Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/z0gK7j1eTNv7dmhYM5fYU83PlcI.roa
File: z0gK7j1eTNv7dmhYM5fYU83PlcI.roa (raw, json)
Hash identifier: F9PSIbqhKjRh7i/sDNMQoDtTGb+P8gRfs9+wZwKnUuY=
Subject key identifier: CF:48:0A:EE:3D:5E:4C:DB:FB:76:68:58:33:97:D8:53:CD:CF:95:C2
Certificate issuer: /CN=505ad17f4c620d58d453d5f6d7c9233fce126499
Certificate serial: 0196914E0083E2117DAA598BE03A8EF34D95
Authority key identifier: 50:5A:D1:7F:4C:62:0D:58:D4:53:D5:F6:D7:C9:23:3F:CE:12:64:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFrRf0xiDVjUU9X218kjP84SZJk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/z0gK7j1eTNv7dmhYM5fYU83PlcI.roa
Signing time: Fri 02 May 2025 14:02:10 +0000
ROA not before: Fri 02 May 2025 14:02:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61047
IP address blocks: 91.220.197.0/24 maxlen: 24
185.43.44.0/22 maxlen: 24
185.71.224.0/22 maxlen: 24
185.83.96.0/22 maxlen: 24
185.124.200.0/22 maxlen: 24
185.189.188.0/22 maxlen: 24
194.150.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFrRf0xiDVjUU9X218kjP84SZJk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 09 May 2025 14:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:91:4e:00:83:e2:11:7d:aa:59:8b:e0:3a:8e:f3:4d:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505ad17f4c620d58d453d5f6d7c9233fce126499
Validity
Not Before: May 2 14:02:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf480aee3d5e4cdbfb7668583397d853cdcf95c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:17:bd:ed:22:49:5d:21:d3:d3:5a:37:6e:c5:
61:fb:5e:15:4a:99:46:0b:1d:18:34:a9:28:8a:24:
55:d5:46:98:2b:3d:59:c7:e6:a9:48:31:2e:fc:e8:
c0:60:3e:16:33:86:e8:30:9c:a7:bb:d8:73:26:82:
54:77:70:36:c4:28:dc:bc:cc:7f:13:ec:cf:59:62:
93:9b:ce:b5:71:79:e7:a9:26:e9:cc:91:17:56:6e:
8c:ea:76:4d:ac:06:b4:ea:61:c4:db:55:f5:12:24:
b9:b1:47:1f:10:d1:bb:ee:37:0c:b3:2b:b0:e5:c0:
ed:f2:ad:2c:7d:3e:13:a4:82:05:bb:c9:15:83:4e:
05:8c:b3:35:e6:67:f8:8e:63:f7:a8:0d:33:05:8d:
31:e8:a1:24:60:49:55:11:30:ab:76:69:3d:9a:74:
18:c3:a7:7e:0e:03:04:0f:0c:e1:64:88:96:9b:69:
92:09:21:c4:ef:fa:f2:76:17:ae:e1:60:de:51:46:
61:8e:e8:c4:be:88:7d:ef:c1:f4:56:2a:97:92:76:
99:32:6b:d0:4b:44:e9:c6:36:4d:ca:79:d6:4d:7c:
f6:80:19:26:31:55:e2:b4:ed:13:4e:a2:55:45:17:
9a:30:dc:a2:73:0e:f5:f6:35:78:46:8d:9b:33:90:
b7:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:48:0A:EE:3D:5E:4C:DB:FB:76:68:58:33:97:D8:53:CD:CF:95:C2
X509v3 Authority Key Identifier:
keyid:50:5A:D1:7F:4C:62:0D:58:D4:53:D5:F6:D7:C9:23:3F:CE:12:64:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFrRf0xiDVjUU9X218kjP84SZJk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/z0gK7j1eTNv7dmhYM5fYU83PlcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b4/a2fc18-534b-4454-9bd1-fe6bb049337d/1/UFrRf0xiDVjUU9X218kjP84SZJk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.220.197.0/24
