Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/E3ZC-IKUFV8dsLuSPPYjoVWBSBk.roa
File: E3ZC-IKUFV8dsLuSPPYjoVWBSBk.roa (raw, json)
Hash identifier: /bl5hl4kqSXgSNneJaVMs/G9S7DHiQCDWl5lO8OIAgk=
Subject key identifier: 13:76:42:F8:82:94:15:5F:1D:B0:BB:92:3C:F6:23:A1:55:81:48:19
Certificate issuer: /CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Certificate serial: 0194206858A77E1EB67EDAB042D2C4488889
Authority key identifier: CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/E3ZC-IKUFV8dsLuSPPYjoVWBSBk.roa
Signing time: Wed 01 Jan 2025 05:48:16 +0000
ROA not before: Wed 01 Jan 2025 05:48:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20965
IP address blocks: 62.40.96.0/19 maxlen: 19
83.97.92.0/22 maxlen: 22
2001:798::/32 maxlen: 32
2001:799::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/ztdVcz6RIDoXwwk8pdnLA5LZT2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/ztdVcz6RIDoXwwk8pdnLA5LZT2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Feb 2025 05:00:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:58:a7:7e:1e:b6:7e:da:b0:42:d2:c4:48:88:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced755733e91203a17c3093ca5d9cb0392d94f61
Validity
Not Before: Jan 1 05:48:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=137642f88294155f1db0bb923cf623a155814819
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ae:67:d9:5d:d2:59:6d:bb:db:55:24:3e:49:
8e:c8:83:1d:fe:bf:6f:25:30:1f:de:14:79:b1:4a:
5f:39:97:7a:1b:56:43:de:d7:ee:62:53:f3:7d:14:
c8:fe:ba:b4:88:d4:02:9c:7e:1a:fd:ef:0b:7d:ef:
f9:23:c7:81:11:86:01:64:42:69:7c:cd:7e:a0:49:
aa:c9:66:a9:68:a9:49:1e:2a:b2:8a:a5:c1:18:2e:
59:8b:34:87:8c:f6:93:45:6c:f6:02:73:d9:29:4d:
b2:6c:1b:98:d7:a7:7e:57:4c:93:89:e4:88:c7:e5:
20:fc:0d:e1:11:25:45:b8:76:24:27:17:f1:9c:cd:
5b:8e:58:c5:a4:ef:00:77:ec:9f:22:5c:8c:b2:99:
6f:a7:45:ee:86:ba:d1:a2:8b:64:3c:26:d0:da:79:
b7:d1:04:15:7c:57:4e:da:96:b0:16:27:35:0a:fe:
1f:2e:2c:a4:bf:e9:a9:df:82:47:6b:97:d8:cf:0b:
42:9b:9f:99:88:71:55:18:38:7a:71:86:9d:10:68:
43:c8:83:ae:0b:74:6c:1a:15:90:d3:62:3b:1b:9c:
8a:20:7b:32:74:12:f9:73:12:5b:c6:f5:b5:1b:c2:
ea:b1:10:0d:7b:1b:5f:d9:1e:8a:d6:ad:97:00:ea:
b8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:76:42:F8:82:94:15:5F:1D:B0:BB:92:3C:F6:23:A1:55:81:48:19
X509v3 Authority Key Identifier:
keyid:CE:D7:55:73:3E:91:20:3A:17:C3:09:3C:A5:D9:CB:03:92:D9:4F:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztdVcz6RIDoXwwk8pdnLA5LZT2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/E3ZC-IKUFV8dsLuSPPYjoVWBSBk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c2f61a-15f9-4c6b-90e5-ef4b659eff8d/1/ztdVcz6RIDoXwwk8pdnLA5LZT2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.40.96.0/19
