Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/z6yT1q0T7LBqZpy9PTiWdAbhrhU.roa
File: z6yT1q0T7LBqZpy9PTiWdAbhrhU.roa (raw, json)
Hash identifier: n5dOrWVGmQ/SZ7Maa9/Hdiv5+rDt72g8LPCctbA9zS8=
Subject key identifier: CF:AC:93:D6:AD:13:EC:B0:6A:66:9C:BD:3D:38:96:74:06:E1:AE:15
Certificate issuer: /CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Certificate serial: 0194266B566E0189DCAB24E13FD0C3572017
Authority key identifier: EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/z6yT1q0T7LBqZpy9PTiWdAbhrhU.roa
Signing time: Thu 02 Jan 2025 09:49:16 +0000
ROA not before: Thu 02 Jan 2025 09:49:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25374
IP address blocks: 212.21.130.0/24 maxlen: 24
212.21.140.0/22 maxlen: 24
212.21.144.0/21 maxlen: 24
212.21.152.0/22 maxlen: 24
212.21.156.0/23 maxlen: 24
212.21.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.mft
rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 10:07:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:56:6e:01:89:dc:ab:24:e1:3f:d0:c3:57:20:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebec9030c70a3d4192d59c28dcc8d547694340b3
Validity
Not Before: Jan 2 09:49:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cfac93d6ad13ecb06a669cbd3d38967406e1ae15
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ee:d4:0b:c6:b4:10:b9:06:ff:4a:2f:6d:ca:
32:59:ed:17:54:50:bd:85:44:36:72:3e:28:2d:52:
5e:9e:1c:d0:41:d6:a1:4b:74:ec:a1:77:3f:c1:16:
17:e2:8c:75:8a:3f:8d:6e:4d:50:2a:52:4f:a7:41:
bb:f8:47:43:49:e1:70:cc:65:3e:a8:0e:ae:fd:f2:
9c:d6:2c:fd:9a:c3:a0:8e:64:d4:a5:58:df:2e:a5:
1f:44:6b:81:0b:84:60:06:6a:38:f7:9e:50:29:5d:
98:17:fd:35:33:f0:b5:c8:3f:37:19:2d:e7:e9:e7:
1a:d4:2a:30:36:e0:e7:cc:85:f6:a1:04:6b:aa:16:
82:03:93:65:32:3e:2e:5a:24:21:47:7f:41:5b:f5:
80:1d:11:aa:5f:1d:e1:e6:69:69:bb:6d:f7:05:d4:
77:8e:ce:f9:15:39:46:f7:ac:88:f2:ec:64:79:b6:
aa:c8:76:29:b8:5a:7e:30:0e:d5:a9:29:43:21:fa:
52:52:c2:50:56:30:11:1f:41:ea:1a:b4:0f:cd:20:
aa:c0:24:47:ff:40:f6:db:bf:bb:f6:33:96:bc:59:
67:94:6f:09:57:2b:51:bd:14:50:c3:03:6f:fd:72:
cb:e9:11:c8:7a:b6:e3:d0:58:a5:a8:01:cd:c3:a1:
3a:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:AC:93:D6:AD:13:EC:B0:6A:66:9C:BD:3D:38:96:74:06:E1:AE:15
X509v3 Authority Key Identifier:
keyid:EB:EC:90:30:C7:0A:3D:41:92:D5:9C:28:DC:C8:D5:47:69:43:40:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/z6yT1q0T7LBqZpy9PTiWdAbhrhU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/372b87-95f4-4c98-a6f4-4a6f8683265c/1/6-yQMMcKPUGS1Zwo3MjVR2lDQLM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.21.130.0/24
