Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/ZmD1TA5j_WUZpHewze6nukzZJsg.roa
File: ZmD1TA5j_WUZpHewze6nukzZJsg.roa (raw, json)
Hash identifier: +71Vr/FTpakGGRIUTsx4iBEKymM4Qh918F7HPx6zt+Y=
Subject key identifier: 66:60:F5:4C:0E:63:FD:65:19:A4:77:B0:CD:EE:A7:BA:4C:D9:26:C8
Certificate issuer: /CN=a61a8f667a3dddbd4a352318d8f0606c46e9f063
Certificate serial: 019421B1EC26BF2B9688A2C902A6C60AE7F6
Authority key identifier: A6:1A:8F:66:7A:3D:DD:BD:4A:35:23:18:D8:F0:60:6C:46:E9:F0:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/phqPZno93b1KNSMY2PBgbEbp8GM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/ZmD1TA5j_WUZpHewze6nukzZJsg.roa
Signing time: Wed 01 Jan 2025 11:48:15 +0000
ROA not before: Wed 01 Jan 2025 11:48:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35055
IP address blocks: 45.14.240.0/22 maxlen: 24
185.64.120.0/22 maxlen: 24
185.190.64.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/phqPZno93b1KNSMY2PBgbEbp8GM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/phqPZno93b1KNSMY2PBgbEbp8GM.mft
rsync://rpki.ripe.net/repository/DEFAULT/phqPZno93b1KNSMY2PBgbEbp8GM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Apr 2025 10:01:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:ec:26:bf:2b:96:88:a2:c9:02:a6:c6:0a:e7:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a61a8f667a3dddbd4a352318d8f0606c46e9f063
Validity
Not Before: Jan 1 11:48:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6660f54c0e63fd6519a477b0cdeea7ba4cd926c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c9:40:b3:26:15:7d:45:b5:da:5f:a3:38:0c:
96:49:e9:ec:15:63:79:10:27:5b:04:f1:d2:d4:cb:
fd:82:d1:48:34:f8:4b:39:24:eb:e2:73:41:21:7d:
95:0b:23:0f:47:9a:d7:b7:6e:81:1b:1e:10:16:32:
c5:cc:79:99:2e:da:35:9e:bf:76:61:63:f1:72:95:
61:c8:ac:1c:b9:bc:fc:32:10:54:90:8e:56:81:8a:
11:74:b5:64:be:82:bb:28:3a:e2:3a:22:65:1d:ba:
46:95:e3:27:cf:98:22:da:fc:17:7c:c2:01:1a:63:
06:00:57:a4:7f:df:8c:07:73:6e:ee:e8:9f:02:fb:
75:9e:9b:80:72:c6:da:0d:a6:2b:64:20:2d:2a:40:
fb:77:b9:67:ff:cf:c4:08:49:40:3a:8a:dc:72:b4:
e6:ec:34:0c:85:ff:b4:3b:24:37:2e:97:30:9a:09:
69:be:f7:54:ea:2a:c5:30:09:e1:7c:cb:c8:e9:43:
70:30:a3:fa:91:d3:7a:86:b9:56:b5:fd:35:21:81:
be:91:60:dc:86:a4:55:d8:0d:70:ac:ba:12:26:5b:
b6:de:e5:c2:ee:ae:aa:95:75:d4:72:ea:7e:47:e4:
ca:3d:ac:c5:f8:a4:f0:5f:f7:4d:72:1e:9f:bb:2b:
62:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:60:F5:4C:0E:63:FD:65:19:A4:77:B0:CD:EE:A7:BA:4C:D9:26:C8
X509v3 Authority Key Identifier:
keyid:A6:1A:8F:66:7A:3D:DD:BD:4A:35:23:18:D8:F0:60:6C:46:E9:F0:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/phqPZno93b1KNSMY2PBgbEbp8GM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/ZmD1TA5j_WUZpHewze6nukzZJsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/ce88a2-eb87-42a5-916d-b56bb0647868/1/phqPZno93b1KNSMY2PBgbEbp8GM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.14.240.0/22
