Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/Zj1rmMEpOraplrkaquOM2ubO6Mc.roa
File: Zj1rmMEpOraplrkaquOM2ubO6Mc.roa (raw, json)
Hash identifier: oIS73RHQscBvRjMMzd2FUWBDj9UGJrVmsW4v2M6hJEQ=
Subject key identifier: 66:3D:6B:98:C1:29:3A:B6:A9:96:B9:1A:AA:E3:8C:DA:E6:CE:E8:C7
Certificate issuer: /CN=0c6859feba7834c9322b7c6f6bd81bd3bef5ce51
Certificate serial: 0194228D738D2F6355DB64C44F76E1524B78
Authority key identifier: 0C:68:59:FE:BA:78:34:C9:32:2B:7C:6F:6B:D8:1B:D3:BE:F5:CE:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DGhZ_rp4NMkyK3xva9gb0771zlE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/Zj1rmMEpOraplrkaquOM2ubO6Mc.roa
Signing time: Wed 01 Jan 2025 15:48:02 +0000
ROA not before: Wed 01 Jan 2025 15:48:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9121
IP address blocks: 195.140.196.0/24 maxlen: 24
195.140.197.0/24 maxlen: 24
195.140.198.0/24 maxlen: 24
195.140.199.0/24 maxlen: 24
195.149.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/DGhZ_rp4NMkyK3xva9gb0771zlE.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/DGhZ_rp4NMkyK3xva9gb0771zlE.mft
rsync://rpki.ripe.net/repository/DEFAULT/DGhZ_rp4NMkyK3xva9gb0771zlE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 21:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8d:73:8d:2f:63:55:db:64:c4:4f:76:e1:52:4b:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c6859feba7834c9322b7c6f6bd81bd3bef5ce51
Validity
Not Before: Jan 1 15:48:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=663d6b98c1293ab6a996b91aaae38cdae6cee8c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:12:f4:e8:b6:54:af:96:be:41:5e:a1:27:a9:
63:60:ce:20:fd:58:03:68:51:07:41:71:54:e6:d4:
35:e7:af:f0:ff:fe:ec:50:01:59:06:c9:8f:0d:d8:
55:cc:32:d2:8c:03:a5:81:c4:6c:c6:9d:a6:df:93:
9d:4b:fe:3a:f1:da:ad:b8:f5:9b:82:0a:db:c0:28:
17:d6:6e:fb:d1:82:4a:26:01:cc:78:35:86:d8:22:
f6:47:0e:73:0c:68:10:17:b5:3c:e0:bd:31:28:61:
dd:8f:99:e4:a2:1f:9e:45:28:be:73:a1:f5:66:a1:
d2:7e:ef:6c:ec:c8:0b:aa:89:39:d4:ab:47:1b:7b:
af:63:11:3f:2f:02:0a:41:3e:cc:5f:45:34:1d:77:
e1:48:a6:a3:21:a6:23:84:bc:3c:94:dd:f1:bb:6a:
3e:4b:a6:7f:dd:60:64:95:c7:15:15:50:f7:59:a9:
13:1b:95:26:35:58:f3:ae:c4:f2:95:32:92:ae:31:
23:89:0e:4b:dd:26:4d:fd:6f:75:cb:e5:43:8b:50:
33:84:3f:7b:28:89:06:2d:84:d9:7a:46:76:be:cb:
f3:49:7a:d8:3e:83:74:64:2d:d0:6c:aa:68:f7:72:
5b:0f:ba:fc:04:a4:1e:68:28:04:c9:00:a8:96:56:
c7:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:3D:6B:98:C1:29:3A:B6:A9:96:B9:1A:AA:E3:8C:DA:E6:CE:E8:C7
X509v3 Authority Key Identifier:
keyid:0C:68:59:FE:BA:78:34:C9:32:2B:7C:6F:6B:D8:1B:D3:BE:F5:CE:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DGhZ_rp4NMkyK3xva9gb0771zlE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/Zj1rmMEpOraplrkaquOM2ubO6Mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/8c3a8b-9171-4620-b1e0-77fca7a30b9f/1/DGhZ_rp4NMkyK3xva9gb0771zlE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.140.196.0/22
