Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/ZWVOs3WDW-rx5m7taQu6I2WYx7Q.roa
File: ZWVOs3WDW-rx5m7taQu6I2WYx7Q.roa (raw, json)
Hash identifier: yPh81fsK4TJM83HFw4j8d9BB5tZUMJFngOFcn+J9UgQ=
Subject key identifier: 65:65:4E:B3:75:83:5B:EA:F1:E6:6E:ED:69:0B:BA:23:65:98:C7:B4
Certificate issuer: /CN=0c44f3e24bbfc6048e5ffa50c3dce364ffc012b0
Certificate serial: 0194266B708461852725D30BAB4F68F254CD
Authority key identifier: 0C:44:F3:E2:4B:BF:C6:04:8E:5F:FA:50:C3:DC:E3:64:FF:C0:12:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DETz4ku_xgSOX_pQw9zjZP_AErA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/ZWVOs3WDW-rx5m7taQu6I2WYx7Q.roa
Signing time: Thu 02 Jan 2025 09:49:22 +0000
ROA not before: Thu 02 Jan 2025 09:49:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29030
IP address blocks: 87.121.8.0/21 maxlen: 21
87.121.24.0/22 maxlen: 22
87.121.152.0/21 maxlen: 21
94.156.194.0/24 maxlen: 24
94.156.195.0/24 maxlen: 24
94.156.198.0/24 maxlen: 24
94.156.199.0/24 maxlen: 24
94.156.208.0/21 maxlen: 21
185.217.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/DETz4ku_xgSOX_pQw9zjZP_AErA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/DETz4ku_xgSOX_pQw9zjZP_AErA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DETz4ku_xgSOX_pQw9zjZP_AErA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 18:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:70:84:61:85:27:25:d3:0b:ab:4f:68:f2:54:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c44f3e24bbfc6048e5ffa50c3dce364ffc012b0
Validity
Not Before: Jan 2 09:49:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65654eb375835beaf1e66eed690bba236598c7b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:de:10:83:4e:93:36:83:25:49:3f:6b:56:35:
68:78:af:b9:40:6a:32:71:32:ad:fb:85:e3:56:eb:
52:0d:0d:b3:1b:0f:2e:99:84:e9:8a:b9:53:36:3e:
83:24:5d:d7:aa:7c:d5:d7:c7:c5:f7:9d:ec:40:1f:
0e:3d:9f:7b:55:4c:ec:15:20:b4:db:de:63:71:5d:
3a:26:de:20:ad:75:9d:6a:6e:4d:34:0c:82:3d:f8:
2a:e1:24:89:d2:a6:c0:f5:f3:ab:4e:d2:8b:f9:94:
4f:04:bc:74:7b:53:72:6f:b2:61:74:c4:28:4b:75:
fd:76:94:62:b8:5a:fb:14:6e:d3:5f:fa:de:b6:34:
4b:73:d0:91:43:4e:74:8a:c2:ec:57:d1:de:3c:9e:
a7:29:23:c1:8f:d5:4d:d2:6a:0b:3f:24:82:ec:93:
5d:b2:21:cb:ee:95:c5:db:65:4c:08:ba:7c:20:ae:
7c:35:2d:cf:35:9a:49:8f:01:2b:55:a2:ab:da:5a:
bf:d4:d5:1a:bd:f7:09:77:10:92:5a:96:22:1e:c8:
84:0a:d0:59:50:4a:b7:ae:8c:ed:18:bc:78:68:68:
9e:f3:32:65:4d:fb:7f:90:03:90:e5:9f:1a:1c:e2:
c6:0e:69:e1:ae:73:29:f3:5e:ea:b1:8a:c7:a0:b0:
be:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:65:4E:B3:75:83:5B:EA:F1:E6:6E:ED:69:0B:BA:23:65:98:C7:B4
X509v3 Authority Key Identifier:
keyid:0C:44:F3:E2:4B:BF:C6:04:8E:5F:FA:50:C3:DC:E3:64:FF:C0:12:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DETz4ku_xgSOX_pQw9zjZP_AErA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/ZWVOs3WDW-rx5m7taQu6I2WYx7Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/9918aa-347d-4878-a16b-8ac7be46cc4b/1/DETz4ku_xgSOX_pQw9zjZP_AErA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.8.0/21
