Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/3d3b27-f786-41e0-ac54-bfc0ff97a190/1/za5pr_RdRVQCTgLd3W2Y-u8ZZIo.roa
File: za5pr_RdRVQCTgLd3W2Y-u8ZZIo.roa (raw, json)
Hash identifier: HsG6G2W0gO0SbTM6V5Eodd4DUw2y9g6vatwqlX3nzOM=
Subject key identifier: CD:AE:69:AF:F4:5D:45:54:02:4E:02:DD:DD:6D:98:FA:EF:19:64:8A
Certificate issuer: /CN=58788f38426e0362b34dd567343fe8461a58babe
Certificate serial: 01941FFA583E53D18838496205FF88292730
Authority key identifier: 58:78:8F:38:42:6E:03:62:B3:4D:D5:67:34:3F:E8:46:1A:58:BA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WHiPOEJuA2KzTdVnND_oRhpYur4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/3d3b27-f786-41e0-ac54-bfc0ff97a190/1/za5pr_RdRVQCTgLd3W2Y-u8ZZIo.roa
Signing time: Wed 01 Jan 2025 03:48:07 +0000
ROA not before: Wed 01 Jan 2025 03:48:07 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205837
IP address blocks: 185.203.160.0/24 maxlen: 24
185.203.161.0/24 maxlen: 24
185.203.162.0/24 maxlen: 24
185.203.163.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/3d3b27-f786-41e0-ac54-bfc0ff97a190/1/WHiPOEJuA2KzTdVnND_oRhpYur4.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/3d3b27-f786-41e0-ac54-bfc0ff97a190/1/WHiPOEJuA2KzTdVnND_oRhpYur4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WHiPOEJuA2KzTdVnND_oRhpYur4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 18 Apr 2025 15:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:58:3e:53:d1:88:38:49:62:05:ff:88:29:27:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58788f38426e0362b34dd567343fe8461a58babe
Validity
Not Before: Jan 1 03:48:07 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cdae69aff45d4554024e02dddd6d98faef19648a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:89:ea:03:96:09:39:63:a2:ab:29:d9:e0:4c:
04:e4:de:fa:34:eb:85:be:ec:ae:df:1a:34:ab:aa:
9d:c1:95:10:48:10:3d:12:e6:8a:4c:4d:07:fe:f2:
ef:4b:06:f8:23:4b:59:b4:b4:f6:3e:68:cc:d6:4d:
44:f3:29:79:38:6f:f5:df:d3:75:ad:59:06:1d:a3:
85:de:2e:ae:3d:b8:72:e5:d2:30:17:b4:75:e1:64:
2e:66:50:f7:57:03:a6:7e:5c:94:23:3d:c8:bb:39:
de:9f:6d:79:6e:39:ef:50:4e:bc:bf:04:0c:4f:58:
dc:55:6a:c6:0c:3b:04:9f:b5:2d:eb:57:e0:0a:57:
68:2a:c4:db:e4:29:7f:3a:7b:6b:04:f2:90:32:a8:
90:4d:d9:9e:51:f2:ff:ac:95:1c:4b:44:64:e9:69:
0c:b1:c3:3a:41:7a:34:dd:1c:1a:d7:01:2a:7e:c9:
9e:54:be:b7:02:2a:5a:5c:b4:b5:b9:25:e5:f3:09:
58:93:12:b3:0d:a5:b6:85:cd:b8:cc:66:1f:c8:b7:
38:78:d8:8e:85:f9:f5:26:c2:ba:6d:01:35:43:59:
a9:7c:ff:2a:fa:7e:73:4e:19:d8:a8:9f:3a:e6:0f:
e6:97:56:56:4b:c7:a3:1d:05:5c:21:19:56:ca:4d:
96:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:AE:69:AF:F4:5D:45:54:02:4E:02:DD:DD:6D:98:FA:EF:19:64:8A
X509v3 Authority Key Identifier:
keyid:58:78:8F:38:42:6E:03:62:B3:4D:D5:67:34:3F:E8:46:1A:58:BA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WHiPOEJuA2KzTdVnND_oRhpYur4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/3d3b27-f786-41e0-ac54-bfc0ff97a190/1/za5pr_RdRVQCTgLd3W2Y-u8ZZIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/3d3b27-f786-41e0-ac54-bfc0ff97a190/1/WHiPOEJuA2KzTdVnND_oRhpYur4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.203.160.0/22
Signature Algorithm: sha256WithRSAEncryption
54:5e:ee:8c:d5:40:63:f1:20:64:f9:df:f8:6a:b4:1e:66:9a:
6b:9a:fd:bf:0a:fc:61:89:83:38:ff:bf:61:9d:8a:9d:d9:3d:
4f:a0:ee:8a:ee:1c:88:22:71:21:d9:b8:36:db:0f:86:1b:dd:
eb:6b:13:3a:7d:75:bb:ac:5e:d7:f7:b1:75:4d:44:3d:fe:93:
30:d0:d3:91:41:9b:87:a2:0d:87:f7:2c:fc:c2:c8:83:31:68:
0d:54:aa:ff:37:79:bc:ae:46:9b:bd:ab:d4:9a:39:94:e2:f6:
a7:2e:53:a8:3e:4d:31:dd:15:0d:a0:73:4f:9c:55:1f:d3:20:
1c:89:ff:b8:6b:1b:db:31:0e:c9:13:6f:7b:c3:1b:26:44:5b:
4f:0c:20:0a:07:f5:a1:ce:a5:c5:fa:4e:6b:0b:23:47:da:8f:
54:22:e0:78:3f:43:47:1f:7d:db:4f:b9:04:68:6e:22:c1:45:
e5:b6:cb:78:b9:9e:e7:09:be:91:74:f4:eb:68:e2:6c:02:ed:
df:df:d8:d2:5b:23:f1:f7:43:e2:48:6f:a4:15:0f:5e:d3:ac:
d4:96:51:6c:89:61:53:2f:3f:9d:84:c1:9c:13:47:1e:e8:e7:
82:53:ad:d1:24:6e:39:a9:6e:59:31:5d:53:e4:c1:8a:f5:f4:
f1:d4:8d:2e
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+lg+U9GIOEliBf+IKScwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4Nzg4ZjM4NDI2ZTAzNjJiMzRkZDU2NzM0M2ZlODQ2MWE1
OGJhYmUwHhcNMjUwMTAxMDM0ODA3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGFlNjlhZmY0NWQ0NTU0MDI0ZTAyZGRkZDZkOThmYWVmMTk2NDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4nqA5YJOWOiqynZ4EwE5N76NOuF
vuyu3xo0q6qdwZUQSBA9EuaKTE0H/vLvSwb4I0tZtLT2PmjM1k1E8yl5OG/139N1
rVkGHaOF3i6uPbhy5dIwF7R14WQuZlD3VwOmflyUIz3Iuznen215bjnvUE68vwQM
T1jcVWrGDDsEn7Ut61fgCldoKsTb5Cl/OntrBPKQMqiQTdmeUfL/rJUcS0Rk6WkM
scM6QXo03Rwa1wEqfsmeVL63AipaXLS1uSXl8wlYkxKzDaW2hc24zGYfyLc4eNiO
hfn1JsK6bQE1Q1mpfP8q+n5zThnYqJ865g/ml1ZWS8ejHQVcIRlWyk2WJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM2uaa/0XUVUAk4C3d1tmPrvGWSKMB8GA1UdIwQY
MBaAFFh4jzhCbgNis03VZzQ/6EYaWLq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0hpUE9FSnVBMkt6VGRWbk5EX29SaHBZdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy8zZDNiMjctZjc4Ni00MWUwLWFjNTQt
YmZjMGZmOTdhMTkwLzEvemE1cHJfUmRSVlFDVGdMZDNXMlktdThaWklvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy8zZDNiMjctZjc4Ni00MWUwLWFjNTQtYmZjMGZmOTdhMTkw
LzEvV0hpUE9FSnVBMkt6VGRWbk5EX29SaHBZdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCucugMA0G
CSqGSIb3DQEBCwUAA4IBAQBUXu6M1UBj8SBk+d/4arQeZpprmv2/CvxhiYM4/79h
nYqd2T1PoO6K7hyIInEh2bg22w+GG93raxM6fXW7rF7X97F1TUQ9/pMw0NORQZuH
og2H9yz8wsiDMWgNVKr/N3m8rkabvavUmjmU4vanLlOoPk0x3RUNoHNPnFUf0yAc
if+4axvbMQ7JE297wxsmRFtPDCAKB/WhzqXF+k5rCyNH2o9UIuB4P0NHH33bT7kE
aG4iwUXltst4uZ7nCb6RdPTraOJsAu3f39jSWyPx90PiSG+kFQ9e06zUllFsiWFT
Lz+dhMGcE0ce6OeCU63RJG45qW5ZMV1T5MGK9fTx1I0u
-----END CERTIFICATE-----
Generated at Fri Apr 18 00:36:36 2025 by rpki-client