83.97.92.0/22
IPv6:
2001:798::/31
Signature Algorithm: sha256WithRSAEncryption
41:6f:6b:c0:89:d3:2a:64:45:6f:56:bd:ad:e0:45:40:15:59:
02:bb:17:81:4a:57:07:05:38:5d:9c:24:8d:55:be:43:ff:46:
92:65:a8:9d:10:1e:91:2a:19:21:e6:5b:a6:3e:5f:5c:d3:7f:
0d:fd:d1:5c:d1:85:e2:38:44:8b:ed:5e:8d:3e:b1:a0:e6:da:
e8:28:2f:42:43:98:90:de:7e:d3:ce:d9:af:e8:c4:8f:a3:72:
0c:e5:67:b8:6e:56:a8:87:bd:f7:b7:12:f7:81:ce:43:8c:fc:
67:d5:6b:38:9f:70:bf:db:32:73:9b:fb:9c:40:08:7c:e2:36:
5d:63:86:d0:77:db:e4:95:03:8f:f4:95:82:2c:a7:ad:11:a1:
87:be:32:0e:bc:87:88:16:ef:e8:8b:e2:ee:18:b1:8c:c7:ad:
10:b7:fe:b2:2b:a6:11:5b:bc:0a:ea:30:49:60:51:57:a5:0d:
dd:4f:ec:9b:21:93:c6:15:c3:0f:b6:b0:02:f1:1a:1a:54:6b:
3a:df:ba:d4:57:fd:cf:db:46:c8:85:89:3a:6d:f6:04:60:e9:
74:27:fb:13:1e:54:36:97:6a:b4:6c:bb:d9:77:61:db:dc:0f:
5e:aa:f7:b6:9b:6c:13:23:a3:ab:fd:e2:aa:df:7c:e1:68:e0:
1b:fe:49:04
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQgaFinfh62ftqwQtLESIiJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDc1NTczM2U5MTIwM2ExN2MzMDkzY2E1ZDljYjAzOTJk
OTRmNjEwHhcNMjUwMTAxMDU0ODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzc2NDJmODgyOTQxNTVmMWRiMGJiOTIzY2Y2MjNhMTU1ODE0ODE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmq5n2V3SWW2721UkPkmOyIMd/r9v
JTAf3hR5sUpfOZd6G1ZD3tfuYlPzfRTI/rq0iNQCnH4a/e8Lfe/5I8eBEYYBZEJp
fM1+oEmqyWapaKlJHiqyiqXBGC5ZizSHjPaTRWz2AnPZKU2ybBuY16d+V0yTieSI
x+Ug/A3hESVFuHYkJxfxnM1bjljFpO8Ad+yfIlyMsplvp0XuhrrRootkPCbQ2nm3
0QQVfFdO2pawFic1Cv4fLiykv+mp34JHa5fYzwtCm5+ZiHFVGDh6cYadEGhDyIOu
C3RsGhWQ02I7G5yKIHsydBL5cxJbxvW1G8LqsRANextf2R6K1q2XAOq4EQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBN2QviClBVfHbC7kjz2I6FVgUgZMB8GA1UdIwQY
MBaAFM7XVXM+kSA6F8MJPKXZywOS2U9hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRkVmN6NlJJRG9Yd3drOHBkbkxBNUxaVDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMmY2MWEtMTVmOS00YzZiLTkwZTUt
ZWY0YjY1OWVmZjhkLzEvRTNaQy1JS1VGVjhkc0x1U1BQWWpvVldCU0JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMmY2MWEtMTVmOS00YzZiLTkwZTUtZWY0YjY1OWVmZjhk
LzEvenRkVmN6NlJJRG9Yd3drOHBkbkxBNUxaVDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFPihgAwQC
U2FcMA0EAgACMAcDBQEgAQeYMA0GCSqGSIb3DQEBCwUAA4IBAQBBb2vAidMqZEVv
Vr2t4EVAFVkCuxeBSlcHBThdnCSNVb5D/0aSZaidEB6RKhkh5lumPl9c038N/dFc
0YXiOESL7V6NPrGg5troKC9CQ5iQ3n7Tztmv6MSPo3IM5We4blaoh733txL3gc5D
jPxn1Ws4n3C/2zJzm/ucQAh84jZdY4bQd9vklQOP9JWCLKetEaGHvjIOvIeIFu/o
i+LuGLGMx60Qt/6yK6YRW7wK6jBJYFFXpQ3dT+ybIZPGFcMPtrAC8RoaVGs637rU
V/3P20bIhYk6bfYEYOl0J/sTHlQ2l2q0bLvZd2Hb3A9eqve2m2wTI6Or/eKq33zh
aOAb/kkE
-----END CERTIFICATE-----
Generated at Fri Feb 21 12:26:46 2025 by rpki-client