Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/zLAtB_XUh2RgBcOqYFSC3nkEPvs.roa
File: zLAtB_XUh2RgBcOqYFSC3nkEPvs.roa (raw, json)
Hash identifier: J/EQLsSRdti9PSX43YyMwUnwNWj4OyzAjeXQoWkVFcQ=
Subject key identifier: CC:B0:2D:07:F5:D4:87:64:60:05:C3:AA:60:54:82:DE:79:04:3E:FB
Certificate issuer: /CN=23120c6a6c8cf1726e7d48e314a16ccd05ef8607
Certificate serial: 0194244581F77D9757051A3D4F9DD97BA64A
Authority key identifier: 23:12:0C:6A:6C:8C:F1:72:6E:7D:48:E3:14:A1:6C:CD:05:EF:86:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IxIMamyM8XJufUjjFKFszQXvhgc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/zLAtB_XUh2RgBcOqYFSC3nkEPvs.roa
Signing time: Wed 01 Jan 2025 23:48:42 +0000
ROA not before: Wed 01 Jan 2025 23:48:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24845
IP address blocks: 194.113.40.0/23 maxlen: 23
194.246.128.0/20 maxlen: 20
194.246.144.0/21 maxlen: 21
194.246.152.0/22 maxlen: 22
194.246.160.0/19 maxlen: 19
194.246.192.0/18 maxlen: 18
2a00:1830::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/IxIMamyM8XJufUjjFKFszQXvhgc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/IxIMamyM8XJufUjjFKFszQXvhgc.mft
rsync://rpki.ripe.net/repository/DEFAULT/IxIMamyM8XJufUjjFKFszQXvhgc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:81:f7:7d:97:57:05:1a:3d:4f:9d:d9:7b:a6:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23120c6a6c8cf1726e7d48e314a16ccd05ef8607
Validity
Not Before: Jan 1 23:48:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ccb02d07f5d487646005c3aa605482de79043efb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:f2:fb:04:32:fd:a3:7d:16:92:10:9a:82:65:
a3:09:bb:b4:ec:83:52:c0:5a:56:26:8f:02:21:86:
73:ca:97:84:38:be:04:52:6d:8a:9a:60:db:d4:87:
74:1e:25:34:dc:e1:0c:a5:14:b4:04:d8:cd:67:e3:
6c:a0:07:88:ad:0b:28:1c:e8:3b:c6:6a:66:4f:13:
92:ff:08:a5:fd:97:77:3d:f1:d8:7b:a7:bb:6e:83:
2a:29:5d:02:f5:a4:4f:b1:c9:a7:44:22:9f:48:e6:
94:01:b2:89:bc:c8:dd:d6:0d:79:13:21:2e:c4:a7:
67:85:e7:25:e9:41:03:e5:54:5c:f0:63:cd:c5:9b:
da:43:90:1b:c6:5b:d1:10:c4:a0:1d:76:d2:3c:32:
67:9d:6c:ff:4d:ad:78:79:83:a9:6c:ec:78:12:06:
7f:e3:19:1a:4a:5f:06:de:e7:97:e5:9e:5a:4d:05:
a5:59:2d:3c:b5:a0:81:b7:ce:f5:57:b0:e1:fd:7f:
df:46:02:c2:40:90:65:49:c7:6d:e0:77:e6:56:c2:
f3:5c:05:55:50:75:ce:95:80:4d:cf:b5:e1:ca:90:
21:dd:01:db:60:e1:78:d0:7f:cc:4d:b9:4d:42:94:
3c:34:62:a2:25:4c:92:c9:fd:c0:cd:55:7e:1b:48:
62:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B0:2D:07:F5:D4:87:64:60:05:C3:AA:60:54:82:DE:79:04:3E:FB
X509v3 Authority Key Identifier:
keyid:23:12:0C:6A:6C:8C:F1:72:6E:7D:48:E3:14:A1:6C:CD:05:EF:86:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IxIMamyM8XJufUjjFKFszQXvhgc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/zLAtB_XUh2RgBcOqYFSC3nkEPvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/1fadce-7fa7-4c4c-bded-e4b702f16116/1/IxIMamyM8XJufUjjFKFszQXvhgc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.113.40.0/23
