Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/1fac4a-aa33-44bc-b6a2-1cf3da6f7d7e/1/ZCJA2foGqRJY0SrXotU5jxVHXyA.roa
File: ZCJA2foGqRJY0SrXotU5jxVHXyA.roa (raw, json)
Hash identifier: +H657MmtlNk/r/cAb3qcz3eX9ms9jyBKdEpjFf9D62I=
Subject key identifier: 64:22:40:D9:FA:06:A9:12:58:D1:2A:D7:A2:D5:39:8F:15:47:5F:20
Certificate issuer: /CN=e92574d716cbbdbf724d706c1117970f667b237e
Certificate serial: 019421B1FC679DD8179B155B445B59391639
Authority key identifier: E9:25:74:D7:16:CB:BD:BF:72:4D:70:6C:11:17:97:0F:66:7B:23:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SV01xbLvb9yTXBsEReXD2Z7I34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/1fac4a-aa33-44bc-b6a2-1cf3da6f7d7e/1/ZCJA2foGqRJY0SrXotU5jxVHXyA.roa
Signing time: Wed 01 Jan 2025 11:48:20 +0000
ROA not before: Wed 01 Jan 2025 11:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203934
IP address blocks: 45.90.188.0/22 maxlen: 22
185.118.156.0/23 maxlen: 23
185.118.158.0/23 maxlen: 23
2a03:6320::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/1fac4a-aa33-44bc-b6a2-1cf3da6f7d7e/1/6SV01xbLvb9yTXBsEReXD2Z7I34.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/1fac4a-aa33-44bc-b6a2-1cf3da6f7d7e/1/6SV01xbLvb9yTXBsEReXD2Z7I34.mft
rsync://rpki.ripe.net/repository/DEFAULT/6SV01xbLvb9yTXBsEReXD2Z7I34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:fc:67:9d:d8:17:9b:15:5b:44:5b:59:39:16:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92574d716cbbdbf724d706c1117970f667b237e
Validity
Not Before: Jan 1 11:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=642240d9fa06a91258d12ad7a2d5398f15475f20
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:00:43:c9:52:ca:d3:c4:30:c1:7e:6d:eb:e3:
18:25:22:32:ca:4f:ab:d3:37:d2:8f:21:79:dc:10:
77:2e:38:46:86:b1:08:59:31:2b:b2:b6:47:6b:e1:
b3:e9:b8:3b:a9:01:48:d2:e7:c0:5c:7c:b7:a7:42:
89:82:70:e3:86:15:17:a3:5d:91:0a:1c:0c:dc:ff:
ab:e2:64:3d:5d:ec:d0:e4:0e:8d:03:a5:f7:c5:61:
7d:4f:dc:f2:4e:67:d9:3a:00:9c:55:2f:91:84:7d:
6a:c7:51:36:53:dd:5b:53:23:2a:0b:e9:41:31:95:
e8:15:2e:a2:9e:fc:46:9f:85:8b:7d:51:e2:e1:0f:
f8:84:16:16:3d:d7:0b:c4:20:ab:83:59:49:f0:ac:
64:0f:82:d9:25:ef:15:8f:d8:09:6d:35:ac:3d:94:
97:07:1e:3c:5c:70:fc:24:e8:50:d7:37:7e:af:ee:
12:8a:a8:40:8b:96:b4:3d:ac:79:b7:5e:ea:e7:7d:
cd:c9:e8:23:de:c7:e1:b0:34:be:40:f9:53:15:44:
36:0c:0d:91:56:31:0e:c9:5c:61:1c:14:d4:99:e9:
41:45:67:99:a3:a5:90:64:15:2e:22:eb:6d:a1:11:
53:88:45:98:51:6f:37:16:f3:c1:14:6f:9f:87:e0:
ba:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:22:40:D9:FA:06:A9:12:58:D1:2A:D7:A2:D5:39:8F:15:47:5F:20
X509v3 Authority Key Identifier:
keyid:E9:25:74:D7:16:CB:BD:BF:72:4D:70:6C:11:17:97:0F:66:7B:23:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SV01xbLvb9yTXBsEReXD2Z7I34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1fac4a-aa33-44bc-b6a2-1cf3da6f7d7e/1/ZCJA2foGqRJY0SrXotU5jxVHXyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/1fac4a-aa33-44bc-b6a2-1cf3da6f7d7e/1/6SV01xbLvb9yTXBsEReXD2Z7I34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.188.0/22
