Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/zx1XMXhbE28ZMTwu9AxINedJc60.roa
File: zx1XMXhbE28ZMTwu9AxINedJc60.roa (raw, json)
Hash identifier: 4bo9B0lLSnpXpzHGQAUAoXEmUUE4IbZbuOepJknUA+w=
Subject key identifier: CF:1D:57:31:78:5B:13:6F:19:31:3C:2E:F4:0C:48:35:E7:49:73:AD
Certificate issuer: /CN=04a9cff24981d7263d1b7d63779f5d673de2bdbc
Certificate serial: 01941FFA003517A63B0F2672B3F404AEE854
Authority key identifier: 04:A9:CF:F2:49:81:D7:26:3D:1B:7D:63:77:9F:5D:67:3D:E2:BD:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BKnP8kmB1yY9G31jd59dZz3ivbw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/zx1XMXhbE28ZMTwu9AxINedJc60.roa
Signing time: Wed 01 Jan 2025 03:47:45 +0000
ROA not before: Wed 01 Jan 2025 03:47:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205495
IP address blocks: 45.153.44.0/22 maxlen: 24
185.136.184.0/22 maxlen: 24
185.216.80.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BKnP8kmB1yY9G31jd59dZz3ivbw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 14:28:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:00:35:17:a6:3b:0f:26:72:b3:f4:04:ae:e8:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04a9cff24981d7263d1b7d63779f5d673de2bdbc
Validity
Not Before: Jan 1 03:47:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf1d5731785b136f19313c2ef40c4835e74973ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:a6:f3:2d:c4:b9:d0:8b:54:c6:f8:b1:02:cf:
01:5f:71:4b:07:58:bd:be:98:e4:65:3c:24:ef:87:
47:5e:ee:95:bf:42:d7:30:01:27:15:e4:8d:7b:8a:
62:6e:88:95:c6:ac:28:1a:33:7c:62:ed:3d:8f:bd:
f2:f7:9d:9f:4a:9a:45:97:80:1a:5a:01:38:ce:c3:
32:7d:6e:90:3d:90:32:61:fb:f1:e3:c4:55:5e:27:
45:6c:13:e5:67:3c:4a:45:f1:5b:bc:e6:02:6b:e4:
92:59:e6:a5:6b:89:a1:37:5e:3b:84:84:17:aa:7f:
d1:88:54:46:c0:2e:20:60:03:a6:fc:5e:d3:94:1a:
1b:a2:05:88:41:2f:2a:65:1e:04:78:f6:ca:f0:46:
5c:a1:6f:30:46:a9:ee:53:9b:fa:e3:e9:7e:a2:4d:
b7:37:07:21:35:49:c1:4c:fb:64:f3:af:c6:e1:f6:
15:40:b3:59:af:55:6e:04:be:fb:34:5c:dd:63:fc:
12:e2:2a:f0:b3:35:6d:be:dd:76:ae:21:77:ce:d5:
a6:1c:bd:71:1f:ad:0a:4e:6e:79:4f:ac:e8:0c:76:
93:32:85:be:3c:36:77:fe:03:8e:4b:3b:d2:89:c8:
ee:21:56:63:15:32:f7:28:42:8f:8b:89:d5:74:f6:
27:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:1D:57:31:78:5B:13:6F:19:31:3C:2E:F4:0C:48:35:E7:49:73:AD
X509v3 Authority Key Identifier:
keyid:04:A9:CF:F2:49:81:D7:26:3D:1B:7D:63:77:9F:5D:67:3D:E2:BD:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BKnP8kmB1yY9G31jd59dZz3ivbw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/zx1XMXhbE28ZMTwu9AxINedJc60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/eecf8b-3d63-4c9c-bd84-cd0d9e5742cb/1/BKnP8kmB1yY9G31jd59dZz3ivbw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.44.0/22