194.246.128.0-194.246.155.255
194.246.160.0-194.246.255.255
IPv6:
2a00:1830::/32
Signature Algorithm: sha256WithRSAEncryption
4e:2a:70:ab:d7:85:3a:99:71:30:65:fd:f1:07:65:e3:38:d8:
bd:9e:13:e3:85:83:64:39:61:c1:6c:a6:9e:aa:0b:34:71:64:
7e:de:04:4e:20:4b:96:78:44:af:30:84:8f:5b:63:ca:50:2e:
f0:fa:43:6d:63:6b:a5:e4:76:e9:23:d7:45:b4:2c:21:f8:2f:
77:13:11:9d:66:be:d5:df:c0:7d:bd:37:3b:20:aa:cc:9b:38:
fb:f5:b2:e2:b5:fe:f4:db:32:fd:48:b0:ad:ec:01:8a:d3:b8:
d2:50:db:22:ac:bb:6d:b3:39:74:fc:43:31:52:1b:45:25:f5:
86:9f:57:69:0d:48:6c:38:ea:9e:e2:e6:f7:c8:58:a4:68:53:
68:2e:c9:2a:b6:54:54:8b:98:1d:1e:fb:ec:18:9e:aa:26:5b:
f7:70:7f:6c:e9:d9:20:8e:93:1c:97:6a:f8:f8:64:b3:73:0b:
15:12:28:0e:6d:43:dd:6d:3f:87:a0:f4:1e:2b:22:55:46:94:
39:42:93:83:ac:11:23:53:cc:92:6d:bb:3c:6f:ff:33:64:fa:
59:20:e7:b2:5a:83:cc:a7:2e:04:5b:b3:1e:f8:6c:84:9c:d0:
df:93:33:e8:a4:f3:77:c6:96:77:34:67:00:b8:c8:e7:ba:50:
06:9e:af:87
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZQkRYH3fZdXBRo9T53Ze6ZKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMTIwYzZhNmM4Y2YxNzI2ZTdkNDhlMzE0YTE2Y2NkMDVl
Zjg2MDcwHhcNMjUwMTAxMjM0ODQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2IwMmQwN2Y1ZDQ4NzY0NjAwNWMzYWE2MDU0ODJkZTc5MDQzZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPL7BDL9o30WkhCagmWjCbu07INS
wFpWJo8CIYZzypeEOL4EUm2KmmDb1Id0HiU03OEMpRS0BNjNZ+NsoAeIrQsoHOg7
xmpmTxOS/wil/Zd3PfHYe6e7boMqKV0C9aRPscmnRCKfSOaUAbKJvMjd1g15EyEu
xKdnhecl6UED5VRc8GPNxZvaQ5AbxlvREMSgHXbSPDJnnWz/Ta14eYOpbOx4EgZ/
4xkaSl8G3ueX5Z5aTQWlWS08taCBt871V7Dh/X/fRgLCQJBlScdt4HfmVsLzXAVV
UHXOlYBNz7XhypAh3QHbYOF40H/MTblNQpQ8NGKiJUySyf3AzVV+G0hiNQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFMywLQf11IdkYAXDqmBUgt55BD77MB8GA1UdIwQY
MBaAFCMSDGpsjPFybn1I4xShbM0F74YHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXhJTWFteU04WEp1ZlVqakZLRnN6UVh2aGdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS8xZmFkY2UtN2ZhNy00YzRjLWJkZWQt
ZTRiNzAyZjE2MTE2LzEvekxBdEJfWFVoMlJnQmNPcVlGU0MzbmtFUHZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS8xZmFkY2UtN2ZhNy00YzRjLWJkZWQtZTRiNzAyZjE2MTE2
LzEvSXhJTWFteU04WEp1ZlVqakZLRnN6UVh2aGdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAnBAIAATAhAwQBwnEoMAwD
BAfC9oADBALC9pgwCwMEBcL2oAMDAML2MA0EAgACMAcDBQAqABgwMA0GCSqGSIb3
DQEBCwUAA4IBAQBOKnCr14U6mXEwZf3xB2XjONi9nhPjhYNkOWHBbKaeqgs0cWR+
3gROIEuWeESvMISPW2PKUC7w+kNtY2ul5HbpI9dFtCwh+C93ExGdZr7V38B9vTc7
IKrMmzj79bLitf702zL9SLCt7AGK07jSUNsirLttszl0/EMxUhtFJfWGn1dpDUhs
OOqe4ub3yFikaFNoLskqtlRUi5gdHvvsGJ6qJlv3cH9s6dkgjpMcl2r4+GSzcwsV
EigObUPdbT+HoPQeKyJVRpQ5QpODrBEjU8ySbbs8b/8zZPpZIOeyWoPMpy4EW7Me
+GyEnNDfkzPopPN3xpZ3NGcAuMjnulAGnq+H
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:01:44 2025 by rpki-client