Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/ZKaLH1RF9q1E6524_CLGwNAeKPU.roa
File: ZKaLH1RF9q1E6524_CLGwNAeKPU.roa (raw, json)
Hash identifier: NYm5o8T+AXl6BoN5iWRobD4OTRMc9uAM7u/9BRILK/4=
Subject key identifier: 64:A6:8B:1F:54:45:F6:AD:44:EB:9D:B8:FC:22:C6:C0:D0:1E:28:F5
Certificate issuer: /CN=b49bd84da17997cbb286af9022ab2e05ba08b442
Certificate serial: 01973463FE1EA9F1A0CE1B6A259BEECDF8EB
Authority key identifier: B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/ZKaLH1RF9q1E6524_CLGwNAeKPU.roa
Signing time: Tue 03 Jun 2025 06:04:17 +0000
ROA not before: Tue 03 Jun 2025 06:04:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393559
IP address blocks: 185.230.180.0/22 maxlen: 24
185.230.181.0/24 maxlen: 24
2a13:d00::/29 maxlen: 48
2a13:d00:c100::/40 maxlen: 48
2a13:d00:cf00::/40 maxlen: 48
2a13:d00:cf8b::/48 maxlen: 48
2a13:d00:cf8c::/48 maxlen: 48
2a13:d00:cf8d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.mft
rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:34:63:fe:1e:a9:f1:a0:ce:1b:6a:25:9b:ee:cd:f8:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b49bd84da17997cbb286af9022ab2e05ba08b442
Validity
Not Before: Jun 3 06:04:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64a68b1f5445f6ad44eb9db8fc22c6c0d01e28f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:72:22:56:9b:c1:b5:94:bb:2a:8c:af:b5:0d:
7a:4c:e2:8a:5f:ea:ca:39:6e:8c:53:40:bf:a6:75:
8f:69:13:5c:59:6d:b5:61:f8:ed:74:4d:0a:59:31:
d4:47:50:31:c7:6e:2e:05:b7:7d:a8:b9:3c:46:47:
cf:1b:d0:b5:49:2a:e8:81:59:17:74:4a:1c:c5:b2:
b3:38:03:78:19:44:7e:df:3e:cb:5f:88:cc:48:68:
14:f7:ae:8e:3d:40:c5:28:48:dc:a2:a8:dc:bc:75:
28:ce:ba:23:bf:46:67:d4:46:3a:92:58:a8:a7:ed:
20:b1:5f:9e:c8:90:b6:40:73:7a:4f:f6:62:e8:97:
6f:ab:eb:db:bc:36:96:65:4d:ac:b5:4f:54:8b:a8:
35:d7:c8:3c:ce:9f:83:f4:10:4f:e8:96:1e:07:47:
08:3d:9c:8f:d0:00:64:9a:60:d1:79:69:f5:b6:aa:
9e:9e:bd:e3:11:d5:c5:18:1f:75:0e:d1:7a:21:d7:
d2:87:9e:0a:57:55:9b:88:7a:f2:dd:5c:2a:7f:a5:
bf:da:ee:07:4a:8d:7c:39:fe:bf:29:56:c8:60:28:
2f:a5:6b:d4:6f:40:4b:de:49:bf:f0:52:2b:bd:11:
24:96:a1:6b:18:82:1c:07:ac:9c:37:dc:71:00:c9:
c1:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A6:8B:1F:54:45:F6:AD:44:EB:9D:B8:FC:22:C6:C0:D0:1E:28:F5
X509v3 Authority Key Identifier:
keyid:B4:9B:D8:4D:A1:79:97:CB:B2:86:AF:90:22:AB:2E:05:BA:08:B4:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tJvYTaF5l8uyhq-QIqsuBboItEI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/ZKaLH1RF9q1E6524_CLGwNAeKPU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/ee54d1-5b15-4f93-897b-0c909bf5be4d/1/tJvYTaF5l8uyhq-QIqsuBboItEI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.230.180.0/22
