Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/1a40f5-b9c9-4856-83c6-ef040aebea60/1/zwNxRZCXOiLKuZa_7Wmh9NcuOqQ.roa
File: zwNxRZCXOiLKuZa_7Wmh9NcuOqQ.roa (raw, json)
Hash identifier: 6xxBkLaHc1up/veCbZl0eXM5uTf3B1SDA3dM0Oft33U=
Subject key identifier: CF:03:71:45:90:97:3A:22:CA:B9:96:BF:ED:69:A1:F4:D7:2E:3A:A4
Certificate issuer: /CN=a4176719912989979e086125a2a41a133fffdc24
Certificate serial: 0194AC0D0061BFFEE6E52583C3A22FD8F44E
Authority key identifier: A4:17:67:19:91:29:89:97:9E:08:61:25:A2:A4:1A:13:3F:FF:DC:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pBdnGZEpiZeeCGEloqQaEz__3CQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/1a40f5-b9c9-4856-83c6-ef040aebea60/1/zwNxRZCXOiLKuZa_7Wmh9NcuOqQ.roa
Signing time: Tue 28 Jan 2025 08:35:20 +0000
ROA not before: Tue 28 Jan 2025 08:35:20 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41897
IP address blocks: 94.154.108.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/1a40f5-b9c9-4856-83c6-ef040aebea60/1/pBdnGZEpiZeeCGEloqQaEz__3CQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/1a40f5-b9c9-4856-83c6-ef040aebea60/1/pBdnGZEpiZeeCGEloqQaEz__3CQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/pBdnGZEpiZeeCGEloqQaEz__3CQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:0d:00:61:bf:fe:e6:e5:25:83:c3:a2:2f:d8:f4:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4176719912989979e086125a2a41a133fffdc24
Validity
Not Before: Jan 28 08:35:20 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf03714590973a22cab996bfed69a1f4d72e3aa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:0d:3d:e1:a1:d7:82:06:6d:13:d5:ed:41:87:
86:6d:bb:c7:2d:77:37:78:53:28:6d:bc:fb:36:1e:
45:45:88:ef:c2:9b:a5:54:15:7b:3b:29:3d:2c:6d:
ef:b7:07:2c:57:b5:6b:dd:d7:93:67:fc:a7:9d:5e:
15:ff:a7:3e:a5:10:97:b7:3f:d8:f9:60:68:63:1e:
81:e4:6f:ed:66:f9:c0:20:8c:a8:23:28:83:2a:d9:
fd:1d:1b:20:1c:d1:72:80:50:5e:57:f0:7d:69:e6:
50:3e:7a:c7:24:77:59:bd:99:ab:05:7f:e0:5a:c4:
22:50:50:94:c5:70:12:9a:9f:08:07:02:34:63:68:
98:e1:1c:78:7d:e3:a5:2d:8c:4e:6b:06:30:d3:7e:
15:96:b4:b0:68:6b:5b:3e:41:d1:67:37:cb:39:51:
5f:0f:f2:8b:1d:87:50:e8:47:29:39:83:31:0c:8a:
d6:8e:d6:f0:be:58:34:e4:14:d6:bc:41:3a:57:71:
bd:78:85:1c:19:ef:c1:89:d1:5d:99:75:94:92:53:
fb:ae:a1:d2:ca:40:0f:1a:7f:f5:0a:12:9a:77:ed:
52:c8:79:95:6b:c8:0e:d5:ab:d8:99:99:3a:0f:18:
4c:cd:49:11:9f:f1:35:53:cd:66:08:11:52:26:50:
ec:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:03:71:45:90:97:3A:22:CA:B9:96:BF:ED:69:A1:F4:D7:2E:3A:A4
X509v3 Authority Key Identifier:
