Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/nz1XOf28Ogcs8fiWug2xbFcdTSI.roa
File: nz1XOf28Ogcs8fiWug2xbFcdTSI.roa (raw, json)
Hash identifier: ztlz9ATge0wUo5eGVXQllv/BlyjO+lbBdkDSEy3I//E=
Subject key identifier: 9F:3D:57:39:FD:BC:3A:07:2C:F1:F8:96:BA:0D:B1:6C:57:1D:4D:22
Certificate issuer: /CN=4200982284a050d941dbebbd04b5d0c914f635b7
Certificate serial: 019422FBF014DD6831C72E56976F03230529
Authority key identifier: 42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/nz1XOf28Ogcs8fiWug2xbFcdTSI.roa
Signing time: Wed 01 Jan 2025 17:48:43 +0000
ROA not before: Wed 01 Jan 2025 17:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200651
IP address blocks: 37.156.68.0/24 maxlen: 24
37.228.128.0/24 maxlen: 24
37.228.129.0/24 maxlen: 24
185.10.68.0/24 maxlen: 24
185.100.84.0/23 maxlen: 23
185.100.86.0/24 maxlen: 24
185.100.87.0/24 maxlen: 24
185.146.232.0/24 maxlen: 24
185.146.233.0/24 maxlen: 24
185.146.234.0/24 maxlen: 24
185.165.168.0/24 maxlen: 24
185.165.169.0/24 maxlen: 24
185.165.170.0/24 maxlen: 24
185.165.171.0/24 maxlen: 24
185.246.188.0/24 maxlen: 24
185.246.189.0/24 maxlen: 24
185.247.224.0/24 maxlen: 24
185.247.225.0/24 maxlen: 24
185.247.226.0/24 maxlen: 24
2a06:1700::/48 maxlen: 48
2a06:1700:1::/48 maxlen: 48
2a06:1700:2::/48 maxlen: 48
2a06:1700:3::/48 maxlen: 48
2a06:1700:4::/48 maxlen: 48
2a06:1700:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.mft
rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 23:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:f0:14:dd:68:31:c7:2e:56:97:6f:03:23:05:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4200982284a050d941dbebbd04b5d0c914f635b7
Validity
Not Before: Jan 1 17:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f3d5739fdbc3a072cf1f896ba0db16c571d4d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:69:7b:eb:7f:d7:9e:cf:f0:8b:97:a9:ba:5d:
53:12:6f:af:be:0e:91:98:c0:af:23:81:2d:df:eb:
97:37:4f:c9:c7:e3:d6:e0:f0:06:cc:6f:7b:92:3b:
23:97:53:74:d5:e6:a5:ac:60:54:51:47:31:f4:b9:
88:2d:75:a3:c7:d8:61:3b:83:fd:89:df:44:89:b6:
7f:b8:df:4f:11:62:fb:56:14:f5:d3:d1:60:fe:60:
26:87:35:97:56:10:04:68:63:ff:64:ef:ad:72:1e:
18:97:30:fe:14:0f:03:fe:81:72:85:7d:76:af:e9:
ec:0b:27:f8:f7:7f:06:b4:5a:85:04:71:9a:6d:44:
f7:a4:d7:e6:c7:2f:06:57:3c:25:a0:fc:d3:95:29:
0a:c2:74:9f:4c:a3:b3:cb:7d:6d:27:ea:3a:74:f2:
f1:42:d6:01:db:71:cf:73:3e:8a:e2:9c:4e:8e:87:
dc:48:2d:bc:c7:12:a8:8e:62:0c:2d:e3:ed:ca:bb:
90:cd:13:6b:b1:35:dd:70:e3:ab:14:3e:1c:0d:90:
71:c9:14:e4:31:24:32:3b:f3:5d:7e:e6:5d:9e:16:
b8:b3:21:66:7c:08:ec:3a:58:c7:64:ca:71:d6:af:
7d:fe:fd:fa:96:70:f6:ec:60:2f:bc:8e:c7:e1:f7:
3f:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:3D:57:39:FD:BC:3A:07:2C:F1:F8:96:BA:0D:B1:6C:57:1D:4D:22
X509v3 Authority Key Identifier:
keyid:42:00:98:22:84:A0:50:D9:41:DB:EB:BD:04:B5:D0:C9:14:F6:35:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/nz1XOf28Ogcs8fiWug2xbFcdTSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/c68819-2f9e-44ce-8810-51dc2b096def/1/QgCYIoSgUNlB2-u9BLXQyRT2Nbc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.68.0/24
