Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/RZg3hSRAh0bnWWbbEHQUHE-_HZo.roa
File: RZg3hSRAh0bnWWbbEHQUHE-_HZo.roa (raw, json)
Hash identifier: PlflsRstfUeVSmBArfOGUlfWae6+g9QkuGuC+4rxSgA=
Subject key identifier: 45:98:37:85:24:40:87:46:E7:59:66:DB:10:74:14:1C:4F:BF:1D:9A
Certificate issuer: /CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Certificate serial: 0195FC832D35AA42B6AC89845A1C3BEEB7A9
Authority key identifier: 81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/RZg3hSRAh0bnWWbbEHQUHE-_HZo.roa
Signing time: Thu 03 Apr 2025 16:36:49 +0000
ROA not before: Thu 03 Apr 2025 16:36:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 83.147.16.0/22 maxlen: 24
83.147.20.0/24 maxlen: 24
83.147.21.0/24 maxlen: 24
83.147.22.0/24 maxlen: 24
83.147.26.0/23 maxlen: 24
83.147.26.0/24 maxlen: 24
83.147.27.0/24 maxlen: 24
83.147.28.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 03:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fc:83:2d:35:aa:42:b6:ac:89:84:5a:1c:3b:ee:b7:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8193ffe9db37626b13f85d7cc457aad5c1f30c9f
Validity
Not Before: Apr 3 16:36:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4598378524408746e75966db1074141c4fbf1d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:bf:1e:ed:2a:9f:a1:ef:bd:ff:2f:c0:3c:7f:
f2:fb:d4:04:0c:97:13:48:77:95:2c:e3:db:07:45:
99:a2:30:78:32:c9:bc:30:d3:25:25:33:a3:7f:e0:
52:f1:c8:93:43:e5:ed:04:97:63:50:cf:d4:31:04:
fb:8d:1c:53:26:fd:a4:41:08:c6:37:de:3f:c0:b2:
55:3e:95:a6:4c:56:e1:0e:e8:24:af:ae:d1:f5:e5:
ed:ee:ab:96:cf:54:a9:fe:cd:5b:e1:f2:81:77:58:
ac:b3:f7:6e:66:d8:28:0f:73:56:1f:ff:0d:4f:59:
ec:cc:bf:db:cf:13:b5:8f:ea:74:50:59:b8:37:28:
53:bb:4e:af:06:01:d5:c2:55:b0:55:f1:94:4f:dc:
a7:41:92:80:79:87:cb:c7:d8:c4:d3:c3:8f:10:13:
2e:99:8a:e5:1b:08:fa:71:6b:bc:a5:57:82:8b:99:
6b:3f:fb:60:16:fc:12:b1:fd:a0:b1:ba:f4:0b:6b:
2d:d3:29:2b:a8:39:42:d1:48:ce:60:4a:d5:f0:a8:
e6:fd:66:04:0f:88:72:4c:62:fc:fc:9b:65:0b:3a:
ff:aa:50:de:60:c2:5b:e0:b2:7b:30:e7:1d:00:64:
db:f6:2c:04:e6:69:96:bb:2c:76:dd:ba:24:51:54:
69:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:98:37:85:24:40:87:46:E7:59:66:DB:10:74:14:1C:4F:BF:1D:9A
X509v3 Authority Key Identifier:
keyid:81:93:FF:E9:DB:37:62:6B:13:F8:5D:7C:C4:57:AA:D5:C1:F3:0C:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gZP_6ds3YmsT-F18xFeq1cHzDJ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/RZg3hSRAh0bnWWbbEHQUHE-_HZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/76bc1e-b6f4-408a-bb89-08d1270c2e71/1/gZP_6ds3YmsT-F18xFeq1cHzDJ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.16.0-83.147.22.255
