Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/cozXNddBZMRS0D_fVDWk42XqVNI.roa
File: cozXNddBZMRS0D_fVDWk42XqVNI.roa (raw, json)
Hash identifier: nP2wP4zibtasbSbsg7EMlMPSKjFkuBzXXdP2DBCONIM=
Subject key identifier: 72:8C:D7:35:D7:41:64:C4:52:D0:3F:DF:54:35:A4:E3:65:EA:54:D2
Certificate issuer: /CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Certificate serial: 019610550674183B302251179F648AE2BA71
Authority key identifier: 11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/cozXNddBZMRS0D_fVDWk42XqVNI.roa
Signing time: Mon 07 Apr 2025 12:58:49 +0000
ROA not before: Mon 07 Apr 2025 12:58:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60695
IP address blocks: 155.133.33.0/24 maxlen: 24
155.133.60.0/23 maxlen: 23
185.225.100.0/22 maxlen: 22
185.228.108.0/22 maxlen: 22
2a06:1e00::/48 maxlen: 48
2a06:1e00:5::/48 maxlen: 48
2a06:1e00:14::/48 maxlen: 48
2a06:1e00:18::/48 maxlen: 48
2a06:1e00:1e::/48 maxlen: 48
2a06:1e00:30::/48 maxlen: 48
2a06:1e00:40::/48 maxlen: 48
2a06:1e00:50::/48 maxlen: 48
2a06:1e00:60::/48 maxlen: 48
2a0d:a00::/29 maxlen: 29
2a0d:b400::/29 maxlen: 48
2a0e:4d00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 19 Apr 2025 14:20:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:10:55:06:74:18:3b:30:22:51:17:9f:64:8a:e2:ba:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111d6814375271d1a3cbd12155db11d2bd41a8d3
Validity
Not Before: Apr 7 12:58:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=728cd735d74164c452d03fdf5435a4e365ea54d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:e3:ca:dc:30:93:4a:e9:3b:2b:e1:3a:50:cc:
91:49:43:61:45:e4:3a:bb:d5:4b:65:5c:98:c9:b5:
35:d9:5a:6f:e1:79:5a:62:29:a5:3f:20:b2:93:6f:
c7:cd:57:4a:69:21:2f:93:f0:5d:1d:53:c4:46:90:
d1:1f:db:2e:0a:50:c9:11:9a:b9:f8:54:b4:6a:a2:
fc:1e:ff:6d:79:0a:90:32:9e:aa:ca:84:f4:68:18:
a6:c2:5c:f6:8f:99:8a:6f:9a:2b:cc:48:b0:61:04:
c7:bc:1d:38:f9:66:a5:f3:c0:6d:9c:a1:f5:12:88:
5f:96:9d:53:9c:dc:cb:59:61:92:8b:39:ed:13:e7:
b7:1e:85:f3:46:98:c8:d6:d7:44:8b:3c:0e:ef:0e:
77:c7:62:4c:94:64:e0:5a:19:88:c2:cb:fd:34:4c:
cc:8f:c7:fa:87:22:a9:1f:2f:52:81:6c:5c:ca:33:
ee:79:87:85:10:fc:f9:65:00:f8:ee:00:01:f2:3f:
e8:24:72:a2:d4:34:7b:ff:ce:bf:38:99:5c:4e:78:
af:e4:43:61:dc:76:ae:10:1f:58:b2:17:e9:74:d3:
15:24:52:70:5f:a7:67:bd:62:f8:07:9c:a0:2f:cc:
3e:c7:b8:5f:61:17:3e:1f:05:4f:b6:13:b8:04:03:
61:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:8C:D7:35:D7:41:64:C4:52:D0:3F:DF:54:35:A4:E3:65:EA:54:D2
X509v3 Authority Key Identifier:
keyid:11:1D:68:14:37:52:71:D1:A3:CB:D1:21:55:DB:11:D2:BD:41:A8:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER1oFDdScdGjy9EhVdsR0r1BqNM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/cozXNddBZMRS0D_fVDWk42XqVNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/a8b14b-fb25-47f8-8b0d-271d25e20574/1/ER1oFDdScdGjy9EhVdsR0r1BqNM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
