Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6d4759-a05e-46bc-be58-669eed2ec7ea/1/Do_ZNFPYd7X2-W1xZGRW00-SNss.roa
File: Do_ZNFPYd7X2-W1xZGRW00-SNss.roa (raw, json)
Hash identifier: Ol8hC9+K4SVNjxQKvkLbRCYT37tEnqOL0zEZ/PI9ysk=
Subject key identifier: 0E:8F:D9:34:53:D8:77:B5:F6:F9:6D:71:64:64:56:D3:4F:92:36:CB
Certificate issuer: /CN=ba76706d3e08813db8b2776628af846518e26dd2
Certificate serial: 0194221FC41B2A1E5BAE8B31E092324BED64
Authority key identifier: BA:76:70:6D:3E:08:81:3D:B8:B2:77:66:28:AF:84:65:18:E2:6D:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/unZwbT4IgT24sndmKK-EZRjibdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6d4759-a05e-46bc-be58-669eed2ec7ea/1/Do_ZNFPYd7X2-W1xZGRW00-SNss.roa
Signing time: Wed 01 Jan 2025 13:48:14 +0000
ROA not before: Wed 01 Jan 2025 13:48:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203205
IP address blocks: 185.125.8.0/22 maxlen: 22
185.125.8.0/24 maxlen: 24
185.125.9.0/24 maxlen: 24
185.125.10.0/24 maxlen: 24
185.125.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/6d4759-a05e-46bc-be58-669eed2ec7ea/1/unZwbT4IgT24sndmKK-EZRjibdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/6d4759-a05e-46bc-be58-669eed2ec7ea/1/unZwbT4IgT24sndmKK-EZRjibdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/unZwbT4IgT24sndmKK-EZRjibdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:1f:c4:1b:2a:1e:5b:ae:8b:31:e0:92:32:4b:ed:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ba76706d3e08813db8b2776628af846518e26dd2
Validity
Not Before: Jan 1 13:48:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e8fd93453d877b5f6f96d71646456d34f9236cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:96:b2:2e:2c:58:ab:9a:03:a3:e8:d9:aa:db:
ce:97:7c:3d:e9:66:6c:a4:13:8e:b9:53:3d:34:f0:
21:4f:d1:9d:96:93:06:9a:53:a8:04:e1:ac:59:76:
7d:c3:4e:1b:3c:18:15:8b:78:03:5a:13:66:71:be:
88:61:e7:03:a4:75:e9:5d:ba:ea:8f:4f:80:ee:d7:
ef:6c:a2:ef:4e:ae:38:7e:95:2f:21:45:95:d0:48:
98:8a:eb:c5:a3:e8:f5:b5:94:7f:22:5c:46:4d:3e:
79:67:35:61:35:65:67:ce:e6:2e:c3:a4:c7:8a:be:
3f:70:b2:ae:7a:b6:e9:58:8d:c6:c9:48:70:92:22:
e5:21:8b:a6:78:4e:30:00:48:b7:b0:b6:c1:56:e7:
bf:25:78:4f:f2:93:0a:c7:99:57:88:64:a9:00:03:
a7:9c:1a:39:94:e3:48:0e:99:7d:9a:3a:9e:e0:95:
9f:b6:16:db:02:20:1f:b4:90:42:18:62:c9:29:c3:
2a:b5:1f:5f:39:c0:c1:b7:78:a4:a1:e2:3b:5e:ff:
9a:07:b2:75:7a:d5:2f:ea:99:87:1b:4a:8d:8a:f1:
f0:28:04:86:1b:aa:1e:dd:cb:71:c4:a0:6a:69:4d:
80:ab:44:f4:1d:88:36:90:86:74:29:fd:ef:86:c5:
1e:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:8F:D9:34:53:D8:77:B5:F6:F9:6D:71:64:64:56:D3:4F:92:36:CB
X509v3 Authority Key Identifier:
