Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/dZKiynV1KRUB63s1S23kLXoELXM.roa
File: dZKiynV1KRUB63s1S23kLXoELXM.roa (raw, json)
Hash identifier: uX/2Ee9kxHZZdlU8CO8raSIbXckmFA2hSc0ftFZonCA=
Subject key identifier: 75:92:A2:CA:75:75:29:15:01:EB:7B:35:4B:6D:E4:2D:7A:04:2D:73
Certificate issuer: /CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Certificate serial: 019427B537E53F16BCF7255D556D106C6644
Authority key identifier: 97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/dZKiynV1KRUB63s1S23kLXoELXM.roa
Signing time: Thu 02 Jan 2025 15:49:35 +0000
ROA not before: Thu 02 Jan 2025 15:49:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 147.189.216.0/22 maxlen: 32
147.189.220.0/22 maxlen: 32
193.5.16.0/23 maxlen: 32
193.5.18.0/23 maxlen: 32
2a0d:3dc0::/30 maxlen: 128
2a0d:3dc4::/30 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.mft
rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 12 Apr 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b5:37:e5:3f:16:bc:f7:25:5d:55:6d:10:6c:66:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9783a5487b35c1d1e1f157c191312b3df4bc17ab
Validity
Not Before: Jan 2 15:49:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7592a2ca7575291501eb7b354b6de42d7a042d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5f:94:f4:9e:3a:9f:d2:e4:01:71:44:a6:4b:
e9:55:30:27:a2:32:4d:7c:c0:c2:14:cc:47:03:fb:
93:9b:29:f8:23:7c:a9:c6:f8:8e:f4:89:3e:27:2f:
dc:7b:3b:c2:d7:58:dc:4f:05:49:de:01:c6:bd:3a:
8b:47:da:bf:cd:7f:2a:e1:8f:94:43:07:ed:6c:5b:
76:a9:40:95:ab:19:77:84:9c:a4:25:fa:b8:f2:99:
de:8b:d1:41:ac:29:63:c2:f9:4f:39:b1:c8:d3:41:
fc:05:e4:59:73:ce:26:9a:8e:43:35:bc:14:ef:eb:
66:17:45:1b:10:bc:9c:37:41:24:af:4b:aa:23:1c:
f1:8d:aa:e6:ca:91:5d:27:51:7a:07:a2:08:6b:51:
e3:ef:5d:3f:48:93:44:be:51:b3:b8:30:43:8b:1a:
ac:2e:58:69:a5:65:4d:d2:81:28:d3:a7:57:4b:07:
70:93:7e:ae:7c:4c:0e:59:73:ad:bd:73:04:c9:ca:
0a:47:c1:d3:76:0b:30:72:2d:04:2a:08:3a:58:45:
4d:66:8d:a8:f2:60:af:cf:2d:00:ff:be:94:63:33:
8b:92:a0:0a:df:31:6a:61:5b:6d:ac:b7:58:fc:86:
1e:39:a9:18:4e:35:0a:fd:c7:54:7d:27:47:2e:80:
ef:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:92:A2:CA:75:75:29:15:01:EB:7B:35:4B:6D:E4:2D:7A:04:2D:73
X509v3 Authority Key Identifier:
keyid:97:83:A5:48:7B:35:C1:D1:E1:F1:57:C1:91:31:2B:3D:F4:BC:17:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4OlSHs1wdHh8VfBkTErPfS8F6s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/dZKiynV1KRUB63s1S23kLXoELXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f22131-a0ff-4f27-8dfa-69152e9a08c3/1/l4OlSHs1wdHh8VfBkTErPfS8F6s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.216.0/21
