Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/z4HsLJNICmk13bRWd58fNdTP_cw.roa
File: z4HsLJNICmk13bRWd58fNdTP_cw.roa (raw, json)
Hash identifier: zzsXcF2DSAGf/J9/pJ8+2sltrAwtdgq5NjUzz4LfO4A=
Subject key identifier: CF:81:EC:2C:93:48:0A:69:35:DD:B4:56:77:9F:1F:35:D4:CF:FD:CC
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 0194266C7733BE9321EC45DB45D5777A06CF
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/z4HsLJNICmk13bRWd58fNdTP_cw.roa
Signing time: Thu 02 Jan 2025 09:50:30 +0000
ROA not before: Thu 02 Jan 2025 09:50:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42548
IP address blocks: 62.183.76.0/22 maxlen: 22
83.239.112.0/20 maxlen: 20
83.239.123.0/24 maxlen: 24
85.172.176.0/20 maxlen: 20
85.172.182.0/24 maxlen: 24
85.172.184.0/21 maxlen: 21
85.173.160.0/19 maxlen: 19
85.173.160.0/22 maxlen: 22
85.173.165.0/24 maxlen: 24
85.173.166.0/24 maxlen: 24
85.173.169.0/24 maxlen: 24
85.173.170.0/23 maxlen: 23
85.173.172.0/23 maxlen: 23
85.173.174.0/24 maxlen: 24
85.173.177.0/24 maxlen: 24
85.173.180.0/22 maxlen: 22
85.173.188.0/23 maxlen: 23
178.34.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 00:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6c:77:33:be:93:21:ec:45:db:45:d5:77:7a:06:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jan 2 09:50:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf81ec2c93480a6935ddb456779f1f35d4cffdcc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c0:8e:b3:3f:25:28:f7:65:99:59:33:c3:5a:
d3:a9:14:da:9c:ec:19:06:c6:82:0e:c9:43:a6:72:
e0:ec:ef:46:3a:67:d2:59:ee:a1:bc:a7:4c:81:d2:
86:50:d2:c4:50:c9:36:ff:e9:48:c2:8e:9f:30:e7:
73:e6:cd:db:15:d1:71:37:e6:62:b0:f7:78:31:ad:
ab:91:7e:55:6a:d5:c3:10:4d:85:4e:01:41:e6:6d:
41:42:62:a4:75:3b:2b:81:61:20:6b:69:c8:e2:87:
bd:31:b1:4a:9b:a1:c2:19:7a:7c:fe:e7:73:ad:20:
76:ab:da:a3:22:a9:c4:af:42:6a:45:fd:e8:98:45:
14:8d:d2:4b:f1:c6:8c:0d:20:79:73:d5:7e:47:13:
51:4a:12:e2:be:02:5e:9e:35:a1:15:6b:e5:59:af:
dc:f2:8c:12:42:5d:66:64:db:fe:f4:93:5e:8d:20:
c0:63:62:d8:da:cf:b7:f1:de:3a:56:c2:a9:a6:6d:
aa:c0:68:bc:7f:d4:45:3e:22:a2:55:1f:26:2f:a3:
4f:f6:ed:64:46:9f:b4:9d:10:a9:8a:d2:d1:cb:11:
d6:05:5b:d8:d1:72:da:79:6d:ff:4c:4b:61:b3:ad:
c8:01:f6:54:70:c6:89:c5:39:25:d0:0c:c0:5d:81:
ee:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:81:EC:2C:93:48:0A:69:35:DD:B4:56:77:9F:1F:35:D4:CF:FD:CC
