Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/ZKvHQby0NQ22M7VFCjQ_KqulEx8.roa
File: ZKvHQby0NQ22M7VFCjQ_KqulEx8.roa (raw, json)
Hash identifier: ivLBRNaqrPZubBjRNX4dYKOMZvwYNsaC4yTeWqcGhaw=
Subject key identifier: 64:AB:C7:41:BC:B4:35:0D:B6:33:B5:45:0A:34:3F:2A:AB:A5:13:1F
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 01942745D11C4A4CD20972A8E8A90C900C09
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/ZKvHQby0NQ22M7VFCjQ_KqulEx8.roa
Signing time: Thu 02 Jan 2025 13:47:54 +0000
ROA not before: Thu 02 Jan 2025 13:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207429
IP address blocks: 89.252.151.0/24 maxlen: 24
89.252.154.0/24 maxlen: 24
95.173.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:45:d1:1c:4a:4c:d2:09:72:a8:e8:a9:0c:90:0c:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 2 13:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64abc741bcb4350db633b5450a343f2aaba5131f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:d9:d9:a4:0c:11:6d:4c:31:89:b2:d6:03:2a:
c8:fc:df:d6:b6:53:10:87:44:1a:0b:cb:76:2e:80:
cc:44:51:48:d5:0a:cc:3f:a2:08:fd:86:07:85:7d:
9c:30:df:a9:34:ba:15:43:2d:a8:fb:e5:ae:05:83:
d1:22:fb:34:74:3b:8a:bb:42:a9:78:43:b3:59:22:
86:43:13:7f:76:9a:19:87:b5:9d:3a:fb:4e:e9:7a:
af:cc:a5:ea:7b:46:2c:df:4d:c5:18:3e:96:46:6d:
f4:b2:d8:15:45:e3:ed:cb:a5:c1:22:1d:01:60:92:
23:d0:01:d6:6e:a6:28:21:a2:56:a2:06:06:e7:73:
1a:79:d1:5a:94:6c:13:fe:1b:1c:8b:31:2b:a3:60:
55:79:b4:9e:e6:73:c4:e3:a4:d9:7f:e2:55:58:b2:
b5:bb:cd:6f:43:ce:59:8b:fc:aa:b7:44:28:23:d9:
ef:ba:ef:76:03:a2:cf:24:d9:4e:71:f9:1b:3e:67:
b4:de:a2:23:48:d5:cc:73:4e:97:ea:44:cc:67:1b:
d7:50:ad:8a:09:48:a5:f6:6b:3d:33:ce:e1:67:dd:
e1:ba:c5:a7:bc:b8:f0:49:6a:ba:05:d4:91:09:7b:
d3:e3:9b:29:30:c7:1e:d4:51:c9:03:0f:e1:af:5b:
9b:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:AB:C7:41:BC:B4:35:0D:B6:33:B5:45:0A:34:3F:2A:AB:A5:13:1F
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/ZKvHQby0NQ22M7VFCjQ_KqulEx8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.252.151.0/24
89.252.154.0/24
95.173.182.0/24
Signature Algorithm: sha256WithRSAEncryption
7e:20:91:c4:be:78:77:9f:c9:62:bb:d8:2d:58:21:9f:e0:6a:
01:1a:e0:11:28:e6:d4:f5:c4:f4:8a:e9:f7:eb:0f:72:8a:88:
31:a2:73:29:ef:f8:22:27:9f:6e:8c:1e:0a:38:e9:41:0c:cf:
24:62:6e:78:d8:ca:2a:72:51:a0:0c:44:40:18:2e:f4:fc:8c:
5f:59:96:45:e0:c3:c1:04:ea:ac:e9:f6:33:da:d5:bf:c2:1a:
a8:f3:c1:27:a9:d1:7f:44:78:e4:24:32:52:4f:a3:db:8a:29:
71:8d:bf:c2:57:56:a7:07:ec:64:3c:bf:2b:07:8f:da:87:97:
4d:a9:de:3d:9c:b6:09:fb:f0:5a:9d:0c:9d:e2:35:a7:ed:50:
f1:16:a4:f9:fd:64:5b:61:54:4f:0a:a0:12:90:fc:1a:b8:bf:
96:00:e9:96:47:5f:0e:30:75:0a:11:5c:9f:0a:11:4e:35:77:
1f:dc:6f:02:9f:0d:4b:3e:ba:c4:7f:00:04:01:58:f3:e8:f5:
45:83:7e:a8:00:5a:28:e6:c3:fa:17:c5:50:80:1c:07:18:6d:
9c:2a:a5:1b:1a:d9:3d:ef:6d:aa:1f:d6:a3:bb:c6:da:e8:a8:
9c:5e:6d:7a:b7:05:c8:c3:a3:d4:7d:9a:74:cd:90:7d:a0:7e:
37:92:83:88
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQnRdEcSkzSCXKo6KkMkAwJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjUwMTAyMTM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGFiYzc0MWJjYjQzNTBkYjYzM2I1NDUwYTM0M2YyYWFiYTUxMzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxNnZpAwRbUwxibLWAyrI/N/WtlMQ
h0QaC8t2LoDMRFFI1QrMP6II/YYHhX2cMN+pNLoVQy2o++WuBYPRIvs0dDuKu0Kp
eEOzWSKGQxN/dpoZh7WdOvtO6XqvzKXqe0Ys303FGD6WRm30stgVRePty6XBIh0B
YJIj0AHWbqYoIaJWogYG53MaedFalGwT/hscizEro2BVebSe5nPE46TZf+JVWLK1
u81vQ85Zi/yqt0QoI9nvuu92A6LPJNlOcfkbPme03qIjSNXMc06X6kTMZxvXUK2K
CUil9ms9M87hZ93husWnvLjwSWq6BdSRCXvT45spMMce1FHJAw/hr1ubYQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGSrx0G8tDUNtjO1RQo0PyqrpRMfMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvWkt2SFFieTBOUTIyTTdWRkNqUV9LcXVsRXg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWfyXAwQA
WfyaAwQAX622MA0GCSqGSIb3DQEBCwUAA4IBAQB+IJHEvnh3n8liu9gtWCGf4GoB
GuARKObU9cT0iun36w9yiogxonMp7/giJ59ujB4KOOlBDM8kYm542MoqclGgDERA
GC70/IxfWZZF4MPBBOqs6fYz2tW/whqo88EnqdF/RHjkJDJST6Pbiilxjb/CV1an
B+xkPL8rB4/ah5dNqd49nLYJ+/BanQyd4jWn7VDxFqT5/WRbYVRPCqASkPwauL+W
AOmWR18OMHUKEVyfChFONXcf3G8Cnw1LPrrEfwAEAVjz6PVFg36oAFoo5sP6F8VQ
gBwHGG2cKqUbGtk9722qH9aju8ba6KicXm16twXIw6PUfZp0zZB9oH43koOI
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:22:29 2025 by rpki-client