Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/MZzk92Wzzy1bnjvqDRwI3qhrUp4.roa
File: MZzk92Wzzy1bnjvqDRwI3qhrUp4.roa (raw, json)
Hash identifier: oBRmks4/j2r6bUbUSgQd/079zBOdryiqEhSP6LUtHt8=
Subject key identifier: 31:9C:E4:F7:65:B3:CF:2D:5B:9E:3B:EA:0D:1C:08:DE:A8:6B:52:9E
Certificate issuer: /CN=ad9681f144db1430ac315c8306e1c14730c5fec2
Certificate serial: 019427B53621650F760776400B1EC37E6E62
Authority key identifier: AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/MZzk92Wzzy1bnjvqDRwI3qhrUp4.roa
Signing time: Thu 02 Jan 2025 15:49:34 +0000
ROA not before: Thu 02 Jan 2025 15:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62442
IP address blocks: 78.157.32.0/19 maxlen: 19
78.157.32.0/24 maxlen: 24
78.157.34.0/24 maxlen: 24
78.157.35.0/24 maxlen: 24
78.157.36.0/24 maxlen: 24
78.157.37.0/24 maxlen: 24
78.157.38.0/24 maxlen: 24
78.157.39.0/24 maxlen: 24
78.157.40.0/24 maxlen: 24
78.157.41.0/24 maxlen: 24
78.157.42.0/24 maxlen: 24
78.157.43.0/24 maxlen: 24
78.157.44.0/24 maxlen: 24
78.157.45.0/24 maxlen: 24
78.157.46.0/24 maxlen: 24
78.157.47.0/24 maxlen: 24
78.157.48.0/21 maxlen: 21
78.157.48.0/24 maxlen: 24
78.157.49.0/24 maxlen: 24
78.157.50.0/24 maxlen: 24
78.157.51.0/24 maxlen: 24
78.157.52.0/24 maxlen: 24
78.157.53.0/24 maxlen: 24
78.157.54.0/23 maxlen: 23
78.157.54.0/24 maxlen: 24
78.157.55.0/24 maxlen: 24
78.157.56.0/21 maxlen: 21
78.157.56.0/24 maxlen: 24
78.157.57.0/24 maxlen: 24
78.157.58.0/24 maxlen: 24
78.157.59.0/24 maxlen: 24
78.157.60.0/23 maxlen: 23
78.157.60.0/24 maxlen: 24
78.157.61.0/24 maxlen: 24
78.157.62.0/24 maxlen: 24
78.157.63.0/24 maxlen: 24
89.221.84.0/22 maxlen: 22
89.221.88.0/21 maxlen: 21
2a10:8180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.crl
rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.mft
rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 17 Apr 2025 13:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:36:21:65:0f:76:07:76:40:0b:1e:c3:7e:6e:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad9681f144db1430ac315c8306e1c14730c5fec2
Validity
Not Before: Jan 2 15:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=319ce4f765b3cf2d5b9e3bea0d1c08dea86b529e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:61:c9:3b:05:ce:bf:b8:61:70:67:ac:fd:f9:
ec:0f:b3:74:3e:1f:60:0e:92:0a:c2:93:dc:ef:73:
71:63:3e:d9:ce:8e:96:43:c6:e7:25:9b:a7:5e:5e:
e6:68:bb:22:50:00:a2:a3:bb:5e:5f:d4:72:96:69:
bc:a5:57:b8:16:5f:cd:cc:2f:1a:2f:24:37:74:70:
17:5d:97:ce:a8:67:e3:1b:4b:61:b1:a8:e1:94:ab:
46:00:d3:f8:e8:03:1c:7e:6d:d6:52:33:44:fc:c2:
b9:8d:e9:ed:a0:bf:71:47:5c:1f:a0:36:1b:72:65:
44:65:2b:b7:1f:9f:e0:a1:c8:73:2a:3e:22:fe:e3:
1b:e3:a4:0c:a0:e3:f2:87:4f:58:78:63:ed:b0:85:
1a:52:30:c7:13:a0:a0:ab:e9:13:07:34:7c:0d:ea:
95:ad:ef:23:a7:35:b8:4d:33:63:10:4d:dc:ca:7f:
b4:bf:ed:f5:a4:32:40:05:79:97:6a:7b:44:22:16:
1a:ca:19:a0:22:d1:de:dc:80:f6:54:2a:58:c4:5f:
ed:89:c6:09:e4:a2:94:ff:b9:00:52:63:b3:65:c6:
7e:09:d1:5f:66:df:32:b8:4a:86:53:c8:91:95:03:
1e:e3:c7:13:f7:a5:47:4b:82:fc:27:6b:ca:df:4d:
fc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:9C:E4:F7:65:B3:CF:2D:5B:9E:3B:EA:0D:1C:08:DE:A8:6B:52:9E
