Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZekgI3gBPR0cynIzEhQl53VK6aU.roa
File: ZekgI3gBPR0cynIzEhQl53VK6aU.roa (raw, json)
Hash identifier: nv9ZxodEcDiNrFwiejK0YjW/kQd0lEjlyPsqWR9oup8=
Subject key identifier: 65:E9:20:23:78:01:3D:1D:1C:CA:72:33:12:14:25:E7:75:4A:E9:A5
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019427B3969B4EB933A36FE1F0AAAD7FDFCB
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZekgI3gBPR0cynIzEhQl53VK6aU.roa
Signing time: Thu 02 Jan 2025 15:47:48 +0000
ROA not before: Thu 02 Jan 2025 15:47:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29802
IP address blocks: 194.5.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:b3:96:9b:4e:b9:33:a3:6f:e1:f0:aa:ad:7f:df:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 15:47:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65e9202378013d1d1cca7233121425e7754ae9a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:0e:43:c7:2e:04:d8:be:12:45:57:ad:94:56:
ed:59:23:31:66:47:c0:0f:46:eb:11:fc:96:ef:e1:
d1:53:2b:dc:50:f4:3c:03:64:64:65:10:60:76:07:
ae:56:0f:cc:3a:fc:d2:2c:66:58:59:28:1b:d3:13:
1b:86:cd:a5:7d:33:85:39:ed:c2:73:c6:5d:45:1f:
22:30:0f:4a:1f:c6:4a:af:d7:7f:3f:d4:c7:1c:c7:
24:97:3e:86:e3:df:a1:ac:2c:5f:eb:8e:84:86:4b:
e5:21:8d:20:bd:51:a2:ec:b0:a6:4a:cc:4f:e5:62:
ea:18:29:76:70:87:82:bc:2e:97:2c:a8:3b:cc:e0:
e1:52:7b:c6:ca:af:a9:64:26:23:37:f3:86:c4:8d:
fd:b3:ad:b7:df:dd:d8:04:2b:bc:89:1c:43:3e:99:
72:b2:dd:b0:05:a8:da:fd:4a:fa:ba:c0:e1:d3:a0:
23:b0:6e:ff:8b:f6:b4:5b:04:d7:d8:81:47:7c:da:
4e:f5:25:2b:e9:15:1c:43:68:de:d6:48:a8:8a:a0:
86:7e:6a:99:15:54:3d:87:04:a7:01:ea:0d:8e:35:
dc:97:b6:40:e1:52:88:28:ba:ee:48:9a:45:aa:6a:
75:57:f0:07:d3:45:98:26:aa:ba:86:62:e3:db:64:
45:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:E9:20:23:78:01:3D:1D:1C:CA:72:33:12:14:25:E7:75:4A:E9:A5
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/ZekgI3gBPR0cynIzEhQl53VK6aU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.5.49.0/24
Signature Algorithm: sha256WithRSAEncryption
40:1f:2e:0a:c6:a3:bb:f6:65:43:95:ee:6d:3a:92:c5:42:6f:
b2:90:77:b5:d1:bd:6d:7b:2e:2b:22:cd:79:ed:a9:59:45:00:
7a:80:32:5b:52:b4:1c:61:95:1f:7b:ec:cb:09:da:6e:a5:9b:
f5:1d:85:87:a5:18:8d:f2:07:cb:71:c6:ee:b2:be:51:6f:33:
a3:ec:64:dc:a5:5c:01:5b:ca:e2:01:d2:c4:55:65:e0:3d:88:
43:d8:26:5d:4c:d8:cc:7f:6d:6b:b7:df:ff:0a:56:0f:08:72:
fe:40:5b:be:64:98:6e:4e:fb:67:01:8f:b9:5c:43:40:b6:6c:
05:ab:2a:90:a5:43:c5:61:31:3b:1f:19:8b:f0:3a:9c:6c:20:
95:10:6b:c1:78:45:78:8a:08:e7:09:1e:e1:49:0a:7a:ad:96:
48:3d:fa:5b:6c:3f:97:e7:ec:36:e3:a9:a4:e0:23:bc:35:af:
c9:30:27:89:02:3f:ac:64:c4:34:e3:d4:02:1b:7b:ca:48:b8:
8e:ff:99:57:b2:0e:b5:33:e3:0b:77:46:f4:3e:8a:e1:e1:90:
e9:38:64:70:f0:81:63:37:ea:8b:bb:ef:38:29:b9:91:1a:90:
5e:f3:a2:05:df:42:b4:78:45:c9:22:53:9c:4e:14:75:94:70:
76:6f:33:87
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQns5abTrkzo2/h8Kqtf9/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwMTAyMTU0NzQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWU5MjAyMzc4MDEzZDFkMWNjYTcyMzMxMjE0MjVlNzc1NGFlOWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0w5Dxy4E2L4SRVetlFbtWSMxZkfA
D0brEfyW7+HRUyvcUPQ8A2RkZRBgdgeuVg/MOvzSLGZYWSgb0xMbhs2lfTOFOe3C
c8ZdRR8iMA9KH8ZKr9d/P9THHMcklz6G49+hrCxf646EhkvlIY0gvVGi7LCmSsxP
5WLqGCl2cIeCvC6XLKg7zODhUnvGyq+pZCYjN/OGxI39s623393YBCu8iRxDPply
st2wBaja/Ur6usDh06AjsG7/i/a0WwTX2IFHfNpO9SUr6RUcQ2je1kioiqCGfmqZ
FVQ9hwSnAeoNjjXcl7ZA4VKIKLruSJpFqmp1V/AH00WYJqq6hmLj22RFfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGXpICN4AT0dHMpyMxIUJed1SumlMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvWmVrZ0kzZ0JQUjBjeW5JekVoUWw1M1ZLNmFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwgUxMA0G
CSqGSIb3DQEBCwUAA4IBAQBAHy4KxqO79mVDle5tOpLFQm+ykHe10b1tey4rIs15
7alZRQB6gDJbUrQcYZUfe+zLCdpupZv1HYWHpRiN8gfLccbusr5RbzOj7GTcpVwB
W8riAdLEVWXgPYhD2CZdTNjMf21rt9//ClYPCHL+QFu+ZJhuTvtnAY+5XENAtmwF
qyqQpUPFYTE7HxmL8DqcbCCVEGvBeEV4igjnCR7hSQp6rZZIPfpbbD+X5+w246mk
4CO8Na/JMCeJAj+sZMQ049QCG3vKSLiO/5lXsg61M+MLd0b0Porh4ZDpOGRw8IFj
N+qLu+84KbmRGpBe86IF30K0eEXJIlOcThR1lHB2bzOH
-----END CERTIFICATE-----
Generated at Wed Feb 5 11:00:15 2025 by rpki-client