Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/izFiBce-GnGDYR4txZafIHP1iLk.roa
File: izFiBce-GnGDYR4txZafIHP1iLk.roa (raw, json)
Hash identifier: 6ASOVWTNVRRVxuY9ayMGRUVJ1id7JkowncNxWBHtm+M=
Subject key identifier: 8B:31:62:05:C7:BE:1A:71:83:61:1E:2D:C5:96:9F:20:73:F5:88:B9
Certificate issuer: /CN=644f033f782eaf32ab09088775d64ac4b94b5b11
Certificate serial: 01949A318F9B86391BBA28A893C23B00A864
Authority key identifier: 64:4F:03:3F:78:2E:AF:32:AB:09:08:87:75:D6:4A:C4:B9:4B:5B:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZE8DP3gurzKrCQiHddZKxLlLWxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/izFiBce-GnGDYR4txZafIHP1iLk.roa
Signing time: Fri 24 Jan 2025 21:22:06 +0000
ROA not before: Fri 24 Jan 2025 21:22:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44947
IP address blocks: 213.134.17.0/24 maxlen: 24
2a05:2580::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/ZE8DP3gurzKrCQiHddZKxLlLWxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/ZE8DP3gurzKrCQiHddZKxLlLWxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZE8DP3gurzKrCQiHddZKxLlLWxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 09 Apr 2025 13:43:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:9a:31:8f:9b:86:39:1b:ba:28:a8:93:c2:3b:00:a8:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=644f033f782eaf32ab09088775d64ac4b94b5b11
Validity
Not Before: Jan 24 21:22:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b316205c7be1a7183611e2dc5969f2073f588b9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:03:c9:bf:1b:16:1d:2c:d6:9a:c4:af:13:83:
24:b0:c2:8f:3b:d0:d9:41:5f:f4:6b:8d:50:f9:02:
05:60:ea:f6:01:89:b6:65:88:f7:fd:3c:46:44:f4:
09:0f:ae:32:83:ab:c0:cb:f2:fc:74:6f:fd:a3:a8:
4d:82:b3:60:68:d2:bc:2a:61:bb:01:85:9f:ec:f8:
a2:7e:2e:5d:15:75:3e:34:47:46:ae:5a:bb:1a:94:
ba:eb:6e:cf:ce:09:ac:08:95:bf:2f:00:0e:e4:94:
8c:ca:b9:0b:53:71:84:98:43:b1:80:1f:da:cd:a1:
58:b9:68:d8:b2:25:28:1c:de:fd:9b:75:d6:b2:5b:
ca:41:6e:f0:54:5b:06:9c:bf:eb:ff:cb:ed:dd:60:
6c:8d:22:78:04:e3:c8:cc:d5:cb:8a:ae:5a:bd:fc:
da:ed:ba:05:c2:11:6a:0f:57:15:30:1c:62:9f:bc:
d9:af:54:ee:24:9f:3b:df:c2:14:65:b0:33:eb:22:
ec:6c:f8:5b:a4:98:8c:93:7d:53:2d:73:d9:b4:a6:
dd:77:a6:8c:ff:58:15:81:26:2f:ef:4c:3a:8b:bb:
63:98:17:74:62:b7:69:37:e4:aa:40:95:8e:dc:33:
cf:dd:0d:b9:b5:a2:04:7b:52:13:ce:b4:53:ee:de:
20:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:31:62:05:C7:BE:1A:71:83:61:1E:2D:C5:96:9F:20:73:F5:88:B9
X509v3 Authority Key Identifier:
keyid:64:4F:03:3F:78:2E:AF:32:AB:09:08:87:75:D6:4A:C4:B9:4B:5B:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZE8DP3gurzKrCQiHddZKxLlLWxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/izFiBce-GnGDYR4txZafIHP1iLk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/87ca91-6fb8-4038-890c-4915fe7f92ce/1/ZE8DP3gurzKrCQiHddZKxLlLWxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.134.17.0/24
