Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/ZCRNSq91ZKzRcSK6x3pKdZV_4Rw.roa
File: ZCRNSq91ZKzRcSK6x3pKdZV_4Rw.roa (raw, json)
Hash identifier: SLb/dN4BABY7//UWc03uIXxQcoqVDd7HnpJMkhWH2bA=
Subject key identifier: 64:24:4D:4A:AF:75:64:AC:D1:71:22:BA:C7:7A:4A:75:95:7F:E1:1C
Certificate issuer: /CN=a640c751ebfb4807d84622e806cb3d0b9dd81069
Certificate serial: 019445FDA8A9E6E5632F2B1F31F5D18D3EF3
Authority key identifier: A6:40:C7:51:EB:FB:48:07:D8:46:22:E8:06:CB:3D:0B:9D:D8:10:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pkDHUev7SAfYRiLoBss9C53YEGk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/ZCRNSq91ZKzRcSK6x3pKdZV_4Rw.roa
Signing time: Wed 08 Jan 2025 12:57:19 +0000
ROA not before: Wed 08 Jan 2025 12:57:19 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21436
IP address blocks: 193.108.164.0/24 maxlen: 24
193.108.165.0/24 maxlen: 24
2001:67c:58c::/48 maxlen: 48
2001:67c:17b0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/pkDHUev7SAfYRiLoBss9C53YEGk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/pkDHUev7SAfYRiLoBss9C53YEGk.mft
rsync://rpki.ripe.net/repository/DEFAULT/pkDHUev7SAfYRiLoBss9C53YEGk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 21:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:45:fd:a8:a9:e6:e5:63:2f:2b:1f:31:f5:d1:8d:3e:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a640c751ebfb4807d84622e806cb3d0b9dd81069
Validity
Not Before: Jan 8 12:57:19 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64244d4aaf7564acd17122bac77a4a75957fe11c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:eb:ed:f5:52:b2:9b:77:01:28:c7:63:cd:b0:
c9:a5:3c:6d:70:23:38:9b:64:8f:88:c9:6a:c0:a4:
11:59:24:43:14:5d:56:f4:48:e4:5d:64:82:aa:37:
0d:34:15:07:88:5e:2b:95:fd:72:2c:f5:31:bd:00:
53:60:65:d3:5a:04:65:44:44:b1:22:d7:b7:80:01:
f3:75:4a:93:52:d1:d0:87:c3:a8:4e:d4:c6:08:13:
e3:63:d4:a6:98:77:01:3e:5a:85:1e:a8:18:30:f4:
a7:ad:da:b5:a3:7d:b8:45:eb:1c:f0:41:c6:cf:cc:
8a:a1:44:1a:6a:aa:99:45:f1:e5:04:bb:87:5a:75:
b0:23:4c:68:29:4d:e4:ee:6c:c7:a8:b4:76:68:c0:
8b:70:26:0e:87:26:5e:5e:d6:f8:49:fa:34:18:37:
e1:a4:c8:d7:00:8c:d7:24:43:4c:3c:90:1d:dc:98:
24:8f:5f:f4:0e:3b:4f:4e:a9:09:0f:49:28:dc:74:
4c:92:6f:4e:d8:44:3e:77:16:59:63:a3:79:2f:54:
45:0a:2d:42:f5:35:42:52:c1:5c:6f:29:7f:99:63:
2c:55:29:81:33:2d:f9:a9:bf:3c:28:1a:87:6e:6e:
95:60:0a:35:dd:d5:1b:19:ee:c9:f4:95:0c:c1:a0:
58:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:24:4D:4A:AF:75:64:AC:D1:71:22:BA:C7:7A:4A:75:95:7F:E1:1C
X509v3 Authority Key Identifier:
keyid:A6:40:C7:51:EB:FB:48:07:D8:46:22:E8:06:CB:3D:0B:9D:D8:10:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pkDHUev7SAfYRiLoBss9C53YEGk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/ZCRNSq91ZKzRcSK6x3pKdZV_4Rw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/8a5a2e-4d33-4a2c-adf3-026b8cf691ba/1/pkDHUev7SAfYRiLoBss9C53YEGk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.108.164.0/23