212.21.140.0-212.21.158.255
Signature Algorithm: sha256WithRSAEncryption
72:cb:0f:81:17:08:df:13:8e:af:ca:5d:34:d0:16:2b:eb:41:
9d:fa:9f:29:20:ee:95:d8:86:f4:52:c1:ec:01:50:19:d4:1d:
7a:38:73:2a:54:cc:2f:30:fe:03:71:63:6c:6b:3b:94:30:f8:
07:b8:1c:45:b9:c5:b9:03:95:6c:df:91:f7:d5:47:36:e9:7f:
ec:33:20:41:96:c3:b6:c8:5d:c2:07:14:31:fd:4a:e5:cb:ee:
77:9f:78:e6:2e:40:6b:a8:38:a8:c0:81:4b:9f:ce:a8:73:04:
a2:15:9f:4e:ce:5e:9c:64:8a:57:3a:ef:38:4f:0e:2d:d9:a0:
7d:1b:55:53:fb:35:27:bd:91:bd:51:2f:36:eb:9f:7c:1e:a3:
e6:3b:3d:7b:62:45:c4:c7:97:9a:d3:b6:0b:cb:d8:d7:28:29:
98:77:ea:20:6b:e6:33:47:74:16:4e:c0:0b:e6:c7:14:9b:ed:
c6:27:1d:67:e8:60:64:1a:56:d3:c9:86:06:29:78:97:fe:67:
ef:52:b0:42:41:44:cf:60:2a:60:8c:38:79:f0:dc:ff:68:c9:
ad:dd:f1:ab:89:8d:3b:81:1a:b4:30:71:78:9a:a7:fb:63:e7:
1e:b7:e4:ef:50:76:62:11:53:61:de:2d:9b:4f:d5:2d:b6:72:
90:1a:b2:da
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZQma1ZuAYncqyThP9DDVyAXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWM5MDMwYzcwYTNkNDE5MmQ1OWMyOGRjYzhkNTQ3Njk0
MzQwYjMwHhcNMjUwMTAyMDk0OTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZmFjOTNkNmFkMTNlY2IwNmE2NjljYmQzZDM4OTY3NDA2ZTFhZTE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1+7UC8a0ELkG/0ovbcoyWe0XVFC9
hUQ2cj4oLVJenhzQQdahS3TsoXc/wRYX4ox1ij+Nbk1QKlJPp0G7+EdDSeFwzGU+
qA6u/fKc1iz9msOgjmTUpVjfLqUfRGuBC4RgBmo4955QKV2YF/01M/C1yD83GS3n
6eca1CowNuDnzIX2oQRrqhaCA5NlMj4uWiQhR39BW/WAHRGqXx3h5mlpu233BdR3
js75FTlG96yI8uxkebaqyHYpuFp+MA7VqSlDIfpSUsJQVjARH0HqGrQPzSCqwCRH
/0D227+79jOWvFlnlG8JVytRvRRQwwNv/XLL6RHIerbj0FilqAHNw6E6mQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFM+sk9atE+ywamacvT04lnQG4a4VMB8GA1UdIwQY
MBaAFOvskDDHCj1BktWcKNzI1UdpQ0CzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQt
NGE2Zjg2ODMyNjVjLzEvejZ5VDFxMFQ3TEJxWnB5OVBUaVdkQWJocmhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zNzJiODctOTVmNC00Yzk4LWE2ZjQtNGE2Zjg2ODMyNjVj
LzEvNi15UU1NY0tQVUdTMVp3bzNNalZSMmxEUUxNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQA1BWCMAwD
BALUFYwDBADUFZ4wDQYJKoZIhvcNAQELBQADggEBAHLLD4EXCN8Tjq/KXTTQFivr
QZ36nykg7pXYhvRSwewBUBnUHXo4cypUzC8w/gNxY2xrO5Qw+Ae4HEW5xbkDlWzf
kffVRzbpf+wzIEGWw7bIXcIHFDH9SuXL7nefeOYuQGuoOKjAgUufzqhzBKIVn07O
Xpxkilc67zhPDi3ZoH0bVVP7NSe9kb1RLzbrn3weo+Y7PXtiRcTHl5rTtgvL2Nco
KZh36iBr5jNHdBZOwAvmxxSb7cYnHWfoYGQaVtPJhgYpeJf+Z+9SsEJBRM9gKmCM
OHnw3P9oya3d8auJjTuBGrQwcXiap/tj5x635O9QdmIRU2HeLZtP1S22cpAasto=
-----END CERTIFICATE-----
Generated at Sun Apr 6 20:29:31 2025 by rpki-client