Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/9ZzfTs0es7d3dITh42i7PcrGHFI.roa
File: 9ZzfTs0es7d3dITh42i7PcrGHFI.roa (raw, json)
Hash identifier: j+RWh4sGZQYYo7/8IegKYIMXLt75CVdOknO/qydJXO0=
Subject key identifier: F5:9C:DF:4E:CD:1E:B3:B7:77:74:84:E1:E3:68:BB:3D:CA:C6:1C:52
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 019423D76B1D857A6AF0E934FB7D03A98556
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/9ZzfTs0es7d3dITh42i7PcrGHFI.roa
Signing time: Wed 01 Jan 2025 21:48:27 +0000
ROA not before: Wed 01 Jan 2025 21:48:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202010
IP address blocks: 5.1.81.0/24 maxlen: 32
5.1.81.139/32 maxlen: 32
5.1.81.140/32 maxlen: 32
178.251.228.0/24 maxlen: 32
2a01:367:beef::/48 maxlen: 48
2a01:367:dead::/48 maxlen: 48
2a01:367:ffa1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:6b:1d:85:7a:6a:f0:e9:34:fb:7d:03:a9:85:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jan 1 21:48:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f59cdf4ecd1eb3b7777484e1e368bb3dcac61c52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:9c:21:b5:f2:7f:ab:c2:44:32:32:1c:6f:71:
e2:9d:c5:69:59:a6:41:53:9d:2e:da:4d:59:3b:b6:
3c:90:9b:7d:94:09:38:bc:ca:aa:5a:83:73:2e:ab:
64:3c:0a:0a:6a:6e:54:aa:81:d2:ce:53:60:b0:8f:
8c:d2:c4:18:db:4c:70:a8:1f:89:80:58:f9:91:16:
22:d2:05:82:c1:5f:f2:f9:57:2b:c0:71:92:27:d9:
21:ac:9c:c7:d3:46:84:60:6e:53:1c:ca:7a:d6:8e:
ea:2a:6e:ed:2c:da:7e:b1:86:21:f4:5b:11:91:b6:
8b:fb:b6:43:bb:89:f2:e6:81:30:42:57:62:5e:58:
73:4f:a3:dd:2c:28:f8:34:2d:a8:1a:18:1c:fc:2b:
c2:01:b9:4f:af:0b:88:e4:43:ec:b7:3a:c2:4c:91:
f4:aa:76:b5:9a:ce:dc:2f:21:cb:bf:e3:fd:f8:19:
5f:03:a1:85:db:8a:f5:9e:45:e4:04:6f:47:c2:f5:
0e:22:15:65:72:06:35:ef:b7:65:e1:0f:6d:96:0c:
36:d6:7a:84:6b:5f:f4:1b:e7:f5:3c:d0:d7:1d:6c:
b4:85:84:af:3f:e2:d1:41:53:87:87:06:1a:b2:e0:
ad:fe:d0:25:fb:59:46:3d:a8:9e:c3:b3:81:1f:19:
3d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:9C:DF:4E:CD:1E:B3:B7:77:74:84:E1:E3:68:BB:3D:CA:C6:1C:52
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/9ZzfTs0es7d3dITh42i7PcrGHFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.81.0/24
178.251.228.0/24
IPv6:
2a01:367:beef::/48
2a01:367:dead::/48
2a01:367:ffa1::/48
Signature Algorithm: sha256WithRSAEncryption
7c:31:90:e6:46:0a:46:cf:0a:ce:73:0b:04:ae:f6:c6:0a:c2:
8c:09:13:91:96:2c:84:de:8a:cc:02:51:8b:4b:03:57:0e:2f:
2f:9b:b1:b3:dd:16:18:fd:9e:71:76:69:04:04:7d:5d:7e:64:
d3:1a:a5:2a:b1:f2:02:94:6e:f0:7f:3f:3a:e0:d6:1b:49:db:
96:4d:3f:da:55:61:ad:48:be:a5:7d:4f:9f:e9:46:39:ed:28:
0e:94:65:16:36:b5:6f:4a:2b:04:44:4a:f3:f7:3a:61:8d:fd:
d1:ba:11:6f:90:4c:1a:2f:5d:40:54:0b:be:86:e6:60:49:a5:
06:5c:ec:6c:5a:d1:af:ea:55:d0:ad:33:70:a7:11:44:ce:4c:
ed:19:fa:df:d0:f5:21:2d:9d:b8:8d:fd:81:19:fe:db:f6:64:
bd:6e:dc:68:7d:da:af:a3:2f:51:76:28:51:df:9b:7e:54:b5:
95:b4:88:b9:4c:1b:bd:65:3a:6f:74:d3:9a:af:ed:03:6c:91:
8a:b7:94:11:26:5b:b8:d5:ca:a0:03:db:27:b2:15:cb:07:d9:
7f:b7:e2:60:12:73:5b:53:bc:9d:06:58:f8:1b:ff:71:60:dc:
3c:b5:15:6c:25:d6:c3:78:41:2f:4d:60:48:0b:c7:fa:6e:51:
7e:0e:0a:21
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZQj12sdhXpq8Ok0+30DqYVWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjUwMTAxMjE0ODI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTljZGY0ZWNkMWViM2I3Nzc3NDg0ZTFlMzY4YmIzZGNhYzYxYzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvpwhtfJ/q8JEMjIcb3HincVpWaZB
U50u2k1ZO7Y8kJt9lAk4vMqqWoNzLqtkPAoKam5UqoHSzlNgsI+M0sQY20xwqB+J
gFj5kRYi0gWCwV/y+VcrwHGSJ9khrJzH00aEYG5THMp61o7qKm7tLNp+sYYh9FsR
kbaL+7ZDu4ny5oEwQldiXlhzT6PdLCj4NC2oGhgc/CvCAblPrwuI5EPstzrCTJH0
qna1ms7cLyHLv+P9+BlfA6GF24r1nkXkBG9HwvUOIhVlcgY177dl4Q9tlgw21nqE
a1/0G+f1PNDXHWy0hYSvP+LRQVOHhwYasuCt/tAl+1lGPaiew7OBHxk9FwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFPWc307NHrO3d3SE4eNouz3KxhxSMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvOVp6ZlRzMGVzN2QzZElUaDQyaTdQY3JHSEZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQABQFRAwQA
svvkMCEEAgACMBsDBwAqAQNnvu8DBwAqAQNn3q0DBwAqAQNn/6EwDQYJKoZIhvcN
AQELBQADggEBAHwxkOZGCkbPCs5zCwSu9sYKwowJE5GWLITeiswCUYtLA1cOLy+b
sbPdFhj9nnF2aQQEfV1+ZNMapSqx8gKUbvB/Pzrg1htJ25ZNP9pVYa1IvqV9T5/p
RjntKA6UZRY2tW9KKwRESvP3OmGN/dG6EW+QTBovXUBUC76G5mBJpQZc7Gxa0a/q
VdCtM3CnEUTOTO0Z+t/Q9SEtnbiN/YEZ/tv2ZL1u3Gh92q+jL1F2KFHfm35UtZW0
iLlMG71lOm9005qv7QNskYq3lBEmW7jVyqAD2yeyFcsH2X+34mASc1tTvJ0GWPgb
/3Fg3Dy1FWwl1sN4QS9NYEgLx/puUX4OCiE=
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:08:58 2025 by rpki-client