Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/12e679-856c-48ea-a062-959ebb905b3a/1/4ZrViR6MQ2LLwx-EpgYcmNOkhLU.roa
File: 4ZrViR6MQ2LLwx-EpgYcmNOkhLU.roa (raw, json)
Hash identifier: CcPs0/7vgqCna/xx+mVGMJUsG3faAZo8Ob5SJoRyZWw=
Subject key identifier: E1:9A:D5:89:1E:8C:43:62:CB:C3:1F:84:A6:06:1C:98:D3:A4:84:B5
Certificate issuer: /CN=6c12ab7063c85dfe22fa7a99d9c6fce5e6161031
Certificate serial: 01942143C5345FC50B612CEE229B8CAD1805
Authority key identifier: 6C:12:AB:70:63:C8:5D:FE:22:FA:7A:99:D9:C6:FC:E5:E6:16:10:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bBKrcGPIXf4i-nqZ2cb85eYWEDE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/12e679-856c-48ea-a062-959ebb905b3a/1/4ZrViR6MQ2LLwx-EpgYcmNOkhLU.roa
Signing time: Wed 01 Jan 2025 09:47:57 +0000
ROA not before: Wed 01 Jan 2025 09:47:57 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29217
IP address blocks: 83.174.64.0/18 maxlen: 18
217.150.160.0/20 maxlen: 20
217.150.161.32/28 maxlen: 28
217.150.165.0/24 maxlen: 24
217.150.171.0/24 maxlen: 24
217.150.175.0/27 maxlen: 27
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/12e679-856c-48ea-a062-959ebb905b3a/1/bBKrcGPIXf4i-nqZ2cb85eYWEDE.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/12e679-856c-48ea-a062-959ebb905b3a/1/bBKrcGPIXf4i-nqZ2cb85eYWEDE.mft
rsync://rpki.ripe.net/repository/DEFAULT/bBKrcGPIXf4i-nqZ2cb85eYWEDE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:43:c5:34:5f:c5:0b:61:2c:ee:22:9b:8c:ad:18:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c12ab7063c85dfe22fa7a99d9c6fce5e6161031
Validity
Not Before: Jan 1 09:47:57 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e19ad5891e8c4362cbc31f84a6061c98d3a484b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:ba:67:29:80:2d:00:87:43:d0:5d:14:e0:f8:
69:7d:27:e0:70:63:8f:f6:6e:14:7a:8f:1c:93:2a:
ae:79:7d:47:08:23:2d:9c:3d:ca:9c:47:51:15:81:
9e:fc:1d:d6:da:1b:3b:4f:78:ae:e9:b2:4b:8f:3e:
3c:13:91:1d:f7:9e:fc:9f:b5:b6:ae:c3:e7:c3:7d:
d3:88:01:c5:d0:83:2d:45:88:2c:2f:df:8c:21:7a:
63:43:7d:31:f2:c2:31:f3:e7:1b:e1:58:6f:5c:6a:
3b:af:25:8c:9e:89:6f:31:19:a5:5f:5b:13:d0:1f:
6b:67:39:e8:b5:b6:f9:a4:01:bc:cb:6c:d9:ba:df:
15:a0:66:ed:a4:73:4c:ba:7e:76:92:a0:0d:1f:c7:
5b:6f:7d:52:10:b9:6c:61:c1:61:36:bb:29:5b:95:
ed:b9:2f:75:22:f8:85:b7:15:aa:52:e4:27:8a:bd:
13:80:fb:47:03:7d:a7:27:1a:3e:62:f2:36:a4:29:
49:a1:9c:1f:ef:95:7a:52:d4:2e:06:00:df:1b:c4:
24:e6:1c:66:c7:94:e0:fc:8c:37:31:67:60:43:91:
39:9e:da:51:db:8f:08:b1:ec:51:e2:0a:ed:57:10:
85:d5:2e:11:3c:0e:78:ce:bc:fa:23:c1:bb:d8:39:
13:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9A:D5:89:1E:8C:43:62:CB:C3:1F:84:A6:06:1C:98:D3:A4:84:B5
X509v3 Authority Key Identifier:
