Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/zYcJKaM6JzCKVxiyX4VCo_gC9ZM.roa
File: zYcJKaM6JzCKVxiyX4VCo_gC9ZM.roa (raw, json)
Hash identifier: mZBVVY1LVqtMV+cGPcfvfBAAoOoYhoi230NuYqjuA4g=
Subject key identifier: CD:87:09:29:A3:3A:27:30:8A:57:18:B2:5F:85:42:A3:F8:02:F5:93
Certificate issuer: /CN=80615315dc750c03e60fc36a750c5e3ff66eac94
Certificate serial: 01960FD923ADCE1A0CC1A03BD8EDA015A827
Authority key identifier: 80:61:53:15:DC:75:0C:03:E6:0F:C3:6A:75:0C:5E:3F:F6:6E:AC:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/zYcJKaM6JzCKVxiyX4VCo_gC9ZM.roa
Signing time: Mon 07 Apr 2025 10:43:30 +0000
ROA not before: Mon 07 Apr 2025 10:43:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 199669
IP address blocks: 46.29.118.0/23 maxlen: 24
91.109.200.0/21 maxlen: 24
185.10.44.0/22 maxlen: 24
185.10.44.0/24 maxlen: 24
185.195.170.0/23 maxlen: 24
2a03:ec0::/48 maxlen: 64
2a03:ec0:1::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:0f:d9:23:ad:ce:1a:0c:c1:a0:3b:d8:ed:a0:15:a8:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=80615315dc750c03e60fc36a750c5e3ff66eac94
Validity
Not Before: Apr 7 10:43:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd870929a33a27308a5718b25f8542a3f802f593
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:5c:5a:a2:58:5e:09:cd:dd:27:a7:05:c1:53:
6f:d0:14:77:53:8c:30:09:62:52:ee:4d:1a:de:a1:
7b:71:7b:e9:bb:6a:f1:2b:ce:1c:27:ff:a5:a2:68:
46:80:e7:ba:b4:6b:dd:4a:17:5b:0e:cf:a3:11:59:
7c:b9:10:ba:e2:3a:47:5c:d8:cf:21:ae:bf:89:cb:
98:a2:06:72:31:bb:72:99:1f:d9:24:96:08:eb:fc:
98:7a:45:81:e0:cc:7c:10:29:cf:e0:ff:20:14:ca:
70:44:d7:34:f7:47:0a:b3:35:78:2f:65:dc:71:64:
0e:5b:03:91:41:3f:04:92:43:0b:01:fe:06:73:1b:
d4:41:bc:98:8f:36:5e:a1:95:83:cb:de:3e:ae:b7:
cf:d5:20:1b:c9:50:26:a5:10:34:6c:46:cd:d0:84:
c5:a7:36:40:db:0b:06:db:60:9c:55:90:c3:8c:5c:
1d:2a:ee:e5:9c:2f:8f:48:ce:79:74:e3:65:68:15:
27:a5:cd:dc:46:73:c0:03:fe:90:e7:e7:51:2e:aa:
b6:66:8c:c1:66:54:85:c3:45:2d:94:10:f9:01:a1:
b4:6f:f8:41:49:23:49:70:75:61:79:79:b5:c1:52:
7e:3d:3e:99:19:af:f3:d3:3a:84:74:e1:39:46:04:
21:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:87:09:29:A3:3A:27:30:8A:57:18:B2:5F:85:42:A3:F8:02:F5:93
X509v3 Authority Key Identifier:
keyid:80:61:53:15:DC:75:0C:03:E6:0F:C3:6A:75:0C:5E:3F:F6:6E:AC:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/zYcJKaM6JzCKVxiyX4VCo_gC9ZM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/de84ce-d704-4766-a388-f8e5b2d8680c/1/gGFTFdx1DAPmD8NqdQxeP_ZurJQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.29.118.0/23
91.109.200.0/21
185.10.44.0/22
185.195.170.0/23
IPv6:
2a03:ec0::/47
Signature Algorithm: sha256WithRSAEncryption
70:a7:f3:54:46:1e:a4:02:1c:3a:e5:60:74:c2:f7:06:e6:5d:
d1:75:a7:2f:ef:3c:6d:bd:f3:94:02:ca:a6:72:ec:ff:69:46:
14:97:b8:93:04:42:6e:e1:90:7f:5b:91:bb:0a:48:27:b1:07:
db:54:64:28:be:0e:d5:59:5f:47:60:64:20:74:ec:a2:fb:ee:
3b:c7:56:d1:85:36:ae:20:41:79:f4:fb:eb:e3:6c:9b:c9:05:
dc:f3:27:d4:4f:62:7b:3e:d9:cd:40:2e:b9:94:d7:52:19:d0:
7b:53:25:fb:07:f9:06:22:79:4f:e0:6c:bd:0a:0f:33:63:b5:
75:14:86:21:fc:af:95:88:6d:3d:f1:a2:1a:96:1f:f3:df:70:
c0:17:a5:a2:4c:f8:88:de:bc:6f:e8:03:e6:43:95:70:a4:4f:
96:17:b3:22:b3:c9:fc:3f:09:64:d8:19:6d:a9:95:21:ce:0c:
82:56:c2:4a:95:67:39:fc:6d:da:bc:ea:11:3a:a7:3a:e3:1f:
f8:d5:57:c1:0d:32:da:b9:2f:91:4a:00:91:81:f3:8f:b4:46:
e4:89:0c:08:b4:7d:da:29:45:e8:5c:12:24:ec:c4:ea:ed:14:
7e:99:f2:b2:99:2d:ce:41:cd:a5:f5:99:8c:08:cd:f0:79:d2:
8b:29:91:58
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZYP2SOtzhoMwaA72O2gFagnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwNjE1MzE1ZGM3NTBjMDNlNjBmYzM2YTc1MGM1ZTNmZjY2
ZWFjOTQwHhcNMjUwNDA3MTA0MzMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDg3MDkyOWEzM2EyNzMwOGE1NzE4YjI1Zjg1NDJhM2Y4MDJmNTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFxaolheCc3dJ6cFwVNv0BR3U4ww
CWJS7k0a3qF7cXvpu2rxK84cJ/+lomhGgOe6tGvdShdbDs+jEVl8uRC64jpHXNjP
Ia6/icuYogZyMbtymR/ZJJYI6/yYekWB4Mx8ECnP4P8gFMpwRNc090cKszV4L2Xc
cWQOWwORQT8EkkMLAf4GcxvUQbyYjzZeoZWDy94+rrfP1SAbyVAmpRA0bEbN0ITF
pzZA2wsG22CcVZDDjFwdKu7lnC+PSM55dONlaBUnpc3cRnPAA/6Q5+dRLqq2ZozB
ZlSFw0UtlBD5AaG0b/hBSSNJcHVheXm1wVJ+PT6ZGa/z0zqEdOE5RgQhKQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFM2HCSmjOicwilcYsl+FQqP4AvWTMB8GA1UdIwQY
MBaAFIBhUxXcdQwD5g/DanUMXj/2bqyUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0dGVEZkeDFEQVBtRDhOcWRReGVQX1p1ckpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kZTg0Y2UtZDcwNC00NzY2LWEzODgt
ZjhlNWIyZDg2ODBjLzEvelljSkthTTZKekNLVnhpeVg0VkNvX2dDOVpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kZTg0Y2UtZDcwNC00NzY2LWEzODgtZjhlNWIyZDg2ODBj
LzEvZ0dGVEZkeDFEQVBtRDhOcWRReGVQX1p1ckpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQBLh12AwQD
W23IAwQCuQosAwQBucOqMA8EAgACMAkDBwEqAw7AAAAwDQYJKoZIhvcNAQELBQAD
ggEBAHCn81RGHqQCHDrlYHTC9wbmXdF1py/vPG2985QCyqZy7P9pRhSXuJMEQm7h
kH9bkbsKSCexB9tUZCi+DtVZX0dgZCB07KL77jvHVtGFNq4gQXn0++vjbJvJBdzz
J9RPYns+2c1ALrmU11IZ0HtTJfsH+QYieU/gbL0KDzNjtXUUhiH8r5WIbT3xohqW
H/PfcMAXpaJM+IjevG/oA+ZDlXCkT5YXsyKzyfw/CWTYGW2plSHODIJWwkqVZzn8
bdq86hE6pzrjH/jVV8ENMtq5L5FKAJGB84+0RuSJDAi0fdopRehcEiTsxOrtFH6Z
8rKZLc5BzaX1mYwIzfB50ospkVg=
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:46:28 2025 by rpki-client