37.228.128.0/23
185.10.68.0/24
185.100.84.0/22
185.146.232.0-185.146.234.255
185.165.168.0/22
185.246.188.0/23
185.247.224.0-185.247.226.255
IPv6:
2a06:1700::-2a06:1700:4:ffff:ffff:ffff:ffff:ffff
2a06:1700:100::/48
Signature Algorithm: sha256WithRSAEncryption
bd:3d:4e:6e:78:1d:95:51:ae:08:3f:38:ff:c7:9e:09:19:1f:
07:20:05:06:80:24:c8:58:74:ee:6b:3e:0a:6f:9e:c4:7c:85:
ac:47:3b:cc:2c:c6:5d:76:59:a0:11:f9:87:73:e3:be:ad:24:
bf:3f:44:f6:2b:04:36:2a:3f:a0:bf:af:66:aa:0e:af:f7:a5:
9c:51:a2:48:72:4b:30:04:46:69:69:fd:aa:8f:25:24:ec:a1:
44:1f:cc:1f:77:34:a8:5d:4e:85:b3:7e:3e:a0:3a:42:1e:80:
9a:0d:fc:41:e6:81:12:90:ed:38:c2:b6:a4:a3:cb:cc:47:c1:
08:29:50:27:c3:08:13:dc:ae:7b:6d:57:2a:f2:53:05:4a:8c:
12:44:ea:ff:97:4c:4c:c0:40:91:8a:d0:70:3d:e2:be:85:42:
ab:62:da:02:f4:b4:f5:ec:2d:91:cd:4e:11:56:8b:a2:ed:e2:
1d:a8:d8:07:9a:1e:78:5c:d8:a9:0d:0b:e8:76:bd:08:5c:3c:
1b:dc:d8:e6:98:37:35:59:fe:f8:d4:4a:b1:a0:d6:71:f5:24:
30:df:51:a5:3e:47:c7:10:4f:8f:03:56:c6:5c:85:f8:31:b3:
2e:fc:fb:44:95:1a:81:0b:1b:6b:6d:2a:42:85:58:06:9d:7f:
76:78:6e:86
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZQi+/AU3Wgxxy5Wl28DIwUpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyMDA5ODIyODRhMDUwZDk0MWRiZWJiZDA0YjVkMGM5MTRm
NjM1YjcwHhcNMjUwMTAxMTc0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjNkNTczOWZkYmMzYTA3MmNmMWY4OTZiYTBkYjE2YzU3MWQ0ZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwGl763/Xns/wi5epul1TEm+vvg6R
mMCvI4Et3+uXN0/Jx+PW4PAGzG97kjsjl1N01ealrGBUUUcx9LmILXWjx9hhO4P9
id9EibZ/uN9PEWL7VhT109Fg/mAmhzWXVhAEaGP/ZO+tch4YlzD+FA8D/oFyhX12
r+nsCyf4938GtFqFBHGabUT3pNfmxy8GVzwloPzTlSkKwnSfTKOzy31tJ+o6dPLx
QtYB23HPcz6K4pxOjofcSC28xxKojmIMLePtyruQzRNrsTXdcOOrFD4cDZBxyRTk
MSQyO/NdfuZdnha4syFmfAjsOljHZMpx1q99/v36lnD27GAvvI7H4fc/VQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFJ89Vzn9vDoHLPH4lroNsWxXHU0iMB8GA1UdIwQY
MBaAFEIAmCKEoFDZQdvrvQS10MkU9jW3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAt
NTFkYzJiMDk2ZGVmLzEvbnoxWE9mMjhPZ2NzOGZpV3VnMnhiRmNkVFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9jNjg4MTktMmY5ZS00NGNlLTg4MTAtNTFkYzJiMDk2ZGVm
LzEvUWdDWUlvU2dVTmxCMi11OUJMWFF5UlQyTmJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBGBAIAATBAAwQAJZxEAwQB
JeSAAwQAuQpEAwQCuWRUMAwDBAO5kugDBAC5kuoDBAK5pagDBAG59rwwDAMEBbn3
4AMEALn34jAgBAIAAjAaMA8DBAAqBhcDBwAqBhcAAAQDBwAqBhcAAQAwDQYJKoZI
hvcNAQELBQADggEBAL09Tm54HZVRrgg/OP/HngkZHwcgBQaAJMhYdO5rPgpvnsR8
haxHO8wsxl12WaAR+Ydz476tJL8/RPYrBDYqP6C/r2aqDq/3pZxRokhySzAERmlp
/aqPJSTsoUQfzB93NKhdToWzfj6gOkIegJoN/EHmgRKQ7TjCtqSjy8xHwQgpUCfD
CBPcrnttVyryUwVKjBJE6v+XTEzAQJGK0HA94r6FQqti2gL0tPXsLZHNThFWi6Lt
4h2o2AeaHnhc2KkNC+h2vQhcPBvc2OaYNzVZ/vjUSrGg1nH1JDDfUaU+R8cQT48D
VsZchfgxsy78+0SVGoELG2ttKkKFWAadf3Z4boY=
-----END CERTIFICATE-----
Generated at Thu Apr 10 05:34:38 2025 by rpki-client