Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ZDc_89bkDMXJHNvHeAKBSsEJ-nU.roa
File: ZDc_89bkDMXJHNvHeAKBSsEJ-nU.roa (raw, json)
Hash identifier: 7I1E2VyduMZT+iNXgR6ZU0lJrvv5nSc9Ag91Mn4OciQ=
Subject key identifier: 64:37:3F:F3:D6:E4:0C:C5:C9:1C:DB:C7:78:02:81:4A:C1:09:FA:75
Certificate issuer: /CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Certificate serial: 0196C9183F3F006FA3965048C09E56E0C47B
Authority key identifier: B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ZDc_89bkDMXJHNvHeAKBSsEJ-nU.roa
Signing time: Tue 13 May 2025 10:02:11 +0000
ROA not before: Tue 13 May 2025 10:02:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25227
IP address blocks: 185.244.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c9:18:3f:3f:00:6f:a3:96:50:48:c0:9e:56:e0:c4:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f96345d3f22edb395d247f7b86d2d73e4a0091
Validity
Not Before: May 13 10:02:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64373ff3d6e40cc5c91cdbc77802814ac109fa75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1b:44:0e:f1:59:60:ec:8f:1e:39:53:5e:bc:
cc:17:c3:86:48:c5:e0:ba:af:7d:60:ad:e6:c6:99:
c9:60:15:e1:bc:57:b9:f2:1b:10:bf:43:fe:d8:c8:
64:ed:85:1c:97:ee:4c:99:90:16:d9:ac:32:6d:09:
2a:ff:aa:fe:9d:2c:c6:5a:5e:5a:6f:f4:ea:e6:7f:
dd:3d:de:31:24:46:65:01:a5:32:3a:6d:b5:66:57:
54:3c:12:14:13:aa:f1:15:a8:7f:e2:28:0d:d2:8b:
78:83:cd:37:1f:a0:9f:bc:06:4f:2d:91:91:1f:a4:
96:fa:23:b8:67:ed:11:96:cb:c8:d8:49:05:57:b6:
28:a7:be:0d:ba:f0:43:dd:e0:19:50:36:c6:57:e0:
bb:4a:bb:cd:c6:8c:c6:c1:92:b0:dc:d6:d1:d5:fb:
88:1f:52:81:21:d4:a6:22:e1:10:ea:db:c8:a9:bc:
66:21:db:a1:8d:a6:f2:38:2d:f8:1d:7e:a4:a8:b4:
04:1d:c4:36:99:e5:ca:91:45:e4:23:1f:df:eb:65:
bc:aa:13:8c:69:59:96:c0:c3:15:35:04:ae:25:4e:
e5:e5:3c:22:2e:06:81:fc:a3:ae:bd:ed:6a:ba:23:
87:b6:76:6c:a0:da:cd:62:bb:bf:4a:30:f9:94:99:
14:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:37:3F:F3:D6:E4:0C:C5:C9:1C:DB:C7:78:02:81:4A:C1:09:FA:75
X509v3 Authority Key Identifier:
keyid:B4:F9:63:45:D3:F2:2E:DB:39:5D:24:7F:7B:86:D2:D7:3E:4A:00:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPljRdPyLts5XSR_e4bS1z5KAJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/ZDc_89bkDMXJHNvHeAKBSsEJ-nU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/8e121d-73b3-438a-83c4-6fc343d77cd2/1/tPljRdPyLts5XSR_e4bS1z5KAJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.175.0/24
