Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/_zuXBXmwRFvmj3CquvOmn8JheAE.roa
File: _zuXBXmwRFvmj3CquvOmn8JheAE.roa (raw, json)
Hash identifier: ANk7ETqbrjmt4b+Q7G24ONiVGStPl7zVIgQWYmZPBCw=
Subject key identifier: FF:3B:97:05:79:B0:44:5B:E6:8F:70:AA:BA:F3:A6:9F:C2:61:78:01
Certificate issuer: /CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Certificate serial: 01963FEE174330EA041C6C7ABCA76B40A9EF
Authority key identifier: 82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/_zuXBXmwRFvmj3CquvOmn8JheAE.roa
Signing time: Wed 16 Apr 2025 18:48:10 +0000
ROA not before: Wed 16 Apr 2025 18:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207551
IP address blocks: 89.35.53.0/24 maxlen: 24
117.55.199.0/24 maxlen: 24
194.164.87.0/24 maxlen: 24
202.181.153.0/24 maxlen: 24
212.6.53.0/24 maxlen: 24
2a10:2080::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.mft
rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 20 Apr 2025 16:41:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:ee:17:43:30:ea:04:1c:6c:7a:bc:a7:6b:40:a9:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=82b2e0d00dd771a9e4d60bbf4be52114ea77db03
Validity
Not Before: Apr 16 18:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff3b970579b0445be68f70aabaf3a69fc2617801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:8b:33:f1:a5:cc:18:6f:3b:92:a5:ab:d8:83:
e7:61:7d:b8:d6:ea:72:36:92:77:2b:87:76:b7:40:
d1:95:02:30:76:b1:c6:95:bf:90:b1:c0:19:44:31:
6e:6c:a5:73:be:44:4a:1b:e3:02:8c:6c:34:22:fe:
b6:29:f1:c5:03:ee:9a:8c:0c:3f:e0:96:22:e4:ff:
2b:f8:6c:f8:af:c3:5d:4a:2c:70:67:6b:1d:d3:10:
f7:4a:77:65:b1:b6:58:8a:48:37:1e:26:1b:33:64:
b6:b9:d1:99:7d:fc:d6:f5:b4:87:5d:2f:35:54:c7:
e9:9d:26:a8:1f:0d:af:33:ca:46:87:65:02:2f:f0:
ac:21:15:a9:02:71:f9:7d:f4:d7:01:99:cb:91:ea:
8b:67:d1:72:09:ce:2d:72:ad:59:e2:f0:7a:c7:75:
4e:9a:05:db:23:c4:47:0c:3d:20:cc:4c:45:9e:d0:
f8:3b:63:3d:1d:a0:1b:ef:25:12:e6:75:8c:d6:36:
40:8a:8f:b8:48:61:b2:c3:b9:f5:df:bf:0b:9a:65:
2b:61:42:cc:19:13:31:ae:f5:7c:a5:c8:9f:87:ab:
ea:16:27:b1:82:39:1f:7e:49:69:eb:d2:05:1e:f9:
9e:6b:54:1b:9d:a3:b5:18:66:ce:58:1f:84:c4:68:
13:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:3B:97:05:79:B0:44:5B:E6:8F:70:AA:BA:F3:A6:9F:C2:61:78:01
X509v3 Authority Key Identifier:
keyid:82:B2:E0:D0:0D:D7:71:A9:E4:D6:0B:BF:4B:E5:21:14:EA:77:DB:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/grLg0A3Xcank1gu_S-UhFOp32wM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/_zuXBXmwRFvmj3CquvOmn8JheAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/3794b1-ca7f-4a57-8b7b-06d3c4e63c20/1/grLg0A3Xcank1gu_S-UhFOp32wM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.53.0/24
