Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/zCMQvVyUHIhgqGjnqqS6hG87t8I.roa
File: zCMQvVyUHIhgqGjnqqS6hG87t8I.roa (raw, json)
Hash identifier: tlgi6dRpTD9+AZIQcf0rkaPRaq7iQdTH9FHfASRSnUA=
Subject key identifier: CC:23:10:BD:5C:94:1C:88:60:A8:68:E7:AA:A4:BA:84:6F:3B:B7:C2
Certificate issuer: /CN=556a5fa0dcfb34433f9b860d95e2c442547c5f9c
Certificate serial: 0194ACDAFD0E2470EA13FA60FE9CF6CC70FB
Authority key identifier: 55:6A:5F:A0:DC:FB:34:43:3F:9B:86:0D:95:E2:C4:42:54:7C:5F:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VWpfoNz7NEM_m4YNleLEQlR8X5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/zCMQvVyUHIhgqGjnqqS6hG87t8I.roa
Signing time: Tue 28 Jan 2025 12:20:20 +0000
ROA not before: Tue 28 Jan 2025 12:20:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57164
IP address blocks: 151.0.0.0/19 maxlen: 32
151.0.32.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/VWpfoNz7NEM_m4YNleLEQlR8X5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/VWpfoNz7NEM_m4YNleLEQlR8X5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/VWpfoNz7NEM_m4YNleLEQlR8X5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 02:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:da:fd:0e:24:70:ea:13:fa:60:fe:9c:f6:cc:70:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=556a5fa0dcfb34433f9b860d95e2c442547c5f9c
Validity
Not Before: Jan 28 12:20:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc2310bd5c941c8860a868e7aaa4ba846f3bb7c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:33:7d:ce:6e:8d:e8:dd:62:e3:a3:8c:cd:96:
bc:25:f5:af:9f:51:ab:43:dc:30:0e:3c:ac:24:30:
95:af:3e:aa:c7:20:95:ae:83:7e:aa:0d:96:fe:ce:
56:56:8b:a7:98:fb:b7:e8:dd:8b:0e:e2:53:86:db:
20:53:cc:2c:29:b2:c1:5d:7f:87:4c:eb:f8:8d:90:
4e:fd:23:2a:dd:55:e7:12:29:f4:05:98:a5:29:fc:
79:e2:96:ce:05:dc:5a:70:c4:15:61:fd:e3:aa:5e:
ff:44:5b:09:b0:d3:fa:e4:9a:eb:f3:a9:0e:fe:9e:
ee:6f:22:35:57:2d:e8:1f:5c:f0:4a:e7:83:c6:41:
5c:a6:f3:b0:7c:85:5b:88:e5:19:ec:92:6b:fe:e8:
18:12:1b:50:15:60:2f:e3:92:b4:91:8b:8b:e7:e3:
b1:29:af:cb:d3:4e:da:ca:22:ba:31:a3:64:dd:46:
8b:76:c4:45:60:bf:0c:05:c6:14:24:39:bb:23:d6:
c0:29:23:73:73:0a:e3:c7:6e:08:9b:4e:02:13:4d:
c3:11:d9:fa:ab:0c:8e:e2:3c:9c:45:28:df:d9:56:
bc:2c:60:18:88:cb:9f:da:62:22:47:45:b4:9b:6e:
08:8e:95:a0:46:85:c5:8a:b0:74:25:7e:c2:0e:dd:
6e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:23:10:BD:5C:94:1C:88:60:A8:68:E7:AA:A4:BA:84:6F:3B:B7:C2
X509v3 Authority Key Identifier:
keyid:55:6A:5F:A0:DC:FB:34:43:3F:9B:86:0D:95:E2:C4:42:54:7C:5F:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VWpfoNz7NEM_m4YNleLEQlR8X5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/zCMQvVyUHIhgqGjnqqS6hG87t8I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e23d30-76e3-4491-8d75-2fda4c273a48/1/VWpfoNz7NEM_m4YNleLEQlR8X5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.0.0.0-151.0.35.255