X509v3 Authority Key Identifier:
keyid:AD:96:81:F1:44:DB:14:30:AC:31:5C:83:06:E1:C1:47:30:C5:FE:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rZaB8UTbFDCsMVyDBuHBRzDF_sI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/MZzk92Wzzy1bnjvqDRwI3qhrUp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cc/405b5f-8d26-4ee3-b87f-a3a13e3a7d80/1/rZaB8UTbFDCsMVyDBuHBRzDF_sI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.157.32.0/19
89.221.84.0-89.221.95.255
IPv6:
2a10:8180::/29
Signature Algorithm: sha256WithRSAEncryption
ac:5b:8c:78:64:76:fd:b0:c9:9d:ad:2f:66:39:9e:76:a3:6f:
e7:18:84:0e:e7:43:54:f8:00:7a:60:e6:d9:fd:b4:d5:0d:98:
14:3d:4e:be:c0:2f:7c:52:ef:44:c1:b2:fb:fe:c5:8b:18:3b:
74:ce:36:c4:36:76:6b:6d:e0:f9:6a:78:f9:77:a1:3d:50:ec:
3f:d1:c1:d1:da:91:3f:62:0f:8b:8b:26:76:6c:2b:93:e6:37:
ed:d7:46:5d:ea:0a:dc:50:3d:56:14:21:6a:38:66:d7:50:bf:
5a:35:d2:45:db:75:c2:71:b4:4a:5e:07:c5:72:f3:c3:55:16:
a5:5d:03:25:c2:f4:ce:06:13:fe:76:ac:72:aa:ba:d5:17:ca:
73:7e:0c:c1:1e:a6:bb:26:ca:c6:b0:5b:00:35:94:61:47:7b:
38:e4:36:d0:62:8d:69:7e:37:c9:9d:3d:6f:cb:83:4f:a9:d3:
2c:ff:7d:a7:fc:e4:9b:4c:fb:f0:17:0f:ef:a4:72:38:ef:41:
f8:95:26:50:71:e3:9c:dc:bb:98:2a:44:a0:a7:ed:f2:87:b8:
c6:a1:47:d3:df:f0:a2:41:99:22:72:97:0b:5a:2c:5b:d3:7e:
4f:58:c1:df:67:ff:4f:1b:4c:6c:fa:04:01:70:98:a7:1f:dc:
e1:cb:f1:47
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZQntTYhZQ92B3ZACx7Dfm5iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkOTY4MWYxNDRkYjE0MzBhYzMxNWM4MzA2ZTFjMTQ3MzBj
NWZlYzIwHhcNMjUwMTAyMTU0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTljZTRmNzY1YjNjZjJkNWI5ZTNiZWEwZDFjMDhkZWE4NmI1MjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz2HJOwXOv7hhcGes/fnsD7N0Ph9g
DpIKwpPc73NxYz7Zzo6WQ8bnJZunXl7maLsiUACio7teX9Rylmm8pVe4Fl/NzC8a
LyQ3dHAXXZfOqGfjG0thsajhlKtGANP46AMcfm3WUjNE/MK5jentoL9xR1wfoDYb
cmVEZSu3H5/gochzKj4i/uMb46QMoOPyh09YeGPtsIUaUjDHE6Cgq+kTBzR8DeqV
re8jpzW4TTNjEE3cyn+0v+31pDJABXmXantEIhYayhmgItHe3ID2VCpYxF/ticYJ
5KKU/7kAUmOzZcZ+CdFfZt8yuEqGU8iRlQMe48cT96VHS4L8J2vK3038nQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDGc5Pdls88tW5476g0cCN6oa1KeMB8GA1UdIwQY
MBaAFK2WgfFE2xQwrDFcgwbhwUcwxf7CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclphQjhVVGJGRENzTVZ5REJ1SEJSekRGX3NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYy80MDViNWYtOGQyNi00ZWUzLWI4N2Yt
YTNhMTNlM2E3ZDgwLzEvTVp6azkyV3p6eTFibmp2cURSd0kzcWhyVXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYy80MDViNWYtOGQyNi00ZWUzLWI4N2YtYTNhMTNlM2E3ZDgw
LzEvclphQjhVVGJGRENzTVZ5REJ1SEJSekRGX3NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQFTp0gMAwD
BAJZ3VQDBAVZ3UAwDQQCAAIwBwMFAyoQgYAwDQYJKoZIhvcNAQELBQADggEBAKxb
jHhkdv2wyZ2tL2Y5nnajb+cYhA7nQ1T4AHpg5tn9tNUNmBQ9Tr7AL3xS70TBsvv+
xYsYO3TONsQ2dmtt4PlqePl3oT1Q7D/RwdHakT9iD4uLJnZsK5PmN+3XRl3qCtxQ
PVYUIWo4ZtdQv1o10kXbdcJxtEpeB8Vy88NVFqVdAyXC9M4GE/52rHKqutUXynN+
DMEeprsmysawWwA1lGFHezjkNtBijWl+N8mdPW/Lg0+p0yz/faf85JtM+/AXD++k
cjjvQfiVJlBx45zcu5gqRKCn7fKHuMahR9Pf8KJBmSJylwtaLFvTfk9Ywd9n/08b
TGz6BAFwmKcf3OHL8Uc=
-----END CERTIFICATE-----
Generated at Wed Apr 16 22:51:48 2025 by rpki-client