Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/zXvVe6nLVwFkSDCiUM6x3r-Uf8g.roa
File: zXvVe6nLVwFkSDCiUM6x3r-Uf8g.roa (raw, json)
Hash identifier: pz+KoscFR8BxDTxynFStXcnjiXaUWD5kwjcvZLm4qMM=
Subject key identifier: CD:7B:D5:7B:A9:CB:57:01:64:48:30:A2:50:CE:B1:DE:BF:94:7F:C8
Certificate issuer: /CN=0c323eec94edd0e748616150e00d06a2d6690ff2
Certificate serial: 019426D942E4CCDD9CD696B2FBFBD02A6867
Authority key identifier: 0C:32:3E:EC:94:ED:D0:E7:48:61:61:50:E0:0D:06:A2:D6:69:0F:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DDI-7JTt0OdIYWFQ4A0GotZpD_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/zXvVe6nLVwFkSDCiUM6x3r-Uf8g.roa
Signing time: Thu 02 Jan 2025 11:49:20 +0000
ROA not before: Thu 02 Jan 2025 11:49:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58075
IP address blocks: 45.150.244.0/22 maxlen: 24
176.56.44.0/22 maxlen: 24
185.233.216.0/24 maxlen: 24
185.248.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/DDI-7JTt0OdIYWFQ4A0GotZpD_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/DDI-7JTt0OdIYWFQ4A0GotZpD_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/DDI-7JTt0OdIYWFQ4A0GotZpD_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 20:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d9:42:e4:cc:dd:9c:d6:96:b2:fb:fb:d0:2a:68:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c323eec94edd0e748616150e00d06a2d6690ff2
Validity
Not Before: Jan 2 11:49:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd7bd57ba9cb5701644830a250ceb1debf947fc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:ed:61:30:56:d2:a2:98:22:72:67:f4:ea:c4:
0c:dd:aa:ae:c6:e2:a1:5e:03:4f:cf:8b:56:3d:cf:
1e:b0:10:6b:e0:e2:c8:44:b7:70:45:3f:e8:29:17:
12:f6:e9:4f:16:a8:c8:f6:de:af:8a:37:fb:79:51:
01:17:92:97:26:c2:44:5d:b1:a9:b2:8e:2d:02:e5:
22:0d:90:38:d5:f4:28:4c:4b:b9:25:e5:87:32:0d:
d0:ba:7c:dd:fa:91:ab:9d:6e:8d:e8:0b:58:c1:69:
19:89:0d:c2:a8:2e:29:6c:7c:0c:bc:8e:a9:b8:43:
af:60:00:70:1f:d7:38:b4:e7:3b:d1:a5:84:37:3e:
4e:b5:19:30:b5:8e:2a:db:98:85:be:ac:42:ce:f9:
ce:99:5c:84:af:2b:b4:6a:6d:60:67:ba:c3:45:95:
66:a7:f9:30:c6:75:d1:0f:b4:ee:0c:af:87:97:df:
e2:ee:2c:12:8b:9e:98:31:a8:47:7a:ee:67:a2:31:
79:a8:30:18:8d:06:45:1a:9a:a9:2b:69:3c:4a:69:
85:8e:ca:fc:ce:39:5f:59:38:b5:f6:b5:e8:59:b0:
5d:38:9c:86:58:3f:f3:03:5c:08:f2:11:7c:99:1b:
0e:57:3d:35:a1:6f:01:b8:00:12:fb:bc:02:b6:08:
50:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7B:D5:7B:A9:CB:57:01:64:48:30:A2:50:CE:B1:DE:BF:94:7F:C8
X509v3 Authority Key Identifier:
keyid:0C:32:3E:EC:94:ED:D0:E7:48:61:61:50:E0:0D:06:A2:D6:69:0F:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DDI-7JTt0OdIYWFQ4A0GotZpD_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/zXvVe6nLVwFkSDCiUM6x3r-Uf8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/fb7a42-1001-480d-8a6b-10dd952e2412/1/DDI-7JTt0OdIYWFQ4A0GotZpD_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.244.0/22
