Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/ZIR_yTw54Vg-opPAQLBsjCA0kZk.roa
File: ZIR_yTw54Vg-opPAQLBsjCA0kZk.roa (raw, json)
Hash identifier: IWAm2sXCY8KxHtRY4zBKo5b13l+g7LnQAwj1OVOtgXw=
Subject key identifier: 64:84:7F:C9:3C:39:E1:58:3E:A2:93:C0:40:B0:6C:8C:20:34:91:99
Certificate issuer: /CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Certificate serial: 01941FFA256B074A5D6DD1768A4C3FDA0DB5
Authority key identifier: BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/ZIR_yTw54Vg-opPAQLBsjCA0kZk.roa
Signing time: Wed 01 Jan 2025 03:47:54 +0000
ROA not before: Wed 01 Jan 2025 03:47:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 193.31.15.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 05 Apr 2025 19:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:25:6b:07:4a:5d:6d:d1:76:8a:4c:3f:da:0d:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf1d5feafd39174725bfe4bef91bd27c7b2f6f91
Validity
Not Before: Jan 1 03:47:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64847fc93c39e1583ea293c040b06c8c20349199
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:45:07:ff:c4:bd:2c:93:84:3e:06:f1:ba:37:
73:e6:26:ba:20:8f:d6:fe:bc:99:18:18:17:f2:5d:
fa:93:53:e6:e6:1c:c9:e2:06:23:5a:a0:d7:66:21:
b6:dc:9f:35:fd:b7:ba:6d:c7:24:b4:92:6d:21:9e:
61:88:ca:c6:05:41:33:9f:eb:68:78:39:45:49:68:
2e:30:2e:6e:59:ea:29:8b:99:fb:fb:a3:d0:70:9a:
ab:f6:70:d6:7f:72:bf:57:50:5a:51:87:36:71:e2:
d5:23:4d:ef:2a:bb:ea:fc:4f:f0:8f:9f:aa:e0:9a:
4b:32:23:30:da:a7:54:68:50:10:6e:df:64:d0:fb:
a5:5d:93:f9:c1:03:fc:d6:af:a9:c5:5f:5c:41:91:
0a:fb:4f:a9:8a:23:87:a5:93:33:75:4b:d7:35:05:
75:3e:e8:a3:cf:9c:a8:63:56:48:d5:44:80:e8:6b:
dd:ac:b4:b5:97:72:0c:cb:03:15:44:78:98:76:fb:
f6:8d:1d:0d:29:f0:c1:4c:3a:81:18:3e:0a:e5:66:
34:fa:c2:5d:00:80:17:69:04:ac:68:58:e6:bd:eb:
ac:fb:68:6d:27:27:38:00:91:33:90:65:7f:de:71:
e7:a2:4f:57:3b:14:8c:50:ef:f9:98:dd:94:3b:a5:
3e:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:84:7F:C9:3C:39:E1:58:3E:A2:93:C0:40:B0:6C:8C:20:34:91:99
X509v3 Authority Key Identifier:
keyid:BF:1D:5F:EA:FD:39:17:47:25:BF:E4:BE:F9:1B:D2:7C:7B:2F:6F:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vx1f6v05F0clv-S--RvSfHsvb5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/ZIR_yTw54Vg-opPAQLBsjCA0kZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/6065d2-103e-4ab7-bfb3-1a8c842afe2a/1/vx1f6v05F0clv-S--RvSfHsvb5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.31.15.0/24
