Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/_z_sTvwtZQKHpvup9rFWqFFhFKY.roa
File: _z_sTvwtZQKHpvup9rFWqFFhFKY.roa (raw, json)
Hash identifier: JVM6qUA4ZtDkSX81zJfuU5jJmnu8pCK2PaUHasgHRME=
Subject key identifier: FF:3F:EC:4E:FC:2D:65:02:87:A6:FB:A9:F6:B1:56:A8:51:61:14:A6
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 019422FC1BA8849C8BE4EDD9A2932F421E7D
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/_z_sTvwtZQKHpvup9rFWqFFhFKY.roa
Signing time: Wed 01 Jan 2025 17:48:54 +0000
ROA not before: Wed 01 Jan 2025 17:48:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206564
IP address blocks: 82.98.67.0/24 maxlen: 32
82.98.74.0/24 maxlen: 32
82.98.78.0/24 maxlen: 32
82.98.80.0/24 maxlen: 32
82.98.90.0/24 maxlen: 24
82.98.91.0/24 maxlen: 32
82.98.93.0/24 maxlen: 24
82.98.105.0/24 maxlen: 32
82.98.126.0/24 maxlen: 24
82.98.127.0/24 maxlen: 24
212.19.40.0/24 maxlen: 32
212.19.47.0/24 maxlen: 32
212.19.48.0/24 maxlen: 32
212.19.61.0/24 maxlen: 24
213.83.1.0/24 maxlen: 32
213.83.5.0/24 maxlen: 32
213.83.17.0/24 maxlen: 32
213.83.48.0/24 maxlen: 32
213.83.52.0/24 maxlen: 24
2a02:2e0:1::/48 maxlen: 48
2a02:2e0:a::/48 maxlen: 48
2a02:2e0:3e5::/48 maxlen: 128
2a02:2e0:3e8::/48 maxlen: 128
2a02:2e0:3ee::/48 maxlen: 128
2a02:2e0:3f5::/48 maxlen: 128
2a02:2e0:417::/48 maxlen: 48
2a02:2e0:41b::/48 maxlen: 128
2a02:2e0:41c::/48 maxlen: 128
2a02:2e0:431::/48 maxlen: 48
2a02:2e0:cd4d::/48 maxlen: 48
2a02:2e0:cd4e::/48 maxlen: 48
2a02:2e0:fffe::/48 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 09:01:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:1b:a8:84:9c:8b:e4:ed:d9:a2:93:2f:42:1e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Jan 1 17:48:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff3fec4efc2d650287a6fba9f6b156a8516114a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:37:43:0d:82:bf:4b:b4:3a:86:09:7f:b8:c0:
5e:84:9b:cf:c9:7d:7b:67:10:b7:16:59:04:4f:55:
8c:8a:25:61:ed:ca:f7:20:44:c0:d4:42:4b:33:07:
95:c0:39:9d:26:3a:57:62:18:2b:3c:f3:85:2a:35:
a2:5d:7e:4d:5d:0d:df:2b:9b:a9:d4:eb:ad:e4:4e:
1b:4f:13:e7:ce:b1:6a:77:ad:e2:0e:c0:08:ff:b4:
b5:6d:ff:cc:46:ec:05:54:17:58:a6:c0:5d:81:22:
1d:7b:7d:57:9d:c7:cb:89:78:3c:77:18:8b:ad:c9:
99:fe:15:6d:a2:dc:3c:fe:91:c4:67:e4:01:23:0b:
7b:e1:82:5a:8e:2f:07:22:7c:20:a8:6f:cf:1c:e8:
e6:0b:74:ed:9b:dc:8b:60:f4:31:96:66:38:fb:a2:
6a:42:4c:1c:ae:be:f0:0c:55:9d:a9:a1:cd:49:69:
56:6a:d4:f5:49:7c:7d:8f:8b:dc:9d:27:67:10:1d:
69:8e:fa:bb:47:3a:7d:9b:71:6b:a2:9e:85:4d:19:
5c:25:33:e5:2a:cd:a8:4c:86:b0:2a:3d:df:71:ee:
07:30:67:25:b0:17:58:b0:d4:bf:97:87:4d:f6:03:
01:8b:e1:d0:a0:fe:05:99:89:72:fa:ea:3f:e2:98:
67:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3F:EC:4E:FC:2D:65:02:87:A6:FB:A9:F6:B1:56:A8:51:61:14:A6
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/_z_sTvwtZQKHpvup9rFWqFFhFKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.98.67.0/24
82.98.74.0/24
82.98.78.0/24
82.98.80.0/24
82.98.90.0/23
