Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/Z0bxD_dypTvELJHwQ8sfKKr3Yl0.roa
File: Z0bxD_dypTvELJHwQ8sfKKr3Yl0.roa (raw, json)
Hash identifier: OilYGhipbpMsApciEZvD2e2HegS2pxvaEYjH93aVvgg=
Subject key identifier: 67:46:F1:0F:F7:72:A5:3B:C4:2C:91:F0:43:CB:1F:28:AA:F7:62:5D
Certificate issuer: /CN=94dec641051b026b95c8459150ca47ddaec89668
Certificate serial: 019426D8F5348AF7A13C6229AFF7FAED6663
Authority key identifier: 94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/Z0bxD_dypTvELJHwQ8sfKKr3Yl0.roa
Signing time: Thu 02 Jan 2025 11:49:00 +0000
ROA not before: Thu 02 Jan 2025 11:49:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206768
IP address blocks: 185.79.212.0/24 maxlen: 24
2a01:7640:9000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 14:46:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:d8:f5:34:8a:f7:a1:3c:62:29:af:f7:fa:ed:66:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94dec641051b026b95c8459150ca47ddaec89668
Validity
Not Before: Jan 2 11:49:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6746f10ff772a53bc42c91f043cb1f28aaf7625d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:52:84:3c:b5:83:6a:7a:09:1b:7a:4d:3a:13:
a2:80:35:8f:8f:30:1c:57:3f:6d:49:01:22:fd:c1:
c3:de:5d:5e:f8:cf:76:6f:b6:0a:f3:e1:49:8f:9a:
35:fc:d2:7e:1a:6d:9f:24:29:2e:c0:a6:ce:f9:44:
17:94:ff:54:f2:09:4f:b9:a2:33:fc:55:2a:b0:36:
aa:66:86:ce:b1:5b:78:12:e5:53:40:4b:1a:2b:13:
c3:16:20:ce:e3:1a:68:20:59:f4:e8:b9:79:3d:30:
2c:02:ea:d9:f8:d7:25:87:1d:09:fd:8e:4d:74:60:
e2:34:66:27:3f:d1:30:0a:b3:17:ca:79:e3:96:8f:
71:b7:bc:ab:c2:b9:f0:11:6e:b1:a2:07:3e:f8:61:
7f:17:09:38:e9:07:59:2c:f6:1c:63:b2:ec:31:63:
b7:63:51:31:7d:d3:2d:98:e6:57:2b:76:a8:2c:ac:
2c:d8:89:78:f4:6e:bd:3f:c8:59:2a:27:cd:d5:d6:
8a:8a:c3:e6:d2:d3:ef:61:57:df:08:19:77:a1:39:
2f:8a:59:93:09:8c:e2:46:0c:c9:1e:ae:73:36:d4:
02:4d:a2:97:a9:bc:f3:35:e5:4d:93:ec:7f:6b:da:
a9:46:90:32:c3:5b:31:92:40:0f:bf:34:3b:0c:f4:
08:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:46:F1:0F:F7:72:A5:3B:C4:2C:91:F0:43:CB:1F:28:AA:F7:62:5D
X509v3 Authority Key Identifier:
keyid:94:DE:C6:41:05:1B:02:6B:95:C8:45:91:50:CA:47:DD:AE:C8:96:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/Z0bxD_dypTvELJHwQ8sfKKr3Yl0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cb/351113-ed85-42b2-b64f-9ea64862a9ab/1/lN7GQQUbAmuVyEWRUMpH3a7Ilmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.79.212.0/24
IPv6:
2a01:7640:9000::/48
Signature Algorithm: sha256WithRSAEncryption
