Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/9f9858-6209-4cf5-b541-a26050ef047e/1/ZBzIfVthsK0IsXsJf3cg7sZHKWM.roa
File: ZBzIfVthsK0IsXsJf3cg7sZHKWM.roa (raw, json)
Hash identifier: QAbyT2QSC2brj0n8JNXKmo27qkYMllHPEba5ZlKG1ys=
Subject key identifier: 64:1C:C8:7D:5B:61:B0:AD:08:B1:7B:09:7F:77:20:EE:C6:47:29:63
Certificate issuer: /CN=82e635fecef17109e1ac78b2fb722410d8477a9c
Certificate serial: 0194222035B19F5160333317B2E67218B637
Authority key identifier: 82:E6:35:FE:CE:F1:71:09:E1:AC:78:B2:FB:72:24:10:D8:47:7A:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/guY1_s7xcQnhrHiy-3IkENhHepw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/9f9858-6209-4cf5-b541-a26050ef047e/1/ZBzIfVthsK0IsXsJf3cg7sZHKWM.roa
Signing time: Wed 01 Jan 2025 13:48:43 +0000
ROA not before: Wed 01 Jan 2025 13:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201873
IP address blocks: 185.61.52.0/22 maxlen: 22
185.142.252.0/22 maxlen: 22
185.143.104.0/22 maxlen: 22
2a02:7820::/32 maxlen: 32
2a07:3200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/9f9858-6209-4cf5-b541-a26050ef047e/1/guY1_s7xcQnhrHiy-3IkENhHepw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/9f9858-6209-4cf5-b541-a26050ef047e/1/guY1_s7xcQnhrHiy-3IkENhHepw.mft
rsync://rpki.ripe.net/repository/DEFAULT/guY1_s7xcQnhrHiy-3IkENhHepw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:20:35:b1:9f:51:60:33:33:17:b2:e6:72:18:b6:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82e635fecef17109e1ac78b2fb722410d8477a9c
Validity
Not Before: Jan 1 13:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=641cc87d5b61b0ad08b17b097f7720eec6472963
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:df:ba:22:42:6a:81:1a:fb:44:98:a9:8e:f3:
16:ed:49:d1:32:bd:48:f1:38:b4:1b:ee:80:6c:14:
57:2d:1b:27:fe:4b:c5:f0:e4:33:36:b2:ec:f7:73:
b4:2e:1e:b1:d9:5d:eb:6c:9b:31:66:cf:7b:90:8b:
c8:74:f7:6a:5c:a3:56:4c:ba:d2:0e:29:b7:fe:f2:
aa:75:70:b9:60:7b:35:4f:cd:46:e3:09:af:f0:9b:
22:5c:fd:72:38:a0:82:04:98:df:2c:7d:ce:09:bf:
ec:a6:4c:c1:76:fd:58:3c:24:97:d2:31:5a:68:94:
46:dc:e6:bb:49:83:56:5c:42:61:37:b2:5c:9f:2c:
71:2a:59:c1:cf:cd:e4:59:04:b6:55:20:80:86:c8:
a4:3d:d5:6f:29:7c:4c:93:4f:44:51:85:f7:b9:33:
bf:e1:89:74:8a:29:03:5e:18:67:2d:45:a6:0e:9d:
72:02:89:a7:c6:e0:1c:fd:eb:e8:bb:f9:d6:ec:54:
bb:3c:5d:4a:6d:8e:0f:fe:9d:ac:1c:76:84:c0:82:
32:e3:f9:24:43:c6:e8:ac:cd:6c:aa:b9:5f:35:ca:
fa:98:cc:f8:4a:84:d5:c5:f9:5c:a8:b6:ba:f9:e9:
46:b8:55:7b:0c:95:b2:36:78:c1:b0:ef:80:c3:70:
df:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:1C:C8:7D:5B:61:B0:AD:08:B1:7B:09:7F:77:20:EE:C6:47:29:63
X509v3 Authority Key Identifier:
keyid:82:E6:35:FE:CE:F1:71:09:E1:AC:78:B2:FB:72:24:10:D8:47:7A:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/guY1_s7xcQnhrHiy-3IkENhHepw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9f9858-6209-4cf5-b541-a26050ef047e/1/ZBzIfVthsK0IsXsJf3cg7sZHKWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/9f9858-6209-4cf5-b541-a26050ef047e/1/guY1_s7xcQnhrHiy-3IkENhHepw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.61.52.0/22
