Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/zQ-KSJ7-TjaiG9uymKq9s3FHrzQ.roa
File: zQ-KSJ7-TjaiG9uymKq9s3FHrzQ.roa (raw, json)
Hash identifier: FbTMvTLuTW6XcX7GqJJNJmaL2pjOC6IOrZv/ZrzS0Uo=
Subject key identifier: CD:0F:8A:48:9E:FE:4E:36:A2:1B:DB:B2:98:AA:BD:B3:71:47:AF:34
Certificate issuer: /CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Certificate serial: 0195651E9C88C7E7076A82821A1CB1FE419D
Authority key identifier: C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/zQ-KSJ7-TjaiG9uymKq9s3FHrzQ.roa
Signing time: Wed 05 Mar 2025 07:04:19 +0000
ROA not before: Wed 05 Mar 2025 07:04:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48147
IP address blocks: 89.42.136.0/22 maxlen: 24
89.42.136.0/23 maxlen: 24
89.42.136.0/24 maxlen: 24
89.42.137.0/24 maxlen: 24
89.42.138.0/23 maxlen: 24
89.42.138.0/24 maxlen: 24
89.42.139.0/24 maxlen: 24
89.42.196.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Mar 2025 19:47:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:65:1e:9c:88:c7:e7:07:6a:82:82:1a:1c:b1:fe:41:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Validity
Not Before: Mar 5 07:04:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd0f8a489efe4e36a21bdbb298aabdb37147af34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:76:4a:45:30:ca:f1:d6:0f:eb:19:04:f2:d3:
6c:b0:7e:18:3e:52:61:46:ab:72:08:10:5e:c4:f1:
f7:86:bb:62:d8:eb:0f:c4:3d:e3:5f:55:95:a6:da:
77:68:c1:0c:b5:2b:1b:63:63:3b:14:79:1e:13:a1:
34:07:f2:06:a5:18:f0:aa:3b:c6:56:31:21:eb:bc:
97:cb:10:92:89:d5:ca:c0:d5:41:7f:cf:71:f9:55:
7d:5e:e1:bd:65:3f:7a:08:1f:7e:51:eb:46:75:4d:
70:35:34:1c:ba:e1:d4:c3:29:bd:2c:76:bf:e6:c0:
99:2e:18:37:d3:77:22:83:19:bf:10:37:68:4e:65:
ff:07:a4:d8:ad:b5:bb:22:48:16:69:2b:b4:b3:34:
a3:9c:9b:60:06:0d:0e:ef:09:2c:07:bf:81:aa:cb:
52:47:12:1a:c2:57:a8:e1:c3:d7:c6:76:78:c4:71:
72:13:94:fa:df:48:ae:87:d9:f7:08:93:a6:c0:ef:
5f:45:44:f6:41:26:64:23:a5:28:32:49:2b:14:26:
b2:7e:50:6d:a2:45:3d:11:90:78:75:80:3e:b7:23:
f8:6e:4f:d2:3d:e7:55:98:55:15:25:5c:19:c4:79:
45:36:1b:32:1f:f6:1d:5e:64:9d:41:28:de:6c:21:
e5:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:0F:8A:48:9E:FE:4E:36:A2:1B:DB:B2:98:AA:BD:B3:71:47:AF:34
X509v3 Authority Key Identifier:
keyid:C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/zQ-KSJ7-TjaiG9uymKq9s3FHrzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.136.0/22
89.42.196.0/24