IPv6:
2001:67c:58c::/48
2001:67c:17b0::/48
Signature Algorithm: sha256WithRSAEncryption
48:21:c2:2c:18:5f:36:20:97:10:68:1e:9d:75:d4:a3:1d:f6:
33:42:4a:c1:4c:c5:68:b9:ce:00:f7:fb:0f:60:6a:16:00:72:
79:97:1b:d7:99:82:07:99:ba:b1:7b:28:be:5a:82:cc:15:a1:
ff:ea:e0:42:24:db:30:4f:cc:22:c3:27:e6:03:2b:a8:ea:01:
f4:8f:7c:b8:39:14:60:70:63:bf:66:94:e4:42:a5:65:56:58:
67:f0:0d:db:d9:7d:e9:39:c9:30:2e:6c:75:f3:c3:c4:92:d0:
ad:ad:1d:a2:c2:2c:67:69:d4:fc:81:8c:8b:9a:8b:c4:6f:7e:
e9:a6:f2:dc:14:f3:a6:4c:3d:08:a5:fc:70:27:17:59:11:9a:
19:d2:a6:c7:f6:fc:00:70:4b:a2:0e:fe:75:a3:bc:61:6d:fe:
50:8b:a4:83:a9:18:4b:8a:1d:20:dd:eb:3b:c4:2b:95:45:b5:
53:5d:b8:31:9e:73:ae:0a:9e:1a:81:da:c8:f5:f8:9c:56:b6:
a3:0a:c6:b3:13:78:93:76:2e:2d:12:f1:63:4a:06:5d:05:a3:
cb:70:fd:8a:b6:76:cb:68:53:10:fc:0a:79:80:f6:97:ad:47:
19:b6:71:3d:07:26:64:bd:b2:d9:87:08:2c:73:70:3f:8e:40:
0a:c2:f3:9d
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZRF/aip5uVjLysfMfXRjT7zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NDBjNzUxZWJmYjQ4MDdkODQ2MjJlODA2Y2IzZDBiOWRk
ODEwNjkwHhcNMjUwMTA4MTI1NzE5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDI0NGQ0YWFmNzU2NGFjZDE3MTIyYmFjNzdhNGE3NTk1N2ZlMTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjuvt9VKym3cBKMdjzbDJpTxtcCM4
m2SPiMlqwKQRWSRDFF1W9EjkXWSCqjcNNBUHiF4rlf1yLPUxvQBTYGXTWgRlRESx
Ite3gAHzdUqTUtHQh8OoTtTGCBPjY9SmmHcBPlqFHqgYMPSnrdq1o324Resc8EHG
z8yKoUQaaqqZRfHlBLuHWnWwI0xoKU3k7mzHqLR2aMCLcCYOhyZeXtb4Sfo0GDfh
pMjXAIzXJENMPJAd3Jgkj1/0DjtPTqkJD0ko3HRMkm9O2EQ+dxZZY6N5L1RFCi1C
9TVCUsFcbyl/mWMsVSmBMy35qb88KBqHbm6VYAo13dUbGe7J9JUMwaBYNQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGQkTUqvdWSs0XEiusd6SnWVf+EcMB8GA1UdIwQY
MBaAFKZAx1Hr+0gH2EYi6AbLPQud2BBpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGtESFVldjdTQWZZUmlMb0JzczlDNTNZRUdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC84YTVhMmUtNGQzMy00YTJjLWFkZjMt
MDI2YjhjZjY5MWJhLzEvWkNSTlNxOTFaS3pSY1NLNngzcEtkWlZfNFJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC84YTVhMmUtNGQzMy00YTJjLWFkZjMtMDI2YjhjZjY5MWJh
LzEvcGtESFVldjdTQWZZUmlMb0JzczlDNTNZRUdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAMBAIAATAGAwQBwWykMBgE
AgACMBIDBwAgAQZ8BYwDBwAgAQZ8F7AwDQYJKoZIhvcNAQELBQADggEBAEghwiwY
XzYglxBoHp111KMd9jNCSsFMxWi5zgD3+w9gahYAcnmXG9eZggeZurF7KL5agswV
of/q4EIk2zBPzCLDJ+YDK6jqAfSPfLg5FGBwY79mlORCpWVWWGfwDdvZfek5yTAu
bHXzw8SS0K2tHaLCLGdp1PyBjIuai8Rvfumm8twU86ZMPQil/HAnF1kRmhnSpsf2
/ABwS6IO/nWjvGFt/lCLpIOpGEuKHSDd6zvEK5VFtVNduDGec64KnhqB2sj1+JxW
tqMKxrMTeJN2Li0S8WNKBl0Fo8tw/Yq2dstoUxD8CnmA9petRxm2cT0HJmS9stmH
CCxzcD+OQArC850=
-----END CERTIFICATE-----
Generated at Thu Feb 20 03:18:17 2025 by rpki-client