTY4+F/77lFXbbIzurIN7oqokSXQvQHevFpVhwO/K9Y=
Subject key identifier: 67:71:A8:F2:C6:97:C1:95:D7:30:C6:1B:11:88:95:3D:61:95:45:79
Certificate issuer: /CN=1a93849bff337df8b8b0bd1ae252ee6119d8a61f
Certificate serial: 01942826F0DBA1FC312484D1EE51C83F4FA5
Authority key identifier: 1A:93:84:9B:FF:33:7D:F8:B8:B0:BD:1A:E2:52:EE:61:19:D8:A6:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/Z3Go8saXwZXXMMYbEYiVPWGVRXk.roa
Signing time: Thu 02 Jan 2025 17:53:48 +0000
ROA not before: Thu 02 Jan 2025 17:53:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 91.200.50.0/24 maxlen: 24
91.213.115.0/24 maxlen: 24
91.241.6.0/23 maxlen: 24
195.46.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/GpOEm_8zffi4sL0a4lLuYRnYph8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/GpOEm_8zffi4sL0a4lLuYRnYph8.mft
rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:f0:db:a1:fc:31:24:84:d1:ee:51:c8:3f:4f:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a93849bff337df8b8b0bd1ae252ee6119d8a61f
Validity
Not Before: Jan 2 17:53:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6771a8f2c697c195d730c61b1188953d61954579
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:da:17:5e:f5:69:b1:e2:cb:3b:9b:f2:ba:0a:
0d:f5:c8:d7:a0:50:4d:16:39:fd:51:d2:13:0a:e2:
b7:6f:62:ba:db:14:a7:bd:75:62:9a:87:0a:27:74:
9d:9c:59:ff:6d:67:fc:fa:f8:e4:82:1d:96:bf:de:
c2:96:36:26:74:a1:a4:f4:21:2b:b8:b0:b4:c3:1d:
37:cb:c2:5b:93:55:29:49:27:69:cd:49:71:60:e4:
56:f8:3c:72:99:f5:2b:68:85:71:17:b4:e7:76:da:
4c:32:b0:34:15:a6:7b:63:91:2d:79:75:0a:e8:3d:
33:06:1d:ed:31:97:9f:56:f4:19:da:e2:bd:8f:38:
d2:c9:94:17:a5:84:a4:5c:bb:00:58:f8:5a:94:a7:
60:b9:99:92:af:a9:14:c8:90:e0:25:59:d4:b3:85:
6d:f7:d8:79:c2:20:22:78:66:30:37:42:e4:1b:89:
d5:fe:af:a3:aa:e2:f4:e1:fa:2a:86:3f:82:9d:a7:
23:11:ac:9b:0b:c2:77:4a:1a:ed:95:44:86:8c:e9:
fc:11:8b:de:94:d4:42:ec:43:43:02:b9:3d:24:8d:
13:d7:10:39:d4:90:46:ec:b3:02:1c:f5:b3:c5:46:
c2:7d:77:11:8c:11:a7:f6:d5:66:62:c3:01:10:c0:
43:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:71:A8:F2:C6:97:C1:95:D7:30:C6:1B:11:88:95:3D:61:95:45:79
X509v3 Authority Key Identifier:
keyid:1A:93:84:9B:FF:33:7D:F8:B8:B0:BD:1A:E2:52:EE:61:19:D8:A6:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GpOEm_8zffi4sL0a4lLuYRnYph8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/Z3Go8saXwZXXMMYbEYiVPWGVRXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/d4497a-11f2-49ac-aef9-43e67d5d0a85/1/GpOEm_8zffi4sL0a4lLuYRnYph8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.50.0/24
91.213.115.0/24
91.241.6.0/23