keyid:BA:76:70:6D:3E:08:81:3D:B8:B2:77:66:28:AF:84:65:18:E2:6D:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/unZwbT4IgT24sndmKK-EZRjibdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6d4759-a05e-46bc-be58-669eed2ec7ea/1/Do_ZNFPYd7X2-W1xZGRW00-SNss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6d4759-a05e-46bc-be58-669eed2ec7ea/1/unZwbT4IgT24sndmKK-EZRjibdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.8.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:e3:13:03:e8:70:74:4f:c2:59:1c:3e:32:02:02:ac:3a:f5:
7b:08:f8:b5:c1:a7:b5:52:ab:8a:a1:f4:1c:0d:e5:a1:cb:7b:
26:b2:5a:e5:81:b9:27:40:0d:a0:55:ec:ed:63:5f:09:da:b2:
e8:89:2b:4e:c0:a3:36:b5:27:98:eb:e6:68:51:eb:4f:bb:3c:
70:6e:46:60:ff:cd:76:c7:1d:9a:e0:38:1c:8d:a7:38:df:a6:
2d:9a:59:e0:22:b3:61:b7:3a:8d:da:c2:a5:c3:a1:ef:6d:09:
de:52:6d:d4:38:0d:2e:80:51:14:1e:c2:2c:e0:88:7c:bb:2b:
93:b0:bd:69:4c:c0:75:4c:00:f0:23:1d:43:4f:b8:3d:78:24:
74:7f:33:46:a9:c0:5c:e6:2e:f5:23:bd:3e:a1:32:2c:a6:10:
2c:90:bb:12:90:fc:38:67:fa:af:03:91:5d:63:94:5d:5f:d0:
cb:4d:fd:ff:56:f6:8c:cb:1b:f7:58:aa:df:3f:39:d7:03:86:
ba:88:7c:e7:c9:44:55:57:9a:e5:94:54:12:71:e9:85:60:74:
6d:8b:72:88:c7:ab:64:9d:c4:1e:75:69:11:46:09:7a:48:4e:
13:a9:ad:d9:fb:4b:00:da:92:b0:d8:24:33:a1:b5:0e:2f:de:
64:d4:66:7d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQiH8QbKh5brosx4JIyS+1kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhNzY3MDZkM2UwODgxM2RiOGIyNzc2NjI4YWY4NDY1MThl
MjZkZDIwHhcNMjUwMTAxMTM0ODE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZThmZDkzNDUzZDg3N2I1ZjZmOTZkNzE2NDY0NTZkMzRmOTIzNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw5ayLixYq5oDo+jZqtvOl3w96WZs
pBOOuVM9NPAhT9GdlpMGmlOoBOGsWXZ9w04bPBgVi3gDWhNmcb6IYecDpHXpXbrq
j0+A7tfvbKLvTq44fpUvIUWV0EiYiuvFo+j1tZR/IlxGTT55ZzVhNWVnzuYuw6TH
ir4/cLKuerbpWI3GyUhwkiLlIYumeE4wAEi3sLbBVue/JXhP8pMKx5lXiGSpAAOn
nBo5lONIDpl9mjqe4JWfthbbAiAftJBCGGLJKcMqtR9fOcDBt3ikoeI7Xv+aB7J1
etUv6pmHG0qNivHwKASGG6oe3ctxxKBqaU2Aq0T0HYg2kIZ0Kf3vhsUetwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA6P2TRT2He19vltcWRkVtNPkjbLMB8GA1UdIwQY
MBaAFLp2cG0+CIE9uLJ3ZiivhGUY4m3SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdW5ad2JUNElnVDI0c25kbUtLLUVaUmppYmRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82ZDQ3NTktYTA1ZS00NmJjLWJlNTgt
NjY5ZWVkMmVjN2VhLzEvRG9fWk5GUFlkN1gyLVcxeFpHUlcwMC1TTnNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82ZDQ3NTktYTA1ZS00NmJjLWJlNTgtNjY5ZWVkMmVjN2Vh
LzEvdW5ad2JUNElnVDI0c25kbUtLLUVaUmppYmRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuX0IMA0G
CSqGSIb3DQEBCwUAA4IBAQBv4xMD6HB0T8JZHD4yAgKsOvV7CPi1wae1UquKofQc
DeWhy3smslrlgbknQA2gVeztY18J2rLoiStOwKM2tSeY6+ZoUetPuzxwbkZg/812
xx2a4Dgcjac436YtmlngIrNhtzqN2sKlw6HvbQneUm3UOA0ugFEUHsIs4Ih8uyuT
sL1pTMB1TADwIx1DT7g9eCR0fzNGqcBc5i71I70+oTIsphAskLsSkPw4Z/qvA5Fd
Y5RdX9DLTf3/VvaMyxv3WKrfPznXA4a6iHznyURVV5rllFQScemFYHRti3KIx6tk
ncQedWkRRgl6SE4Tqa3Z+0sA2pKw2CQzobUOL95k1GZ9
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:59 2025 by rpki-client