Signature Algorithm: sha256WithRSAEncryption
83:79:33:00:b1:82:17:10:1a:f6:8b:9a:62:6c:df:d8:08:9a:
5b:4e:99:e9:74:68:ed:c5:3e:08:df:19:65:16:ca:54:ae:49:
41:6e:6f:59:ed:24:15:c8:38:d9:13:a2:fa:aa:4c:56:0e:d3:
83:66:45:7f:70:bc:6a:f9:2b:5c:e5:af:ec:bd:00:80:80:0a:
ef:84:ca:b6:8c:00:ed:96:fc:26:03:63:c4:24:b3:7a:e8:52:
b1:78:07:93:de:33:d4:73:63:ce:c0:1b:b7:5a:82:8a:04:86:
c2:33:d6:3a:e2:77:40:ce:c4:1a:5a:33:b1:b0:22:2f:e5:36:
bd:34:d7:41:80:e9:f9:ef:36:0b:fd:d0:34:c3:18:08:f2:20:
3b:55:3a:5a:af:c2:00:88:2d:b2:97:2e:44:12:14:f6:d9:0e:
d9:ed:96:a0:2f:70:7e:62:b9:10:8c:e8:84:c9:4a:37:3a:1e:
e8:8c:94:25:14:1e:0e:7f:4c:75:4e:9d:57:85:79:c6:bd:09:
1d:f5:cd:77:1d:74:2a:d8:23:ab:4c:6f:5e:a1:86:a0:b8:7d:
19:49:84:9b:15:38:4a:01:84:6c:1a:b3:49:77:97:0c:b8:04:
cc:d9:8f:d9:97:75:6a:f1:9f:6d:63:49:7b:c0:2a:cc:a7:f4:
43:65:7b:19
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZVlHpyIx+cHaoKCGhyx/kGdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZTFjOGM2NWM4NmU4ZDI2ZGRiZWI2ODY1OGEzOWE3YThl
Mjc4NjYwHhcNMjUwMzA1MDcwNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDBmOGE0ODllZmU0ZTM2YTIxYmRiYjI5OGFhYmRiMzcxNDdhZjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv3ZKRTDK8dYP6xkE8tNssH4YPlJh
RqtyCBBexPH3hrti2OsPxD3jX1WVptp3aMEMtSsbY2M7FHkeE6E0B/IGpRjwqjvG
VjEh67yXyxCSidXKwNVBf89x+VV9XuG9ZT96CB9+UetGdU1wNTQcuuHUwym9LHa/
5sCZLhg303cigxm/EDdoTmX/B6TYrbW7IkgWaSu0szSjnJtgBg0O7wksB7+BqstS
RxIawleo4cPXxnZ4xHFyE5T630iuh9n3CJOmwO9fRUT2QSZkI6UoMkkrFCayflBt
okU9EZB4dYA+tyP4bk/SPedVmFUVJVwZxHlFNhsyH/YdXmSdQSjebCHlSQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM0Pikie/k42ohvbspiqvbNxR680MB8GA1UdIwQY
MBaAFMbhyMZchujSbdvraGWKOaeo4nhmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEt
Y2U1ZTAxZTcxYzkxLzEvelEtS1NKNy1UamFpRzl1eW1LcTlzM0ZIcnpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEtY2U1ZTAxZTcxYzkx
LzEveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWSqIAwQA
WSrEMA0GCSqGSIb3DQEBCwUAA4IBAQCDeTMAsYIXEBr2i5pibN/YCJpbTpnpdGjt
xT4I3xllFspUrklBbm9Z7SQVyDjZE6L6qkxWDtODZkV/cLxq+Stc5a/svQCAgArv
hMq2jADtlvwmA2PEJLN66FKxeAeT3jPUc2POwBu3WoKKBIbCM9Y64ndAzsQaWjOx
sCIv5Ta9NNdBgOn57zYL/dA0wxgI8iA7VTpar8IAiC2yly5EEhT22Q7Z7ZagL3B+
YrkQjOiEyUo3Oh7ojJQlFB4Of0x1Tp1XhXnGvQkd9c13HXQq2COrTG9eoYaguH0Z
SYSbFThKAYRsGrNJd5cMuATM2Y/Zl3Vq8Z9tY0l7wCrMp/RDZXsZ
-----END CERTIFICATE-----
Generated at Sat Mar 15 05:39:50 2025 by rpki-client