155.133.33.0/24
155.133.60.0/23
185.225.100.0/22
185.228.108.0/22
IPv6:
2a06:1e00::/48
2a06:1e00:5::/48
2a06:1e00:14::/48
2a06:1e00:18::/48
2a06:1e00:1e::/48
2a06:1e00:30::/48
2a06:1e00:40::/48
2a06:1e00:50::/48
2a06:1e00:60::/48
2a0d:a00::/29
2a0d:b400::/29
2a0e:4d00::/29
Signature Algorithm: sha256WithRSAEncryption
9a:d3:f8:cd:26:9f:1c:2d:3e:6d:a3:01:6a:2b:3c:27:ec:6e:
39:b2:95:e3:ef:0a:20:bb:6e:f8:5b:09:68:39:59:2c:c9:9b:
34:0e:a3:fb:e8:4c:08:f5:ad:c1:0b:71:64:1a:6b:ff:5b:39:
6f:cb:65:b8:6c:cb:05:70:54:55:4c:e3:1e:7f:f4:df:f8:89:
7a:9a:1f:4a:c3:ca:17:c3:ff:f2:cf:c9:55:74:5a:08:cf:89:
1c:b6:e5:53:61:b5:be:21:b3:36:4c:41:8d:fd:0b:fe:1c:48:
99:50:78:1e:1d:42:e4:cb:6a:63:fb:02:ed:f5:51:ac:10:36:
b9:4f:05:dd:bc:00:0f:9e:9e:a8:06:55:3d:9f:38:f9:bc:54:
83:65:93:40:5b:29:5b:16:88:22:ae:83:a8:64:d0:3f:ec:dd:
21:fa:dd:68:08:d9:9c:1e:94:92:fd:14:5e:57:00:98:bd:1f:
a1:f0:d5:28:46:e5:13:b7:65:88:b9:fd:20:0e:93:37:f0:00:
7d:64:5b:64:96:39:9d:e2:eb:d3:8f:59:2c:63:10:55:5b:3c:
f8:fd:12:40:3a:2e:b0:49:72:3b:b9:f9:1f:71:9c:a4:89:f6:
3c:28:e9:c5:3f:1b:d9:ca:dd:c0:b4:c5:c2:3c:75:cc:2e:28:
d4:d5:44:31
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgISAZYQVQZ0GDswIlEXn2SK4rpxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWQ2ODE0Mzc1MjcxZDFhM2NiZDEyMTU1ZGIxMWQyYmQ0
MWE4ZDMwHhcNMjUwNDA3MTI1ODQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjhjZDczNWQ3NDE2NGM0NTJkMDNmZGY1NDM1YTRlMzY1ZWE1NGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+PK3DCTSuk7K+E6UMyRSUNhReQ6
u9VLZVyYybU12Vpv4XlaYimlPyCyk2/HzVdKaSEvk/BdHVPERpDRH9suClDJEZq5
+FS0aqL8Hv9teQqQMp6qyoT0aBimwlz2j5mKb5orzEiwYQTHvB04+Wal88BtnKH1
Eohflp1TnNzLWWGSizntE+e3HoXzRpjI1tdEizwO7w53x2JMlGTgWhmIwsv9NEzM
j8f6hyKpHy9SgWxcyjPueYeFEPz5ZQD47gAB8j/oJHKi1DR7/86/OJlcTniv5ENh
3HauEB9YshfpdNMVJFJwX6dnvWL4B5ygL8w+x7hfYRc+HwVPthO4BANhGQIDAQAB
o4ICjDCCAogwHQYDVR0OBBYEFHKM1zXXQWTEUtA/31Q1pONl6lTSMB8GA1UdIwQY
MBaAFBEdaBQ3UnHRo8vRIVXbEdK9QajTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQt
MjcxZDI1ZTIwNTc0LzEvY296WE5kZEJaTVJTMERfZlZEV2s0MlhxVk5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9hOGIxNGItZmIyNS00N2Y4LThiMGQtMjcxZDI1ZTIwNTc0
LzEvRVIxb0ZEZFNjZEdqeTlFaFZkc1IwcjFCcU5NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGhBggrBgEFBQcBBwEB/wSBkTCBjjAeBAIAATAYAwQAm4Uh
AwQBm4U8AwQCueFkAwQCueRsMGwEAgACMGYDBwAqBh4AAAADBwAqBh4AAAUDBwAq
Bh4AABQDBwAqBh4AABgDBwAqBh4AAB4DBwAqBh4AADADBwAqBh4AAEADBwAqBh4A
AFADBwAqBh4AAGADBQMqDQoAAwUDKg20AAMFAyoOTQAwDQYJKoZIhvcNAQELBQAD
ggEBAJrT+M0mnxwtPm2jAWorPCfsbjmylePvCiC7bvhbCWg5WSzJmzQOo/voTAj1
rcELcWQaa/9bOW/LZbhsywVwVFVM4x5/9N/4iXqaH0rDyhfD//LPyVV0WgjPiRy2
5VNhtb4hszZMQY39C/4cSJlQeB4dQuTLamP7Au31UawQNrlPBd28AA+enqgGVT2f
OPm8VINlk0BbKVsWiCKug6hk0D/s3SH63WgI2ZwelJL9FF5XAJi9H6Hw1ShG5RO3
ZYi5/SAOkzfwAH1kW2SWOZ3i69OPWSxjEFVbPPj9EkA6LrBJcju5+R9xnKSJ9jwo
6cU/G9nK3cC0xcI8dcwuKNTVRDE=
-----END CERTIFICATE-----
Generated at Fri Apr 18 22:21:21 2025 by rpki-client