185.142.252.0/22
185.143.104.0/22
IPv6:
2a02:7820::/32
2a07:3200::/29
Signature Algorithm: sha256WithRSAEncryption
2b:b7:0d:18:79:62:cd:65:e6:0a:41:85:4c:dc:f1:29:55:2a:
e2:33:f2:96:11:4e:1f:b5:33:ac:cf:23:71:cc:aa:01:d2:e7:
3d:d9:47:50:ae:7e:d7:9b:cc:59:7a:50:2b:03:8e:66:44:aa:
0c:fb:74:4d:55:3c:15:0d:42:68:08:62:bf:6d:ba:e7:f4:38:
bf:39:64:74:21:42:dc:65:22:0d:13:f2:7e:fe:e9:81:62:ea:
87:89:20:7d:6e:58:32:25:d4:b4:8b:10:17:d1:17:b3:3e:c6:
ac:54:ee:a7:d1:d8:f5:7b:05:0e:0a:04:c9:2b:f2:b0:39:3f:
12:38:9e:e4:de:26:40:aa:61:b7:a4:a8:80:f3:af:49:00:fc:
46:be:e6:c9:fc:90:c3:99:22:31:fb:c1:db:f7:33:e6:53:ee:
48:32:18:f9:ea:1f:02:f0:74:e5:ef:5c:bd:13:9b:cd:f5:e8:
c6:9c:5a:96:80:9b:a5:65:01:44:00:71:8f:4b:73:f4:6d:b1:
8c:05:fe:ce:1a:f9:06:b5:ed:db:91:4c:71:15:f7:7a:ec:72:
d8:35:09:1a:db:4c:0c:2e:fc:e6:7f:f5:59:2f:fe:51:8d:86:
b7:0b:30:2a:aa:dd:ae:ad:41:26:02:b6:8b:ad:35:da:ef:ac:
3d:3c:83:82
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZQiIDWxn1FgMzMXsuZyGLY3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyZTYzNWZlY2VmMTcxMDllMWFjNzhiMmZiNzIyNDEwZDg0
NzdhOWMwHhcNMjUwMTAxMTM0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDFjYzg3ZDViNjFiMGFkMDhiMTdiMDk3Zjc3MjBlZWM2NDcyOTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtN+6IkJqgRr7RJipjvMW7UnRMr1I
8Ti0G+6AbBRXLRsn/kvF8OQzNrLs93O0Lh6x2V3rbJsxZs97kIvIdPdqXKNWTLrS
Dim3/vKqdXC5YHs1T81G4wmv8JsiXP1yOKCCBJjfLH3OCb/spkzBdv1YPCSX0jFa
aJRG3Oa7SYNWXEJhN7JcnyxxKlnBz83kWQS2VSCAhsikPdVvKXxMk09EUYX3uTO/
4Yl0iikDXhhnLUWmDp1yAomnxuAc/evou/nW7FS7PF1KbY4P/p2sHHaEwIIy4/kk
Q8borM1sqrlfNcr6mMz4SoTVxflcqLa6+elGuFV7DJWyNnjBsO+Aw3DfrwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGQcyH1bYbCtCLF7CX93IO7GRyljMB8GA1UdIwQY
MBaAFILmNf7O8XEJ4ax4svtyJBDYR3qcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3VZMV9zN3hjUW5ockhpeS0zSWtFTmhIZXB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS85Zjk4NTgtNjIwOS00Y2Y1LWI1NDEt
YTI2MDUwZWYwNDdlLzEvWkJ6SWZWdGhzSzBJc1hzSmYzY2c3c1pIS1dNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS85Zjk4NTgtNjIwOS00Y2Y1LWI1NDEtYTI2MDUwZWYwNDdl
LzEvZ3VZMV9zN3hjUW5ockhpeS0zSWtFTmhIZXB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCuT00AwQC
uY78AwQCuY9oMBQEAgACMA4DBQAqAnggAwUDKgcyADANBgkqhkiG9w0BAQsFAAOC
AQEAK7cNGHlizWXmCkGFTNzxKVUq4jPylhFOH7UzrM8jccyqAdLnPdlHUK5+15vM
WXpQKwOOZkSqDPt0TVU8FQ1CaAhiv2265/Q4vzlkdCFC3GUiDRPyfv7pgWLqh4kg
fW5YMiXUtIsQF9EXsz7GrFTup9HY9XsFDgoEySvysDk/Ejie5N4mQKpht6SogPOv
SQD8Rr7myfyQw5kiMfvB2/cz5lPuSDIY+eofAvB05e9cvRObzfXoxpxaloCbpWUB
RABxj0tz9G2xjAX+zhr5BrXt25FMcRX3euxy2DUJGttMDC785n/1WS/+UY2Gtwsw
Kqrdrq1BJgK2i6012u+sPTyDgg==
-----END CERTIFICATE-----
Generated at Sun Apr 20 04:12:20 2025 by rpki-client