195.46.38.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:a8:91:38:74:e8:a7:9b:81:1f:76:19:7e:6d:b9:e7:30:48:
59:88:5f:81:bd:31:07:10:38:61:ea:19:c4:5f:0d:b2:87:d8:
07:07:9e:74:b8:11:29:82:32:db:de:04:68:77:59:0f:af:89:
3f:94:e1:38:27:99:bc:14:44:c0:56:a4:81:4c:40:1b:68:3c:
24:a7:74:ac:a6:a7:03:84:dc:2a:52:da:f7:fa:04:07:a0:11:
9e:b2:7d:41:f0:15:ce:1d:79:ac:1a:29:d0:c7:ff:43:82:11:
31:83:42:24:ba:57:ee:36:ab:23:c4:f0:c8:b5:a4:23:c1:d0:
8a:35:3c:7a:65:18:60:f9:3e:91:db:8e:00:01:ab:b4:95:c8:
e8:6e:c5:63:41:78:33:51:46:bb:43:d8:71:0a:08:1e:99:ef:
f2:78:08:5c:03:af:a2:d6:c2:77:b4:99:b3:0a:3f:8b:6d:4c:
a1:fc:bc:5f:4f:f9:ca:67:f9:8f:a7:d7:83:9c:5a:b8:d8:52:
56:36:b1:b1:82:80:0f:8e:07:bf:7b:36:6f:b1:76:2f:8f:46:
18:fe:5b:f7:85:9b:8e:cd:e6:ec:0d:1e:5a:78:de:91:01:c4:
c9:01:fa:a4:e8:cc:93:45:01:4a:33:db:4e:3e:ea:39:e4:47:
33:49:a8:16
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQoJvDbofwxJITR7lHIP0+lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhOTM4NDliZmYzMzdkZjhiOGIwYmQxYWUyNTJlZTYxMTlk
OGE2MWYwHhcNMjUwMTAyMTc1MzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzcxYThmMmM2OTdjMTk1ZDczMGM2MWIxMTg4OTUzZDYxOTU0NTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdoXXvVpseLLO5vyugoN9cjXoFBN
Fjn9UdITCuK3b2K62xSnvXVimocKJ3SdnFn/bWf8+vjkgh2Wv97CljYmdKGk9CEr
uLC0wx03y8Jbk1UpSSdpzUlxYORW+DxymfUraIVxF7TndtpMMrA0FaZ7Y5EteXUK
6D0zBh3tMZefVvQZ2uK9jzjSyZQXpYSkXLsAWPhalKdguZmSr6kUyJDgJVnUs4Vt
99h5wiAieGYwN0LkG4nV/q+jquL04foqhj+CnacjEaybC8J3ShrtlUSGjOn8EYve
lNRC7ENDArk9JI0T1xA51JBG7LMCHPWzxUbCfXcRjBGn9tVmYsMBEMBDlQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGdxqPLGl8GV1zDGGxGIlT1hlUV5MB8GA1UdIwQY
MBaAFBqThJv/M334uLC9GuJS7mEZ2KYfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3BPRW1fOHpmZmk0c0wwYTRsTHVZUm5ZcGg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9kNDQ5N2EtMTFmMi00OWFjLWFlZjkt
NDNlNjdkNWQwYTg1LzEvWjNHbzhzYVh3WlhYTU1ZYkVZaVZQV0dWUlhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9kNDQ5N2EtMTFmMi00OWFjLWFlZjktNDNlNjdkNWQwYTg1
LzEvR3BPRW1fOHpmZmk0c0wwYTRsTHVZUm5ZcGg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAW8gyAwQA
W9VzAwQBW/EGAwQAwy4mMA0GCSqGSIb3DQEBCwUAA4IBAQAtqJE4dOinm4Efdhl+
bbnnMEhZiF+BvTEHEDhh6hnEXw2yh9gHB550uBEpgjLb3gRod1kPr4k/lOE4J5m8
FETAVqSBTEAbaDwkp3SspqcDhNwqUtr3+gQHoBGesn1B8BXOHXmsGinQx/9DghEx
g0IkulfuNqsjxPDItaQjwdCKNTx6ZRhg+T6R244AAau0lcjobsVjQXgzUUa7Q9hx
Cggeme/yeAhcA6+i1sJ3tJmzCj+LbUyh/LxfT/nKZ/mPp9eDnFq42FJWNrGxgoAP
jge/ezZvsXYvj0YY/lv3hZuOzebsDR5aeN6RAcTJAfqk6MyTRQFKM9tOPuo55Ecz
SagW
-----END CERTIFICATE-----
Generated at Tue Apr 8 18:48:04 2025 by rpki-client