117.55.199.0/24
194.164.87.0/24
202.181.153.0/24
212.6.53.0/24
IPv6:
2a10:2080::/29
Signature Algorithm: sha256WithRSAEncryption
cb:b3:56:2c:01:58:7e:aa:36:09:f0:82:d8:44:00:cb:65:e8:
df:f6:1b:40:6d:85:58:d0:a7:cc:17:f6:e4:ec:96:4a:98:6a:
a9:78:ef:90:32:0b:bd:2e:8b:36:c4:b9:06:b8:0d:22:a4:43:
2b:9a:45:38:38:66:23:86:31:89:da:e1:fb:c9:6d:e9:aa:2b:
d5:99:93:cc:3c:d4:34:05:51:b2:c8:ed:57:ff:fc:89:43:63:
d4:d8:1b:2a:eb:70:cf:04:e0:aa:12:07:52:82:a1:f2:a5:ed:
b9:98:92:cb:0a:4f:07:16:16:9c:b0:3c:17:ab:8b:2e:fc:fb:
37:e0:a6:b5:0a:39:bb:e8:c2:51:79:d5:22:86:f0:e4:14:7f:
d7:2a:e6:d9:04:11:0d:84:0f:54:e8:95:93:01:4c:a6:49:7b:
1f:5a:c8:5c:c7:01:b9:c1:af:e6:3a:09:3d:54:c7:a3:84:04:
91:a8:27:b1:83:99:ad:cb:b9:ac:88:51:0d:a1:b2:4f:41:ec:
d6:1f:cd:23:8a:94:8b:69:a3:31:38:8a:28:96:fb:27:b2:95:
43:04:77:bd:30:f7:c8:21:5d:a8:2b:36:91:73:45:b3:e5:0f:
e6:03:c6:b6:fb:36:22:a6:2f:b2:18:ad:c6:61:1a:44:2d:ad:
71:8b:a2:aa
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZY/7hdDMOoEHGx6vKdrQKnvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyYjJlMGQwMGRkNzcxYTllNGQ2MGJiZjRiZTUyMTE0ZWE3
N2RiMDMwHhcNMjUwNDE2MTg0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjNiOTcwNTc5YjA0NDViZTY4ZjcwYWFiYWYzYTY5ZmMyNjE3ODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsYsz8aXMGG87kqWr2IPnYX241upy
NpJ3K4d2t0DRlQIwdrHGlb+QscAZRDFubKVzvkRKG+MCjGw0Iv62KfHFA+6ajAw/
4JYi5P8r+Gz4r8NdSixwZ2sd0xD3SndlsbZYikg3HiYbM2S2udGZffzW9bSHXS81
VMfpnSaoHw2vM8pGh2UCL/CsIRWpAnH5ffTXAZnLkeqLZ9FyCc4tcq1Z4vB6x3VO
mgXbI8RHDD0gzExFntD4O2M9HaAb7yUS5nWM1jZAio+4SGGyw7n1378LmmUrYULM
GRMxrvV8pcifh6vqFiexgjkffklp69IFHvmea1QbnaO1GGbOWB+ExGgTeQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFP87lwV5sERb5o9wqrrzpp/CYXgBMB8GA1UdIwQY
MBaAFIKy4NAN13Gp5NYLv0vlIRTqd9sDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2It
MDZkM2M0ZTYzYzIwLzEvX3p1WEJYbXdSRnZtajNDcXV2T21uOEpoZUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi8zNzk0YjEtY2E3Zi00YTU3LThiN2ItMDZkM2M0ZTYzYzIw
LzEvZ3JMZzBBM1hjYW5rMWd1X1MtVWhGT3AzMndNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAWSM1AwQA
dTfHAwQAwqRXAwQAyrWZAwQA1AY1MA0EAgACMAcDBQMqECCAMA0GCSqGSIb3DQEB
CwUAA4IBAQDLs1YsAVh+qjYJ8ILYRADLZejf9htAbYVY0KfMF/bk7JZKmGqpeO+Q
Mgu9Los2xLkGuA0ipEMrmkU4OGYjhjGJ2uH7yW3pqivVmZPMPNQ0BVGyyO1X//yJ
Q2PU2Bsq63DPBOCqEgdSgqHype25mJLLCk8HFhacsDwXq4su/Ps34Ka1Cjm76MJR
edUihvDkFH/XKubZBBENhA9U6JWTAUymSXsfWshcxwG5wa/mOgk9VMejhASRqCex
g5mty7msiFENobJPQezWH80jipSLaaMxOIoolvsnspVDBHe9MPfIIV2oKzaRc0Wz
5Q/mA8a2+zYipi+yGK3GYRpELa1xi6Kq
-----END CERTIFICATE-----
Generated at Sun Apr 20 02:07:21 2025 by rpki-client