185.43.44.0/22
185.71.224.0/22
185.83.96.0/22
185.124.200.0/22
185.189.188.0/22
194.150.164.0/24
Signature Algorithm: sha256WithRSAEncryption
44:92:18:32:81:1b:34:a2:8e:ed:0c:84:b3:9a:d9:c5:14:14:
00:01:7b:c4:7d:4a:4d:65:46:8b:ff:79:75:24:b2:82:02:b9:
bb:23:02:a8:ca:43:53:7f:d3:bc:14:4a:88:60:3a:cd:d5:b1:
4d:37:f7:9c:ed:1a:6f:d4:4c:c0:ed:45:31:dd:77:0c:f5:df:
86:26:94:68:4f:9e:90:fb:1c:10:cf:57:21:ed:df:0f:cd:c9:
1f:bf:37:d6:e5:7a:e2:9f:cc:b9:68:9d:8b:50:1d:ed:cd:bb:
46:0f:2d:4e:2e:ea:11:9d:8c:9d:ba:e2:5d:d5:a6:99:9e:f5:
cd:29:bb:c6:cc:01:1a:81:9f:34:fb:b5:6d:2c:da:61:70:41:
86:6d:ad:4c:12:b1:a8:f3:83:3a:65:e7:79:e7:49:6b:c1:67:
38:36:f4:db:77:74:90:ca:27:36:6a:cc:25:4f:d6:2b:91:4d:
83:45:60:3c:90:c6:65:a2:6a:b9:06:c2:2b:75:ff:f8:34:91:
e3:f4:b8:0f:25:6d:de:42:68:6e:88:ff:c5:61:83:83:ef:77:
72:8c:b7:4f:af:9d:ff:e0:1c:2c:1c:3b:40:2a:a4:b4:5f:bc:
32:59:e2:d0:9e:73:36:61:28:5e:e6:10:58:81:1e:2a:35:8e:
7f:c6:af:73
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZaRTgCD4hF9qlmL4DqO802VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNWFkMTdmNGM2MjBkNThkNDUzZDVmNmQ3YzkyMzNmY2Ux
MjY0OTkwHhcNMjUwNTAyMTQwMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjQ4MGFlZTNkNWU0Y2RiZmI3NjY4NTgzMzk3ZDg1M2NkY2Y5NWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0he97SJJXSHT01o3bsVh+14VSplG
Cx0YNKkoiiRV1UaYKz1Zx+apSDEu/OjAYD4WM4boMJynu9hzJoJUd3A2xCjcvMx/
E+zPWWKTm861cXnnqSbpzJEXVm6M6nZNrAa06mHE21X1EiS5sUcfENG77jcMsyuw
5cDt8q0sfT4TpIIFu8kVg04FjLM15mf4jmP3qA0zBY0x6KEkYElVETCrdmk9mnQY
w6d+DgMEDwzhZIiWm2mSCSHE7/rydheu4WDeUUZhjujEvoh978H0ViqXknaZMmvQ
S0TpxjZNynnWTXz2gBkmMVXitO0TTqJVRReaMNyicw719jV4Ro2bM5C3xwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFM9ICu49Xkzb+3ZoWDOX2FPNz5XCMB8GA1UdIwQY
MBaAFFBa0X9MYg1Y1FPV9tfJIz/OEmSZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZyUmYweGlEVmpVVTlYMjE4a2pQODRTWkprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNC9hMmZjMTgtNTM0Yi00NDU0LTliZDEt
ZmU2YmIwNDkzMzdkLzEvejBnSzdqMWVUTnY3ZG1oWU01ZllVODNQbGNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNC9hMmZjMTgtNTM0Yi00NDU0LTliZDEtZmU2YmIwNDkzMzdk
LzEvVUZyUmYweGlEVmpVVTlYMjE4a2pQODRTWkprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAW9zFAwQC
uSssAwQCuUfgAwQCuVNgAwQCuXzIAwQCub28AwQAwpakMA0GCSqGSIb3DQEBCwUA
A4IBAQBEkhgygRs0oo7tDISzmtnFFBQAAXvEfUpNZUaL/3l1JLKCArm7IwKoykNT
f9O8FEqIYDrN1bFNN/ec7Rpv1EzA7UUx3XcM9d+GJpRoT56Q+xwQz1ch7d8Pzckf
vzfW5Xrin8y5aJ2LUB3tzbtGDy1OLuoRnYyduuJd1aaZnvXNKbvGzAEagZ80+7Vt
LNphcEGGba1MErGo84M6Zed550lrwWc4NvTbd3SQyic2aswlT9YrkU2DRWA8kMZl
omq5BsIrdf/4NJHj9LgPJW3eQmhuiP/FYYOD73dyjLdPr53/4BwsHDtAKqS0X7wy
WeLQnnM2YShe5hBYgR4qNY5/xq9z
-----END CERTIFICATE-----
Generated at Thu May 8 19:12:52 2025 by rpki-client