Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/2dfa97-8c53-4e74-9a2c-484a06a61717/1/zTvzZc3tlOwLBnnj-NPbv4PhboA.roa
File: zTvzZc3tlOwLBnnj-NPbv4PhboA.roa (raw, json)
Hash identifier: msHMJXILJsy2yJM+hVyJRqp2m3iGv1So8lJvoritOiE=
Subject key identifier: CD:3B:F3:65:CD:ED:94:EC:0B:06:79:E3:F8:D3:DB:BF:83:E1:6E:80
Certificate issuer: /CN=3bec12c21108134f00c0353107d60ccdaebefb2e
Certificate serial: 01955C92807ECA937BBAB90B2A813D12E5E1
Authority key identifier: 3B:EC:12:C2:11:08:13:4F:00:C0:35:31:07:D6:0C:CD:AE:BE:FB:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-wSwhEIE08AwDUxB9YMza6--y4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/2dfa97-8c53-4e74-9a2c-484a06a61717/1/zTvzZc3tlOwLBnnj-NPbv4PhboA.roa
Signing time: Mon 03 Mar 2025 15:14:19 +0000
ROA not before: Mon 03 Mar 2025 15:14:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 91.208.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/2dfa97-8c53-4e74-9a2c-484a06a61717/1/O-wSwhEIE08AwDUxB9YMza6--y4.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/2dfa97-8c53-4e74-9a2c-484a06a61717/1/O-wSwhEIE08AwDUxB9YMza6--y4.mft
rsync://rpki.ripe.net/repository/DEFAULT/O-wSwhEIE08AwDUxB9YMza6--y4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 04:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:5c:92:80:7e:ca:93:7b:ba:b9:0b:2a:81:3d:12:e5:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3bec12c21108134f00c0353107d60ccdaebefb2e
Validity
Not Before: Mar 3 15:14:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd3bf365cded94ec0b0679e3f8d3dbbf83e16e80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:22:98:61:f7:4a:90:96:cc:38:05:e6:4f:62:
e7:7c:03:10:1a:18:4d:4c:8c:20:52:04:76:0f:89:
fc:21:a7:5d:83:7f:0d:7d:3f:8d:78:b3:ed:be:94:
e8:92:02:45:94:83:87:6e:9a:f6:43:25:33:d0:65:
c8:85:7c:31:be:5a:9d:ae:10:32:62:82:9d:93:6d:
62:46:4c:f7:7d:07:d2:25:61:d9:ff:27:d7:6d:84:
8a:b1:30:73:fa:4a:99:be:06:dd:2c:20:da:6c:e4:
43:57:09:98:df:ae:62:de:55:58:c4:bc:d7:bb:3f:
0e:21:11:20:c7:1b:9c:07:8c:d5:9f:d9:65:0b:d9:
92:64:3d:1b:74:cb:10:46:94:ce:07:a7:77:e5:3e:
f7:07:57:73:63:12:ce:52:91:0c:9c:7f:d2:bf:5e:
29:ad:a7:a6:a9:e3:cd:7a:31:5e:fb:e5:0a:26:ad:
b5:21:4f:84:96:f2:1f:19:9e:ea:27:23:07:6f:9d:
25:db:d6:16:3b:64:51:70:bf:8e:5a:4d:2e:6f:2b:
ea:95:f1:7a:72:ea:a5:c3:7c:2c:b9:69:a7:a2:24:
6b:82:4d:a8:f2:c5:a8:fc:a0:28:1d:03:7c:63:98:
f1:a6:89:84:53:1f:ff:11:c3:fa:73:72:70:04:26:
d1:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:3B:F3:65:CD:ED:94:EC:0B:06:79:E3:F8:D3:DB:BF:83:E1:6E:80
X509v3 Authority Key Identifier:
keyid:3B:EC:12:C2:11:08:13:4F:00:C0:35:31:07:D6:0C:CD:AE:BE:FB:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-wSwhEIE08AwDUxB9YMza6--y4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2dfa97-8c53-4e74-9a2c-484a06a61717/1/zTvzZc3tlOwLBnnj-NPbv4PhboA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/2dfa97-8c53-4e74-9a2c-484a06a61717/1/O-wSwhEIE08AwDUxB9YMza6--y4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.204.0/24
Signature Algorithm: sha256WithRSAEncryption
91:66:59:05:33:6b:34:33:ce:31:6c:46:bd:05:74:64:5a:f3:
e9:f9:9b:fd:9f:55:68:0f:34:2f:39:2e:ba:ac:28:96:97:28:
ea:0a:db:12:e2:a4:e7:a1:5c:96:6f:b8:34:38:92:28:2b:f7:
b7:9d:48:dd:46:44:f7:08:89:c9:55:16:6d:fc:64:39:9b:fb:
60:2a:d5:95:ac:ed:67:6d:25:f0:21:f1:b1:8c:8b:d6:b7:a1:
17:c2:f6:a0:3f:f9:33:d5:15:37:fe:5e:89:04:0d:e2:9f:65:
04:6d:88:6a:a7:88:a2:18:45:be:66:e6:4c:42:ff:13:a2:b5:
03:cd:c8:8a:72:a6:a2:7f:49:1c:f9:3f:34:ee:4c:d6:e6:ee:
c8:e3:34:e4:e5:a5:b0:b5:46:a9:d4:ae:13:8b:8e:19:6f:14:
6c:d0:47:72:45:82:5d:38:d8:93:9b:c0:28:6d:1f:1a:a2:1d:
d6:91:82:8a:e8:4f:ad:4a:47:c7:50:3d:99:81:48:53:b0:85:
0c:ad:b9:15:25:8f:ad:a5:a7:2b:7b:a0:83:b3:fe:5a:ac:67:
79:f4:4a:6b:86:c5:2a:3b:ea:37:a0:ee:4f:78:bf:5a:e9:d4:
6d:9f:40:71:f7:46:03:64:86:cb:eb:fa:36:a1:a3:d4:29:b8:
56:e6:1d:07
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZVckoB+ypN7urkLKoE9EuXhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZWMxMmMyMTEwODEzNGYwMGMwMzUzMTA3ZDYwY2NkYWVi
ZWZiMmUwHhcNMjUwMzAzMTUxNDE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDNiZjM2NWNkZWQ5NGVjMGIwNjc5ZTNmOGQzZGJiZjgzZTE2ZTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiKYYfdKkJbMOAXmT2LnfAMQGhhN
TIwgUgR2D4n8Iaddg38NfT+NeLPtvpTokgJFlIOHbpr2QyUz0GXIhXwxvlqdrhAy
YoKdk21iRkz3fQfSJWHZ/yfXbYSKsTBz+kqZvgbdLCDabORDVwmY365i3lVYxLzX
uz8OIREgxxucB4zVn9llC9mSZD0bdMsQRpTOB6d35T73B1dzYxLOUpEMnH/Sv14p
raemqePNejFe++UKJq21IU+ElvIfGZ7qJyMHb50l29YWO2RRcL+OWk0ubyvqlfF6
cuqlw3wsuWmnoiRrgk2o8sWo/KAoHQN8Y5jxpomEUx//EcP6c3JwBCbRfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM0782XN7ZTsCwZ54/jT27+D4W6AMB8GA1UdIwQY
MBaAFDvsEsIRCBNPAMA1MQfWDM2uvvsuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy13U3doRUlFMDhBd0RVeEI5WU16YTYtLXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS8yZGZhOTctOGM1My00ZTc0LTlhMmMt
NDg0YTA2YTYxNzE3LzEvelR2elpjM3RsT3dMQm5uai1OUGJ2NFBoYm9BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS8yZGZhOTctOGM1My00ZTc0LTlhMmMtNDg0YTA2YTYxNzE3
LzEvTy13U3doRUlFMDhBd0RVeEI5WU16YTYtLXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW9DMMA0G
CSqGSIb3DQEBCwUAA4IBAQCRZlkFM2s0M84xbEa9BXRkWvPp+Zv9n1VoDzQvOS66
rCiWlyjqCtsS4qTnoVyWb7g0OJIoK/e3nUjdRkT3CInJVRZt/GQ5m/tgKtWVrO1n
bSXwIfGxjIvWt6EXwvagP/kz1RU3/l6JBA3in2UEbYhqp4iiGEW+ZuZMQv8TorUD
zciKcqaif0kc+T807kzW5u7I4zTk5aWwtUap1K4Ti44ZbxRs0EdyRYJdONiTm8Ao
bR8aoh3WkYKK6E+tSkfHUD2ZgUhTsIUMrbkVJY+tpacre6CDs/5arGd59EprhsUq
O+o3oO5PeL9a6dRtn0Bx90YDZIbL6/o2oaPUKbhW5h0H
-----END CERTIFICATE-----
Generated at Mon Apr 7 12:22:23 2025 by rpki-client