Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/ZfyPZAhLEDJfbRWOZTPW6i5uxAs.roa
File: ZfyPZAhLEDJfbRWOZTPW6i5uxAs.roa (raw, json)
Hash identifier: lVcg5S8ltJ0oxrMYvDgCBMGIQj26liJSgr9Rj1kE0c4=
Subject key identifier: 65:FC:8F:64:08:4B:10:32:5F:6D:15:8E:65:33:D6:EA:2E:6E:C4:0B
Certificate issuer: /CN=0c5be6056eb0c3650b8fe21e2d726c1b83ec82b3
Certificate serial: 01968128657C8BE6764A2BF61851BAB22D70
Authority key identifier: 0C:5B:E6:05:6E:B0:C3:65:0B:8F:E2:1E:2D:72:6C:1B:83:EC:82:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/ZfyPZAhLEDJfbRWOZTPW6i5uxAs.roa
Signing time: Tue 29 Apr 2025 10:47:10 +0000
ROA not before: Tue 29 Apr 2025 10:47:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15456
IP address blocks: 62.116.128.0/18 maxlen: 24
62.116.128.0/19 maxlen: 24
62.116.160.0/19 maxlen: 24
85.236.32.0/19 maxlen: 24
85.236.40.0/24 maxlen: 24
185.91.244.0/22 maxlen: 24
2001:4178::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/DFvmBW6ww2ULj-IeLXJsG4PsgrM.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/DFvmBW6ww2ULj-IeLXJsG4PsgrM.mft
rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 01 May 2025 00:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:81:28:65:7c:8b:e6:76:4a:2b:f6:18:51:ba:b2:2d:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c5be6056eb0c3650b8fe21e2d726c1b83ec82b3
Validity
Not Before: Apr 29 10:47:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65fc8f64084b10325f6d158e6533d6ea2e6ec40b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:64:aa:52:fc:ea:93:92:64:79:c5:bf:14:f0:
63:52:64:06:46:1a:1b:82:3f:b6:4d:7b:33:77:71:
f5:3f:5f:47:6b:63:6b:72:c9:5c:91:4e:48:45:7f:
e4:35:0d:0b:fc:e1:ed:a3:63:99:b5:aa:2c:ad:a6:
3e:1e:cf:66:3c:16:a9:91:a8:69:bb:18:f9:5a:d3:
0a:cf:53:40:67:93:bf:83:1a:98:7b:18:ce:d0:03:
f8:98:fa:bd:6b:ef:db:00:61:bc:1d:7b:a2:02:ad:
5e:4c:99:eb:3f:59:e1:ad:4b:6d:29:95:25:12:3f:
3d:70:2e:f7:a7:ff:90:06:81:41:ee:e1:d8:68:e0:
81:0b:aa:d6:7c:12:33:b2:22:74:36:9b:cd:36:7e:
95:ee:2b:d2:95:7c:81:c8:5b:00:80:2e:7c:8f:fe:
bd:5f:60:2c:fc:72:88:a3:be:21:c0:e4:ce:91:c3:
8c:06:61:3d:39:01:8b:36:c9:17:0b:ec:a2:49:0e:
90:3d:0e:7d:61:5b:8a:a9:47:4e:ac:41:c4:d2:cb:
6e:f1:bd:cd:72:b2:0d:d5:5e:16:60:bd:80:ea:dc:
4f:9a:b7:e6:51:8d:92:4e:9c:b7:32:14:f9:bb:28:
2d:0b:6b:82:eb:4f:2b:b4:c4:bb:eb:7b:6c:a5:86:
c3:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:FC:8F:64:08:4B:10:32:5F:6D:15:8E:65:33:D6:EA:2E:6E:C4:0B
X509v3 Authority Key Identifier:
keyid:0C:5B:E6:05:6E:B0:C3:65:0B:8F:E2:1E:2D:72:6C:1B:83:EC:82:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DFvmBW6ww2ULj-IeLXJsG4PsgrM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/ZfyPZAhLEDJfbRWOZTPW6i5uxAs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/327a54-6db2-4291-9434-ffc7f2a3198c/1/DFvmBW6ww2ULj-IeLXJsG4PsgrM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.116.128.0/18
