Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/ZqkZ-ptbKplSamN_ahWuL-lHnJ8.roa
File: ZqkZ-ptbKplSamN_ahWuL-lHnJ8.roa (raw, json)
Hash identifier: irGPnE0iOTBsb5GQGAY7EsHYbFxfevPkFPknKA/OeLU=
Subject key identifier: 66:A9:19:FA:9B:5B:2A:99:52:6A:63:7F:6A:15:AE:2F:E9:47:9C:9F
Certificate issuer: /CN=8ef66691ad3a41652f5bd8596230b3ac743d2a2c
Certificate serial: 01942445392C8E974D499F7BD4748289C461
Authority key identifier: 8E:F6:66:91:AD:3A:41:65:2F:5B:D8:59:62:30:B3:AC:74:3D:2A:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jvZmka06QWUvW9hZYjCzrHQ9Kiw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/ZqkZ-ptbKplSamN_ahWuL-lHnJ8.roa
Signing time: Wed 01 Jan 2025 23:48:23 +0000
ROA not before: Wed 01 Jan 2025 23:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49162
IP address blocks: 31.128.96.0/24 maxlen: 24
31.128.97.0/24 maxlen: 24
31.128.98.0/24 maxlen: 24
31.128.99.0/24 maxlen: 24
31.128.100.0/24 maxlen: 24
31.128.101.0/24 maxlen: 24
31.128.102.0/24 maxlen: 24
31.128.103.0/24 maxlen: 24
31.128.104.0/24 maxlen: 24
31.128.105.0/24 maxlen: 24
31.128.106.0/24 maxlen: 24
31.128.107.0/24 maxlen: 24
31.128.108.0/24 maxlen: 24
31.128.109.0/24 maxlen: 24
31.128.110.0/24 maxlen: 24
31.128.111.0/24 maxlen: 24
91.210.32.0/24 maxlen: 24
91.210.33.0/24 maxlen: 24
91.210.34.0/24 maxlen: 24
91.210.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/jvZmka06QWUvW9hZYjCzrHQ9Kiw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/jvZmka06QWUvW9hZYjCzrHQ9Kiw.mft
rsync://rpki.ripe.net/repository/DEFAULT/jvZmka06QWUvW9hZYjCzrHQ9Kiw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 10 Apr 2025 02:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:39:2c:8e:97:4d:49:9f:7b:d4:74:82:89:c4:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8ef66691ad3a41652f5bd8596230b3ac743d2a2c
Validity
Not Before: Jan 1 23:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66a919fa9b5b2a99526a637f6a15ae2fe9479c9f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:46:55:b8:69:4b:fd:99:99:f9:7c:92:6e:13:
25:c6:f6:8b:1c:fd:39:21:fb:37:d0:79:1b:5c:3d:
49:b0:a8:1b:f8:0c:74:1c:91:04:ba:ef:e6:24:6e:
e3:ae:af:15:38:95:fa:ab:b7:65:ca:21:d4:5b:63:
74:50:85:1c:5b:54:79:f2:e1:69:0f:67:2c:d7:a4:
4e:31:20:b8:16:b7:2b:9b:4d:f7:5e:09:f9:58:73:
98:80:85:a3:bc:49:46:fc:9a:3a:15:7e:f2:4f:84:
0f:1a:12:5b:44:6d:20:8a:32:08:a9:78:c3:bd:9c:
b8:c5:af:90:dd:a0:2a:3c:2a:9d:ab:26:e0:e0:fd:
4d:47:d5:42:32:cd:0a:f8:4a:f7:3d:51:c4:eb:aa:
bf:47:2c:84:de:b1:15:16:6b:f8:33:80:52:55:6c:
d8:c6:68:b6:ae:56:55:4d:82:29:c9:91:8a:e0:82:
d4:60:c2:91:59:4c:80:58:79:50:75:58:56:b8:e9:
b4:b4:54:ba:c6:2e:90:f8:66:6b:e1:a9:f4:f3:7d:
f4:8a:90:a8:f5:0d:97:1b:0d:a4:6c:a4:5f:3c:e0:
36:ca:74:b7:dd:02:af:d5:7c:c3:2d:1e:a5:db:e5:
7a:0c:1e:75:ba:24:c8:24:b4:bb:d0:c7:78:2e:81:
0c:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:A9:19:FA:9B:5B:2A:99:52:6A:63:7F:6A:15:AE:2F:E9:47:9C:9F
X509v3 Authority Key Identifier:
keyid:8E:F6:66:91:AD:3A:41:65:2F:5B:D8:59:62:30:B3:AC:74:3D:2A:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jvZmka06QWUvW9hZYjCzrHQ9Kiw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/ZqkZ-ptbKplSamN_ahWuL-lHnJ8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/fc87fa-cbfa-4f3c-88d3-ba922bb1ebb4/1/jvZmka06QWUvW9hZYjCzrHQ9Kiw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.128.96.0/20
91.210.32.0/22
Signature Algorithm: sha256WithRSAEncryption
2a:4a:10:ff:d6:15:d0:8d:08:87:0c:d1:c3:77:bd:94:90:f2:
be:6b:4c:d7:1f:48:5f:1f:4c:ee:87:47:a5:78:06:da:68:34:
e2:59:ec:5f:a8:e7:78:3e:22:30:ea:c8:d8:57:f4:8a:f5:26:
cb:b4:14:fc:02:d9:27:60:34:2f:8f:da:05:30:1c:ac:49:59:
ce:96:07:0e:63:c9:94:6e:07:a4:e7:8b:dc:2a:8a:b6:1c:1a:
5d:ac:b9:c6:10:f7:ef:ed:b3:d3:b6:e5:04:d9:81:ec:57:75:
7e:24:b7:c6:10:42:6c:5f:3c:89:c7:6d:ab:ee:a0:71:0c:40:
c8:f4:90:c1:92:07:52:4e:1b:1e:b7:93:fa:d6:8b:14:93:46:
3c:0e:1b:17:34:7b:49:cf:71:ac:a4:c4:08:39:71:5a:80:02:
62:0c:da:99:36:88:4e:a9:f1:be:a6:49:62:a6:69:cf:01:d5:
8e:6a:66:54:28:8f:03:03:d7:8b:ff:ac:d1:26:42:d0:eb:43:
cb:f8:ed:28:4f:73:d0:4e:3d:13:41:01:fd:d9:6c:e8:ba:d6:
0d:22:47:52:79:cc:c7:e2:42:36:c8:f2:c2:59:16:cd:d3:92:
f0:04:02:6f:08:eb:49:7f:4e:72:16:b4:c7:19:26:e0:1d:bb:
ad:23:53:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQkRTksjpdNSZ971HSCicRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlZjY2NjkxYWQzYTQxNjUyZjViZDg1OTYyMzBiM2FjNzQz
ZDJhMmMwHhcNMjUwMTAxMjM0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmE5MTlmYTliNWIyYTk5NTI2YTYzN2Y2YTE1YWUyZmU5NDc5YzlmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykZVuGlL/ZmZ+XySbhMlxvaLHP05
Ifs30HkbXD1JsKgb+Ax0HJEEuu/mJG7jrq8VOJX6q7dlyiHUW2N0UIUcW1R58uFp
D2cs16ROMSC4Frcrm033Xgn5WHOYgIWjvElG/Jo6FX7yT4QPGhJbRG0gijIIqXjD
vZy4xa+Q3aAqPCqdqybg4P1NR9VCMs0K+Er3PVHE66q/RyyE3rEVFmv4M4BSVWzY
xmi2rlZVTYIpyZGK4ILUYMKRWUyAWHlQdVhWuOm0tFS6xi6Q+GZr4an08330ipCo
9Q2XGw2kbKRfPOA2ynS33QKv1XzDLR6l2+V6DB51uiTIJLS70Md4LoEM4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGapGfqbWyqZUmpjf2oVri/pR5yfMB8GA1UdIwQY
MBaAFI72ZpGtOkFlL1vYWWIws6x0PSosMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvanZabWthMDZRV1V2VzloWllqQ3pySFE5S2l3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mYzg3ZmEtY2JmYS00ZjNjLTg4ZDMt
YmE5MjJiYjFlYmI0LzEvWnFrWi1wdGJLcGxTYW1OX2FoV3VMLWxIbko4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mYzg3ZmEtY2JmYS00ZjNjLTg4ZDMtYmE5MjJiYjFlYmI0
LzEvanZabWthMDZRV1V2VzloWllqQ3pySFE5S2l3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEH4BgAwQC
W9IgMA0GCSqGSIb3DQEBCwUAA4IBAQAqShD/1hXQjQiHDNHDd72UkPK+a0zXH0hf
H0zuh0eleAbaaDTiWexfqOd4PiIw6sjYV/SK9SbLtBT8AtknYDQvj9oFMBysSVnO
lgcOY8mUbgek54vcKoq2HBpdrLnGEPfv7bPTtuUE2YHsV3V+JLfGEEJsXzyJx22r
7qBxDEDI9JDBkgdSThset5P61osUk0Y8DhsXNHtJz3GspMQIOXFagAJiDNqZNohO
qfG+pklipmnPAdWOamZUKI8DA9eL/6zRJkLQ60PL+O0oT3PQTj0TQQH92WzoutYN
IkdSeczH4kI2yPLCWRbN05LwBAJvCOtJf05yFrTHGSbgHbutI1OX
-----END CERTIFICATE-----
Generated at Wed Apr 9 09:07:58 2025 by rpki-client