Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/7f569f-cc3c-429e-bd1d-b4b97f11c3dd/1/Zja22H7huKyd4DPgiFnlD1La7Es.roa
File: Zja22H7huKyd4DPgiFnlD1La7Es.roa (raw, json)
Hash identifier: AXLErsCzJc/qr3Tna9lN0B3Ap4Vz9K2Svk3Dy2hJER8=
Subject key identifier: 66:36:B6:D8:7E:E1:B8:AC:9D:E0:33:E0:88:59:E5:0F:52:DA:EC:4B
Certificate issuer: /CN=caeefd0844eb139ab21f80d4072ce0b8edcc06b5
Certificate serial: 019420685BDA53AB541F55DC8AF20B618471
Authority key identifier: CA:EE:FD:08:44:EB:13:9A:B2:1F:80:D4:07:2C:E0:B8:ED:CC:06:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yu79CETrE5qyH4DUByzguO3MBrU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/7f569f-cc3c-429e-bd1d-b4b97f11c3dd/1/Zja22H7huKyd4DPgiFnlD1La7Es.roa
Signing time: Wed 01 Jan 2025 05:48:17 +0000
ROA not before: Wed 01 Jan 2025 05:48:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207828
IP address blocks: 193.109.224.0/24 maxlen: 24
193.109.226.0/24 maxlen: 24
193.109.230.0/24 maxlen: 24
193.110.82.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/7f569f-cc3c-429e-bd1d-b4b97f11c3dd/1/yu79CETrE5qyH4DUByzguO3MBrU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/7f569f-cc3c-429e-bd1d-b4b97f11c3dd/1/yu79CETrE5qyH4DUByzguO3MBrU.mft
rsync://rpki.ripe.net/repository/DEFAULT/yu79CETrE5qyH4DUByzguO3MBrU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:5b:da:53:ab:54:1f:55:dc:8a:f2:0b:61:84:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caeefd0844eb139ab21f80d4072ce0b8edcc06b5
Validity
Not Before: Jan 1 05:48:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6636b6d87ee1b8ac9de033e08859e50f52daec4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8c:51:e3:bd:4d:5b:7a:32:4e:23:95:46:7e:
67:51:8b:bc:0a:c7:17:52:3b:46:33:e3:65:54:ea:
5a:17:cf:c1:07:f2:19:b6:dd:a7:d0:e6:a7:09:21:
88:99:f7:3b:d4:a0:3f:34:4d:8c:5e:0d:95:9e:8f:
15:c1:1d:b3:51:ec:03:16:94:9f:12:23:b3:ab:2f:
ec:fd:80:54:2c:70:e4:bd:c5:9a:16:ec:d9:7c:24:
bd:3a:ed:54:5c:c1:5d:4c:63:38:75:6a:e8:fc:70:
72:15:da:8f:0a:95:85:b2:d9:6f:f0:ac:7c:f6:46:
4c:66:f5:c3:94:07:28:b9:03:e1:72:04:a8:9b:f4:
20:51:6c:4f:a1:1c:62:fd:8a:4d:4e:1f:9f:10:d9:
d0:3e:a0:2d:f2:8e:16:e1:00:29:13:ad:17:28:75:
c1:93:1e:3c:ee:3f:32:3b:78:88:8a:97:eb:b9:29:
29:89:19:5e:76:ab:e4:ca:d4:0f:c1:c7:88:a7:64:
2e:94:37:e1:be:4d:61:b0:e1:c4:25:44:45:c1:3b:
00:65:c0:48:93:d2:df:c0:5f:93:4a:e7:26:0a:26:
08:47:ee:6e:40:cd:bd:6a:4f:9d:ab:35:43:8d:0b:
df:ae:3c:8a:7f:9c:5a:a6:9c:96:c1:b4:40:d2:b9:
ed:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:36:B6:D8:7E:E1:B8:AC:9D:E0:33:E0:88:59:E5:0F:52:DA:EC:4B
X509v3 Authority Key Identifier:
keyid:CA:EE:FD:08:44:EB:13:9A:B2:1F:80:D4:07:2C:E0:B8:ED:CC:06:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yu79CETrE5qyH4DUByzguO3MBrU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7f569f-cc3c-429e-bd1d-b4b97f11c3dd/1/Zja22H7huKyd4DPgiFnlD1La7Es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/7f569f-cc3c-429e-bd1d-b4b97f11c3dd/1/yu79CETrE5qyH4DUByzguO3MBrU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.109.224.0/24