83.147.26.0-83.147.28.255
Signature Algorithm: sha256WithRSAEncryption
a3:1f:a2:ce:28:90:b9:27:54:ee:04:cf:d5:45:53:cc:9e:70:
18:73:71:9f:05:36:f1:0a:9e:96:53:bf:1d:64:23:72:b8:e6:
b3:d3:51:f3:af:2c:9f:48:de:d1:b2:a6:64:5f:45:94:f8:85:
fc:27:12:e7:3b:cc:db:c3:fe:24:3c:3b:d7:eb:1e:4a:b1:9d:
4e:1d:6e:53:be:e8:a2:70:f1:d9:59:f0:db:d9:d6:56:c4:bd:
ef:28:81:f7:f8:2a:5e:d2:d1:49:6d:5e:1d:48:6f:89:ae:0b:
4e:d9:96:6e:60:93:24:54:38:9a:e9:8a:48:a2:ce:c2:78:c3:
1b:b5:85:a7:bc:0c:7b:e6:90:fc:43:16:09:81:21:9b:9b:cd:
d3:3e:fc:4c:e1:a2:ff:60:c8:41:1e:c7:62:36:f3:0e:84:8d:
df:59:be:44:9a:e0:69:d4:86:2a:79:18:b1:00:0c:24:0f:8e:
48:a2:40:07:b8:25:24:d2:19:f4:cc:07:e4:ba:b2:b2:75:96:
d4:30:f9:c2:0c:e6:04:53:65:ca:47:a5:c2:76:4b:e4:a9:44:
ed:39:1f:fb:d2:56:d8:4c:a0:bb:78:06:b2:c4:6f:b9:00:ff:
6e:55:ad:48:40:00:06:81:13:ce:bf:06:2b:4a:69:60:9b:bf:
ad:ef:cb:00
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZX8gy01qkK2rImEWhw77repMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxOTNmZmU5ZGIzNzYyNmIxM2Y4NWQ3Y2M0NTdhYWQ1YzFm
MzBjOWYwHhcNMjUwNDAzMTYzNjQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTk4Mzc4NTI0NDA4NzQ2ZTc1OTY2ZGIxMDc0MTQxYzRmYmYxZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArb8e7Sqfoe+9/y/APH/y+9QEDJcT
SHeVLOPbB0WZojB4Msm8MNMlJTOjf+BS8ciTQ+XtBJdjUM/UMQT7jRxTJv2kQQjG
N94/wLJVPpWmTFbhDugkr67R9eXt7quWz1Sp/s1b4fKBd1iss/duZtgoD3NWH/8N
T1nszL/bzxO1j+p0UFm4NyhTu06vBgHVwlWwVfGUT9ynQZKAeYfLx9jE08OPEBMu
mYrlGwj6cWu8pVeCi5lrP/tgFvwSsf2gsbr0C2st0ykrqDlC0UjOYErV8Kjm/WYE
D4hyTGL8/JtlCzr/qlDeYMJb4LJ7MOcdAGTb9iwE5mmWuyx23bokUVRpsQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFEWYN4UkQIdG51lm2xB0FBxPvx2aMB8GA1UdIwQY
MBaAFIGT/+nbN2JrE/hdfMRXqtXB8wyfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODkt
MDhkMTI3MGMyZTcxLzEvUlpnM2hTUkFoMGJuV1diYkVIUVVIRS1fSFpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy83NmJjMWUtYjZmNC00MDhhLWJiODktMDhkMTI3MGMyZTcx
LzEvZ1pQXzZkczNZbXNULUYxOHhGZXExY0h6REo4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBARTkxAD
BABTkxYwDAMEAVOTGgMEAFOTHDANBgkqhkiG9w0BAQsFAAOCAQEAox+iziiQuSdU
7gTP1UVTzJ5wGHNxnwU28QqellO/HWQjcrjms9NR868sn0je0bKmZF9FlPiF/CcS
5zvM28P+JDw71+seSrGdTh1uU77oonDx2Vnw29nWVsS97yiB9/gqXtLRSW1eHUhv
ia4LTtmWbmCTJFQ4mumKSKLOwnjDG7WFp7wMe+aQ/EMWCYEhm5vN0z78TOGi/2DI
QR7HYjbzDoSN31m+RJrgadSGKnkYsQAMJA+OSKJAB7glJNIZ9MwH5LqysnWW1DD5
wgzmBFNlykelwnZL5KlE7Tkf+9JW2Eygu3gGssRvuQD/blWtSEAABoETzr8GK0pp
YJu/re/LAA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 13:03:09 2025 by rpki-client