Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/zY-mc8ottsO0mlX2DbncV_JVaGI.roa
File: zY-mc8ottsO0mlX2DbncV_JVaGI.roa (raw, json)
Hash identifier: IXtxsfxn422nBKB3kQxte4GM01lfDRPi2WPTNL4v8HQ=
Subject key identifier: CD:8F:A6:73:CA:2D:B6:C3:B4:9A:55:F6:0D:B9:DC:57:F2:55:68:62
Certificate issuer: /CN=428df99824ce67b0cb5f87fc46599e13adea5702
Certificate serial: 01942445431517D843DB596F3A2D1FD8E0D9
Authority key identifier: 42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/zY-mc8ottsO0mlX2DbncV_JVaGI.roa
Signing time: Wed 01 Jan 2025 23:48:26 +0000
ROA not before: Wed 01 Jan 2025 23:48:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62336
IP address blocks: 141.78.128.0/18 maxlen: 18
185.234.32.0/22 maxlen: 22
185.250.220.0/22 maxlen: 22
2a02:2761::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 17:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:43:15:17:d8:43:db:59:6f:3a:2d:1f:d8:e0:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=428df99824ce67b0cb5f87fc46599e13adea5702
Validity
Not Before: Jan 1 23:48:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd8fa673ca2db6c3b49a55f60db9dc57f2556862
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:16:eb:c5:d9:af:1e:e0:ca:46:8c:16:11:a4:
d1:71:38:ca:0d:c6:53:35:ab:c1:d0:fc:99:89:e4:
ba:61:6e:a1:ce:d2:1d:a9:10:be:3c:14:53:82:2d:
58:83:00:88:ab:c1:04:37:a5:e7:64:d3:3a:33:7f:
7c:ba:65:cb:be:96:f1:74:8d:cc:3c:c1:38:44:f0:
a8:5b:2e:36:93:c6:65:c9:d6:64:c3:60:44:12:97:
a2:20:94:b3:0a:88:64:5c:71:35:e3:fa:29:5e:52:
c8:9d:db:c4:b9:ab:7c:3f:ca:57:4f:15:9d:f6:88:
f0:df:cf:ff:9e:24:6b:34:33:21:8c:e6:ea:54:d6:
26:26:23:57:ae:ce:8b:ef:71:91:39:3d:c7:95:7c:
0f:28:12:23:16:5f:5f:40:f9:a3:69:f9:6f:84:46:
b0:b3:93:9b:68:d7:c6:83:e1:cd:86:e6:9f:fb:b8:
5d:71:20:84:25:f3:a5:fa:f3:32:1d:72:70:30:e5:
9e:e5:05:2c:5b:44:8e:60:97:92:12:b4:09:eb:93:
d7:d7:2c:2c:04:ce:4f:08:78:2d:e8:da:4a:b4:be:
e3:8b:cd:af:57:3e:20:34:1a:cf:24:cc:3e:c6:38:
b0:7b:ae:d5:99:5e:ec:d9:44:e2:e7:8b:28:13:73:
d3:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:8F:A6:73:CA:2D:B6:C3:B4:9A:55:F6:0D:B9:DC:57:F2:55:68:62
X509v3 Authority Key Identifier:
keyid:42:8D:F9:98:24:CE:67:B0:CB:5F:87:FC:46:59:9E:13:AD:EA:57:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qo35mCTOZ7DLX4f8RlmeE63qVwI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/zY-mc8ottsO0mlX2DbncV_JVaGI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/802b35-673c-4756-9761-f2274965c095/1/Qo35mCTOZ7DLX4f8RlmeE63qVwI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.78.128.0/18
185.234.32.0/22
185.250.220.0/22
IPv6:
2a02:2761::/32