176.56.44.0/22
185.233.216.0/24
185.248.236.0/22
Signature Algorithm: sha256WithRSAEncryption
1b:32:86:e0:01:bb:81:d1:79:08:d6:6c:94:67:5b:e7:c2:a3:
61:7f:64:41:a0:13:8f:b9:ca:09:9e:59:88:dd:d6:34:11:8c:
27:9a:4f:c6:a9:35:9d:9e:58:00:86:a4:b5:03:bd:78:a1:ef:
4d:61:68:63:5e:ce:99:67:3a:cf:20:06:19:32:6a:db:99:1b:
2d:21:41:ae:b6:bc:4c:45:d4:d1:71:7d:f0:86:70:f3:7a:9b:
78:f8:e5:00:8d:d3:ae:c9:03:58:8c:cd:38:a3:61:2a:b0:6d:
48:79:0a:20:30:f0:d6:f0:5a:ee:47:e7:6f:f8:63:6c:ea:70:
f7:a1:82:64:fe:eb:e8:30:09:b9:14:b5:e7:88:f3:13:f0:7d:
72:99:95:fe:dc:8f:56:f4:a9:73:15:1c:e4:e7:fd:88:36:6d:
86:4f:3f:7d:35:30:6d:41:36:fa:2a:1b:b4:b4:08:17:18:67:
e1:84:04:d7:ab:36:10:5b:a5:f7:a8:b6:75:e0:75:e0:8f:a6:
f2:9f:55:be:79:f3:a8:32:05:3f:7e:c6:b4:dd:3a:5c:00:59:
bc:46:fe:5f:f1:87:72:ef:57:ae:e5:06:81:4b:fb:5b:26:c8:
ec:db:da:8d:7d:6b:aa:cd:ac:c5:3c:41:f2:a3:d7:b0:44:6f:
e1:28:62:46
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQm2ULkzN2c1pay+/vQKmhnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjMzIzZWVjOTRlZGQwZTc0ODYxNjE1MGUwMGQwNmEyZDY2
OTBmZjIwHhcNMjUwMTAyMTE0OTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDdiZDU3YmE5Y2I1NzAxNjQ0ODMwYTI1MGNlYjFkZWJmOTQ3ZmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAve1hMFbSopgicmf06sQM3aquxuKh
XgNPz4tWPc8esBBr4OLIRLdwRT/oKRcS9ulPFqjI9t6vijf7eVEBF5KXJsJEXbGp
so4tAuUiDZA41fQoTEu5JeWHMg3Qunzd+pGrnW6N6AtYwWkZiQ3CqC4pbHwMvI6p
uEOvYABwH9c4tOc70aWENz5OtRkwtY4q25iFvqxCzvnOmVyEryu0am1gZ7rDRZVm
p/kwxnXRD7TuDK+Hl9/i7iwSi56YMahHeu5nojF5qDAYjQZFGpqpK2k8SmmFjsr8
zjlfWTi19rXoWbBdOJyGWD/zA1wI8hF8mRsOVz01oW8BuAAS+7wCtghQ5wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFM171Xupy1cBZEgwolDOsd6/lH/IMB8GA1UdIwQY
MBaAFAwyPuyU7dDnSGFhUOANBqLWaQ/yMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRERJLTdKVHQwT2RJWVdGUTRBMEdvdFpwRF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9mYjdhNDItMTAwMS00ODBkLThhNmIt
MTBkZDk1MmUyNDEyLzEvelh2VmU2bkxWd0ZrU0RDaVVNNngzci1VZjhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9mYjdhNDItMTAwMS00ODBkLThhNmItMTBkZDk1MmUyNDEy
LzEvRERJLTdKVHQwT2RJWVdGUTRBMEdvdFpwRF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCLZb0AwQC
sDgsAwQAuenYAwQCufjsMA0GCSqGSIb3DQEBCwUAA4IBAQAbMobgAbuB0XkI1myU
Z1vnwqNhf2RBoBOPucoJnlmI3dY0EYwnmk/GqTWdnlgAhqS1A714oe9NYWhjXs6Z
ZzrPIAYZMmrbmRstIUGutrxMRdTRcX3whnDzept4+OUAjdOuyQNYjM04o2EqsG1I
eQogMPDW8FruR+dv+GNs6nD3oYJk/uvoMAm5FLXniPMT8H1ymZX+3I9W9KlzFRzk
5/2INm2GTz99NTBtQTb6Khu0tAgXGGfhhATXqzYQW6X3qLZ14HXgj6byn1W+efOo
MgU/fsa03TpcAFm8Rv5f8Ydy71eu5QaBS/tbJsjs29qNfWuqzazFPEHyo9ewRG/h
KGJG
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:09 2025 by rpki-client