IPv6:
2a13:d00::/29
Signature Algorithm: sha256WithRSAEncryption
7b:96:18:66:36:1c:9b:ad:29:8a:d2:59:a4:6a:8f:f2:57:3b:
9d:63:d2:df:b5:dd:39:3e:00:38:78:e6:81:4d:61:1c:d8:84:
d6:f9:ca:ff:4c:88:e9:d7:7f:5b:3a:3c:3f:85:d5:08:48:1d:
40:b2:f0:15:8b:e7:13:35:35:e7:23:81:c2:33:e6:e0:34:45:
e6:16:aa:b8:90:9a:c8:0b:57:9d:dc:5f:94:5d:a0:11:48:a9:
24:b2:6a:07:2e:23:ae:a4:38:32:5f:e8:2d:ac:5f:bf:f2:4c:
75:c8:61:5b:50:fa:f5:55:72:b8:0d:a0:72:8a:b7:fc:b3:e8:
c8:47:68:d0:0f:6f:76:6c:a4:f3:b8:7d:7d:ed:79:a6:b9:9e:
30:77:69:99:a1:e2:cd:96:d0:6b:01:7a:e4:cd:b8:5f:32:0f:
72:d3:fa:ba:08:70:3b:0a:7e:2b:89:05:cf:c7:97:c0:96:96:
7c:2b:dd:60:7f:8f:16:85:9b:ee:c5:34:d9:ba:39:2a:03:de:
02:cf:2a:9e:4b:7c:17:42:54:7e:e2:89:34:7a:32:9b:47:45:
e3:37:28:6f:ef:88:dc:92:92:6d:eb:b3:d3:70:28:07:41:27:
2f:23:18:27:97:2a:c6:03:66:0a:f5:bf:43:4d:27:0a:58:65:
b1:cf:c0:82
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZc0Y/4eqfGgzhtqJZvuzfjrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0OWJkODRkYTE3OTk3Y2JiMjg2YWY5MDIyYWIyZTA1YmEw
OGI0NDIwHhcNMjUwNjAzMDYwNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGE2OGIxZjU0NDVmNmFkNDRlYjlkYjhmYzIyYzZjMGQwMWUyOGY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlXIiVpvBtZS7KoyvtQ16TOKKX+rK
OW6MU0C/pnWPaRNcWW21YfjtdE0KWTHUR1Axx24uBbd9qLk8RkfPG9C1SSrogVkX
dEocxbKzOAN4GUR+3z7LX4jMSGgU966OPUDFKEjcoqjcvHUozrojv0Zn1EY6klio
p+0gsV+eyJC2QHN6T/Zi6Jdvq+vbvDaWZU2stU9Ui6g118g8zp+D9BBP6JYeB0cI
PZyP0ABkmmDReWn1tqqenr3jEdXFGB91DtF6IdfSh54KV1WbiHry3Vwqf6W/2u4H
So18Of6/KVbIYCgvpWvUb0BL3km/8FIrvREklqFrGIIcB6ycN9xxAMnBkQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGSmix9URfatROuduPwixsDQHij1MB8GA1UdIwQY
MBaAFLSb2E2heZfLsoavkCKrLgW6CLRCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2It
MGM5MDliZjViZTRkLzEvWkthTEgxUkY5cTFFNjUyNF9DTEd3TkFlS1BVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lZTU0ZDEtNWIxNS00ZjkzLTg5N2ItMGM5MDliZjViZTRk
LzEvdEp2WVRhRjVsOHV5aHEtUUlxc3VCYm9JdEVJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuea0MA0E
AgACMAcDBQMqEw0AMA0GCSqGSIb3DQEBCwUAA4IBAQB7lhhmNhybrSmK0lmkao/y
VzudY9Lftd05PgA4eOaBTWEc2ITW+cr/TIjp139bOjw/hdUISB1AsvAVi+cTNTXn
I4HCM+bgNEXmFqq4kJrIC1ed3F+UXaARSKkksmoHLiOupDgyX+gtrF+/8kx1yGFb
UPr1VXK4DaByirf8s+jIR2jQD292bKTzuH197XmmuZ4wd2mZoeLNltBrAXrkzbhf
Mg9y0/q6CHA7Cn4riQXPx5fAlpZ8K91gf48WhZvuxTTZujkqA94CzyqeS3wXQlR+
4ok0ejKbR0XjNyhv74jckpJt67PTcCgHQScvIxgnlyrGA2YK9b9DTScKWGWxz8CC
-----END CERTIFICATE-----
Generated at Fri Jun 6 13:36:00 2025 by rpki-client