Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/ec287d-efab-4341-be53-f2b544b0fe7b/1/zdcU1X_muklbr0PsAXf5FfLi2-4.roa
File: zdcU1X_muklbr0PsAXf5FfLi2-4.roa (raw, json)
Hash identifier: xVhUBfvK07juxF0BpH1Z7Z8zQ9yW0QLwTqhNif5nVRg=
Subject key identifier: CD:D7:14:D5:7F:E6:BA:49:5B:AF:43:EC:01:77:F9:15:F2:E2:DB:EE
Certificate issuer: /CN=48f68aa2e755aa0ac69a70fe8efebea4c2335611
Certificate serial: 01942068661EF3B2C8B429A7C9DB4D8298C9
Authority key identifier: 48:F6:8A:A2:E7:55:AA:0A:C6:9A:70:FE:8E:FE:BE:A4:C2:33:56:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SPaKoudVqgrGmnD-jv6-pMIzVhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/ec287d-efab-4341-be53-f2b544b0fe7b/1/zdcU1X_muklbr0PsAXf5FfLi2-4.roa
Signing time: Wed 01 Jan 2025 05:48:20 +0000
ROA not before: Wed 01 Jan 2025 05:48:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41103
IP address blocks: 185.91.100.0/22 maxlen: 24
195.95.187.0/24 maxlen: 24
2001:67c:15f4::/48 maxlen: 48
2a03:8920::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/ec287d-efab-4341-be53-f2b544b0fe7b/1/SPaKoudVqgrGmnD-jv6-pMIzVhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/ec287d-efab-4341-be53-f2b544b0fe7b/1/SPaKoudVqgrGmnD-jv6-pMIzVhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/SPaKoudVqgrGmnD-jv6-pMIzVhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:20:68:66:1e:f3:b2:c8:b4:29:a7:c9:db:4d:82:98:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48f68aa2e755aa0ac69a70fe8efebea4c2335611
Validity
Not Before: Jan 1 05:48:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cdd714d57fe6ba495baf43ec0177f915f2e2dbee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:37:2e:48:23:75:7c:38:43:f6:bc:02:a1:a4:
7f:77:8f:3e:02:18:06:2d:20:36:07:7d:f7:c1:c6:
8e:55:72:bc:f9:70:9f:a9:b4:7c:3b:d4:59:12:ce:
6c:68:a0:ac:d0:63:2a:62:c2:c1:c3:ce:ee:dc:e7:
b3:76:c7:f7:42:a2:02:70:27:7f:8f:e1:01:00:09:
c4:8e:4e:1a:29:1f:b0:b3:68:19:a5:7f:b2:da:e9:
aa:09:0b:db:1d:8b:7b:30:bd:09:73:3a:b1:6c:ee:
7d:db:0e:35:ee:3a:dd:4d:0e:36:0b:d1:78:db:cc:
0f:13:a1:34:7e:70:37:14:7f:c0:cc:41:36:6f:9a:
5a:49:81:b6:eb:17:f6:52:14:1b:7b:92:74:c8:0c:
ef:94:07:c8:d5:77:e2:e0:fa:72:7d:47:35:0a:0c:
e1:a6:55:95:cd:44:7e:54:17:b8:3a:05:c8:46:16:
cc:2f:c0:47:03:6c:33:a0:d1:e0:f2:f5:84:ae:49:
84:bf:f0:e3:5b:f1:ae:99:d1:42:04:a8:da:b4:df:
7a:b0:bd:66:c2:03:13:d9:72:fe:dd:54:d6:60:a4:
91:94:10:70:0f:47:d0:d0:1d:c1:e8:25:0a:20:c5:
a6:fe:1a:0b:a7:16:c9:2a:3d:34:60:14:b1:3a:78:
2d:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D7:14:D5:7F:E6:BA:49:5B:AF:43:EC:01:77:F9:15:F2:E2:DB:EE
X509v3 Authority Key Identifier:
keyid:48:F6:8A:A2:E7:55:AA:0A:C6:9A:70:FE:8E:FE:BE:A4:C2:33:56:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SPaKoudVqgrGmnD-jv6-pMIzVhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ec287d-efab-4341-be53-f2b544b0fe7b/1/zdcU1X_muklbr0PsAXf5FfLi2-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/ec287d-efab-4341-be53-f2b544b0fe7b/1/SPaKoudVqgrGmnD-jv6-pMIzVhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.91.100.0/22