Signature Algorithm: sha256WithRSAEncryption
8d:f1:f1:ae:9a:f2:62:b0:b9:ca:76:22:3c:af:4f:dc:02:c0:
69:0d:d3:99:78:12:c6:35:ad:af:e1:ea:49:d4:e3:b2:bc:9f:
d6:aa:1f:75:0a:21:16:1a:b0:d3:52:fa:5a:67:4f:27:a1:e1:
a4:b4:b6:8c:51:3d:17:5d:7f:24:bb:b2:78:9d:36:2c:7f:e9:
f7:04:8b:b0:9b:12:55:a0:db:82:a8:46:b9:14:a0:62:5e:64:
de:f4:e1:7a:d0:fc:6c:00:f6:3e:e8:26:94:ce:03:cd:6f:da:
78:f2:e6:3a:34:9a:b3:18:3d:67:cc:90:6c:04:29:10:66:d4:
1f:ee:5b:0b:22:33:bb:9e:7f:0f:9a:5b:2a:55:9e:8b:16:71:
2c:71:f0:a7:65:6c:74:71:0a:e9:d8:2d:a7:d7:2d:ad:3d:51:
b4:33:b0:6c:2f:c3:c7:f8:dc:dc:bb:74:4f:2a:6e:db:cf:7f:
a3:89:46:73:d3:ed:cb:92:5b:98:b6:21:63:e2:60:fb:65:88:
a9:59:8f:14:69:aa:c8:45:e0:6e:88:92:fc:4c:f6:c8:a7:04:
ae:8c:41:3f:90:05:7d:f9:53:2f:05:13:4c:ab:d6:8f:04:2a:
ac:af:8f:65:eb:4c:4c:6b:76:f8:ca:94:7c:dd:7c:5b:7c:24:
a9:e8:cd:9e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQkRUMVF9hD21lvOi0f2ODZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyOGRmOTk4MjRjZTY3YjBjYjVmODdmYzQ2NTk5ZTEzYWRl
YTU3MDIwHhcNMjUwMTAxMjM0ODI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDhmYTY3M2NhMmRiNmMzYjQ5YTU1ZjYwZGI5ZGM1N2YyNTU2ODYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBbrxdmvHuDKRowWEaTRcTjKDcZT
NavB0PyZieS6YW6hztIdqRC+PBRTgi1YgwCIq8EEN6XnZNM6M398umXLvpbxdI3M
PME4RPCoWy42k8ZlydZkw2BEEpeiIJSzCohkXHE14/opXlLIndvEuat8P8pXTxWd
9ojw38//niRrNDMhjObqVNYmJiNXrs6L73GROT3HlXwPKBIjFl9fQPmjaflvhEaw
s5ObaNfGg+HNhuaf+7hdcSCEJfOl+vMyHXJwMOWe5QUsW0SOYJeSErQJ65PX1yws
BM5PCHgt6NpKtL7ji82vVz4gNBrPJMw+xjiwe67VmV7s2UTi54soE3PTtQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFM2PpnPKLbbDtJpV9g253FfyVWhiMB8GA1UdIwQY
MBaAFEKN+Zgkzmewy1+H/EZZnhOt6lcCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW8zNW1DVE9aN0RMWDRmOFJsbWVFNjNxVndJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNi84MDJiMzUtNjczYy00NzU2LTk3NjEt
ZjIyNzQ5NjVjMDk1LzEvelktbWM4b3R0c08wbWxYMkRibmNWX0pWYUdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNi84MDJiMzUtNjczYy00NzU2LTk3NjEtZjIyNzQ5NjVjMDk1
LzEvUW8zNW1DVE9aN0RMWDRmOFJsbWVFNjNxVndJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGjU6AAwQC
ueogAwQCufrcMA0EAgACMAcDBQAqAidhMA0GCSqGSIb3DQEBCwUAA4IBAQCN8fGu
mvJisLnKdiI8r0/cAsBpDdOZeBLGNa2v4epJ1OOyvJ/Wqh91CiEWGrDTUvpaZ08n
oeGktLaMUT0XXX8ku7J4nTYsf+n3BIuwmxJVoNuCqEa5FKBiXmTe9OF60PxsAPY+
6CaUzgPNb9p48uY6NJqzGD1nzJBsBCkQZtQf7lsLIjO7nn8PmlsqVZ6LFnEscfCn
ZWx0cQrp2C2n1y2tPVG0M7BsL8PH+Nzcu3RPKm7bz3+jiUZz0+3LkluYtiFj4mD7
ZYipWY8UaarIReBuiJL8TPbIpwSujEE/kAV9+VMvBRNMq9aPBCqsr49l60xMa3b4
ypR83XxbfCSp6M2e
-----END CERTIFICATE-----
Generated at Sun Apr 6 03:24:54 2025 by rpki-client