Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/_Zs7m0Z1Y90BrPP3tkPHvTJwqVk.roa
File: _Zs7m0Z1Y90BrPP3tkPHvTJwqVk.roa (raw, json)
Hash identifier: mEAwbBpKFR8+vrzzxNINj1VfPPY5QI9i1nTpJQXBCrA=
Subject key identifier: FD:9B:3B:9B:46:75:63:DD:01:AC:F3:F7:B6:43:C7:BD:32:70:A9:59
Certificate issuer: /CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Certificate serial: 019427B67EDBB4D0045BB67A57BABF0089C1
Authority key identifier: CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/_Zs7m0Z1Y90BrPP3tkPHvTJwqVk.roa
Signing time: Thu 02 Jan 2025 15:50:59 +0000
ROA not before: Thu 02 Jan 2025 15:50:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196705
IP address blocks: 91.215.60.0/22 maxlen: 22
91.215.60.0/23 maxlen: 23
188.191.20.0/22 maxlen: 22
188.191.20.0/24 maxlen: 24
188.191.21.0/24 maxlen: 24
188.191.22.0/24 maxlen: 24
188.191.23.0/24 maxlen: 24
188.191.28.0/22 maxlen: 24
188.191.28.0/24 maxlen: 24
194.187.148.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 13 Apr 2025 09:01:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b6:7e:db:b4:d0:04:5b:b6:7a:57:ba:bf:00:89:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cf1df6667da38e57a25b1945fa40e593e5adfa00
Validity
Not Before: Jan 2 15:50:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd9b3b9b467563dd01acf3f7b643c7bd3270a959
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4a:c3:32:95:d9:31:d6:fa:7b:a6:df:10:7b:
17:ec:87:76:1f:8d:26:41:2c:78:ed:3b:c1:e6:02:
5c:9f:de:6d:c0:c4:28:e8:35:a6:0f:a2:dd:7b:c3:
37:f5:49:64:17:33:68:86:00:4a:a0:d1:5d:5d:c6:
51:b3:c5:ea:fa:0b:4a:15:62:d7:03:cb:a1:e3:7b:
2c:01:19:46:56:92:99:33:bb:cd:71:57:6a:27:82:
cd:39:c6:5f:d5:65:06:0a:95:8c:f9:d1:a3:3f:fb:
e9:1b:53:37:95:67:12:c5:0b:04:22:e3:68:2f:06:
c6:2d:29:78:e6:b6:d9:6e:25:36:80:d0:5a:df:16:
72:4b:e0:23:f6:a3:f8:b5:44:05:b5:f7:df:b9:f8:
b4:a0:09:46:81:0f:79:3f:76:d0:d7:1c:34:5b:fd:
70:97:6e:4a:c5:3f:dc:7c:36:ec:f6:06:63:6e:78:
cc:d6:ba:06:de:e5:ab:18:b1:c2:e4:f4:eb:0d:f0:
a2:b3:95:17:ca:c5:e1:62:5e:9f:19:cc:9e:a4:ba:
a7:b5:cf:d6:b5:34:35:8e:41:4e:dc:7a:0b:e1:48:
b4:c4:1b:4a:d6:97:bc:88:1c:53:bf:fc:64:03:f8:
c6:16:23:3a:58:25:98:5c:3c:f7:2c:32:da:6a:32:
b1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:9B:3B:9B:46:75:63:DD:01:AC:F3:F7:B6:43:C7:BD:32:70:A9:59
X509v3 Authority Key Identifier:
keyid:CF:1D:F6:66:7D:A3:8E:57:A2:5B:19:45:FA:40:E5:93:E5:AD:FA:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zx32Zn2jjleiWxlF-kDlk-Wt-gA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/_Zs7m0Z1Y90BrPP3tkPHvTJwqVk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/e5789a-160d-4896-a25a-8df36337e6bc/1/zx32Zn2jjleiWxlF-kDlk-Wt-gA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.215.60.0/22