IPv6:
2a05:2580::/30
Signature Algorithm: sha256WithRSAEncryption
9e:a4:91:d4:21:fc:04:4f:51:4e:bb:61:36:69:56:a3:b7:8e:
3d:ad:15:e8:73:3b:4a:49:2b:46:fb:26:df:3a:ff:5e:c5:3c:
f6:39:c4:c4:ce:0e:2d:8d:af:81:b1:80:a3:99:08:a7:84:ef:
7f:ca:fe:af:b6:11:90:0e:ef:40:9b:85:20:75:5a:8d:8d:00:
6e:e5:ed:6d:24:76:e7:4b:00:f7:af:be:7a:fc:23:45:15:e9:
bb:38:0b:2c:e2:33:29:57:9d:1b:4e:79:72:3a:ff:17:81:35:
ec:62:55:7b:45:9c:15:3d:d4:66:3e:f8:e3:a8:9b:5c:d4:91:
b1:09:3e:0d:14:4d:35:46:49:68:f9:b9:14:2e:35:60:96:b3:
c6:ee:40:85:52:ff:f1:34:70:47:ef:d6:da:1c:9f:97:a2:7f:
a4:ef:25:ed:da:33:86:ae:40:4b:c8:a7:16:1f:a0:f2:21:0b:
a0:ae:ee:e6:6b:45:11:5e:fe:a3:3a:4c:54:04:a0:f3:51:0a:
3e:1c:f4:5f:0b:bd:b3:2d:82:ad:e2:15:63:45:05:16:8c:fb:
13:43:6d:ec:b3:81:1a:a9:de:b7:6a:e7:73:4b:54:3b:3f:e6:
cc:d0:ea:5c:6c:81:f6:08:46:08:70:cd:59:b0:86:c9:a8:38:
19:9a:66:cc
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZSaMY+bhjkbuiiok8I7AKhkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0NGYwMzNmNzgyZWFmMzJhYjA5MDg4Nzc1ZDY0YWM0Yjk0
YjViMTEwHhcNMjUwMTI0MjEyMjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjMxNjIwNWM3YmUxYTcxODM2MTFlMmRjNTk2OWYyMDczZjU4OGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqgPJvxsWHSzWmsSvE4MksMKPO9DZ
QV/0a41Q+QIFYOr2AYm2ZYj3/TxGRPQJD64yg6vAy/L8dG/9o6hNgrNgaNK8KmG7
AYWf7Piifi5dFXU+NEdGrlq7GpS6627PzgmsCJW/LwAO5JSMyrkLU3GEmEOxgB/a
zaFYuWjYsiUoHN79m3XWslvKQW7wVFsGnL/r/8vt3WBsjSJ4BOPIzNXLiq5avfza
7boFwhFqD1cVMBxin7zZr1TuJJ8738IUZbAz6yLsbPhbpJiMk31TLXPZtKbdd6aM
/1gVgSYv70w6i7tjmBd0YrdpN+SqQJWO3DPP3Q25taIEe1ITzrRT7t4gZQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIsxYgXHvhpxg2EeLcWWnyBz9Yi5MB8GA1UdIwQY
MBaAFGRPAz94Lq8yqwkIh3XWSsS5S1sRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWkU4RFAzZ3VyektyQ1FpSGRkWkt4TGxMV3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS84N2NhOTEtNmZiOC00MDM4LTg5MGMt
NDkxNWZlN2Y5MmNlLzEvaXpGaUJjZS1HbkdEWVI0dHhaYWZJSFAxaUxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS84N2NhOTEtNmZiOC00MDM4LTg5MGMtNDkxNWZlN2Y5MmNl
LzEvWkU4RFAzZ3VyektyQ1FpSGRkWkt4TGxMV3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA1YYRMA0E
AgACMAcDBQIqBSWAMA0GCSqGSIb3DQEBCwUAA4IBAQCepJHUIfwET1FOu2E2aVaj
t449rRXocztKSStG+ybfOv9exTz2OcTEzg4tja+BsYCjmQinhO9/yv6vthGQDu9A
m4UgdVqNjQBu5e1tJHbnSwD3r756/CNFFem7OAss4jMpV50bTnlyOv8XgTXsYlV7
RZwVPdRmPvjjqJtc1JGxCT4NFE01Rklo+bkULjVglrPG7kCFUv/xNHBH79baHJ+X
on+k7yXt2jOGrkBLyKcWH6DyIQugru7ma0URXv6jOkxUBKDzUQo+HPRfC72zLYKt
4hVjRQUWjPsTQ23ss4Eaqd63audzS1Q7P+bM0OpcbIH2CEYIcM1ZsIbJqDgZmmbM
-----END CERTIFICATE-----
Generated at Tue Apr 8 22:00:15 2025 by rpki-client