185.64.120.0/22
185.190.64.0/22
Signature Algorithm: sha256WithRSAEncryption
20:72:ca:3f:4f:33:95:58:87:6b:74:4d:92:52:e6:89:4c:00:
d2:b0:fe:f3:9a:4a:93:05:48:5e:99:d3:77:10:4d:9e:63:b6:
6c:4e:a5:54:f4:de:d9:08:6b:77:ee:4e:3c:e2:d2:9c:bc:47:
3d:4a:01:13:1f:c6:34:79:82:2a:34:76:0d:6b:a1:f6:b3:f7:
7c:69:cb:21:36:ae:7c:09:92:eb:f5:e3:ca:e9:9f:90:4f:33:
9e:86:69:89:75:7b:8b:06:67:65:42:c0:91:50:0b:5d:95:c3:
d7:da:4c:c3:67:16:3e:5c:12:2c:50:bb:3f:f5:e6:1f:b5:46:
b1:4d:2a:72:5a:10:7b:75:e7:98:71:ee:d8:bf:0c:5a:60:b7:
d0:cb:45:2a:1d:b7:54:83:37:89:95:8b:3f:4a:b0:6a:6e:2e:
83:b7:c7:73:1d:b1:48:b6:06:87:0e:e7:11:39:3d:4d:3f:43:
1b:71:fc:90:cf:aa:09:73:3f:e2:2f:ad:3d:07:3c:60:29:c8:
6a:ee:01:9a:a2:87:2c:90:1f:21:5b:da:5c:17:e7:2b:39:36:
28:73:99:01:1a:8e:5d:a6:3b:05:3c:50:42:83:c0:aa:14:c5:
08:9c:aa:b6:26:03:37:52:95:55:04:50:3f:02:4f:38:a3:60:
1f:91:25:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZQhsewmvyuWiKLJAqbGCuf2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MWE4ZjY2N2EzZGRkYmQ0YTM1MjMxOGQ4ZjA2MDZjNDZl
OWYwNjMwHhcNMjUwMTAxMTE0ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjYwZjU0YzBlNjNmZDY1MTlhNDc3YjBjZGVlYTdiYTRjZDkyNmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8lAsyYVfUW12l+jOAyWSensFWN5
ECdbBPHS1Mv9gtFINPhLOSTr4nNBIX2VCyMPR5rXt26BGx4QFjLFzHmZLto1nr92
YWPxcpVhyKwcubz8MhBUkI5WgYoRdLVkvoK7KDriOiJlHbpGleMnz5gi2vwXfMIB
GmMGAFekf9+MB3Nu7uifAvt1npuAcsbaDaYrZCAtKkD7d7ln/8/ECElAOorccrTm
7DQMhf+0OyQ3LpcwmglpvvdU6irFMAnhfMvI6UNwMKP6kdN6hrlWtf01IYG+kWDc
hqRV2A1wrLoSJlu23uXC7q6qlXXUcup+R+TKPazF+KTwX/dNch6fuytiHQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGZg9UwOY/1lGaR3sM3up7pM2SbIMB8GA1UdIwQY
MBaAFKYaj2Z6Pd29SjUjGNjwYGxG6fBjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGhxUFpubzkzYjFLTlNNWTJQQmdiRWJwOEdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS9jZTg4YTItZWI4Ny00MmE1LTkxNmQt
YjU2YmIwNjQ3ODY4LzEvWm1EMVRBNWpfV1VacEhld3plNm51a3paSnNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS9jZTg4YTItZWI4Ny00MmE1LTkxNmQtYjU2YmIwNjQ3ODY4
LzEvcGhxUFpubzkzYjFLTlNNWTJQQmdiRWJwOEdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLQ7wAwQC
uUB4AwQCub5AMA0GCSqGSIb3DQEBCwUAA4IBAQAgcso/TzOVWIdrdE2SUuaJTADS
sP7zmkqTBUhemdN3EE2eY7ZsTqVU9N7ZCGt37k484tKcvEc9SgETH8Y0eYIqNHYN
a6H2s/d8acshNq58CZLr9ePK6Z+QTzOehmmJdXuLBmdlQsCRUAtdlcPX2kzDZxY+
XBIsULs/9eYftUaxTSpyWhB7deeYce7YvwxaYLfQy0UqHbdUgzeJlYs/SrBqbi6D
t8dzHbFItgaHDucROT1NP0MbcfyQz6oJcz/iL609BzxgKchq7gGaoocskB8hW9pc
F+crOTYoc5kBGo5dpjsFPFBCg8CqFMUInKq2JgM3UpVVBFA/Ak84o2AfkSWy
-----END CERTIFICATE-----
Generated at Tue Apr 22 19:37:05 2025 by rpki-client