87.121.24.0/22
87.121.152.0/21
94.156.194.0/23
94.156.198.0/23
94.156.208.0/21
185.217.38.0/24
Signature Algorithm: sha256WithRSAEncryption
9a:1e:e8:f0:c1:0e:d4:0d:87:77:aa:ef:31:65:5a:df:85:6d:
21:62:75:1a:bb:44:ff:ae:b4:c6:1e:c5:a8:16:02:e9:eb:6f:
a8:c8:df:ea:f7:53:f4:b0:69:40:f6:d9:52:55:de:42:51:3e:
3a:06:6b:84:84:2c:81:26:1d:b1:70:c2:61:84:6b:f5:14:22:
61:3c:2b:48:35:ec:6d:52:10:a4:34:6f:8e:eb:3e:c6:d3:b9:
7a:eb:98:49:0b:30:ac:1f:3e:4a:17:40:ca:de:b2:75:5c:8b:
a6:c5:20:4d:59:f7:36:10:23:46:ac:6b:cf:6a:99:dd:af:57:
f7:3c:ef:6d:ed:3a:81:91:bf:16:5a:6b:25:c1:42:70:82:d2:
82:c5:7d:41:2b:0c:8c:dc:bd:63:b9:bb:83:09:4a:84:2c:c1:
d9:3f:f2:fc:e3:6b:12:1e:33:94:9a:6b:54:a4:4c:e0:ee:a0:
76:74:68:67:78:cb:cb:72:d3:89:cb:07:dc:ce:f4:bf:58:e7:
4a:d7:cc:51:0a:82:be:74:85:c7:f8:17:62:22:37:d6:9f:45:
d7:9d:99:49:d8:7d:b4:69:74:76:d3:58:23:37:da:34:b6:38:
f4:dd:02:fc:60:5e:71:88:13:ad:03:64:16:67:69:35:2a:ea:
0d:52:00:c3
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZQma3CEYYUnJdMLq09o8lTNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNDRmM2UyNGJiZmM2MDQ4ZTVmZmE1MGMzZGNlMzY0ZmZj
MDEyYjAwHhcNMjUwMTAyMDk0OTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTY1NGViMzc1ODM1YmVhZjFlNjZlZWQ2OTBiYmEyMzY1OThjN2I0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN4Qg06TNoMlST9rVjVoeK+5QGoy
cTKt+4XjVutSDQ2zGw8umYTpirlTNj6DJF3XqnzV18fF953sQB8OPZ97VUzsFSC0
295jcV06Jt4grXWdam5NNAyCPfgq4SSJ0qbA9fOrTtKL+ZRPBLx0e1Nyb7JhdMQo
S3X9dpRiuFr7FG7TX/retjRLc9CRQ050isLsV9HePJ6nKSPBj9VN0moLPySC7JNd
siHL7pXF22VMCLp8IK58NS3PNZpJjwErVaKr2lq/1NUavfcJdxCSWpYiHsiECtBZ
UEq3roztGLx4aGie8zJlTft/kAOQ5Z8aHOLGDmnhrnMp817qsYrHoLC+2wIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGVlTrN1g1vq8eZu7WkLuiNlmMe0MB8GA1UdIwQY
MBaAFAxE8+JLv8YEjl/6UMPc42T/wBKwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREVUejRrdV94Z1NPWF9wUXc5empaUF9BRXJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS85OTE4YWEtMzQ3ZC00ODc4LWExNmIt
OGFjN2JlNDZjYzRiLzEvWldWT3MzV0RXLXJ4NW03dGFRdTZJMldZeDdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS85OTE4YWEtMzQ3ZC00ODc4LWExNmItOGFjN2JlNDZjYzRi
LzEvREVUejRrdV94Z1NPWF9wUXc5empaUF9BRXJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQDV3kIAwQC
V3kYAwQDV3mYAwQBXpzCAwQBXpzGAwQDXpzQAwQAudkmMA0GCSqGSIb3DQEBCwUA
A4IBAQCaHujwwQ7UDYd3qu8xZVrfhW0hYnUau0T/rrTGHsWoFgLp62+oyN/q91P0
sGlA9tlSVd5CUT46BmuEhCyBJh2xcMJhhGv1FCJhPCtINextUhCkNG+O6z7G07l6
65hJCzCsHz5KF0DK3rJ1XIumxSBNWfc2ECNGrGvPapndr1f3PO9t7TqBkb8WWmsl
wUJwgtKCxX1BKwyM3L1jubuDCUqELMHZP/L842sSHjOUmmtUpEzg7qB2dGhneMvL
ctOJywfczvS/WOdK18xRCoK+dIXH+BdiIjfWn0XXnZlJ2H20aXR201gjN9o0tjj0
3QL8YF5xiBOtA2QWZ2k1KuoNUgDD
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:51:35 2025 by rpki-client