Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/Z_9aQ9yajBZ2JLgMPuP-5DT5zd0.roa
File: Z_9aQ9yajBZ2JLgMPuP-5DT5zd0.roa (raw, json)
Hash identifier: 4CGz9OtQ1X/4la1NVBt5q/Fx1Bc3qLuZdDjOQydgtOs=
Subject key identifier: 67:FF:5A:43:DC:9A:8C:16:76:24:B8:0C:3E:E3:FE:E4:34:F9:CD:DD
Certificate issuer: /CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Certificate serial: 01967B35E055DE17E634754B461120B29C86
Authority key identifier: 6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/Z_9aQ9yajBZ2JLgMPuP-5DT5zd0.roa
Signing time: Mon 28 Apr 2025 07:04:10 +0000
ROA not before: Mon 28 Apr 2025 07:04:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 194.154.24.0/22 maxlen: 22
217.177.8.0/22 maxlen: 24
217.177.40.0/22 maxlen: 24
217.177.80.0/22 maxlen: 24
217.177.84.0/22 maxlen: 24
217.180.40.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.mft
rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 11 May 2025 22:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:7b:35:e0:55:de:17:e6:34:75:4b:46:11:20:b2:9c:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a5836dde9b9daef35a8a7f74d6326f6b42da74d
Validity
Not Before: Apr 28 07:04:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67ff5a43dc9a8c167624b80c3ee3fee434f9cddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:75:60:aa:1b:5d:62:d7:6e:cb:bb:a2:c4:85:
e1:fd:0f:7a:32:6f:2d:d9:0e:57:c3:54:12:7b:74:
29:30:5b:b5:17:5e:2d:44:5b:d3:ef:67:a7:96:69:
5f:ad:d8:1a:76:67:af:51:44:a2:38:ce:78:29:7a:
2b:28:08:35:df:37:95:6e:69:7b:ab:12:60:89:cf:
f6:d2:20:8c:83:2b:b7:c1:81:fe:e1:aa:b8:6e:57:
ea:86:d4:2d:00:a1:ea:84:a2:a0:1a:bf:6b:d4:33:
c3:c4:0d:6e:36:d1:0f:eb:dd:f5:11:eb:82:b1:8a:
75:c5:8d:89:a2:07:62:ed:65:a9:07:e5:bb:83:6e:
f6:13:68:81:44:44:f2:3f:55:99:69:22:fa:0e:ba:
ec:be:d6:22:25:0f:31:0a:21:88:73:04:a4:ee:70:
f4:5d:a0:27:92:c8:28:bc:20:3b:57:67:2a:83:db:
a9:55:ca:c8:f4:97:ed:1c:ab:f5:ae:d5:58:c2:a5:
ec:6e:ca:69:5a:ea:46:04:b2:86:07:7a:b1:76:dc:
2d:33:57:7d:21:96:20:22:5d:ee:ae:85:b6:f0:c0:
1c:0a:83:a8:b1:d4:c3:44:55:38:9c:24:ba:88:8c:
b0:77:1d:8a:e9:83:06:f7:a9:97:a8:02:13:36:b6:
32:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:FF:5A:43:DC:9A:8C:16:76:24:B8:0C:3E:E3:FE:E4:34:F9:CD:DD
X509v3 Authority Key Identifier:
keyid:6A:58:36:DD:E9:B9:DA:EF:35:A8:A7:F7:4D:63:26:F6:B4:2D:A7:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alg23em52u81qKf3TWMm9rQtp00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/Z_9aQ9yajBZ2JLgMPuP-5DT5zd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/838032-db97-497f-8c95-c19942737e6d/1/alg23em52u81qKf3TWMm9rQtp00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.154.24.0/22
