Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/ZHuGa1b5EE3BXDt8zUZ6H71dsTI.roa
File: ZHuGa1b5EE3BXDt8zUZ6H71dsTI.roa (raw, json)
Hash identifier: c5Q65E0/2d2vtEwjuw2BN9yFwucni9qkVj/W8ITRCHA=
Subject key identifier: 64:7B:86:6B:56:F9:10:4D:C1:5C:3B:7C:CD:46:7A:1F:BD:5D:B1:32
Certificate issuer: /CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Certificate serial: 0194228E30B1868E5B7A3AA11DEDA2390F8D
Authority key identifier: 42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/ZHuGa1b5EE3BXDt8zUZ6H71dsTI.roa
Signing time: Wed 01 Jan 2025 15:48:51 +0000
ROA not before: Wed 01 Jan 2025 15:48:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202254
IP address blocks: 185.206.71.0/24 maxlen: 24
194.146.156.0/24 maxlen: 24
194.146.157.0/24 maxlen: 24
194.146.158.0/24 maxlen: 24
194.146.159.0/24 maxlen: 24
212.108.128.0/19 maxlen: 24
212.108.128.0/24 maxlen: 24
212.108.129.0/24 maxlen: 24
212.108.130.0/24 maxlen: 24
212.108.131.0/24 maxlen: 24
212.108.132.0/24 maxlen: 24
212.108.133.0/24 maxlen: 24
212.108.134.0/24 maxlen: 24
212.108.135.0/24 maxlen: 24
212.108.136.0/24 maxlen: 24
212.108.137.0/24 maxlen: 24
212.108.138.0/24 maxlen: 24
212.108.139.0/24 maxlen: 24
212.108.140.0/24 maxlen: 24
212.108.141.0/24 maxlen: 24
212.108.142.0/24 maxlen: 24
212.108.143.0/24 maxlen: 24
212.108.144.0/24 maxlen: 24
212.108.145.0/24 maxlen: 24
212.108.146.0/24 maxlen: 24
212.108.147.0/24 maxlen: 24
212.108.148.0/24 maxlen: 24
212.108.149.0/24 maxlen: 24
212.108.150.0/24 maxlen: 24
212.108.151.0/24 maxlen: 24
212.108.152.0/24 maxlen: 24
212.108.153.0/24 maxlen: 24
212.108.154.0/24 maxlen: 24
212.108.155.0/24 maxlen: 24
212.108.156.0/24 maxlen: 24
212.108.157.0/24 maxlen: 24
212.108.158.0/24 maxlen: 24
212.108.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 12:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:8e:30:b1:86:8e:5b:7a:3a:a1:1d:ed:a2:39:0f:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42c4c90ed16aa20e49178420bfc84a883c12ac68
Validity
Not Before: Jan 1 15:48:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=647b866b56f9104dc15c3b7ccd467a1fbd5db132
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6d:28:5d:19:fe:0a:3e:dd:73:19:73:84:cf:
4c:3b:da:ca:0e:5f:29:71:15:6f:3f:3c:d9:43:82:
c0:49:2e:c9:68:84:66:71:02:a8:a7:ab:91:c5:33:
87:29:79:12:cd:39:dd:cf:98:41:ba:ab:d4:09:95:
df:9b:9a:33:20:35:87:0c:f7:ba:fe:03:52:87:ef:
8a:86:42:2d:48:fb:43:88:9e:42:5c:2a:26:6f:00:
49:af:5d:2a:fa:f5:66:6e:bb:b3:c0:73:a2:54:10:
75:7b:6d:12:64:21:8e:33:1b:15:a7:9b:5e:ba:0e:
e6:44:94:3e:a1:b5:3c:4f:55:7a:ee:f0:af:34:e0:
5c:b0:fd:2f:40:da:68:32:fc:b2:08:98:c9:bd:de:
dc:f7:71:ab:57:3b:0d:75:8b:25:88:cd:44:8c:65:
4d:3e:72:be:e9:bc:df:ae:6a:94:05:d7:bf:68:d8:
6a:fc:d1:44:2b:16:9e:75:b2:f1:8b:59:c8:84:f4:
90:6c:02:ad:f3:3c:cc:56:d5:ae:96:4e:79:75:26:
7a:86:d3:f3:e8:a6:9b:54:4f:4a:d6:42:cb:5a:53:
4c:af:08:d7:15:d1:df:9c:aa:3a:e7:45:72:24:12:
f4:45:2e:dc:9b:c8:78:9b:4f:33:2d:ec:49:2e:75:
