Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/4ZArBLnLocPpGHsaVFtOWy1GsWA.roa
File: 4ZArBLnLocPpGHsaVFtOWy1GsWA.roa (raw, json)
Hash identifier: pqXDsHt86t8zsxtaFtGXKbg4QUfmimTh3EtiWAKZzkQ=
Subject key identifier: E1:90:2B:04:B9:CB:A1:C3:E9:18:7B:1A:54:5B:4E:5B:2D:46:B1:60
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 0194282641BB5154A7E17EC530C89BFDA3DD
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/4ZArBLnLocPpGHsaVFtOWy1GsWA.roa
Signing time: Thu 02 Jan 2025 17:53:03 +0000
ROA not before: Thu 02 Jan 2025 17:53:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19762
IP address blocks: 91.229.114.0/24 maxlen: 24
193.243.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 04:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:26:41:bb:51:54:a7:e1:7e:c5:30:c8:9b:fd:a3:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Jan 2 17:53:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e1902b04b9cba1c3e9187b1a545b4e5b2d46b160
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:52:80:b6:58:0f:99:4e:b0:26:2d:e6:57:6c:
03:00:2a:a9:a3:0b:0e:84:2c:ff:3c:87:08:a0:34:
e0:7e:12:63:d3:82:b0:00:9c:ab:21:53:33:77:73:
ce:09:1e:f9:40:18:73:a3:24:6f:b4:99:78:82:9c:
67:f2:05:46:e1:65:28:58:df:54:82:68:1b:23:9e:
99:8c:53:1f:1b:c4:1d:8d:8d:b9:8b:06:84:86:01:
b2:80:e9:c4:bc:9e:7d:ae:db:19:e4:ff:33:7c:0b:
02:b4:2a:e3:5b:48:c6:63:16:6e:48:49:73:a1:f5:
61:ec:2b:06:b5:59:66:32:ae:e5:88:01:e8:60:12:
9b:9f:3e:14:8a:dd:c0:80:e4:42:20:ea:0e:9a:6f:
45:58:aa:4c:6e:f7:52:e3:ca:81:bd:58:8c:8e:a8:
20:dc:2d:02:8a:f0:a9:1e:8f:c8:c8:0d:58:a8:14:
ef:73:3e:00:5c:44:a1:5f:bc:5c:2e:60:3c:c1:91:
4a:d3:7c:a3:34:ad:c1:44:a6:45:54:8e:de:d6:6a:
dd:98:ee:f4:e7:c9:6b:48:00:26:e8:42:5c:80:8c:
cc:f2:66:cd:dc:5e:52:99:6e:7f:20:6f:94:ea:fd:
90:b3:9b:77:14:44:77:02:7f:9a:84:b0:9a:d8:7a:
bd:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:90:2B:04:B9:CB:A1:C3:E9:18:7B:1A:54:5B:4E:5B:2D:46:B1:60
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/4ZArBLnLocPpGHsaVFtOWy1GsWA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.229.114.0/24
193.243.190.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:d7:8a:15:d8:f8:85:e0:78:e9:97:45:9d:79:b6:1a:87:c7:
6c:44:62:c9:ee:83:eb:4b:58:cf:10:8b:52:cd:26:aa:28:1c:
2d:d6:39:ce:78:5a:e9:81:9c:fc:65:09:e1:47:5e:4e:1f:42:
a5:d6:13:6d:44:7d:30:f7:c2:03:48:d2:87:2c:cc:6e:a4:1e:
d9:b8:54:04:04:ee:28:2c:8b:10:0a:25:fa:1a:7f:0e:0b:b3:
dd:f0:7a:eb:90:92:f0:72:59:3b:20:d6:16:85:b9:8c:d5:83:
bf:23:5b:fa:61:8e:a9:25:fd:5d:14:c1:9a:f7:ce:fb:bb:22:
ce:1e:b0:2f:09:18:ca:c2:62:54:d9:ea:7e:17:2f:b2:f5:95:
be:34:97:7e:91:a9:6f:24:90:cc:cd:8c:a6:23:73:5e:d3:f1:
56:a2:8a:79:e9:56:5c:f7:bc:63:3e:03:ea:65:b5:e5:60:83:
e0:ba:82:62:c8:46:a8:66:94:fc:5b:8a:9b:f9:2e:b9:21:7a:
ad:de:ab:62:dd:29:bb:1c:c9:f9:ce:40:40:3b:45:b8:66:60:
8f:16:3b:e3:49:20:69:37:42:53:44:3d:5c:a8:d2:eb:15:c5:
04:2d:98:c8:47:ab:4c:74:27:fb:27:fe:09:94:54:1a:5d:e6:
6f:ae:d9:5c
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJkG7UVSn4X7FMMib/aPdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwMTAyMTc1MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTkwMmIwNGI5Y2JhMWMzZTkxODdiMWE1NDViNGU1YjJkNDZiMTYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1KAtlgPmU6wJi3mV2wDACqpowsO
hCz/PIcIoDTgfhJj04KwAJyrIVMzd3POCR75QBhzoyRvtJl4gpxn8gVG4WUoWN9U
gmgbI56ZjFMfG8QdjY25iwaEhgGygOnEvJ59rtsZ5P8zfAsCtCrjW0jGYxZuSElz
ofVh7CsGtVlmMq7liAHoYBKbnz4Uit3AgORCIOoOmm9FWKpMbvdS48qBvViMjqgg
3C0CivCpHo/IyA1YqBTvcz4AXEShX7xcLmA8wZFK03yjNK3BRKZFVI7e1mrdmO70
58lrSAAm6EJcgIzM8mbN3F5SmW5/IG+U6v2Qs5t3FER3An+ahLCa2Hq95QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOGQKwS5y6HD6Rh7GlRbTlstRrFgMB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvNFpBckJMbkxvY1BwR0hzYVZGdE9XeTFHc1dBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+VyAwQA
wfO+MA0GCSqGSIb3DQEBCwUAA4IBAQAt14oV2PiF4Hjpl0WdebYah8dsRGLJ7oPr
S1jPEItSzSaqKBwt1jnOeFrpgZz8ZQnhR15OH0Kl1hNtRH0w98IDSNKHLMxupB7Z
uFQEBO4oLIsQCiX6Gn8OC7Pd8HrrkJLwclk7INYWhbmM1YO/I1v6YY6pJf1dFMGa
9877uyLOHrAvCRjKwmJU2ep+Fy+y9ZW+NJd+kalvJJDMzYymI3Ne0/FWoop56VZc
97xjPgPqZbXlYIPguoJiyEaoZpT8W4qb+S65IXqt3qti3Sm7HMn5zkBAO0W4ZmCP
FjvjSSBpN0JTRD1cqNLrFcUELZjIR6tMdCf7J/4JlFQaXeZvrtlc
-----END CERTIFICATE-----
Generated at Sun Apr 6 12:01:03 2025 by rpki-client