82.98.93.0/24
82.98.105.0/24
82.98.126.0/23
212.19.40.0/24
212.19.47.0-212.19.48.255
212.19.61.0/24
213.83.1.0/24
213.83.5.0/24
213.83.17.0/24
213.83.48.0/24
213.83.52.0/24
IPv6:
2a02:2e0:1::/48
2a02:2e0:a::/48
2a02:2e0:3e5::/48
2a02:2e0:3e8::/48
2a02:2e0:3ee::/48
2a02:2e0:3f5::/48
2a02:2e0:417::/48
2a02:2e0:41b::-2a02:2e0:41c:ffff:ffff:ffff:ffff:ffff
2a02:2e0:431::/48
2a02:2e0:cd4d::-2a02:2e0:cd4e:ffff:ffff:ffff:ffff:ffff
2a02:2e0:fffe::/48
Signature Algorithm: sha256WithRSAEncryption
61:b7:51:d1:7e:08:72:27:03:3a:1a:5f:15:d6:ea:4d:16:f2:
dd:a0:90:1b:b8:29:56:c3:4a:b7:32:8e:54:a5:a5:94:31:6a:
84:69:6d:05:0c:f5:ab:d6:a6:e0:29:11:5b:a3:e5:36:2f:b4:
b2:1f:d1:13:d3:e3:fd:08:4b:75:be:b7:69:8e:45:ab:60:52:
f0:7f:62:65:8a:88:76:fc:19:58:ed:04:58:e0:b9:b2:b4:37:
4b:90:30:71:84:cc:a5:3a:ea:7c:bc:83:9b:ab:19:cb:ac:61:
2e:d0:ea:32:58:9f:0e:30:c1:2b:2e:a0:58:58:65:c2:59:0a:
8f:82:79:16:38:2f:18:0c:b3:96:fb:57:b8:23:ed:67:18:f6:
e9:f1:ff:d1:98:fd:a3:54:89:cc:b8:00:3b:a6:21:64:de:15:
89:81:8a:37:c3:50:51:6a:4a:88:50:eb:79:10:9c:fd:fc:1c:
93:34:be:e8:9b:55:ab:7c:aa:69:b7:79:ff:12:0b:d8:ac:df:
ac:95:ea:2d:f8:7d:e0:92:0a:b1:5f:6f:d0:64:1a:3a:7a:ea:
fa:2f:e7:0a:f0:2b:3d:d8:9f:57:c5:40:68:ca:28:a4:cc:b4:
95:18:eb:3f:1b:95:d3:ce:b7:08:96:a2:95:f8:b5:ea:22:6e:
14:d1:86:69
-----BEGIN CERTIFICATE-----
MIIF5DCCBMygAwIBAgISAZQi/BuohJyL5O3ZopMvQh59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjUwMTAxMTc0ODU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjNmZWM0ZWZjMmQ2NTAyODdhNmZiYTlmNmIxNTZhODUxNjExNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnzdDDYK/S7Q6hgl/uMBehJvPyX17
ZxC3FlkET1WMiiVh7cr3IETA1EJLMweVwDmdJjpXYhgrPPOFKjWiXX5NXQ3fK5up
1Out5E4bTxPnzrFqd63iDsAI/7S1bf/MRuwFVBdYpsBdgSIde31XncfLiXg8dxiL
rcmZ/hVtotw8/pHEZ+QBIwt74YJaji8HInwgqG/PHOjmC3Ttm9yLYPQxlmY4+6Jq
Qkwcrr7wDFWdqaHNSWlWatT1SXx9j4vcnSdnEB1pjvq7Rzp9m3Frop6FTRlcJTPl
Ks2oTIawKj3fce4HMGclsBdYsNS/l4dN9gMBi+HQoP4FmYly+uo/4phnPwIDAQAB
o4IC8DCCAuwwHQYDVR0OBBYEFP8/7E78LWUCh6b7qfaxVqhRYRSmMB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvX3pfc1R2d3RaUUtIcHZ1cDlyRldxRkZoRktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBAYIKwYBBQUHAQcBAf8EgfQwgfEwbgQCAAEwaAMEAFJi
QwMEAFJiSgMEAFJiTgMEAFJiUAMEAVJiWgMEAFJiXQMEAFJiaQMEAVJifgMEANQT
KDAMAwQA1BMvAwQA1BMwAwQA1BM9AwQA1VMBAwQA1VMFAwQA1VMRAwQA1VMwAwQA
1VM0MH8EAgACMHkDBwAqAgLgAAEDBwAqAgLgAAoDBwAqAgLgA+UDBwAqAgLgA+gD
BwAqAgLgA+4DBwAqAgLgA/UDBwAqAgLgBBcwEgMHACoCAuAEGwMHACoCAuAEHAMH
ACoCAuAEMTASAwcAKgIC4M1NAwcAKgIC4M1OAwcAKgIC4P/+MA0GCSqGSIb3DQEB
CwUAA4IBAQBht1HRfghyJwM6Gl8V1upNFvLdoJAbuClWw0q3Mo5UpaWUMWqEaW0F
DPWr1qbgKRFbo+U2L7SyH9ET0+P9CEt1vrdpjkWrYFLwf2Jlioh2/BlY7QRY4Lmy
tDdLkDBxhMylOup8vIObqxnLrGEu0OoyWJ8OMMErLqBYWGXCWQqPgnkWOC8YDLOW
+1e4I+1nGPbp8f/RmP2jVInMuAA7piFk3hWJgYo3w1BRakqIUOt5EJz9/ByTNL7o
m1WrfKppt3n/EgvYrN+sleot+H3gkgqxX2/QZBo6eur6L+cK8Cs92J9XxUBoyiik
zLSVGOs/G5XTzrcIlqKV+LXqIm4U0YZp
-----END CERTIFICATE-----
Generated at Sun Apr 6 17:49:14 2025 by rpki-client