Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/de/60d02f-1163-4666-9be9-7dfbbae0368e/1/Rzw-FEYLvNzmn8z8pXMnNIdiuzY.roa
File: Rzw-FEYLvNzmn8z8pXMnNIdiuzY.roa (raw, json)
Hash identifier: 73aotFl5RqbhDVi5JA90kJT8GvN6s6DMcTXSbB1f0hU=
Subject key identifier: 47:3C:3E:14:46:0B:BC:DC:E6:9F:CC:FC:A5:73:27:34:87:62:BB:36
Certificate issuer: /CN=c53b29170b56a84241f4b84fd4daff0836d503c6
Certificate serial: 01966714984A46E5E5C79728E5DEA22AFED8
Authority key identifier: C5:3B:29:17:0B:56:A8:42:41:F4:B8:4F:D4:DA:FF:08:36:D5:03:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xTspFwtWqEJB9LhP1Nr_CDbVA8Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/de/60d02f-1163-4666-9be9-7dfbbae0368e/1/Rzw-FEYLvNzmn8z8pXMnNIdiuzY.roa
Signing time: Thu 24 Apr 2025 09:15:24 +0000
ROA not before: Thu 24 Apr 2025 09:15:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201228
IP address blocks: 93.185.216.0/21 maxlen: 24
193.29.10.0/23 maxlen: 24
193.29.20.0/23 maxlen: 24
193.110.20.0/22 maxlen: 24
2a0f:a580::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/de/60d02f-1163-4666-9be9-7dfbbae0368e/1/xTspFwtWqEJB9LhP1Nr_CDbVA8Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/de/60d02f-1163-4666-9be9-7dfbbae0368e/1/xTspFwtWqEJB9LhP1Nr_CDbVA8Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/xTspFwtWqEJB9LhP1Nr_CDbVA8Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 03 May 2025 23:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:67:14:98:4a:46:e5:e5:c7:97:28:e5:de:a2:2a:fe:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c53b29170b56a84241f4b84fd4daff0836d503c6
Validity
Not Before: Apr 24 09:15:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=473c3e14460bbcdce69fccfca57327348762bb36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:88:89:06:8a:17:4d:4a:d3:6e:c6:20:1f:40:
2d:ef:64:b4:be:ac:ba:08:02:af:ff:93:d4:b7:06:
8a:84:87:0a:6a:58:d6:9c:a3:0c:b6:07:4a:c0:37:
75:29:0f:50:89:1c:17:99:4f:1d:3c:4d:43:53:4a:
8d:45:20:92:7b:b5:d1:c0:1f:1c:75:7a:3f:a2:73:
c4:05:47:4d:fb:7a:60:5e:bf:c4:29:29:aa:cd:5a:
12:90:05:31:9c:92:f4:a5:ce:8b:da:c6:f2:0b:2f:
1c:d1:b2:b8:f3:89:a3:f7:b4:37:02:e7:c3:6e:35:
f3:1b:96:3f:5a:89:2f:62:e4:f4:cd:56:b0:0b:67:
74:d9:c7:dc:25:0b:a9:61:d4:32:5f:51:41:17:a4:
49:50:14:56:68:64:12:d1:83:1a:c3:4a:2f:61:95:
88:f5:74:1a:87:a6:62:7a:1a:54:96:e9:98:8d:32:
82:38:4e:58:48:26:db:98:f3:b5:6e:01:73:d4:3e:
0a:65:13:c9:72:ca:f8:a2:34:86:dc:56:bd:d1:24:
6b:1b:22:5d:1c:6a:4b:e1:01:ec:34:4a:8c:41:70:
2b:3b:7e:a5:ca:d9:b7:9d:f4:4e:e1:ae:f7:52:64:
ba:de:30:98:1d:f4:a2:e0:12:7e:bf:db:be:5b:c2:
da:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:3C:3E:14:46:0B:BC:DC:E6:9F:CC:FC:A5:73:27:34:87:62:BB:36
X509v3 Authority Key Identifier:
keyid:C5:3B:29:17:0B:56:A8:42:41:F4:B8:4F:D4:DA:FF:08:36:D5:03:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xTspFwtWqEJB9LhP1Nr_CDbVA8Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/de/60d02f-1163-4666-9be9-7dfbbae0368e/1/Rzw-FEYLvNzmn8z8pXMnNIdiuzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/de/60d02f-1163-4666-9be9-7dfbbae0368e/1/xTspFwtWqEJB9LhP1Nr_CDbVA8Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.185.216.0/21
193.29.10.0/23
193.29.20.0/23
193.110.20.0/22
IPv6:
2a0f:a580::/29
Signature Algorithm: sha256WithRSAEncryption
3d:3f:2c:a1:a9:b8:95:0e:d7:91:6d:38:fe:06:f3:fb:f9:4b:
a7:93:ea:4e:97:43:27:2f:ff:71:54:31:17:37:6e:1d:f2:ae:
35:eb:a9:f8:b3:74:2d:32:4d:8c:a8:67:be:21:3d:34:b2:91:
13:7a:89:4c:1a:c1:c3:64:4b:21:95:4d:e7:7d:80:59:fb:b7:
66:62:6c:04:08:60:e5:c6:d5:00:e4:cf:b8:32:87:b7:db:ca:
62:78:37:27:06:ea:aa:2f:92:67:c0:31:8c:45:e9:b8:56:53:
07:cf:9b:c3:c7:3e:23:90:a2:7c:07:c9:b7:1c:73:00:ec:73:
b4:ef:3b:d5:2d:65:1a:aa:aa:0b:b9:24:3f:49:da:fd:fd:4f:
26:13:bb:1b:84:8c:96:1c:cf:28:b5:04:ac:32:e3:de:84:f6:
c4:89:74:53:62:29:d9:53:c4:22:ce:38:19:9f:33:98:65:87:
ba:af:54:74:06:03:94:15:78:92:4e:a1:cc:f4:a5:52:85:72:
da:97:05:b7:3e:40:49:ef:b9:eb:f5:d6:e9:46:10:b2:e8:cd:
a9:87:7e:ae:87:f7:f6:38:ab:03:45:7e:79:e8:27:a5:9a:3f:
b1:fd:89:63:24:26:95:cc:58:bc:ef:45:7d:39:e1:ec:b9:0d:
f1:36:f5:cd
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZZnFJhKRuXlx5co5d6iKv7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1M2IyOTE3MGI1NmE4NDI0MWY0Yjg0ZmQ0ZGFmZjA4MzZk
NTAzYzYwHhcNMjUwNDI0MDkxNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzNjM2UxNDQ2MGJiY2RjZTY5ZmNjZmNhNTczMjczNDg3NjJiYjM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxoiJBooXTUrTbsYgH0At72S0vqy6
CAKv/5PUtwaKhIcKaljWnKMMtgdKwDd1KQ9QiRwXmU8dPE1DU0qNRSCSe7XRwB8c
dXo/onPEBUdN+3pgXr/EKSmqzVoSkAUxnJL0pc6L2sbyCy8c0bK484mj97Q3AufD
bjXzG5Y/WokvYuT0zVawC2d02cfcJQupYdQyX1FBF6RJUBRWaGQS0YMaw0ovYZWI
9XQah6ZiehpUlumYjTKCOE5YSCbbmPO1bgFz1D4KZRPJcsr4ojSG3Fa90SRrGyJd
HGpL4QHsNEqMQXArO36lytm3nfRO4a73UmS63jCYHfSi4BJ+v9u+W8LaewIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFEc8PhRGC7zc5p/M/KVzJzSHYrs2MB8GA1UdIwQY
MBaAFMU7KRcLVqhCQfS4T9Ta/wg21QPGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFRzcEZ3dFdxRUpCOUxoUDFOcl9DRGJWQThZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZS82MGQwMmYtMTE2My00NjY2LTliZTkt
N2RmYmJhZTAzNjhlLzEvUnp3LUZFWUx2Tnptbjh6OHBYTW5OSWRpdXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZS82MGQwMmYtMTE2My00NjY2LTliZTktN2RmYmJhZTAzNjhl
LzEveFRzcEZ3dFdxRUpCOUxoUDFOcl9DRGJWQThZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDXbnYAwQB
wR0KAwQBwR0UAwQCwW4UMA0EAgACMAcDBQMqD6WAMA0GCSqGSIb3DQEBCwUAA4IB
AQA9PyyhqbiVDteRbTj+BvP7+Uunk+pOl0MnL/9xVDEXN24d8q4166n4s3QtMk2M
qGe+IT00spETeolMGsHDZEshlU3nfYBZ+7dmYmwECGDlxtUA5M+4Moe328pieDcn
BuqqL5JnwDGMRem4VlMHz5vDxz4jkKJ8B8m3HHMA7HO07zvVLWUaqqoLuSQ/Sdr9
/U8mE7sbhIyWHM8otQSsMuPehPbEiXRTYinZU8QizjgZnzOYZYe6r1R0BgOUFXiS
TqHM9KVShXLalwW3PkBJ77nr9dbpRhCy6M2ph36uh/f2OKsDRX556Celmj+x/Ylj
JCaVzFi870V9OeHsuQ3xNvXN
-----END CERTIFICATE-----
Generated at Sat May 3 06:43:57 2025 by rpki-client