Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/ZsPTXd00YGXAGdlpQHp_4GAJnk8.roa
File: ZsPTXd00YGXAGdlpQHp_4GAJnk8.roa (raw, json)
Hash identifier: DOJ94Y4TwJdMVROCCdwmA1CtWDnmA8oBApNpI/15z7o=
Subject key identifier: 66:C3:D3:5D:DD:34:60:65:C0:19:D9:69:40:7A:7F:E0:60:09:9E:4F
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019420D655BB47B64087C438301023C31D47
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/ZsPTXd00YGXAGdlpQHp_4GAJnk8.roa
Signing time: Wed 01 Jan 2025 07:48:25 +0000
ROA not before: Wed 01 Jan 2025 07:48:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 62.164.224.0/20 maxlen: 20
62.164.240.0/20 maxlen: 24
66.9.96.0/20 maxlen: 24
66.117.8.0/22 maxlen: 24
77.223.192.0/21 maxlen: 24
77.223.200.0/23 maxlen: 24
79.139.64.0/23 maxlen: 24
83.142.200.0/21 maxlen: 24
84.247.59.0/24 maxlen: 24
86.104.8.0/24 maxlen: 24
88.135.96.0/20 maxlen: 24
89.34.171.0/24 maxlen: 24
89.42.40.0/24 maxlen: 24
93.119.184.0/21 maxlen: 24
94.26.110.0/23 maxlen: 24
94.101.103.0/24 maxlen: 24
95.178.8.0/21 maxlen: 24
116.50.16.0/21 maxlen: 24
121.127.48.0/20 maxlen: 24
121.127.56.0/21 maxlen: 24
168.75.224.0/20 maxlen: 24
176.222.48.0/22 maxlen: 24
192.200.192.0/19 maxlen: 24
194.149.76.0/22 maxlen: 24
195.133.202.0/23 maxlen: 24
198.14.16.0/20 maxlen: 24
198.145.112.0/22 maxlen: 24
205.134.244.0/22 maxlen: 24
212.32.96.0/20 maxlen: 24
212.32.112.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 02:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d6:55:bb:47:b6:40:87:c4:38:30:10:23:c3:1d:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Jan 1 07:48:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66c3d35ddd346065c019d969407a7fe060099e4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:59:07:eb:b1:b6:e7:92:dd:fa:35:a2:d2:17:
99:a8:c3:e4:86:fc:80:1f:c6:cb:d0:f3:3d:39:52:
0c:97:68:fd:7a:df:0c:7f:6a:11:6a:e0:c5:c8:b1:
23:2e:f1:2b:79:1a:ca:18:04:44:ed:13:d5:2e:a1:
b5:d2:dd:4a:8a:cd:c1:fa:e6:dc:a1:7c:94:66:2f:
df:0e:d2:73:b4:41:36:13:0c:64:9e:df:38:5d:f6:
4b:d7:de:e9:e6:9b:5f:8c:f9:3d:70:04:5b:7a:92:
d0:49:01:68:97:12:40:50:7f:7c:fb:fa:df:ea:f0:
bd:b3:44:c9:09:f7:6e:cf:c4:f8:08:ac:ef:86:c9:
59:1c:b3:f2:bd:47:70:8e:7d:0d:7f:22:52:3f:db:
96:35:db:d3:cf:cc:54:6e:ad:4c:f9:9e:f2:01:30:
a1:97:cc:de:58:43:72:2e:f6:17:d7:14:1d:6d:dd:
49:c7:f3:a4:16:0f:12:1e:9e:92:41:40:f8:d0:f1:
6b:5e:9e:ff:68:60:77:5d:50:ab:cd:b4:53:05:6e:
5d:85:e2:b4:61:bd:4d:46:6f:17:07:53:a2:3e:14:
ea:04:c8:30:02:7d:5c:4a:ca:9f:b5:49:47:13:4c:
61:56:a4:64:10:e4:3e:f8:70:fe:0c:1f:6e:0f:8d:
ae:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C3:D3:5D:DD:34:60:65:C0:19:D9:69:40:7A:7F:E0:60:09:9E:4F
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/ZsPTXd00YGXAGdlpQHp_4GAJnk8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.164.224.0/19
