Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ChZJANMP-dxZcM4XfEB1OLqJU4M.roa
File: ChZJANMP-dxZcM4XfEB1OLqJU4M.roa (raw, json)
Hash identifier: 7QeF/iPlN0WDurz5W/eCIFIV647hwtHoA5ckpUX732M=
Subject key identifier: 0A:16:49:00:D3:0F:F9:DC:59:70:CE:17:7C:40:75:38:BA:89:53:83
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0194BEEA323CEA65233AEC936DAEDF3EB490
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ChZJANMP-dxZcM4XfEB1OLqJU4M.roa
Signing time: Sat 01 Feb 2025 00:30:06 +0000
ROA not before: Sat 01 Feb 2025 00:30:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 393942
IP address blocks: 164.40.185.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 00:57:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:be:ea:32:3c:ea:65:23:3a:ec:93:6d:ae:df:3e:b4:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Feb 1 00:30:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a164900d30ff9dc5970ce177c407538ba895383
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c0:2d:d1:2a:2f:b2:2e:29:96:9b:54:f2:f9:
f6:38:92:75:ab:cf:48:72:3e:3a:19:d0:59:1c:66:
55:63:e3:1f:14:f9:c5:8a:47:5d:47:b2:6d:ab:68:
3d:02:96:ef:f0:b8:98:95:d6:99:d0:b9:2e:27:8c:
8a:fe:2f:ee:4e:bf:7f:e7:f5:cf:08:e0:a9:f5:23:
57:1e:7e:e2:fa:0a:b6:41:06:1c:53:2c:5b:5e:4a:
34:5a:f5:8d:a6:da:06:55:66:0d:0c:e9:18:c6:8e:
02:f1:8b:0d:7a:e3:54:15:48:1b:68:2b:01:4d:d4:
aa:72:58:dd:f8:c2:90:ee:a4:95:a1:26:a9:67:b7:
68:71:fe:07:2d:12:5d:8a:ff:88:ea:e8:7f:6b:48:
43:f0:31:27:12:f1:20:f6:b0:61:da:27:81:59:ce:
e1:d0:ce:6d:28:d0:ef:51:d6:e8:a2:f5:e9:da:a7:
d4:2b:46:7f:72:02:fb:52:4a:b6:1f:7f:df:a6:0d:
06:b9:aa:7e:04:a2:ee:52:ab:e0:a2:fa:80:35:46:
c6:89:2a:e0:ac:db:9f:c3:55:f0:1c:02:5e:be:fe:
97:a9:7a:cf:b0:58:93:8d:42:2a:c1:ae:67:a4:4e:
27:19:d6:17:7d:be:bb:33:d7:35:7d:41:24:0e:80:
b7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:16:49:00:D3:0F:F9:DC:59:70:CE:17:7C:40:75:38:BA:89:53:83
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/ChZJANMP-dxZcM4XfEB1OLqJU4M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
164.40.185.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:18:44:87:50:1a:d9:44:d5:7e:88:87:38:f7:27:ee:a8:b7:
10:fb:62:52:30:9f:ee:cb:ab:50:5a:97:ca:34:0b:ba:64:bf:
99:1b:80:12:80:d1:24:08:80:78:c0:d6:ec:c9:ad:61:44:ed:
66:8c:85:18:4e:75:91:0d:28:15:62:36:93:46:db:49:89:ed:
af:07:cf:03:13:f8:71:0a:22:65:82:b9:51:d9:25:49:b3:e2:
49:34:76:9c:43:6e:81:83:11:d9:09:c5:ed:91:2b:67:42:c7:
ad:b7:e7:eb:d0:4a:e8:a7:59:d4:6a:6c:f1:07:15:06:57:2c:
85:43:a6:0d:ba:96:7e:9b:49:4b:8c:80:a7:bf:e3:c3:07:f5:
53:be:6e:4a:9d:ac:94:74:e3:60:d8:7e:71:07:8a:3e:52:a1:
6f:82:04:e5:39:65:16:ed:b1:76:c7:d5:3b:c0:22:b6:e6:8c:
84:a4:20:5d:9a:2c:44:c4:6a:04:f0:7b:a9:41:0b:19:4f:4a:
60:aa:13:a4:62:95:7d:09:3a:d8:40:f3:fa:07:7c:39:db:e7:
93:0a:b5:6e:c5:fc:be:b6:95:1b:ac:a8:42:b9:89:15:18:1b:
6b:0d:50:90:37:9d:0b:c4:1d:02:e2:ec:df:74:ec:95:37:b3:
90:bc:0d:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZS+6jI86mUjOuyTba7fPrSQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwMjAxMDAzMDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTE2NDkwMGQzMGZmOWRjNTk3MGNlMTc3YzQwNzUzOGJhODk1MzgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsAt0Sovsi4plptU8vn2OJJ1q89I
cj46GdBZHGZVY+MfFPnFikddR7Jtq2g9Apbv8LiYldaZ0LkuJ4yK/i/uTr9/5/XP
COCp9SNXHn7i+gq2QQYcUyxbXko0WvWNptoGVWYNDOkYxo4C8YsNeuNUFUgbaCsB
TdSqcljd+MKQ7qSVoSapZ7docf4HLRJdiv+I6uh/a0hD8DEnEvEg9rBh2ieBWc7h
0M5tKNDvUdboovXp2qfUK0Z/cgL7Ukq2H3/fpg0Guap+BKLuUqvgovqANUbGiSrg
rNufw1XwHAJevv6XqXrPsFiTjUIqwa5npE4nGdYXfb67M9c1fUEkDoC3swIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAoWSQDTD/ncWXDOF3xAdTi6iVODMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQ2haSkFOTVAtZHhaY000WGZFQjFPTHFKVTRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQApCi5MA0G
CSqGSIb3DQEBCwUAA4IBAQAtGESHUBrZRNV+iIc49yfuqLcQ+2JSMJ/uy6tQWpfK
NAu6ZL+ZG4ASgNEkCIB4wNbsya1hRO1mjIUYTnWRDSgVYjaTRttJie2vB88DE/hx
CiJlgrlR2SVJs+JJNHacQ26BgxHZCcXtkStnQsett+fr0Erop1nUamzxBxUGVyyF
Q6YNupZ+m0lLjICnv+PDB/VTvm5KnayUdONg2H5xB4o+UqFvggTlOWUW7bF2x9U7
wCK25oyEpCBdmixExGoE8HupQQsZT0pgqhOkYpV9CTrYQPP6B3w52+eTCrVuxfy+
tpUbrKhCuYkVGBtrDVCQN50LxB0C4uzfdOyVN7OQvA3S
-----END CERTIFICATE-----
Generated at Sat Apr 5 08:53:31 2025 by rpki-client