Signature Algorithm: sha256WithRSAEncryption
18:ff:ae:cd:68:5f:33:a3:a0:e7:89:ed:72:36:3a:e1:6e:7f:
0d:1e:b3:b5:4b:46:f8:a1:35:a4:df:8a:0e:40:5c:5f:80:72:
54:34:87:6a:9b:92:b1:78:4b:3c:97:5a:83:8c:3f:74:b8:f0:
5e:22:75:18:bb:ff:9d:62:0d:c7:b2:b4:c7:16:2b:18:d5:a8:
63:ff:ff:b6:b2:22:f4:e1:43:5b:52:27:e4:25:e1:68:f6:6a:
eb:c5:30:d2:05:a8:84:0d:e4:bf:23:71:5d:7c:df:78:1d:52:
f5:b0:dd:03:a6:1b:ad:fa:38:3d:bc:2e:01:0c:c7:61:d5:aa:
69:d7:59:2b:85:61:01:4e:1d:73:c3:04:96:98:6d:d7:69:76:
29:89:46:d4:57:33:96:62:7c:34:6e:ae:3f:f0:49:26:54:39:
66:4d:08:eb:5d:61:31:7d:3f:c6:7e:56:b5:b6:7e:3f:f3:92:
12:37:40:8b:30:c4:1a:1d:3d:1c:94:40:8c:6e:b5:28:29:19:
52:54:3f:af:07:0c:e3:50:ed:a4:42:84:83:84:f6:a2:59:3f:
07:a8:7d:21:5b:d8:3d:6e:2b:6f:ad:2f:7a:bf:4f:6e:a4:31:
67:1f:a3:f5:45:30:0c:bc:4c:3b:21:68:03:9d:b6:89:22:05:
01:d9:7b:13
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQf+iVrB0pdbdF2ikw/2g21MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmMWQ1ZmVhZmQzOTE3NDcyNWJmZTRiZWY5MWJkMjdjN2Iy
ZjZmOTEwHhcNMjUwMTAxMDM0NzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDg0N2ZjOTNjMzllMTU4M2VhMjkzYzA0MGIwNmM4YzIwMzQ5MTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7UUH/8S9LJOEPgbxujdz5ia6II/W
/ryZGBgX8l36k1Pm5hzJ4gYjWqDXZiG23J81/be6bccktJJtIZ5hiMrGBUEzn+to
eDlFSWguMC5uWeopi5n7+6PQcJqr9nDWf3K/V1BaUYc2ceLVI03vKrvq/E/wj5+q
4JpLMiMw2qdUaFAQbt9k0PulXZP5wQP81q+pxV9cQZEK+0+piiOHpZMzdUvXNQV1
Puijz5yoY1ZI1USA6GvdrLS1l3IMywMVRHiYdvv2jR0NKfDBTDqBGD4K5WY0+sJd
AIAXaQSsaFjmveus+2htJyc4AJEzkGV/3nHnok9XOxSMUO/5mN2UO6U+awIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGSEf8k8OeFYPqKTwECwbIwgNJGZMB8GA1UdIwQY
MBaAFL8dX+r9ORdHJb/kvvkb0nx7L2+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMt
MWE4Yzg0MmFmZTJhLzEvWklSX3lUdzU0Vmctb3BQQVFMQnNqQ0Ewa1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy82MDY1ZDItMTAzZS00YWI3LWJmYjMtMWE4Yzg0MmFmZTJh
LzEvdngxZjZ2MDVGMGNsdi1TLS1SdlNmSHN2YjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwR8PMA0G
CSqGSIb3DQEBCwUAA4IBAQAY/67NaF8zo6Dnie1yNjrhbn8NHrO1S0b4oTWk34oO
QFxfgHJUNIdqm5KxeEs8l1qDjD90uPBeInUYu/+dYg3HsrTHFisY1ahj//+2siL0
4UNbUifkJeFo9mrrxTDSBaiEDeS/I3FdfN94HVL1sN0Dphut+jg9vC4BDMdh1app
11krhWEBTh1zwwSWmG3XaXYpiUbUVzOWYnw0bq4/8EkmVDlmTQjrXWExfT/Gfla1
tn4/85ISN0CLMMQaHT0clECMbrUoKRlSVD+vBwzjUO2kQoSDhPaiWT8HqH0hW9g9
bitvrS96v09upDFnH6P1RTAMvEw7IWgDnbaJIgUB2XsT
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:45:32 2025 by rpki-client