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/z4HsLJNICmk13bRWd58fNdTP_cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.183.76.0/22
83.239.112.0/20
85.172.176.0/20
85.173.160.0/19
178.34.224.0/19
Signature Algorithm: sha256WithRSAEncryption
9a:fb:bd:e9:ad:3a:be:16:8c:7b:5f:bc:4e:51:e1:e0:4c:78:
ae:86:b2:e2:71:5b:5b:d1:8f:5a:f9:8b:79:e8:ef:36:17:b8:
e4:87:ad:79:8c:e7:2e:aa:42:b0:f2:f0:c1:27:f8:3b:77:f5:
bf:2b:cd:50:4a:4d:95:b9:f3:0d:c1:21:72:4a:7d:89:2e:d5:
fb:b9:c9:62:d1:2e:6d:34:c6:7e:88:65:65:ca:a4:75:b9:bd:
f0:0c:03:33:99:63:36:9a:a3:e8:cc:bc:f2:21:7e:1d:6f:2b:
b3:a4:4d:16:62:e4:06:23:e2:a0:25:94:bd:0b:6b:9a:51:aa:
5a:41:ec:c3:66:a0:11:c4:ff:a3:5a:5f:cf:4e:99:5f:aa:81:
ce:bc:83:5f:a9:bf:1b:37:c0:90:83:95:d2:d8:ab:38:ff:28:
c4:27:53:c8:a9:97:cd:e4:19:02:bd:18:87:50:b6:2f:4d:2c:
5a:86:4a:8c:75:c0:e5:00:d4:59:76:b5:25:d2:a2:2d:67:dc:
63:68:c3:20:30:45:0c:a5:71:a7:8c:6b:77:ac:a6:e2:5f:38:
48:11:9f:50:ad:f2:8d:db:b0:93:0f:c0:b3:2e:d3:cc:6d:ea:
89:e9:ac:40:8f:2d:fa:23:27:18:3d:75:42:96:11:2c:eb:f8:
a8:b0:4d:5a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQmbHczvpMh7EXbRdV3egbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwMTAyMDk1MDMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjgxZWMyYzkzNDgwYTY5MzVkZGI0NTY3NzlmMWYzNWQ0Y2ZmZGNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMCOsz8lKPdlmVkzw1rTqRTanOwZ
BsaCDslDpnLg7O9GOmfSWe6hvKdMgdKGUNLEUMk2/+lIwo6fMOdz5s3bFdFxN+Zi
sPd4Ma2rkX5VatXDEE2FTgFB5m1BQmKkdTsrgWEga2nI4oe9MbFKm6HCGXp8/udz
rSB2q9qjIqnEr0JqRf3omEUUjdJL8caMDSB5c9V+RxNRShLivgJenjWhFWvlWa/c
8owSQl1mZNv+9JNejSDAY2LY2s+38d46VsKppm2qwGi8f9RFPiKiVR8mL6NP9u1k
Rp+0nRCpitLRyxHWBVvY0XLaeW3/TEths63IAfZUcMaJxTkl0AzAXYHuKwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM+B7CyTSAppNd20VnefHzXUz/3MMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvejRIc0xKTklDbWsxM2JSV2Q1OGZOZFRQX2N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCPrdMAwQE
U+9wAwQEVaywAwQFVa2gAwQFsiLgMA0GCSqGSIb3DQEBCwUAA4IBAQCa+73prTq+
Fox7X7xOUeHgTHiuhrLicVtb0Y9a+Yt56O82F7jkh615jOcuqkKw8vDBJ/g7d/W/
K81QSk2VufMNwSFySn2JLtX7ucli0S5tNMZ+iGVlyqR1ub3wDAMzmWM2mqPozLzy
IX4dbyuzpE0WYuQGI+KgJZS9C2uaUapaQezDZqARxP+jWl/PTplfqoHOvINfqb8b
N8CQg5XS2Ks4/yjEJ1PIqZfN5BkCvRiHULYvTSxahkqMdcDlANRZdrUl0qItZ9xj
aMMgMEUMpXGnjGt3rKbiXzhIEZ9QrfKN27CTD8CzLtPMbeqJ6axAjy36IycYPXVC
lhEs6/iosE1a
-----END CERTIFICATE-----
Generated at Thu Apr 17 10:03:19 2025 by rpki-client