188.191.20.0/22
188.191.28.0/22
194.187.148.0/22
Signature Algorithm: sha256WithRSAEncryption
aa:ef:06:32:9a:dc:2a:5d:9f:66:bd:e1:a4:22:ac:37:8b:88:
c7:5b:ce:23:62:46:d3:88:4f:44:82:ba:4d:3c:1b:26:1e:bb:
c6:0e:9f:86:af:e1:f1:2d:d1:23:8e:ee:a0:d8:a9:21:eb:25:
d3:e7:bd:74:65:53:31:35:d8:cb:cc:8a:f9:0c:20:07:af:78:
bc:dc:4f:68:fc:f6:9b:45:3d:d1:50:71:78:66:98:b5:4b:32:
17:c0:73:f8:77:03:b4:94:69:e0:6a:ed:b2:95:27:8c:3f:dc:
2d:96:f5:39:7f:b0:48:94:c2:81:9b:7d:bc:88:5d:1d:61:d5:
56:4d:96:c0:e4:92:8f:4d:a8:3e:51:c2:88:ad:57:c9:23:93:
90:10:3c:dd:58:c2:b8:6d:1e:2a:ac:20:da:19:c7:72:61:3f:
8a:b5:3f:8c:2d:7b:dd:82:19:68:de:21:a0:57:5e:1e:0a:83:
53:a2:16:b7:22:d8:e1:6d:be:fb:39:b9:c9:99:54:60:df:d4:
1f:57:96:11:f3:6a:09:22:1a:e0:70:87:69:5a:ed:5a:89:6f:
86:aa:a7:db:d3:22:56:70:a3:0a:f3:9f:d0:84:8c:c8:aa:cb:
67:45:4b:2a:4d:64:0a:0d:0a:07:1d:55:b6:35:c2:ed:45:ec:
66:1b:68:76
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQntn7btNAEW7Z6V7q/AInBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmMWRmNjY2N2RhMzhlNTdhMjViMTk0NWZhNDBlNTkzZTVh
ZGZhMDAwHhcNMjUwMTAyMTU1MDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDliM2I5YjQ2NzU2M2RkMDFhY2YzZjdiNjQzYzdiZDMyNzBhOTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsUrDMpXZMdb6e6bfEHsX7Id2H40m
QSx47TvB5gJcn95twMQo6DWmD6Lde8M39UlkFzNohgBKoNFdXcZRs8Xq+gtKFWLX
A8uh43ssARlGVpKZM7vNcVdqJ4LNOcZf1WUGCpWM+dGjP/vpG1M3lWcSxQsEIuNo
LwbGLSl45rbZbiU2gNBa3xZyS+Aj9qP4tUQFtfffufi0oAlGgQ95P3bQ1xw0W/1w
l25KxT/cfDbs9gZjbnjM1roG3uWrGLHC5PTrDfCis5UXysXhYl6fGcyepLqntc/W
tTQ1jkFO3HoL4Ui0xBtK1pe8iBxTv/xkA/jGFiM6WCWYXDz3LDLaajKxCwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFP2bO5tGdWPdAazz97ZDx70ycKlZMB8GA1UdIwQY
MBaAFM8d9mZ9o45XolsZRfpA5ZPlrfoAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEt
OGRmMzYzMzdlNmJjLzEvX1pzN20wWjFZOTBCclBQM3RrUEh2VEp3cVZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lNTc4OWEtMTYwZC00ODk2LWEyNWEtOGRmMzYzMzdlNmJj
LzEvengzMlpuMmpqbGVpV3hsRi1rRGxrLVd0LWdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW9c8AwQC
vL8UAwQCvL8cAwQCwruUMA0GCSqGSIb3DQEBCwUAA4IBAQCq7wYymtwqXZ9mveGk
Iqw3i4jHW84jYkbTiE9EgrpNPBsmHrvGDp+Gr+HxLdEjju6g2Kkh6yXT5710ZVMx
NdjLzIr5DCAHr3i83E9o/PabRT3RUHF4Zpi1SzIXwHP4dwO0lGngau2ylSeMP9wt
lvU5f7BIlMKBm328iF0dYdVWTZbA5JKPTag+UcKIrVfJI5OQEDzdWMK4bR4qrCDa
GcdyYT+KtT+MLXvdghlo3iGgV14eCoNToha3Itjhbb77ObnJmVRg39QfV5YR82oJ
IhrgcIdpWu1aiW+Gqqfb0yJWcKMK85/QhIzIqstnRUsqTWQKDQoHHVW2NcLtRexm
G2h2
-----END CERTIFICATE-----
Generated at Sat Apr 12 19:07:20 2025 by rpki-client