185.118.156.0/22
IPv6:
2a03:6320::/32
Signature Algorithm: sha256WithRSAEncryption
92:72:71:9f:af:66:ae:2a:67:d7:11:fc:d6:0a:71:73:07:b8:
f0:5a:67:57:17:8b:34:72:e2:13:8c:32:5c:0c:6e:04:f3:bc:
b3:cf:af:14:25:b5:02:32:d3:97:bb:a6:01:f3:70:48:6a:08:
b9:59:4e:a6:74:49:e7:97:a9:97:36:81:e0:2e:ac:ba:8a:bb:
a6:d1:b8:e9:d4:9a:97:79:ea:49:98:c3:c7:f5:4d:92:12:1a:
1f:ea:ef:1f:5b:f6:d9:b1:e1:52:8b:48:8c:2f:d8:23:a5:3c:
ee:bc:73:08:af:67:48:2d:cc:4e:e9:71:e5:f3:63:45:87:1d:
e9:62:a3:1d:10:77:f0:bc:13:47:18:d3:0b:6e:99:f5:67:2b:
d8:90:f1:f1:cb:34:50:78:17:a3:08:b1:b5:39:6a:ae:cc:f9:
38:65:f2:c5:1e:57:65:66:c8:a0:bd:d8:79:a8:36:47:8d:87:
e1:0b:86:24:ad:0e:60:e1:85:16:4f:89:58:66:75:31:1e:40:
28:2a:bb:e2:68:6e:21:17:80:a3:8b:22:14:00:0c:2f:60:23:
c4:10:fd:c9:5d:ac:31:9f:a8:a6:35:18:f8:4c:76:aa:8d:2a:
d0:eb:8b:c2:2a:af:5a:49:e7:d4:94:75:d2:de:86:6a:2a:fa:
40:f4:78:b4
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQhsfxnndgXmxVbRFtZORY5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MjU3NGQ3MTZjYmJkYmY3MjRkNzA2YzExMTc5NzBmNjY3
YjIzN2UwHhcNMjUwMTAxMTE0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDIyNDBkOWZhMDZhOTEyNThkMTJhZDdhMmQ1Mzk4ZjE1NDc1ZjIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiwBDyVLK08QwwX5t6+MYJSIyyk+r
0zfSjyF53BB3LjhGhrEIWTErsrZHa+Gz6bg7qQFI0ufAXHy3p0KJgnDjhhUXo12R
ChwM3P+r4mQ9XezQ5A6NA6X3xWF9T9zyTmfZOgCcVS+RhH1qx1E2U91bUyMqC+lB
MZXoFS6invxGn4WLfVHi4Q/4hBYWPdcLxCCrg1lJ8KxkD4LZJe8Vj9gJbTWsPZSX
Bx48XHD8JOhQ1zd+r+4SiqhAi5a0Pax5t17q533Nyegj3sfhsDS+QPlTFUQ2DA2R
VjEOyVxhHBTUmelBRWeZo6WQZBUuIuttoRFTiEWYUW83FvPBFG+fh+C6swIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFGQiQNn6BqkSWNEq16LVOY8VR18gMB8GA1UdIwQY
MBaAFOkldNcWy72/ck1wbBEXlw9meyN+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlNWMDF4Ykx2Yjl5VFhCc0VSZVhEMlo3STM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xZmFjNGEtYWEzMy00NGJjLWI2YTIt
MWNmM2RhNmY3ZDdlLzEvWkNKQTJmb0dxUkpZMFNyWG90VTVqeFZIWHlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xZmFjNGEtYWEzMy00NGJjLWI2YTItMWNmM2RhNmY3ZDdl
LzEvNlNWMDF4Ykx2Yjl5VFhCc0VSZVhEMlo3STM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLVq8AwQC
uXacMA0EAgACMAcDBQAqA2MgMA0GCSqGSIb3DQEBCwUAA4IBAQCScnGfr2auKmfX
EfzWCnFzB7jwWmdXF4s0cuITjDJcDG4E87yzz68UJbUCMtOXu6YB83BIagi5WU6m
dEnnl6mXNoHgLqy6irum0bjp1JqXeepJmMPH9U2SEhof6u8fW/bZseFSi0iML9gj
pTzuvHMIr2dILcxO6XHl82NFhx3pYqMdEHfwvBNHGNMLbpn1ZyvYkPHxyzRQeBej
CLG1OWquzPk4ZfLFHldlZsigvdh5qDZHjYfhC4YkrQ5g4YUWT4lYZnUxHkAoKrvi
aG4hF4CjiyIUAAwvYCPEEP3JXawxn6imNRj4THaqjSrQ64vCKq9aSefUlHXS3oZq
KvpA9Hi0
-----END CERTIFICATE-----
Generated at Mon Apr 21 02:11:14 2025 by rpki-client