195.149.116.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:f9:e9:69:3d:d5:8a:03:0d:26:ac:be:ef:fb:81:c4:ad:5b:
2a:aa:b0:18:4d:63:29:d1:ec:4a:ab:ea:fa:59:2a:75:b4:46:
73:d1:31:3e:f3:94:6a:8f:e5:49:c1:b3:26:17:61:3c:04:74:
95:b1:a4:46:fc:c3:22:e3:e4:3e:12:22:70:2c:77:2b:b4:db:
a7:fc:d8:d4:70:44:1a:f0:8b:e9:19:e6:10:6f:cb:8e:78:fb:
31:35:cf:13:27:74:c1:fa:bb:5d:be:9a:85:69:4c:3f:84:88:
04:47:08:b4:4f:47:55:99:ee:f3:2b:08:c5:5f:68:80:71:3d:
5a:bb:8f:8e:4c:f0:38:50:14:3a:5a:27:58:2a:6f:5d:05:f6:
35:98:84:3f:4a:d8:bf:17:1d:b6:8d:13:a6:e7:c0:50:1c:1d:
24:b4:63:db:c3:61:e2:d5:0a:46:3f:1b:ef:9e:e1:26:64:72:
52:14:85:67:7a:55:44:0d:70:bd:a5:4a:8a:1c:23:23:25:a4:
66:93:19:17:e6:f4:be:c6:16:65:24:19:bf:1a:42:74:18:36:
cd:84:40:22:14:a4:4b:7c:e3:68:f0:32:dc:f7:a9:24:41:4c:
ae:e2:b8:3e:24:32:58:85:85:bd:c5:56:21:6a:5f:0f:4e:38:
c0:f8:75:44
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQijXONL2NV22TET3bhUkt4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNjg1OWZlYmE3ODM0YzkzMjJiN2M2ZjZiZDgxYmQzYmVm
NWNlNTEwHhcNMjUwMTAxMTU0ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjNkNmI5OGMxMjkzYWI2YTk5NmI5MWFhYWUzOGNkYWU2Y2VlOGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9xL06LZUr5a+QV6hJ6ljYM4g/VgD
aFEHQXFU5tQ156/w//7sUAFZBsmPDdhVzDLSjAOlgcRsxp2m35OdS/468dqtuPWb
ggrbwCgX1m770YJKJgHMeDWG2CL2Rw5zDGgQF7U84L0xKGHdj5nkoh+eRSi+c6H1
ZqHSfu9s7MgLqok51KtHG3uvYxE/LwIKQT7MX0U0HXfhSKajIaYjhLw8lN3xu2o+
S6Z/3WBklccVFVD3WakTG5UmNVjzrsTylTKSrjEjiQ5L3SZN/W91y+VDi1AzhD97
KIkGLYTZekZ2vsvzSXrYPoN0ZC3QbKpo93JbD7r8BKQeaCgEyQCollbHKQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGY9a5jBKTq2qZa5GqrjjNrmzujHMB8GA1UdIwQY
MBaAFAxoWf66eDTJMit8b2vYG9O+9c5RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREdoWl9ycDROTWt5SzN4dmE5Z2IwNzcxemxFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC84YzNhOGItOTE3MS00NjIwLWIxZTAt
NzdmY2E3YTMwYjlmLzEvWmoxcm1NRXBPcmFwbHJrYXF1T00ydWJPNk1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC84YzNhOGItOTE3MS00NjIwLWIxZTAtNzdmY2E3YTMwYjlm
LzEvREdoWl9ycDROTWt5SzN4dmE5Z2IwNzcxemxFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw4zEAwQA
w5V0MA0GCSqGSIb3DQEBCwUAA4IBAQCN+elpPdWKAw0mrL7v+4HErVsqqrAYTWMp
0exKq+r6WSp1tEZz0TE+85Rqj+VJwbMmF2E8BHSVsaRG/MMi4+Q+EiJwLHcrtNun
/NjUcEQa8IvpGeYQb8uOePsxNc8TJ3TB+rtdvpqFaUw/hIgERwi0T0dVme7zKwjF
X2iAcT1au4+OTPA4UBQ6WidYKm9dBfY1mIQ/Sti/Fx22jROm58BQHB0ktGPbw2Hi
1QpGPxvvnuEmZHJSFIVnelVEDXC9pUqKHCMjJaRmkxkX5vS+xhZlJBm/GkJ0GDbN
hEAiFKRLfONo8DLc96kkQUyu4rg+JDJYhYW9xVYhal8PTjjA+HVE
-----END CERTIFICATE-----
Generated at Mon Apr 7 07:12:34 2025 by rpki-client