Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/5fc80e-a095-4c20-90e4-2c0f98a74966/1/1Z0qsk9StCFAQktZcYQaKAQv6Eo.roa
File: 1Z0qsk9StCFAQktZcYQaKAQv6Eo.roa (raw, json)
Hash identifier: 7ZoC6UA8RmSyn6UoUQLfpDC2951iCi7ws/lgZfO/s3U=
Subject key identifier: D5:9D:2A:B2:4F:52:B4:21:40:42:4B:59:71:84:1A:28:04:2F:E8:4A
Certificate issuer: /CN=b37910da1f3a43f96b58f21905eb58f643d0267e
Certificate serial: 019421B19B35872B819DDA626EE338A16170
Authority key identifier: B3:79:10:DA:1F:3A:43:F9:6B:58:F2:19:05:EB:58:F6:43:D0:26:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s3kQ2h86Q_lrWPIZBetY9kPQJn4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/5fc80e-a095-4c20-90e4-2c0f98a74966/1/1Z0qsk9StCFAQktZcYQaKAQv6Eo.roa
Signing time: Wed 01 Jan 2025 11:47:55 +0000
ROA not before: Wed 01 Jan 2025 11:47:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203315
IP address blocks: 92.53.240.0/24 maxlen: 24
92.53.241.0/24 maxlen: 24
92.53.242.0/24 maxlen: 24
92.53.243.0/24 maxlen: 24
92.53.244.0/24 maxlen: 24
185.64.12.0/24 maxlen: 24
2a00:85c0:1::/48 maxlen: 48
2a00:85c0:3::/48 maxlen: 48
2a00:85c0:4::/48 maxlen: 48
2a00:85c0:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/5fc80e-a095-4c20-90e4-2c0f98a74966/1/s3kQ2h86Q_lrWPIZBetY9kPQJn4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/5fc80e-a095-4c20-90e4-2c0f98a74966/1/s3kQ2h86Q_lrWPIZBetY9kPQJn4.mft
rsync://rpki.ripe.net/repository/DEFAULT/s3kQ2h86Q_lrWPIZBetY9kPQJn4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Feb 2025 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:9b:35:87:2b:81:9d:da:62:6e:e3:38:a1:61:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b37910da1f3a43f96b58f21905eb58f643d0267e
Validity
Not Before: Jan 1 11:47:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d59d2ab24f52b42140424b5971841a28042fe84a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:58:4c:8a:a0:58:eb:15:15:1f:e3:5d:c2:5d:
f1:c0:d0:26:97:d8:7d:13:89:06:30:65:f6:00:6e:
d0:57:c0:5f:93:3b:ee:8b:82:2d:d2:cf:8c:48:22:
e5:20:f8:33:ba:28:b2:3f:86:bf:a9:64:ac:48:9e:
de:a1:e9:ec:03:75:17:29:21:54:ac:a9:cb:0a:46:
d8:d3:64:ca:a5:30:05:1b:e5:0b:94:40:a1:1e:4c:
75:7b:f8:b4:10:7a:20:7b:8c:86:55:6b:db:bf:b5:
dc:4a:7a:6a:cd:1e:c9:ea:63:95:bb:20:ac:83:4f:
23:9b:24:6a:89:f3:ea:ae:fa:07:14:6a:f0:fc:38:
e1:de:3e:7c:a4:66:72:0d:d6:77:5a:98:20:2f:9b:
fb:46:1a:08:ab:31:36:c0:ce:59:10:26:70:cf:e9:
ed:e6:1d:e2:95:4d:c2:d3:c0:d8:e4:53:25:5c:4d:
42:df:27:70:9e:1a:61:51:27:23:10:48:f2:3c:68:
93:85:ed:63:d6:83:02:2c:af:b4:08:be:ed:99:75:
a4:72:ad:00:dc:27:73:ab:d6:12:a7:7b:03:d2:27:
9f:2b:05:01:f2:e3:94:3c:86:aa:39:67:11:d9:42:
cd:f9:d6:9b:0e:0c:79:04:77:03:a2:d3:f0:1a:6f:
5a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:9D:2A:B2:4F:52:B4:21:40:42:4B:59:71:84:1A:28:04:2F:E8:4A
X509v3 Authority Key Identifier:
