Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/zbII4RxH17JoDR9ukyJuiEde7IM.roa
File: zbII4RxH17JoDR9ukyJuiEde7IM.roa (raw, json)
Hash identifier: xBWfldiZFP31dGe7bTsuSEU+4Mx9LEr9W5jDRfUDGfA=
Subject key identifier: CD:B2:08:E1:1C:47:D7:B2:68:0D:1F:6E:93:22:6E:88:47:5E:EC:83
Certificate issuer: /CN=c7c24de99101fafdf74bca293fd6d95060d50a63
Certificate serial: 01942444BFD9908C3D6399774B8B9C5C99AD
Authority key identifier: C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/zbII4RxH17JoDR9ukyJuiEde7IM.roa
Signing time: Wed 01 Jan 2025 23:47:52 +0000
ROA not before: Wed 01 Jan 2025 23:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5410
IP address blocks: 5.48.0.0/14 maxlen: 24
31.32.0.0/13 maxlen: 24
62.34.0.0/15 maxlen: 24
62.201.128.0/19 maxlen: 24
80.214.0.0/17 maxlen: 24
80.214.128.0/18 maxlen: 24
80.214.192.0/19 maxlen: 24
80.214.248.0/21 maxlen: 24
80.215.0.0/16 maxlen: 24
87.88.0.0/14 maxlen: 24
89.80.0.0/12 maxlen: 24
94.238.0.0/15 maxlen: 24
128.78.0.0/15 maxlen: 24
164.177.0.0/17 maxlen: 24
176.128.0.0/10 maxlen: 24
194.117.192.0/20 maxlen: 24
194.158.96.0/19 maxlen: 24
195.36.128.0/17 maxlen: 24
212.194.0.0/15 maxlen: 24
213.44.0.0/16 maxlen: 24
2001:860::/29 maxlen: 48
2a04:cec0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/x8JN6ZEB-v33S8opP9bZUGDVCmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/x8JN6ZEB-v33S8opP9bZUGDVCmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 01:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:44:bf:d9:90:8c:3d:63:99:77:4b:8b:9c:5c:99:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c7c24de99101fafdf74bca293fd6d95060d50a63
Validity
Not Before: Jan 1 23:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cdb208e11c47d7b2680d1f6e93226e88475eec83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:87:42:c0:33:7a:f3:5b:b3:6c:a5:fa:f6:b0:
43:58:81:2b:0e:91:b4:ff:b8:ef:c7:03:bd:79:bd:
ba:31:6a:b7:f6:f6:30:fa:8b:de:b5:f0:47:19:40:
15:f5:d5:70:e9:3c:a1:1a:09:d4:21:a9:ba:3d:ea:
7c:f9:bb:99:1e:35:d0:87:83:34:14:c1:80:ce:4a:
3a:b4:bb:79:2e:6e:86:7d:ab:83:ce:1c:20:e1:9a:
5a:87:5e:aa:cf:81:0e:26:27:c0:8a:55:88:d3:29:
b3:5e:c9:6b:9e:48:27:d8:20:38:6a:5c:f6:53:eb:
c7:25:df:a3:4f:3f:a0:ba:7c:03:c6:d8:5f:1d:7b:
b8:a7:3c:d8:a2:81:ab:3e:b1:d4:33:29:ed:c8:79:
a9:c8:76:84:50:ce:81:2b:48:9a:45:11:e3:0d:4f:
b6:de:48:80:3c:96:91:f6:19:d3:79:f0:d2:22:a6:
31:b7:24:4f:2b:80:ae:77:f3:f6:84:c3:83:76:6b:
2f:37:5c:b8:41:b5:da:57:17:5b:f6:4c:64:e4:28:
f9:42:66:51:0f:54:b3:a6:da:b5:6c:56:54:66:e5:
fb:a9:fb:75:35:18:80:f4:44:2b:62:b9:f5:64:3b:
32:f4:32:2d:0c:f7:47:86:72:83:6c:ce:1d:17:ab:
74:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B2:08:E1:1C:47:D7:B2:68:0D:1F:6E:93:22:6E:88:47:5E:EC:83
X509v3 Authority Key Identifier:
keyid:C7:C2:4D:E9:91:01:FA:FD:F7:4B:CA:29:3F:D6:D9:50:60:D5:0A:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x8JN6ZEB-v33S8opP9bZUGDVCmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/zbII4RxH17JoDR9ukyJuiEde7IM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/eb013f-5774-4e06-a5d4-ed5d6ce8d7e8/1/x8JN6ZEB-v33S8opP9bZUGDVCmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.48.0.0/14