Signature Algorithm: sha256WithRSAEncryption
a9:4e:1a:fe:58:99:a4:83:1a:d8:58:13:20:85:da:28:d0:7f:
7e:ec:bf:40:56:90:bc:9a:04:e5:20:a1:05:ac:fd:47:c9:a8:
52:55:88:27:68:24:61:43:3e:c5:b4:97:14:12:f8:99:15:70:
87:1b:b5:bd:d3:d2:63:17:93:28:12:4a:a9:a4:83:90:dc:5a:
7f:da:f4:7c:70:0a:a3:18:ff:92:53:1b:f8:ef:88:5f:00:a4:
bb:20:95:e2:a1:d0:7b:5e:ea:78:72:c2:b3:59:f6:57:e3:92:
91:7e:79:7f:7c:3a:00:8b:96:16:07:cc:72:3f:1b:bc:e5:fe:
d0:ed:b6:33:64:c6:0d:44:b6:c6:41:97:16:63:5f:aa:95:08:
46:13:7a:7f:30:ff:67:52:93:e7:cc:c8:33:d2:0c:fb:bb:71:
61:7f:af:9a:6e:48:da:e1:30:f5:b7:ff:8c:af:9b:78:93:d9:
0b:8b:24:a8:4e:e5:34:d2:68:d3:bd:7e:69:08:2b:f2:85:1d:
43:dc:81:6a:7d:c2:f3:15:46:8e:3b:b7:21:c5:a4:cf:41:a2:
c8:aa:d2:ea:d7:0b:0e:af:d6:a8:c1:7d:d4:5c:ae:03:f6:ef:
f4:09:cd:03:23:2d:fe:28:33:41:66:83:9d:ea:72:a0:84:02:
71:11:82:f4
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZSs2v0OJHDqE/pg/pz2zHD7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1NmE1ZmEwZGNmYjM0NDMzZjliODYwZDk1ZTJjNDQyNTQ3
YzVmOWMwHhcNMjUwMTI4MTIyMDIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzIzMTBiZDVjOTQxYzg4NjBhODY4ZTdhYWE0YmE4NDZmM2JiN2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtDN9zm6N6N1i46OMzZa8JfWvn1Gr
Q9wwDjysJDCVrz6qxyCVroN+qg2W/s5WVounmPu36N2LDuJThtsgU8wsKbLBXX+H
TOv4jZBO/SMq3VXnEin0BZilKfx54pbOBdxacMQVYf3jql7/RFsJsNP65Jrr86kO
/p7ubyI1Vy3oH1zwSueDxkFcpvOwfIVbiOUZ7JJr/ugYEhtQFWAv45K0kYuL5+Ox
Ka/L007ayiK6MaNk3UaLdsRFYL8MBcYUJDm7I9bAKSNzcwrjx24Im04CE03DEdn6
qwyO4jycRSjf2Va8LGAYiMuf2mIiR0W0m24IjpWgRoXFirB0JX7CDt1udwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMwjEL1clByIYKho56qkuoRvO7fCMB8GA1UdIwQY
MBaAFFVqX6Dc+zRDP5uGDZXixEJUfF+cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVldwZm9OejdORU1fbTRZTmxlTEVRbFI4WDV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lMjNkMzAtNzZlMy00NDkxLThkNzUt
MmZkYTRjMjczYTQ4LzEvekNNUXZWeVVISWhncUdqbnFxUzZoRzg3dDhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lMjNkMzAtNzZlMy00NDkxLThkNzUtMmZkYTRjMjczYTQ4
LzEvVldwZm9OejdORU1fbTRZTmxlTEVRbFI4WDV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMMAoDAgCXAwQC
lwAgMA0GCSqGSIb3DQEBCwUAA4IBAQCpThr+WJmkgxrYWBMghdoo0H9+7L9AVpC8
mgTlIKEFrP1HyahSVYgnaCRhQz7FtJcUEviZFXCHG7W909JjF5MoEkqppIOQ3Fp/
2vR8cAqjGP+SUxv474hfAKS7IJXiodB7Xup4csKzWfZX45KRfnl/fDoAi5YWB8xy
Pxu85f7Q7bYzZMYNRLbGQZcWY1+qlQhGE3p/MP9nUpPnzMgz0gz7u3Fhf6+abkja
4TD1t/+Mr5t4k9kLiySoTuU00mjTvX5pCCvyhR1D3IFqfcLzFUaOO7chxaTPQaLI
qtLq1wsOr9aowX3UXK4D9u/0Cc0DIy3+KDNBZoOd6nKghAJxEYL0
-----END CERTIFICATE-----
Generated at Fri Feb 21 10:00:48 2025 by rpki-client