217.177.8.0/22
217.177.40.0/22
217.177.80.0/21
217.180.40.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:b8:5d:9b:67:db:99:0e:39:7c:b7:26:4f:5a:a0:3c:e0:24:
38:be:aa:08:17:50:e4:e4:37:0f:96:d7:2d:a2:d0:59:29:51:
41:87:3b:43:08:e7:2c:05:8d:52:42:92:49:55:89:56:fa:89:
ea:53:5f:91:cc:ec:b3:b2:2c:5a:d9:69:72:0d:ad:d4:6f:0d:
c3:5b:24:92:bc:6a:5f:fa:86:c0:e3:7f:fe:bc:92:59:be:98:
51:ec:2e:e3:58:4b:82:2a:d1:df:bc:f4:4e:e7:13:08:70:0b:
8f:b9:0c:13:d5:64:cf:8a:94:d8:b7:86:f5:01:19:45:59:7a:
21:d8:08:e2:dc:01:82:18:68:6e:c5:95:02:42:57:7b:4d:0d:
f4:b9:39:bb:d1:6b:ae:0b:0f:67:a9:99:47:58:8e:85:8b:3b:
bb:b5:ec:09:0a:7e:0d:b5:b7:68:08:8a:0c:38:5f:a5:ac:84:
3a:b6:ce:e2:35:cc:1a:e6:99:73:19:d0:7e:b8:1c:98:af:62:
af:65:f5:20:4a:5b:6c:56:58:3c:20:bd:ee:06:34:5f:a7:66:
93:ff:7b:71:83:82:fd:ee:3b:91:9c:a4:4e:05:1a:dd:84:1d:
5d:79:1b:18:a3:aa:74:c0:0c:f1:a4:c2:34:8c:1f:c9:36:22:
31:ee:24:08
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZZ7NeBV3hfmNHVLRhEgspyGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTgzNmRkZTliOWRhZWYzNWE4YTdmNzRkNjMyNmY2YjQy
ZGE3NGQwHhcNMjUwNDI4MDcwNDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2ZmNWE0M2RjOWE4YzE2NzYyNGI4MGMzZWUzZmVlNDM0ZjljZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAinVgqhtdYtduy7uixIXh/Q96Mm8t
2Q5Xw1QSe3QpMFu1F14tRFvT72enlmlfrdgadmevUUSiOM54KXorKAg13zeVbml7
qxJgic/20iCMgyu3wYH+4aq4blfqhtQtAKHqhKKgGr9r1DPDxA1uNtEP6931EeuC
sYp1xY2Jogdi7WWpB+W7g272E2iBRETyP1WZaSL6DrrsvtYiJQ8xCiGIcwSk7nD0
XaAnksgovCA7V2cqg9upVcrI9JftHKv1rtVYwqXsbsppWupGBLKGB3qxdtwtM1d9
IZYgIl3uroW28MAcCoOosdTDRFU4nCS6iIywdx2K6YMG96mXqAITNrYyFQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGf/WkPcmowWdiS4DD7j/uQ0+c3dMB8GA1UdIwQY
MBaAFGpYNt3pudrvNain901jJva0LadNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUt
YzE5OTQyNzM3ZTZkLzEvWl85YVE5eWFqQloySkxnTVB1UC01RFQ1emQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi84MzgwMzItZGI5Ny00OTdmLThjOTUtYzE5OTQyNzM3ZTZk
LzEvYWxnMjNlbTUydTgxcUtmM1RXTW05clF0cDAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCwpoYAwQC
2bEIAwQC2bEoAwQD2bFQAwQC2bQoMA0GCSqGSIb3DQEBCwUAA4IBAQCxuF2bZ9uZ
Djl8tyZPWqA84CQ4vqoIF1Dk5DcPltctotBZKVFBhztDCOcsBY1SQpJJVYlW+onq
U1+RzOyzsixa2WlyDa3Ubw3DWySSvGpf+obA43/+vJJZvphR7C7jWEuCKtHfvPRO
5xMIcAuPuQwT1WTPipTYt4b1ARlFWXoh2Aji3AGCGGhuxZUCQld7TQ30uTm70Wuu
Cw9nqZlHWI6Fizu7tewJCn4NtbdoCIoMOF+lrIQ6ts7iNcwa5plzGdB+uByYr2Kv
ZfUgSltsVlg8IL3uBjRfp2aT/3txg4L97juRnKROBRrdhB1deRsYo6p0wAzxpMI0
jB/JNiIx7iQI
-----END CERTIFICATE-----
Generated at Sun May 11 03:49:48 2025 by rpki-client