keyid:A4:17:67:19:91:29:89:97:9E:08:61:25:A2:A4:1A:13:3F:FF:DC:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pBdnGZEpiZeeCGEloqQaEz__3CQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/1a40f5-b9c9-4856-83c6-ef040aebea60/1/zwNxRZCXOiLKuZa_7Wmh9NcuOqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/1a40f5-b9c9-4856-83c6-ef040aebea60/1/pBdnGZEpiZeeCGEloqQaEz__3CQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.154.108.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:39:9c:e0:26:8b:4a:c1:8c:29:3a:87:a8:0b:53:e0:54:e7:
02:fb:e3:c7:a6:ed:5f:79:77:5a:3b:c3:b3:88:fb:4b:52:74:
49:a5:ad:6c:2c:c3:f6:7a:c8:a1:72:8c:3a:e5:de:3d:2f:d9:
f9:32:e1:03:45:4e:c3:91:e2:7f:b8:8d:e0:a5:40:0e:da:76:
fd:23:3b:f0:f3:cc:95:db:f5:b9:62:f0:82:98:03:c6:ec:ca:
ed:e8:1d:97:b9:d1:ff:db:b1:e9:4a:39:4f:c7:5d:8b:36:7e:
75:65:02:eb:02:b5:21:33:a1:e8:eb:e3:e0:60:d6:f4:4a:ee:
22:cd:46:46:63:e4:11:b7:50:a6:b9:9d:46:7c:64:f9:e1:29:
e8:55:0f:43:25:17:a1:f4:99:6e:ce:b9:31:dc:6a:68:b6:33:
0d:26:22:fc:a6:8a:e4:1c:31:df:26:83:e7:92:84:a0:9c:45:
b5:d9:ea:e1:6e:6f:67:a4:ed:4c:ea:14:bd:59:a4:f9:a8:34:
6a:a2:bd:bd:88:67:03:65:1f:1a:c7:58:5d:c6:bc:fc:46:80:
1f:3c:d5:35:0d:77:dd:fb:58:06:a2:0c:4c:6e:42:41:0c:97:
ef:1c:67:ff:90:1a:59:3f:cd:f9:1d:e0:18:2b:ef:c8:e4:b3:
c2:5e:1e:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZSsDQBhv/7m5SWDw6Iv2PROMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MTc2NzE5OTEyOTg5OTc5ZTA4NjEyNWEyYTQxYTEzM2Zm
ZmRjMjQwHhcNMjUwMTI4MDgzNTIwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjAzNzE0NTkwOTczYTIyY2FiOTk2YmZlZDY5YTFmNGQ3MmUzYWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApQ094aHXggZtE9XtQYeGbbvHLXc3
eFMobbz7Nh5FRYjvwpulVBV7Oyk9LG3vtwcsV7Vr3deTZ/ynnV4V/6c+pRCXtz/Y
+WBoYx6B5G/tZvnAIIyoIyiDKtn9HRsgHNFygFBeV/B9aeZQPnrHJHdZvZmrBX/g
WsQiUFCUxXASmp8IBwI0Y2iY4Rx4feOlLYxOawYw034VlrSwaGtbPkHRZzfLOVFf
D/KLHYdQ6EcpOYMxDIrWjtbwvlg05BTWvEE6V3G9eIUcGe/BidFdmXWUklP7rqHS
ykAPGn/1ChKad+1SyHmVa8gO1avYmZk6DxhMzUkRn/E1U81mCBFSJlDsbQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM8DcUWQlzoiyrmWv+1pofTXLjqkMB8GA1UdIwQY
MBaAFKQXZxmRKYmXnghhJaKkGhM//9wkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEJkbkdaRXBpWmVlQ0dFbG9xUWFFel9fM0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xYTQwZjUtYjljOS00ODU2LTgzYzYt
ZWYwNDBhZWJlYTYwLzEvendOeFJaQ1hPaUxLdVphXzdXbWg5TmN1T3FRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xYTQwZjUtYjljOS00ODU2LTgzYzYtZWYwNDBhZWJlYTYw
LzEvcEJkbkdaRXBpWmVlQ0dFbG9xUWFFel9fM0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXppsMA0G
CSqGSIb3DQEBCwUAA4IBAQB+OZzgJotKwYwpOoeoC1PgVOcC++PHpu1feXdaO8Oz
iPtLUnRJpa1sLMP2esihcow65d49L9n5MuEDRU7DkeJ/uI3gpUAO2nb9Izvw88yV
2/W5YvCCmAPG7Mrt6B2XudH/27HpSjlPx12LNn51ZQLrArUhM6Ho6+PgYNb0Su4i
zUZGY+QRt1CmuZ1GfGT54SnoVQ9DJReh9Jluzrkx3GpotjMNJiL8porkHDHfJoPn
koSgnEW12erhbm9npO1M6hS9WaT5qDRqor29iGcDZR8ax1hdxrz8RoAfPNU1DXfd
+1gGogxMbkJBDJfvHGf/kBpZP835HeAYK+/I5LPCXh4K
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:56:36 2025 by rpki-client