bb:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:7B:86:6B:56:F9:10:4D:C1:5C:3B:7C:CD:46:7A:1F:BD:5D:B1:32
X509v3 Authority Key Identifier:
keyid:42:C4:C9:0E:D1:6A:A2:0E:49:17:84:20:BF:C8:4A:88:3C:12:AC:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QsTJDtFqog5JF4Qgv8hKiDwSrGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/ZHuGa1b5EE3BXDt8zUZ6H71dsTI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/487c15-6f6f-407f-949f-a8e4e71bee51/1/QsTJDtFqog5JF4Qgv8hKiDwSrGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.71.0/24
194.146.156.0/22
212.108.128.0/19
Signature Algorithm: sha256WithRSAEncryption
4b:90:64:2c:35:88:66:89:e0:20:b6:34:c1:2c:af:4a:40:43:
34:00:be:59:3a:61:7f:e5:65:58:65:be:d0:9a:75:29:85:f6:
a9:71:3b:71:6d:09:91:00:86:f7:fa:26:bc:06:4f:02:51:29:
2f:05:ba:8a:9d:42:9d:94:11:8e:7e:66:41:69:9a:5f:00:6f:
e9:23:20:68:48:76:d2:36:ed:10:d7:54:d8:45:65:6d:a4:f2:
61:12:86:31:c1:4b:05:fb:fb:b2:34:99:8b:52:0f:86:bf:26:
8c:f4:40:25:f9:9e:1a:9f:b8:db:03:b2:07:09:d5:6e:b2:ee:
42:78:d0:7a:02:a7:4f:13:0a:45:18:87:f0:64:11:15:fe:a4:
19:2d:93:93:2d:23:b9:26:1a:cd:6a:d1:97:be:7a:81:cf:7e:
5d:15:be:57:c6:27:07:53:96:1d:00:40:53:c7:ba:1b:62:6c:
02:1f:8c:cf:83:b2:1b:14:27:6d:10:cc:93:94:95:09:9f:16:
78:ad:91:be:44:0b:7b:ae:63:9a:47:39:36:43:df:74:6c:a5:
11:c9:f7:c1:df:cb:df:4b:1a:4e:22:97:87:4c:40:7e:8e:23:
54:25:0a:63:c8:ad:f9:ec:34:b6:2a:52:5f:9d:0e:d5:d9:d3:
16:88:5a:c7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQijjCxho5bejqhHe2iOQ+NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyYzRjOTBlZDE2YWEyMGU0OTE3ODQyMGJmYzg0YTg4M2Mx
MmFjNjgwHhcNMjUwMTAxMTU0ODUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDdiODY2YjU2ZjkxMDRkYzE1YzNiN2NjZDQ2N2ExZmJkNWRiMTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm0oXRn+Cj7dcxlzhM9MO9rKDl8p
cRVvPzzZQ4LASS7JaIRmcQKop6uRxTOHKXkSzTndz5hBuqvUCZXfm5ozIDWHDPe6
/gNSh++KhkItSPtDiJ5CXCombwBJr10q+vVmbruzwHOiVBB1e20SZCGOMxsVp5te
ug7mRJQ+obU8T1V67vCvNOBcsP0vQNpoMvyyCJjJvd7c93GrVzsNdYsliM1EjGVN
PnK+6bzfrmqUBde/aNhq/NFEKxaedbLxi1nIhPSQbAKt8zzMVtWulk55dSZ6htPz
6KabVE9K1kLLWlNMrwjXFdHfnKo650VyJBL0RS7cm8h4m08zLexJLnW7hQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGR7hmtW+RBNwVw7fM1Geh+9XbEyMB8GA1UdIwQY
MBaAFELEyQ7RaqIOSReEIL/ISog8EqxoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYt
YThlNGU3MWJlZTUxLzEvWkh1R2ExYjVFRTNCWER0OHpVWjZINzFkc1RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS80ODdjMTUtNmY2Zi00MDdmLTk0OWYtYThlNGU3MWJlZTUx
LzEvUXNUSkR0RnFvZzVKRjRRZ3Y4aEtpRHdTckdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAuc5HAwQC
wpKcAwQF1GyAMA0GCSqGSIb3DQEBCwUAA4IBAQBLkGQsNYhmieAgtjTBLK9KQEM0
AL5ZOmF/5WVYZb7QmnUphfapcTtxbQmRAIb3+ia8Bk8CUSkvBbqKnUKdlBGOfmZB
aZpfAG/pIyBoSHbSNu0Q11TYRWVtpPJhEoYxwUsF+/uyNJmLUg+GvyaM9EAl+Z4a
n7jbA7IHCdVusu5CeNB6AqdPEwpFGIfwZBEV/qQZLZOTLSO5JhrNatGXvnqBz35d
Fb5XxicHU5YdAEBTx7obYmwCH4zPg7IbFCdtEMyTlJUJnxZ4rZG+RAt7rmOaRzk2
Q990bKURyffB38vfSxpOIpeHTEB+jiNUJQpjyK357DS2KlJfnQ7V2dMWiFrH
-----END CERTIFICATE-----
Generated at Sat Apr 12 18:34:35 2025 by rpki-client