Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ZcNddQ3J_LubP0HsAD3icXQkbJg.roa
File: ZcNddQ3J_LubP0HsAD3icXQkbJg.roa (raw, json)
Hash identifier: e1UPwbEPYFgAN0WhmB/5y5yZBHdVpTCrDuHgKP9Ljw0=
Subject key identifier: 65:C3:5D:75:0D:C9:FC:BB:9B:3F:41:EC:00:3D:E2:71:74:24:6C:98
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 019420D5D879FEDAB5C2B32BBB24FE23BBCA
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ZcNddQ3J_LubP0HsAD3icXQkbJg.roa
Signing time: Wed 01 Jan 2025 07:47:52 +0000
ROA not before: Wed 01 Jan 2025 07:47:52 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 135330
IP address blocks: 194.156.98.0/24 maxlen: 24
194.156.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:d5:d8:79:fe:da:b5:c2:b3:2b:bb:24:fe:23:bb:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Jan 1 07:47:52 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65c35d750dc9fcbb9b3f41ec003de27174246c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:52:0a:97:87:ea:b0:34:27:f1:ed:d2:bc:b0:
1a:f6:44:5c:42:09:86:40:23:5b:c5:d6:9b:c2:d7:
e8:12:5a:06:9c:31:d4:dc:5a:5a:6c:f9:95:e2:7f:
b8:3a:b5:7d:ab:7b:2f:06:70:c5:41:f8:04:27:26:
7d:68:7b:86:34:fb:1a:a1:1c:d0:a9:9d:4a:64:64:
cc:63:e3:dc:b8:01:84:77:e4:4a:bf:08:f2:be:4b:
60:14:0c:ed:28:40:35:23:ca:cb:05:eb:38:b2:88:
a1:47:a8:9b:21:91:8f:f1:5f:42:c4:08:61:a2:0a:
5a:00:67:81:a6:39:76:cb:95:92:33:1e:92:7d:c4:
b0:fe:72:ac:8c:2a:95:60:fb:84:7c:96:12:6e:c1:
2e:e9:5d:c9:5e:8d:f9:5a:77:f0:f2:0d:2d:c0:03:
e4:e7:4e:e9:7a:25:5f:05:16:66:24:6d:7d:3f:90:
3d:86:b4:db:18:e8:0e:8e:38:49:f9:bb:e9:74:52:
51:2d:60:9f:f6:56:fa:9d:b1:25:66:a0:83:16:35:
52:b7:d3:e5:01:42:d0:18:78:f0:77:97:61:96:4d:
02:fd:43:80:cc:91:4e:46:4e:c3:ee:04:45:89:07:
72:fa:c8:6d:d1:cb:10:3c:64:eb:15:92:95:fb:f4:
9c:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:C3:5D:75:0D:C9:FC:BB:9B:3F:41:EC:00:3D:E2:71:74:24:6C:98
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/ZcNddQ3J_LubP0HsAD3icXQkbJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.98.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:30:12:80:bb:1d:8a:a6:3c:83:43:43:0c:78:68:4c:43:15:
af:00:7f:6c:83:c2:7e:16:fa:1e:04:c6:47:45:63:79:56:24:
f0:cc:f6:fe:5a:47:03:4b:03:e5:52:e0:6b:d0:e2:3a:a7:eb:
dc:d3:35:1b:00:58:01:2a:8f:ea:f0:99:fa:b7:ee:8d:13:d7:
90:b5:d5:11:ae:64:12:42:08:41:bc:67:24:f6:a7:cb:5f:23:
d3:fd:2c:c7:c5:8e:03:39:96:7f:16:dc:a2:be:c7:e6:00:2d:
3c:5f:f8:c7:4a:00:27:2b:26:5d:66:5d:b2:29:7f:14:40:a9:
66:76:cd:0f:e6:cb:20:02:8b:1a:1b:73:02:42:5a:b8:c2:64:
88:32:7f:b1:98:dd:2d:c9:25:aa:2e:05:74:13:8f:9e:99:f7:
80:55:5a:16:7e:d6:fa:47:1b:d1:96:89:5c:41:be:a9:d2:ac:
89:db:0b:68:8a:80:39:0e:40:76:8b:20:da:fc:fa:0c:9e:ec:
0f:0c:5d:82:ff:8f:8d:ab:ab:33:2d:a9:99:8c:11:20:0d:1f:
96:3a:bc:30:0e:57:83:11:26:3d:59:01:62:e8:d6:01:ee:a3:
bb:cf:0e:22:9b:8d:b1:09:c6:28:92:7c:16:a2:ac:22:17:e5:
dc:c6:15:ed
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQg1dh5/tq1wrMruyT+I7vKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjUwMTAxMDc0NzUyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWMzNWQ3NTBkYzlmY2JiOWIzZjQxZWMwMDNkZTI3MTc0MjQ2Yzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAklIKl4fqsDQn8e3SvLAa9kRcQgmG
QCNbxdabwtfoEloGnDHU3FpabPmV4n+4OrV9q3svBnDFQfgEJyZ9aHuGNPsaoRzQ
qZ1KZGTMY+PcuAGEd+RKvwjyvktgFAztKEA1I8rLBes4soihR6ibIZGP8V9CxAhh
ogpaAGeBpjl2y5WSMx6SfcSw/nKsjCqVYPuEfJYSbsEu6V3JXo35Wnfw8g0twAPk
507peiVfBRZmJG19P5A9hrTbGOgOjjhJ+bvpdFJRLWCf9lb6nbElZqCDFjVSt9Pl
AULQGHjwd5dhlk0C/UOAzJFORk7D7gRFiQdy+sht0csQPGTrFZKV+/ScKwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGXDXXUNyfy7mz9B7AA94nF0JGyYMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvWmNOZGRRM0pfTHViUDBIc0FEM2ljWFFrYkpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwpxiMA0G
CSqGSIb3DQEBCwUAA4IBAQAeMBKAux2KpjyDQ0MMeGhMQxWvAH9sg8J+FvoeBMZH
RWN5ViTwzPb+WkcDSwPlUuBr0OI6p+vc0zUbAFgBKo/q8Jn6t+6NE9eQtdURrmQS
QghBvGck9qfLXyPT/SzHxY4DOZZ/FtyivsfmAC08X/jHSgAnKyZdZl2yKX8UQKlm
ds0P5ssgAosaG3MCQlq4wmSIMn+xmN0tySWqLgV0E4+emfeAVVoWftb6RxvRlolc
Qb6p0qyJ2wtoioA5DkB2iyDa/PoMnuwPDF2C/4+Nq6szLamZjBEgDR+WOrwwDleD
ESY9WQFi6NYB7qO7zw4im42xCcYoknwWoqwiF+XcxhXt
-----END CERTIFICATE-----
Generated at Sun Apr 6 06:42:28 2025 by rpki-client