keyid:B3:79:10:DA:1F:3A:43:F9:6B:58:F2:19:05:EB:58:F6:43:D0:26:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s3kQ2h86Q_lrWPIZBetY9kPQJn4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5fc80e-a095-4c20-90e4-2c0f98a74966/1/1Z0qsk9StCFAQktZcYQaKAQv6Eo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/5fc80e-a095-4c20-90e4-2c0f98a74966/1/s3kQ2h86Q_lrWPIZBetY9kPQJn4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.240.0-92.53.244.255
185.64.12.0/24
IPv6:
2a00:85c0:1::/48
2a00:85c0:3::-2a00:85c0:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
70:17:20:5f:94:ae:3c:35:a5:74:a7:3e:53:f4:e0:cb:76:c6:
75:0b:54:d7:86:f0:e2:2a:21:36:83:6e:d4:c3:d2:9c:12:75:
96:29:75:6d:2b:4d:9a:f1:0f:e4:57:21:0e:83:41:db:0a:8e:
ed:b9:00:22:b1:5b:ea:d2:a4:9a:15:d4:4e:3a:73:75:8e:b4:
d6:1f:15:9c:cb:eb:b0:80:93:69:69:4b:4b:f9:60:69:99:b0:
9d:79:86:6b:bb:00:96:9c:ab:cd:2a:39:bb:d5:c0:21:23:b6:
6d:13:53:44:54:eb:b9:fa:7b:e1:eb:14:70:8d:60:24:90:5e:
7a:80:a0:cb:c2:27:a2:56:6c:a3:7a:0d:35:85:cf:2f:48:42:
4e:ca:80:f2:5a:db:2f:f1:7c:a3:ab:64:b5:59:e2:bf:34:3b:
be:0a:04:68:2d:55:23:f4:86:73:e4:32:a8:78:cb:79:c3:b0:
7f:19:0a:76:23:5c:30:e6:b0:4e:58:76:2a:1b:56:fe:cc:59:
ff:03:a5:bc:85:22:ac:f8:e0:b9:bc:fe:a7:b9:dd:2d:db:63:
68:b7:d6:5d:ef:6d:d5:b4:0e:50:68:4a:cc:3c:fc:00:1f:40:
7a:72:f3:e7:48:35:2f:ca:07:09:df:30:68:be:db:df:c4:08:
0a:6d:09:39
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAZQhsZs1hyuBndpibuM4oWFwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzNzkxMGRhMWYzYTQzZjk2YjU4ZjIxOTA1ZWI1OGY2NDNk
MDI2N2UwHhcNMjUwMTAxMTE0NzU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTlkMmFiMjRmNTJiNDIxNDA0MjRiNTk3MTg0MWEyODA0MmZlODRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1hMiqBY6xUVH+Ndwl3xwNAml9h9
E4kGMGX2AG7QV8Bfkzvui4It0s+MSCLlIPgzuiiyP4a/qWSsSJ7eoensA3UXKSFU
rKnLCkbY02TKpTAFG+ULlEChHkx1e/i0EHoge4yGVWvbv7XcSnpqzR7J6mOVuyCs
g08jmyRqifPqrvoHFGrw/Djh3j58pGZyDdZ3WpggL5v7RhoIqzE2wM5ZECZwz+nt
5h3ilU3C08DY5FMlXE1C3ydwnhphUScjEEjyPGiThe1j1oMCLK+0CL7tmXWkcq0A
3Cdzq9YSp3sD0iefKwUB8uOUPIaqOWcR2ULN+dabDgx5BHcDotPwGm9a5wIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFNWdKrJPUrQhQEJLWXGEGigEL+hKMB8GA1UdIwQY
MBaAFLN5ENofOkP5a1jyGQXrWPZD0CZ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczNrUTJoODZRX2xyV1BJWkJldFk5a1BRSm40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi81ZmM4MGUtYTA5NS00YzIwLTkwZTQt
MmMwZjk4YTc0OTY2LzEvMVowcXNrOVN0Q0ZBUWt0WmNZUWFLQVF2NkVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi81ZmM4MGUtYTA5NS00YzIwLTkwZTQtMmMwZjk4YTc0OTY2
LzEvczNrUTJoODZRX2xyV1BJWkJldFk5a1BRSm40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAaBAIAATAUMAwDBARcNfAD
BABcNfQDBAC5QAwwIwQCAAIwHQMHACoAhcAAATASAwcAKgCFwAADAwcBKgCFwAAE
MA0GCSqGSIb3DQEBCwUAA4IBAQBwFyBflK48NaV0pz5T9ODLdsZ1C1TXhvDiKiE2
g27Uw9KcEnWWKXVtK02a8Q/kVyEOg0HbCo7tuQAisVvq0qSaFdROOnN1jrTWHxWc
y+uwgJNpaUtL+WBpmbCdeYZruwCWnKvNKjm71cAhI7ZtE1NEVOu5+nvh6xRwjWAk
kF56gKDLwieiVmyjeg01hc8vSEJOyoDyWtsv8Xyjq2S1WeK/NDu+CgRoLVUj9IZz
5DKoeMt5w7B/GQp2I1ww5rBOWHYqG1b+zFn/A6W8hSKs+OC5vP6nud0t22Not9Zd
723VtA5QaErMPPwAH0B6cvPnSDUvygcJ3zBovtvfxAgKbQk5
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:54:11 2025 by rpki-client