193.109.226.0/24
193.109.230.0/24
193.110.82.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:8b:5b:db:f9:9f:ca:d0:5c:8c:5e:bf:c2:5f:17:e6:e1:bc:
56:ef:ae:b2:fb:8a:77:ed:04:3f:de:22:a1:6e:8c:cb:03:7d:
4f:da:7e:9d:a6:e2:4e:14:ff:e0:a1:07:29:12:44:82:30:d5:
39:e5:22:4d:7f:72:0d:e3:11:21:92:2f:40:b0:4d:8f:9e:bb:
a3:5e:6a:27:aa:03:e9:4b:83:ee:ad:c8:12:cb:86:cc:c3:7c:
e0:77:96:16:53:e1:0d:33:1a:1d:e5:10:43:23:55:25:fa:f0:
77:69:bb:d7:4d:0f:ac:84:74:40:e6:44:ba:b6:8f:72:7f:2c:
b2:04:81:36:d5:fb:c8:10:df:7a:e0:6c:d5:b4:b0:33:d5:a3:
9b:4d:07:a9:94:a7:b7:52:54:7e:de:42:7f:8e:2e:9d:a7:47:
28:65:01:ee:97:37:f9:71:2c:93:2d:78:22:a0:25:a2:ea:45:
cc:66:a6:b6:79:69:3d:a2:2f:6b:0d:39:a3:e7:38:98:74:cf:
64:86:9a:75:98:55:ce:e2:40:2e:ce:50:95:d4:38:40:6a:e1:
f4:8f:e6:6f:2b:e0:15:e4:51:4e:b4:ae:cf:bf:5d:86:91:03:
b8:75:ad:72:6a:1c:b4:60:3f:64:9d:f0:c6:17:5d:47:ef:db:
12:4b:8f:56
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQgaFvaU6tUH1XcivILYYRxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZWVmZDA4NDRlYjEzOWFiMjFmODBkNDA3MmNlMGI4ZWRj
YzA2YjUwHhcNMjUwMTAxMDU0ODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjM2YjZkODdlZTFiOGFjOWRlMDMzZTA4ODU5ZTUwZjUyZGFlYzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYxR471NW3oyTiOVRn5nUYu8CscX
UjtGM+NlVOpaF8/BB/IZtt2n0OanCSGImfc71KA/NE2MXg2Vno8VwR2zUewDFpSf
EiOzqy/s/YBULHDkvcWaFuzZfCS9Ou1UXMFdTGM4dWro/HByFdqPCpWFstlv8Kx8
9kZMZvXDlAcouQPhcgSom/QgUWxPoRxi/YpNTh+fENnQPqAt8o4W4QApE60XKHXB
kx487j8yO3iIipfruSkpiRledqvkytQPwceIp2QulDfhvk1hsOHEJURFwTsAZcBI
k9LfwF+TSucmCiYIR+5uQM29ak+dqzVDjQvfrjyKf5xappyWwbRA0rntYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGY2tth+4bisneAz4IhZ5Q9S2uxLMB8GA1UdIwQY
MBaAFMru/QhE6xOash+A1Acs4LjtzAa1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXU3OUNFVHJFNXF5SDREVUJ5emd1TzNNQnJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83ZjU2OWYtY2MzYy00MjllLWJkMWQt
YjRiOTdmMTFjM2RkLzEvWmphMjJIN2h1S3lkNERQZ2lGbmxEMUxhN0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83ZjU2OWYtY2MzYy00MjllLWJkMWQtYjRiOTdmMTFjM2Rk
LzEveXU3OUNFVHJFNXF5SDREVUJ5emd1TzNNQnJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwW3gAwQA
wW3iAwQAwW3mAwQAwW5SMA0GCSqGSIb3DQEBCwUAA4IBAQBvi1vb+Z/K0FyMXr/C
Xxfm4bxW766y+4p37QQ/3iKhbozLA31P2n6dpuJOFP/goQcpEkSCMNU55SJNf3IN
4xEhki9AsE2PnrujXmonqgPpS4PurcgSy4bMw3zgd5YWU+ENMxod5RBDI1Ul+vB3
abvXTQ+shHRA5kS6to9yfyyyBIE21fvIEN964GzVtLAz1aObTQeplKe3UlR+3kJ/
ji6dp0coZQHulzf5cSyTLXgioCWi6kXMZqa2eWk9oi9rDTmj5ziYdM9khpp1mFXO
4kAuzlCV1DhAauH0j+ZvK+AV5FFOtK7Pv12GkQO4da1yahy0YD9knfDGF11H79sS
S49W
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:01:26 2025 by rpki-client