31.32.0.0/13
62.34.0.0/15
62.201.128.0/19
80.214.0.0-80.214.223.255
80.214.248.0-80.215.255.255
87.88.0.0/14
89.80.0.0/12
94.238.0.0/15
128.78.0.0/15
164.177.0.0/17
176.128.0.0/10
194.117.192.0/20
194.158.96.0/19
195.36.128.0/17
212.194.0.0/15
213.44.0.0/16
IPv6:
2001:860::/29
2a04:cec0::/29
Signature Algorithm: sha256WithRSAEncryption
a2:c9:d7:38:1e:dc:ec:54:b2:a9:f4:ae:41:af:44:2d:3e:e9:
c8:da:89:d7:b4:f6:79:9c:3d:89:0d:95:7c:07:97:60:62:3e:
26:0f:d5:46:c9:db:e2:94:96:c8:29:1e:a5:58:ce:6a:cd:cf:
7c:6b:32:e3:1f:aa:a0:df:9a:0e:fd:e8:55:52:5a:32:f3:56:
b0:c0:d9:bf:e0:e2:d5:ec:29:59:e6:4f:28:00:09:d4:0f:83:
93:d5:f1:a6:3b:fd:ce:f8:05:44:b1:7f:98:ac:a9:e7:6a:d8:
15:23:6a:d1:c3:6f:b4:7f:0a:65:f4:7e:a2:a0:58:ec:58:a1:
b3:75:08:82:8b:e4:7d:c8:9e:ac:03:6b:d0:28:db:96:a9:8e:
a4:26:73:bf:c9:69:82:0c:cf:02:e4:07:02:49:5e:58:d5:19:
23:8a:5a:b1:32:f7:5f:73:d9:d7:08:3a:66:8d:b6:82:2e:3a:
af:e5:c6:87:04:db:2a:82:95:4f:2e:6d:0b:5b:39:d5:17:67:
91:34:b6:c9:1d:c5:74:47:28:1a:37:31:25:61:e6:ca:7c:ff:
87:4b:36:58:be:ad:23:17:77:bc:87:f5:e9:c7:d5:24:4d:e0:
9c:24:fc:5e:b0:67:9a:3b:ba:7c:30:4d:c1:6c:1d:01:63:5d:
e5:cc:c6:24
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAZQkRL/ZkIw9Y5l3S4ucXJmtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3YzI0ZGU5OTEwMWZhZmRmNzRiY2EyOTNmZDZkOTUwNjBk
NTBhNjMwHhcNMjUwMTAxMjM0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGIyMDhlMTFjNDdkN2IyNjgwZDFmNmU5MzIyNmU4ODQ3NWVlYzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4dCwDN681uzbKX69rBDWIErDpG0
/7jvxwO9eb26MWq39vYw+ovetfBHGUAV9dVw6TyhGgnUIam6Pep8+buZHjXQh4M0
FMGAzko6tLt5Lm6GfauDzhwg4Zpah16qz4EOJifAilWI0ymzXslrnkgn2CA4alz2
U+vHJd+jTz+gunwDxthfHXu4pzzYooGrPrHUMyntyHmpyHaEUM6BK0iaRRHjDU+2
3kiAPJaR9hnTefDSIqYxtyRPK4Cud/P2hMODdmsvN1y4QbXaVxdb9kxk5Cj5QmZR
D1Szptq1bFZUZuX7qft1NRiA9EQrYrn1ZDsy9DItDPdHhnKDbM4dF6t0ZQIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFM2yCOEcR9eyaA0fbpMibohHXuyDMB8GA1UdIwQY
MBaAFMfCTemRAfr990vKKT/W2VBg1QpjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQt
ZWQ1ZDZjZThkN2U4LzEvemJJSTRSeEgxN0pvRFI5dWt5SnVpRWRlN0lNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi9lYjAxM2YtNTc3NC00ZTA2LWE1ZDQtZWQ1ZDZjZThkN2U4
LzEveDhKTjZaRUItdjMzUzhvcFA5YlpVR0RWQ21NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDBwBAIAATBqAwMCBTAD
AwMfIAMDAT4iAwQFPsmAMAsDAwFQ1gMEBVDWwDALAwQDUNb4AwMDUNADAwJXWAMD
BFlQAwMBXu4DAwGATgMEB6SxAAMDBrCAAwQEwnXAAwQFwp5gAwQHwySAAwMB1MID
AwDVLDAUBAIAAjAOAwUDIAEIYAMFAyoEzsAwDQYJKoZIhvcNAQELBQADggEBAKLJ
1zge3OxUsqn0rkGvRC0+6cjaide09nmcPYkNlXwHl2BiPiYP1UbJ2+KUlsgpHqVY
zmrNz3xrMuMfqqDfmg796FVSWjLzVrDA2b/g4tXsKVnmTygACdQPg5PV8aY7/c74
BUSxf5isqedq2BUjatHDb7R/CmX0fqKgWOxYobN1CIKL5H3InqwDa9Ao25apjqQm
c7/JaYIMzwLkBwJJXljVGSOKWrEy919z2dcIOmaNtoIuOq/lxocE2yqClU8ubQtb
OdUXZ5E0tskdxXRHKBo3MSVh5sp8/4dLNli+rSMXd7yH9enH1SRN4Jwk/F6wZ5o7
unwwTcFsHQFjXeXMxiQ=
-----END CERTIFICATE-----
Generated at Mon Apr 7 09:25:45 2025 by rpki-client