193.5.16.0/22
IPv6:
2a0d:3dc0::/29
Signature Algorithm: sha256WithRSAEncryption
61:d2:46:79:1f:9e:94:ab:a5:4d:7f:28:61:45:c5:83:eb:69:
19:b6:12:69:f9:78:4c:aa:9b:f4:ec:2a:f5:ad:43:99:76:05:
5a:eb:92:3c:4a:39:2e:fd:20:df:ba:73:60:75:37:eb:a3:41:
96:13:8d:3b:68:19:fc:be:68:33:5c:89:66:89:2e:a4:79:3b:
53:ed:a0:59:09:da:22:73:18:5d:9b:cb:0e:fa:5b:bf:9e:22:
8c:c2:fb:f7:6c:d7:81:02:eb:f6:98:7e:6c:a1:33:be:1f:55:
5d:62:6d:bd:8b:6c:0a:53:4f:0a:10:c0:f1:90:62:a0:ee:ed:
31:24:59:a2:08:55:89:47:f9:01:6c:9d:c5:ae:2c:f2:19:a1:
dc:6b:3a:6f:e9:36:6a:aa:d3:ce:95:f4:75:07:ea:38:fa:26:
da:4c:c5:1b:b0:3c:95:62:fe:3e:46:18:1f:fe:62:ac:e2:8d:
81:5d:5f:bc:7a:7b:a2:63:aa:d8:bc:de:0d:54:70:4d:57:6f:
9d:44:d0:93:a4:f7:3e:f4:8e:41:85:e5:1a:db:d6:09:0c:d5:
ba:bb:70:3f:71:e0:1f:bc:00:bf:c2:ff:4e:a3:52:db:72:b3:
84:5e:2c:51:01:db:ef:74:5c:75:05:c3:6e:0a:13:00:8b:42:
be:00:b3:bf
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQntTflPxa89yVdVW0QbGZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODNhNTQ4N2IzNWMxZDFlMWYxNTdjMTkxMzEyYjNkZjRi
YzE3YWIwHhcNMjUwMTAyMTU0OTM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTkyYTJjYTc1NzUyOTE1MDFlYjdiMzU0YjZkZTQyZDdhMDQyZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsl+U9J46n9LkAXFEpkvpVTAnojJN
fMDCFMxHA/uTmyn4I3ypxviO9Ik+Jy/cezvC11jcTwVJ3gHGvTqLR9q/zX8q4Y+U
QwftbFt2qUCVqxl3hJykJfq48pnei9FBrCljwvlPObHI00H8BeRZc84mmo5DNbwU
7+tmF0UbELycN0Ekr0uqIxzxjarmypFdJ1F6B6IIa1Hj710/SJNEvlGzuDBDixqs
LlhppWVN0oEo06dXSwdwk36ufEwOWXOtvXMEycoKR8HTdgswci0EKgg6WEVNZo2o
8mCvzy0A/76UYzOLkqAK3zFqYVttrLdY/IYeOakYTjUK/cdUfSdHLoDvSQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHWSosp1dSkVAet7NUtt5C16BC1zMB8GA1UdIwQY
MBaAFJeDpUh7NcHR4fFXwZExKz30vBerMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEt
NjkxNTJlOWEwOGMzLzEvZFpLaXluVjFLUlVCNjNzMVMyM2tMWG9FTFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mMjIxMzEtYTBmZi00ZjI3LThkZmEtNjkxNTJlOWEwOGMz
LzEvbDRPbFNIczF3ZEhoOFZmQmtURXJQZlM4RjZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDk73YAwQC
wQUQMA0EAgACMAcDBQMqDT3AMA0GCSqGSIb3DQEBCwUAA4IBAQBh0kZ5H56Uq6VN
fyhhRcWD62kZthJp+XhMqpv07Cr1rUOZdgVa65I8Sjku/SDfunNgdTfro0GWE407
aBn8vmgzXIlmiS6keTtT7aBZCdoicxhdm8sO+lu/niKMwvv3bNeBAuv2mH5soTO+
H1VdYm29i2wKU08KEMDxkGKg7u0xJFmiCFWJR/kBbJ3FrizyGaHcazpv6TZqqtPO
lfR1B+o4+ibaTMUbsDyVYv4+Rhgf/mKs4o2BXV+8enuiY6rYvN4NVHBNV2+dRNCT
pPc+9I5BheUa29YJDNW6u3A/ceAfvAC/wv9Oo1LbcrOEXixRAdvvdFx1BcNuChMA
i0K+ALO/
-----END CERTIFICATE-----
Generated at Sat Apr 12 03:03:16 2025 by rpki-client