Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ZS6zRzH4PfN4rqCwdTWuwintn7U.roa
File: ZS6zRzH4PfN4rqCwdTWuwintn7U.roa (raw, json)
Hash identifier: afpWWGRb0KgGMLbzxs7m+JwghXlZeZePjxivG/Pb4YY=
Subject key identifier: 65:2E:B3:47:31:F8:3D:F3:78:AE:A0:B0:75:35:AE:C2:29:ED:9F:B5
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01963FD9F4374ECA6230E0ABA83412B2E9C5
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ZS6zRzH4PfN4rqCwdTWuwintn7U.roa
Signing time: Wed 16 Apr 2025 18:26:10 +0000
ROA not before: Wed 16 Apr 2025 18:26:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395839
IP address blocks: 77.90.38.0/24 maxlen: 24
94.103.170.0/24 maxlen: 24
94.103.171.0/24 maxlen: 24
178.18.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Apr 2025 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:3f:d9:f4:37:4e:ca:62:30:e0:ab:a8:34:12:b2:e9:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Apr 16 18:26:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=652eb34731f83df378aea0b07535aec229ed9fb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ec:f4:11:ba:6c:22:b6:fb:67:26:28:5c:4f:
85:45:af:c3:b0:78:41:d7:6b:ca:8b:fd:f3:71:35:
23:8e:f1:6a:f8:93:7e:79:82:47:f1:1e:be:9c:35:
d9:08:70:0a:f1:f3:4c:ef:0e:28:69:89:9c:5d:70:
65:c4:26:59:df:97:13:57:b7:51:93:e0:ba:3e:a0:
f4:26:64:59:04:28:57:0a:4c:0f:fe:ac:93:c7:96:
c6:b2:56:ab:58:ac:7d:8c:1d:a2:07:de:43:0a:8d:
02:ff:d4:0e:fe:d3:18:85:a3:1f:67:42:61:a2:90:
e4:fa:60:9f:0f:e9:e6:e2:b6:dd:e2:ba:f8:e0:b1:
e6:86:e7:12:2b:6b:80:d2:84:25:0e:57:53:8b:1f:
25:a1:cf:57:f3:98:ca:80:aa:ac:4a:f3:d4:68:26:
99:ff:56:87:0b:fe:c1:cc:46:0a:d6:10:b5:7a:79:
89:cd:8b:f5:d9:ed:79:68:28:41:da:e0:9a:bb:c6:
74:6e:85:02:b7:8c:34:00:33:2f:fe:2b:d1:24:dd:
ac:57:51:a1:59:b4:83:72:9f:ba:ad:78:c6:38:76:
1b:d3:3f:b8:93:ac:94:74:83:d3:0b:7e:b9:43:72:
d6:f6:0d:be:8f:22:67:0e:39:e3:0a:9b:a7:cf:bb:
4f:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:2E:B3:47:31:F8:3D:F3:78:AE:A0:B0:75:35:AE:C2:29:ED:9F:B5
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/ZS6zRzH4PfN4rqCwdTWuwintn7U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.38.0/24
94.103.170.0/23
178.18.149.0/24
Signature Algorithm: sha256WithRSAEncryption
49:23:11:67:15:28:08:95:ce:43:59:ab:bc:1c:24:be:43:91:
35:be:75:c3:ec:07:e7:30:5d:15:67:77:f7:61:ad:8e:f9:ee:
4c:df:b4:ec:29:41:78:5e:82:7f:b6:07:ea:7d:77:2f:0c:d1:
e6:7e:89:bc:5b:f8:66:8e:86:38:20:ec:d8:e9:7e:b4:df:8d:
ea:53:18:69:88:f3:a9:3a:95:b8:fb:55:42:ba:14:ad:2a:ee:
d5:8f:75:e0:73:03:3a:ef:76:7a:3c:03:70:3b:97:3f:2b:a3:
e4:e8:d9:51:19:86:e5:64:84:ea:d5:85:a1:99:8c:e6:6d:1c:
96:a3:25:aa:89:cc:a8:32:1e:61:5d:40:b1:34:25:d7:70:e6:
ce:df:c5:fc:9c:28:a3:91:03:15:a0:23:f8:8a:9e:af:55:8f:
1f:c4:8a:3b:ba:14:dd:59:8f:3b:95:ca:59:6d:a7:3a:d9:a3:
07:ca:33:5f:80:65:1d:5e:39:e1:0f:0f:0a:3c:66:e5:03:d7:
ad:c3:b0:00:da:9a:7a:6c:92:16:83:a9:ee:c6:9f:40:b0:99:
94:f1:f9:bb:da:f2:d6:0b:58:6a:fa:0c:06:ce:f5:38:c9:fb:
fa:21:b7:f1:33:57:fc:b0:ba:d0:c5:f6:25:43:42:6e:0d:c5:
38:88:ce:d9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZY/2fQ3TspiMOCrqDQSsunFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNDE2MTgyNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTJlYjM0NzMxZjgzZGYzNzhhZWEwYjA3NTM1YWVjMjI5ZWQ5ZmI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+z0EbpsIrb7ZyYoXE+FRa/DsHhB
12vKi/3zcTUjjvFq+JN+eYJH8R6+nDXZCHAK8fNM7w4oaYmcXXBlxCZZ35cTV7dR
k+C6PqD0JmRZBChXCkwP/qyTx5bGslarWKx9jB2iB95DCo0C/9QO/tMYhaMfZ0Jh
opDk+mCfD+nm4rbd4rr44LHmhucSK2uA0oQlDldTix8loc9X85jKgKqsSvPUaCaZ
/1aHC/7BzEYK1hC1enmJzYv12e15aChB2uCau8Z0boUCt4w0ADMv/ivRJN2sV1Gh
WbSDcp+6rXjGOHYb0z+4k6yUdIPTC365Q3LW9g2+jyJnDjnjCpunz7tPFQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGUus0cx+D3zeK6gsHU1rsIp7Z+1MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvWlM2elJ6SDRQZk40cnFDd2RUV3V3aW50bjdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVomAwQB
XmeqAwQAshKVMA0GCSqGSIb3DQEBCwUAA4IBAQBJIxFnFSgIlc5DWau8HCS+Q5E1
vnXD7AfnMF0VZ3f3Ya2O+e5M37TsKUF4XoJ/tgfqfXcvDNHmfom8W/hmjoY4IOzY
6X60343qUxhpiPOpOpW4+1VCuhStKu7Vj3XgcwM673Z6PANwO5c/K6Pk6NlRGYbl
ZITq1YWhmYzmbRyWoyWqicyoMh5hXUCxNCXXcObO38X8nCijkQMVoCP4ip6vVY8f
xIo7uhTdWY87lcpZbac62aMHyjNfgGUdXjnhDw8KPGblA9etw7AA2pp6bJIWg6nu
xp9AsJmU8fm72vLWC1hq+gwGzvU4yfv6IbfxM1f8sLrQxfYlQ0JuDcU4iM7Z
-----END CERTIFICATE-----
Generated at Tue Apr 29 13:46:57 2025 by rpki-client