195.95.187.0/24
IPv6:
2001:67c:15f4::/48
2a03:8920::/32
Signature Algorithm: sha256WithRSAEncryption
83:4c:f0:52:b4:e9:dd:87:01:20:bc:e0:09:87:55:b0:0f:96:
a1:99:ae:c9:7c:40:60:fb:8b:39:5f:62:8d:7b:0e:6e:b3:5c:
10:e7:d6:47:6b:23:cc:4f:a9:67:cf:59:1d:9d:ea:aa:5a:0a:
cb:d5:ba:60:ed:4d:49:ae:a2:92:a6:65:b2:7d:01:19:7b:60:
2d:60:53:a9:f2:eb:00:7b:7b:73:a8:87:40:9e:9b:b7:7e:44:
6a:4b:b0:16:d2:3c:2d:0a:ec:2e:ac:c5:9d:a2:fc:bf:90:3a:
fa:6b:09:9c:be:83:85:91:6a:7b:ae:b8:ae:a7:57:38:3e:42:
16:cd:f5:79:55:88:ae:62:3a:96:94:ab:0c:9e:8d:41:34:58:
1a:4f:e1:5f:fe:52:cd:ca:63:5c:c0:66:3c:bd:84:7f:b3:59:
30:93:f3:75:2a:59:fc:32:b3:c9:a0:20:39:14:1d:b1:ff:69:
84:2e:a6:81:08:78:f9:e4:03:f2:64:af:9c:dd:1c:58:82:b3:
e9:7e:bd:a8:61:63:f8:91:80:8c:a1:9a:9c:81:2a:21:56:73:
a0:b3:07:b5:b7:9d:6b:3a:7c:ad:1f:2c:dd:56:0b:73:f0:e2:
06:7a:a4:7b:df:d3:34:b3:49:ad:b8:d6:ea:89:81:7e:98:0a:
12:10:7f:64
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZQgaGYe87LItCmnydtNgpjJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZjY4YWEyZTc1NWFhMGFjNjlhNzBmZThlZmViZWE0YzIz
MzU2MTEwHhcNMjUwMTAxMDU0ODIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGQ3MTRkNTdmZTZiYTQ5NWJhZjQzZWMwMTc3ZjkxNWYyZTJkYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyzcuSCN1fDhD9rwCoaR/d48+AhgG
LSA2B333wcaOVXK8+XCfqbR8O9RZEs5saKCs0GMqYsLBw87u3Oezdsf3QqICcCd/
j+EBAAnEjk4aKR+ws2gZpX+y2umqCQvbHYt7ML0JczqxbO592w417jrdTQ42C9F4
28wPE6E0fnA3FH/AzEE2b5paSYG26xf2UhQbe5J0yAzvlAfI1Xfi4PpyfUc1Cgzh
plWVzUR+VBe4OgXIRhbML8BHA2wzoNHg8vWErkmEv/DjW/GumdFCBKjatN96sL1m
wgMT2XL+3VTWYKSRlBBwD0fQ0B3B6CUKIMWm/hoLpxbJKj00YBSxOngt8wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFM3XFNV/5rpJW69D7AF3+RXy4tvuMB8GA1UdIwQY
MBaAFEj2iqLnVaoKxppw/o7+vqTCM1YRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1BhS291ZFZxZ3JHbW5ELWp2Ni1wTUl6VmhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9lYzI4N2QtZWZhYi00MzQxLWJlNTMt
ZjJiNTQ0YjBmZTdiLzEvemRjVTFYX211a2xicjBQc0FYZjVGZkxpMi00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9lYzI4N2QtZWZhYi00MzQxLWJlNTMtZjJiNTQ0YjBmZTdi
LzEvU1BhS291ZFZxZ3JHbW5ELWp2Ni1wTUl6VmhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuVtkAwQA
w1+7MBYEAgACMBADBwAgAQZ8FfQDBQAqA4kgMA0GCSqGSIb3DQEBCwUAA4IBAQCD
TPBStOndhwEgvOAJh1WwD5ahma7JfEBg+4s5X2KNew5us1wQ59ZHayPMT6lnz1kd
neqqWgrL1bpg7U1JrqKSpmWyfQEZe2AtYFOp8usAe3tzqIdAnpu3fkRqS7AW0jwt
CuwurMWdovy/kDr6awmcvoOFkWp7rriup1c4PkIWzfV5VYiuYjqWlKsMno1BNFga
T+Ff/lLNymNcwGY8vYR/s1kwk/N1Kln8MrPJoCA5FB2x/2mELqaBCHj55APyZK+c
3RxYgrPpfr2oYWP4kYCMoZqcgSohVnOgswe1t51rOnytHyzdVgtz8OIGeqR739M0
s0mtuNbqiYF+mAoSEH9k
-----END CERTIFICATE-----
Generated at Mon Apr 21 16:14:24 2025 by rpki-client