Signature Algorithm: sha256WithRSAEncryption
63:89:b3:6e:43:9b:59:93:35:3e:ff:67:5b:01:ac:06:0d:5c:
c3:62:dc:e1:fc:bd:27:aa:42:44:82:4f:1f:dc:d6:17:f1:ab:
5f:ff:d8:36:0b:f3:85:d3:d6:76:53:4f:95:2d:f5:9c:7e:40:
e0:0a:35:fb:7f:b4:26:a7:f7:0f:b9:4a:d4:6c:d2:07:d7:cf:
22:4d:a1:15:b8:6b:30:62:38:57:51:0b:0c:77:a9:ae:56:19:
28:95:74:fa:11:47:58:fb:59:7a:17:c5:0f:17:5c:73:20:13:
32:99:d9:7e:9f:80:f7:97:8e:b4:61:51:c4:64:3e:53:15:ac:
88:9f:22:08:bd:b4:11:18:c1:e4:15:78:0a:08:34:c3:81:7e:
d9:d0:88:dd:3d:cf:66:2f:32:b5:00:19:1a:48:49:35:a0:7c:
6c:99:45:c4:7e:fe:8f:b9:aa:51:c3:0e:d6:43:31:fd:84:ad:
24:f8:b8:ec:ea:86:a4:89:21:92:c4:ac:7c:5e:13:8a:d5:b3:
24:72:05:d9:02:1a:95:db:7a:c6:e7:1e:6d:c6:e7:bb:c7:48:
14:ea:cd:8c:05:f3:a3:5b:83:80:01:1c:59:f7:54:a4:03:68:
5e:a1:1f:b6:58:fa:73:f7:c6:52:44:20:29:5a:86:dc:c9:a8:
fa:82:48:32
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbJGD8/AG+jllBIwJ5W4MR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0Zjk2MzQ1ZDNmMjJlZGIzOTVkMjQ3ZjdiODZkMmQ3M2U0
YTAwOTEwHhcNMjUwNTEzMTAwMjExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDM3M2ZmM2Q2ZTQwY2M1YzkxY2RiYzc3ODAyODE0YWMxMDlmYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBtEDvFZYOyPHjlTXrzMF8OGSMXg
uq99YK3mxpnJYBXhvFe58hsQv0P+2Mhk7YUcl+5MmZAW2awybQkq/6r+nSzGWl5a
b/Tq5n/dPd4xJEZlAaUyOm21ZldUPBIUE6rxFah/4igN0ot4g803H6CfvAZPLZGR
H6SW+iO4Z+0RlsvI2EkFV7Yop74NuvBD3eAZUDbGV+C7SrvNxozGwZKw3NbR1fuI
H1KBIdSmIuEQ6tvIqbxmIduhjabyOC34HX6kqLQEHcQ2meXKkUXkIx/f62W8qhOM
aVmWwMMVNQSuJU7l5TwiLgaB/KOuve1quiOHtnZsoNrNYru/SjD5lJkUYQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGQ3P/PW5AzFyRzbx3gCgUrBCfp1MB8GA1UdIwQY
MBaAFLT5Y0XT8i7bOV0kf3uG0tc+SgCRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQt
NmZjMzQzZDc3Y2QyLzEvWkRjXzg5YmtETVhKSE52SGVBS0JTc0VKLW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ZTEyMWQtNzNiMy00MzhhLTgzYzQtNmZjMzQzZDc3Y2Qy
LzEvdFBsalJkUHlMdHM1WFNSX2U0YlMxejVLQUpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAufSvMA0G
CSqGSIb3DQEBCwUAA4IBAQBjibNuQ5tZkzU+/2dbAawGDVzDYtzh/L0nqkJEgk8f
3NYX8atf/9g2C/OF09Z2U0+VLfWcfkDgCjX7f7Qmp/cPuUrUbNIH188iTaEVuGsw
YjhXUQsMd6muVhkolXT6EUdY+1l6F8UPF1xzIBMymdl+n4D3l460YVHEZD5TFayI
nyIIvbQRGMHkFXgKCDTDgX7Z0IjdPc9mLzK1ABkaSEk1oHxsmUXEfv6PuapRww7W
QzH9hK0k+Ljs6oakiSGSxKx8XhOK1bMkcgXZAhqV23rG5x5txue7x0gU6s2MBfOj
W4OAARxZ91SkA2heoR+2WPpz98ZSRCApWobcyaj6gkgy
-----END CERTIFICATE-----
Generated at Fri Jun 6 15:15:49 2025 by rpki-client