keyid:6C:12:AB:70:63:C8:5D:FE:22:FA:7A:99:D9:C6:FC:E5:E6:16:10:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bBKrcGPIXf4i-nqZ2cb85eYWEDE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/12e679-856c-48ea-a062-959ebb905b3a/1/4ZrViR6MQ2LLwx-EpgYcmNOkhLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/12e679-856c-48ea-a062-959ebb905b3a/1/bBKrcGPIXf4i-nqZ2cb85eYWEDE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.174.64.0/18
217.150.160.0/20
Signature Algorithm: sha256WithRSAEncryption
82:72:84:5a:81:27:28:bc:ba:50:ae:d8:af:72:cd:c7:30:68:
2c:db:f4:f0:0c:f1:c2:e5:29:2e:e6:b6:93:87:04:6b:4b:a9:
2d:0c:b9:4a:3a:7b:b5:45:e1:4d:46:c8:23:62:d4:a1:02:b1:
61:ff:2a:43:bd:9c:fa:0d:95:9a:64:83:e1:66:f0:8d:c7:be:
36:6d:5b:71:2e:72:05:39:fc:6a:06:60:8a:6d:1f:f7:51:f7:
90:6a:63:0f:b6:ca:1b:c3:ad:8f:df:40:4d:fc:f7:7f:40:38:
32:c6:e5:f7:e4:07:f4:df:17:d3:c0:a8:23:78:10:b4:5d:b3:
86:e5:9b:83:50:0a:97:76:2f:d9:a1:c1:b7:69:cc:ca:9e:35:
a0:26:45:c1:90:11:f9:fb:83:d9:e8:b8:f2:d0:08:f2:5e:fd:
a2:9d:3c:a8:ce:70:6b:26:10:a7:67:05:82:43:64:0f:d4:dc:
d1:2d:8a:57:a9:ed:1a:46:b9:6f:d6:e9:22:a3:56:14:f8:da:
1d:06:b3:db:4b:de:89:b6:80:17:eb:55:26:7d:70:fd:45:51:
6a:98:1e:4e:ef:7d:28:19:40:dd:68:64:fa:3b:00:cc:6f:d4:
45:d2:ac:2b:57:72:c1:84:50:8f:35:3e:fb:08:52:5f:5c:e0:
73:13:74:28
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQhQ8U0X8ULYSzuIpuMrRgFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMTJhYjcwNjNjODVkZmUyMmZhN2E5OWQ5YzZmY2U1ZTYx
NjEwMzEwHhcNMjUwMTAxMDk0NzU3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTlhZDU4OTFlOGM0MzYyY2JjMzFmODRhNjA2MWM5OGQzYTQ4NGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmbpnKYAtAIdD0F0U4PhpfSfgcGOP
9m4Ueo8ckyqueX1HCCMtnD3KnEdRFYGe/B3W2hs7T3iu6bJLjz48E5Ed9578n7W2
rsPnw33TiAHF0IMtRYgsL9+MIXpjQ30x8sIx8+cb4VhvXGo7ryWMnolvMRmlX1sT
0B9rZznotbb5pAG8y2zZut8VoGbtpHNMun52kqANH8dbb31SELlsYcFhNrspW5Xt
uS91IviFtxWqUuQnir0TgPtHA32nJxo+YvI2pClJoZwf75V6UtQuBgDfG8Qk5hxm
x5Tg/Iw3MWdgQ5E5ntpR248IsexR4grtVxCF1S4RPA54zrz6I8G72DkTlQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOGa1YkejENiy8MfhKYGHJjTpIS1MB8GA1UdIwQY
MBaAFGwSq3BjyF3+Ivp6mdnG/OXmFhAxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkJLcmNHUElYZjRpLW5xWjJjYjg1ZVlXRURFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS8xMmU2NzktODU2Yy00OGVhLWEwNjIt
OTU5ZWJiOTA1YjNhLzEvNFpyVmlSNk1RMkxMd3gtRXBnWWNtTk9raExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS8xMmU2NzktODU2Yy00OGVhLWEwNjItOTU5ZWJiOTA1YjNh
LzEvYkJLcmNHUElYZjRpLW5xWjJjYjg1ZVlXRURFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQGU65AAwQE
2ZagMA0GCSqGSIb3DQEBCwUAA4IBAQCCcoRagScovLpQrtivcs3HMGgs2/TwDPHC
5Sku5raThwRrS6ktDLlKOnu1ReFNRsgjYtShArFh/ypDvZz6DZWaZIPhZvCNx742
bVtxLnIFOfxqBmCKbR/3UfeQamMPtsobw62P30BN/Pd/QDgyxuX35Af03xfTwKgj
eBC0XbOG5ZuDUAqXdi/ZocG3aczKnjWgJkXBkBH5+4PZ6Ljy0AjyXv2inTyoznBr
JhCnZwWCQ2QP1NzRLYpXqe0aRrlv1ukio1YU+NodBrPbS96JtoAX61UmfXD9RVFq
mB5O730oGUDdaGT6OwDMb9RF0qwrV3LBhFCPNT77CFJfXOBzE3Qo
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:44:16 2025 by rpki-client