185.136.184.0/22
185.216.80.0/23
Signature Algorithm: sha256WithRSAEncryption
03:e5:7b:96:58:6f:d1:d5:a1:fb:79:8d:93:b1:30:b9:62:00:
da:9b:a0:75:98:b3:e2:41:f8:fe:c0:69:21:bf:0d:02:72:04:
96:99:b4:4b:c1:51:f1:a2:5f:ad:03:18:2c:90:da:7b:d4:de:
8c:3c:0b:87:1d:b8:bf:4e:5e:7a:ba:fe:4b:3c:f4:fa:ee:6e:
3b:eb:dd:25:9a:13:75:04:3d:48:79:5e:e6:9a:47:b1:d4:d5:
ee:1c:a1:6a:c7:a5:f9:2b:9b:34:9f:3d:16:82:75:9b:48:72:
ff:2d:00:0a:3d:e6:65:d2:06:9c:b5:38:89:27:f4:fb:d9:e0:
f0:a7:10:8a:12:c3:c9:52:8d:1a:f2:b5:85:af:eb:d1:88:96:
b8:81:46:d2:a1:9a:f2:b4:45:34:d4:16:5e:1d:d3:87:cc:71:
87:97:9c:90:8a:42:d5:eb:48:7f:72:03:fe:2b:3a:07:43:b6:
2e:3b:21:f3:11:40:2b:19:5d:4d:4a:0a:90:42:37:f1:93:0b:
7f:22:28:84:57:04:75:78:40:da:1c:a2:e0:92:a5:80:82:8c:
fc:c1:bb:70:5a:cb:63:9c:14:86:6b:db:ad:8e:a1:91:ce:54:
06:6f:de:ad:df:e6:17:eb:27:a4:8b:3f:32:6b:41:a1:74:10:
3c:d6:83:d1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQf+gA1F6Y7DyZys/QEruhUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0YTljZmYyNDk4MWQ3MjYzZDFiN2Q2Mzc3OWY1ZDY3M2Rl
MmJkYmMwHhcNMjUwMTAxMDM0NzQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjFkNTczMTc4NWIxMzZmMTkzMTNjMmVmNDBjNDgzNWU3NDk3M2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5KbzLcS50ItUxvixAs8BX3FLB1i9
vpjkZTwk74dHXu6Vv0LXMAEnFeSNe4piboiVxqwoGjN8Yu09j73y952fSppFl4Aa
WgE4zsMyfW6QPZAyYfvx48RVXidFbBPlZzxKRfFbvOYCa+SSWeala4mhN147hIQX
qn/RiFRGwC4gYAOm/F7TlBobogWIQS8qZR4EePbK8EZcoW8wRqnuU5v64+l+ok23
NwchNUnBTPtk86/G4fYVQLNZr1VuBL77NFzdY/wS4irwszVtvt12riF3ztWmHL1x
H60KTm55T6zoDHaTMoW+PDZ3/gOOSzvSicjuIVZjFTL3KEKPi4nVdPYnPQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFM8dVzF4WxNvGTE8LvQMSDXnSXOtMB8GA1UdIwQY
MBaAFASpz/JJgdcmPRt9Y3efXWc94r28MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQktuUDhrbUIxeVk5RzMxamQ1OWRaejNpdmJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9lZWNmOGItM2Q2My00YzljLWJkODQt
Y2QwZDllNTc0MmNiLzEvengxWE1YaGJFMjhaTVR3dTlBeElOZWRKYzYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9lZWNmOGItM2Q2My00YzljLWJkODQtY2QwZDllNTc0MmNi
LzEvQktuUDhrbUIxeVk5RzMxamQ1OWRaejNpdmJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZksAwQC
uYi4AwQBudhQMA0GCSqGSIb3DQEBCwUAA4IBAQAD5XuWWG/R1aH7eY2TsTC5YgDa
m6B1mLPiQfj+wGkhvw0CcgSWmbRLwVHxol+tAxgskNp71N6MPAuHHbi/Tl56uv5L
PPT67m47690lmhN1BD1IeV7mmkex1NXuHKFqx6X5K5s0nz0WgnWbSHL/LQAKPeZl
0gactTiJJ/T72eDwpxCKEsPJUo0a8rWFr+vRiJa4gUbSoZrytEU01BZeHdOHzHGH
l5yQikLV60h/cgP+KzoHQ7YuOyHzEUArGV1NSgqQQjfxkwt/IiiEVwR1eEDaHKLg
kqWAgoz8wbtwWstjnBSGa9utjqGRzlQGb96t3+YX6yekiz8ya0GhdBA81oPR
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:56:06 2025 by rpki-client