66.9.96.0/20
66.117.8.0/22
77.223.192.0-77.223.201.255
79.139.64.0/23
83.142.200.0/21
84.247.59.0/24
86.104.8.0/24
88.135.96.0/20
89.34.171.0/24
89.42.40.0/24
93.119.184.0/21
94.26.110.0/23
94.101.103.0/24
95.178.8.0/21
116.50.16.0/21
121.127.48.0/20
168.75.224.0/20
176.222.48.0/22
192.200.192.0/19
194.149.76.0/22
195.133.202.0/23
198.14.16.0/20
198.145.112.0/22
205.134.244.0/22
212.32.96.0/19
Signature Algorithm: sha256WithRSAEncryption
8f:b3:e2:2d:24:52:be:68:ac:cd:c1:09:e4:1c:d0:ae:46:12:
34:fb:a1:bf:b1:b6:b8:74:1b:a0:0e:5b:97:d2:31:20:26:d3:
a5:06:0d:89:06:87:3a:00:15:f6:63:94:0e:18:27:d0:df:1e:
fd:43:55:0a:0e:15:3c:a9:0a:b8:52:c5:29:d2:d4:e5:55:b1:
99:a8:c5:e9:c5:5b:c0:1e:2e:5d:f0:5f:55:43:ce:b1:31:e3:
97:1c:9e:37:99:c7:39:ad:03:07:29:90:69:a0:ab:05:a7:3a:
86:d9:0c:66:73:25:4d:e4:63:ae:e5:f9:38:1c:62:35:26:ce:
0f:4b:b4:43:80:dd:2b:31:f5:80:e4:8d:b8:16:45:a7:e7:13:
b6:61:75:54:a5:15:68:c3:62:43:e3:2d:74:31:f2:d9:cb:21:
64:cb:61:15:60:8b:30:09:8b:1b:ab:9e:a5:9e:45:09:df:87:
aa:c7:1b:09:b4:90:93:49:70:03:e5:41:83:9d:f1:9d:63:c4:
f7:8c:ce:a5:23:a6:41:e6:f6:30:bc:05:c8:d5:5e:88:54:58:
eb:5e:69:43:46:28:e4:70:d5:76:c2:27:c0:0f:cc:20:ca:d7:
3d:94:d5:62:76:11:7c:34:f8:34:21:58:b2:67:90:14:e9:4d:
a2:ef:7e:09
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZQg1lW7R7ZAh8Q4MBAjwx1HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjUwMTAxMDc0ODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmMzZDM1ZGRkMzQ2MDY1YzAxOWQ5Njk0MDdhN2ZlMDYwMDk5ZTRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3lkH67G255Ld+jWi0heZqMPkhvyA
H8bL0PM9OVIMl2j9et8Mf2oRauDFyLEjLvEreRrKGARE7RPVLqG10t1Kis3B+ubc
oXyUZi/fDtJztEE2Ewxknt84XfZL197p5ptfjPk9cARbepLQSQFolxJAUH98+/rf
6vC9s0TJCfduz8T4CKzvhslZHLPyvUdwjn0NfyJSP9uWNdvTz8xUbq1M+Z7yATCh
l8zeWENyLvYX1xQdbd1Jx/OkFg8SHp6SQUD40PFrXp7/aGB3XVCrzbRTBW5dheK0
Yb1NRm8XB1OiPhTqBMgwAn1cSsqftUlHE0xhVqRkEOQ++HD+DB9uD42u3QIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFGbD013dNGBlwBnZaUB6f+BgCZ5PMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvWnNQVFhkMDBZR1hBR2RscFFIcF80R0FKbms4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAU+
pOADBARCCWADBAJCdQgwDAMEBk3fwAMEAU3fyAMEAU+LQAMEA1OOyAMEAFT3OwME
AFZoCAMEBFiHYAMEAFkiqwMEAFkqKAMEA113uAMEAV4abgMEAF5lZwMEA1+yCAME
A3QyEAMEBHl/MAMEBKhL4AMEArDeMAMEBcDIwAMEAsKVTAMEAcOFygMEBMYOEAME
AsaRcAMEAs2G9AMEBdQgYDANBgkqhkiG9w0BAQsFAAOCAQEAj7PiLSRSvmiszcEJ
5BzQrkYSNPuhv7G2uHQboA5bl9IxICbTpQYNiQaHOgAV9mOUDhgn0N8e/UNVCg4V
PKkKuFLFKdLU5VWxmajF6cVbwB4uXfBfVUPOsTHjlxyeN5nHOa0DBymQaaCrBac6
htkMZnMlTeRjruX5OBxiNSbOD0u0Q4DdKzH1gOSNuBZFp+cTtmF1VKUVaMNiQ+Mt
dDHy2cshZMthFWCLMAmLG6uepZ5FCd+HqscbCbSQk0lwA+VBg53xnWPE94zOpSOm
Qeb2MLwFyNVeiFRY615pQ0Yo5HDVdsInwA/MIMrXPZTVYnYRfDT4NCFYsmeQFOlN
ou9+CQ==
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:56:04 2025 by rpki-client