0e:15:63:7c:6f:73:e1:fe:96:f4:1b:2b:e1:6d:c2:78:d1:b3:
b8:04:43:e8:a8:e9:7d:c5:82:94:e8:ca:65:95:da:d1:f7:41:
9f:1f:59:b3:19:2d:a5:fa:47:8d:56:20:b3:21:5e:d4:2e:5c:
c6:44:a7:fe:9b:96:3f:33:24:cb:75:19:20:1d:a8:6d:78:1f:
c2:9e:79:8d:a1:21:21:38:05:59:17:cb:19:92:57:11:3b:40:
d7:d0:d6:3c:16:2a:f2:00:e7:8f:84:d0:1a:41:35:25:d7:0e:
c3:39:66:23:ea:19:bd:a6:a2:88:87:cd:b0:af:4e:85:85:a2:
36:6e:b9:7a:7b:57:ca:31:1f:05:db:13:58:85:c1:93:0a:02:
fe:2a:55:5a:05:c2:ec:f0:d8:6a:3d:74:46:c1:81:69:b4:0d:
0c:b1:2d:5f:31:04:73:50:16:38:29:b9:e3:8c:d5:72:0f:52:
ed:03:02:1c:ec:99:b0:3c:88:54:19:74:32:79:5e:db:83:87:
90:62:18:15:10:3a:cb:10:08:0d:90:69:3b:79:77:e7:a8:27:
0c:a7:eb:5f:44:df:e4:f0:e4:45:14:59:44:9a:4c:e5:4b:05:
00:32:70:96:cf:c3:90:a2:2a:bd:0e:26:01:bf:d4:22:41:4b:
1d:a7:21:4e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZQm2PU0ivehPGIpr/f67WZjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZGVjNjQxMDUxYjAyNmI5NWM4NDU5MTUwY2E0N2RkYWVj
ODk2NjgwHhcNMjUwMTAyMTE0OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzQ2ZjEwZmY3NzJhNTNiYzQyYzkxZjA0M2NiMWYyOGFhZjc2MjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulKEPLWDanoJG3pNOhOigDWPjzAc
Vz9tSQEi/cHD3l1e+M92b7YK8+FJj5o1/NJ+Gm2fJCkuwKbO+UQXlP9U8glPuaIz
/FUqsDaqZobOsVt4EuVTQEsaKxPDFiDO4xpoIFn06Ll5PTAsAurZ+Nclhx0J/Y5N
dGDiNGYnP9EwCrMXynnjlo9xt7yrwrnwEW6xogc++GF/Fwk46QdZLPYcY7LsMWO3
Y1ExfdMtmOZXK3aoLKws2Il49G69P8hZKifN1daKisPm0tPvYVffCBl3oTkvilmT
CYziRgzJHq5zNtQCTaKXqbzzNeVNk+x/a9qpRpAyw1sxkkAPvzQ7DPQIJQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFGdG8Q/3cqU7xCyR8EPLHyiq92JdMB8GA1UdIwQY
MBaAFJTexkEFGwJrlchFkVDKR92uyJZoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE43R1FRVWJBbXVWeUVXUlVNcEgzYTdJbG1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYi8zNTExMTMtZWQ4NS00MmIyLWI2NGYt
OWVhNjQ4NjJhOWFiLzEvWjBieERfZHlwVHZFTEpId1E4c2ZLS3IzWWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYi8zNTExMTMtZWQ4NS00MmIyLWI2NGYtOWVhNjQ4NjJhOWFi
LzEvbE43R1FRVWJBbXVWeUVXUlVNcEgzYTdJbG1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuU/UMA8E
AgACMAkDBwAqAXZAkAAwDQYJKoZIhvcNAQELBQADggEBAA4VY3xvc+H+lvQbK+Ft
wnjRs7gEQ+io6X3FgpToymWV2tH3QZ8fWbMZLaX6R41WILMhXtQuXMZEp/6blj8z
JMt1GSAdqG14H8KeeY2hISE4BVkXyxmSVxE7QNfQ1jwWKvIA54+E0BpBNSXXDsM5
ZiPqGb2mooiHzbCvToWFojZuuXp7V8oxHwXbE1iFwZMKAv4qVVoFwuzw2Go9dEbB
gWm0DQyxLV8xBHNQFjgpueOM1XIPUu0DAhzsmbA8iFQZdDJ5XtuDh5BiGBUQOssQ
CA2QaTt5d+eoJwyn619E3+Tw5EUUWUSaTOVLBQAycJbPw5CiKr0OJgG/1CJBSx2n
IU4=
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:22:12 2025 by rpki-client