85.236.32.0/19
185.91.244.0/22
IPv6:
2001:4178::/29
Signature Algorithm: sha256WithRSAEncryption
5c:16:12:4e:db:8d:ab:91:d8:52:c0:b8:57:75:6e:7e:d4:5f:
d5:61:1d:8d:15:04:62:0d:dd:ca:40:03:35:76:e0:b5:4b:06:
c2:fc:37:de:5e:ea:b2:9f:fe:a1:b9:80:2f:cd:be:c7:ea:11:
4d:77:e4:33:ad:ea:37:55:b2:08:3e:c8:3f:9f:b1:db:d7:c1:
04:81:81:e8:f6:6b:20:be:43:24:16:0c:af:c3:ff:ea:14:07:
c3:91:18:d1:09:13:81:7b:31:6a:cf:45:77:1d:ca:04:93:9b:
c6:d2:34:32:dc:e3:d2:ab:ea:4c:31:e5:b9:19:7a:31:dc:25:
8c:93:48:c2:d7:c7:b3:63:7b:6c:ba:42:c1:64:dc:a3:4b:5d:
e7:98:f9:b8:37:9a:b2:6e:b2:ad:65:8f:92:a6:60:16:a3:9b:
82:a1:81:51:57:88:57:42:85:17:94:15:d7:15:25:74:d3:da:
1d:9f:8c:33:7f:f3:c8:08:23:8d:ca:95:cc:5c:8b:12:ed:31:
24:ea:83:20:da:65:3c:ef:15:38:71:d5:84:4b:b2:8f:1f:d8:
50:be:00:97:80:f4:ac:48:a0:b1:5d:53:9c:ee:8b:86:b7:1b:
fb:62:60:1c:d1:4f:f7:bd:3b:d4:12:64:5e:6e:a2:c4:3a:4b:
83:25:c3:26
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZaBKGV8i+Z2Siv2GFG6si1wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjNWJlNjA1NmViMGMzNjUwYjhmZTIxZTJkNzI2YzFiODNl
YzgyYjMwHhcNMjUwNDI5MTA0NzEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWZjOGY2NDA4NGIxMDMyNWY2ZDE1OGU2NTMzZDZlYTJlNmVjNDBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtmSqUvzqk5JkecW/FPBjUmQGRhob
gj+2TXszd3H1P19Ha2NrcslckU5IRX/kNQ0L/OHto2OZtaosraY+Hs9mPBapkahp
uxj5WtMKz1NAZ5O/gxqYexjO0AP4mPq9a+/bAGG8HXuiAq1eTJnrP1nhrUttKZUl
Ej89cC73p/+QBoFB7uHYaOCBC6rWfBIzsiJ0NpvNNn6V7ivSlXyByFsAgC58j/69
X2As/HKIo74hwOTOkcOMBmE9OQGLNskXC+yiSQ6QPQ59YVuKqUdOrEHE0stu8b3N
crIN1V4WYL2A6txPmrfmUY2STpy3MhT5uygtC2uC608rtMS763tspYbDaQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFGX8j2QISxAyX20VjmUz1uoubsQLMB8GA1UdIwQY
MBaAFAxb5gVusMNlC4/iHi1ybBuD7IKzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREZ2bUJXNnd3MlVMai1JZUxYSnNHNFBzZ3JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8zMjdhNTQtNmRiMi00MjkxLTk0MzQt
ZmZjN2YyYTMxOThjLzEvWmZ5UFpBaExFREpmYlJXT1pUUFc2aTV1eEFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8zMjdhNTQtNmRiMi00MjkxLTk0MzQtZmZjN2YyYTMxOThj
LzEvREZ2bUJXNnd3MlVMai1JZUxYSnNHNFBzZ3JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGPnSAAwQF
VewgAwQCuVv0MA0EAgACMAcDBQMgAUF4MA0GCSqGSIb3DQEBCwUAA4IBAQBcFhJO
242rkdhSwLhXdW5+1F/VYR2NFQRiDd3KQAM1duC1SwbC/DfeXuqyn/6huYAvzb7H
6hFNd+Qzreo3VbIIPsg/n7Hb18EEgYHo9msgvkMkFgyvw//qFAfDkRjRCROBezFq
z0V3HcoEk5vG0jQy3OPSq+pMMeW5GXox3CWMk0jC18ezY3tsukLBZNyjS13nmPm4
N5qybrKtZY+SpmAWo5uCoYFRV4hXQoUXlBXXFSV009odn4wzf/PICCONypXMXIsS
7TEk6oMg2mU87xU4cdWES7KPH9hQvgCXgPSsSKCxXVOc7ouGtxv7YmAc0U/3vTvU
EmRebqLEOkuDJcMm
-----END CERTIFICATE-----
Generated at Wed Apr 30 08:27:53 2025 by rpki-client