Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/ZIUzaNeA-dqB_cS44MLnf0HuawA.roa
File: ZIUzaNeA-dqB_cS44MLnf0HuawA.roa (raw, json)
Hash identifier: q8f9plPLOl0nPVToevY6P1epucVG2NTh0o+Jv1i4WmQ=
Subject key identifier: 64:85:33:68:D7:80:F9:DA:81:FD:C4:B8:E0:C2:E7:7F:41:EE:6B:00
Certificate issuer: /CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Certificate serial: 01941FFA096F914FB233CCC036FAABCFAE9A
Authority key identifier: 51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/ZIUzaNeA-dqB_cS44MLnf0HuawA.roa
Signing time: Wed 01 Jan 2025 03:47:47 +0000
ROA not before: Wed 01 Jan 2025 03:47:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62443
IP address blocks: 194.39.255.0/24 maxlen: 24
2a13:cc80::/32 maxlen: 32
2a13:cc81::/32 maxlen: 32
2a13:cc82:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UXoMloQrr8n2MLoUuD6nm9EqU7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UXoMloQrr8n2MLoUuD6nm9EqU7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 15:22:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:fa:09:6f:91:4f:b2:33:cc:c0:36:fa:ab:cf:ae:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=517a0c96842bafc9f630ba14b83ea79bd12a53b9
Validity
Not Before: Jan 1 03:47:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64853368d780f9da81fdc4b8e0c2e77f41ee6b00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b7:08:c2:74:bc:ee:b9:94:d7:42:db:04:43:
bb:88:9c:a8:7a:d4:47:7c:4d:15:b7:0a:e3:9a:e6:
e8:66:0f:42:87:c1:34:47:80:39:4c:70:fe:0a:30:
f2:92:24:d4:a2:2b:36:6a:67:e3:41:c6:73:cd:a7:
65:a5:6d:68:6a:57:ff:dc:ed:64:c7:1e:df:76:98:
75:cc:00:9e:f4:33:f4:d1:8d:33:08:6b:fb:a1:1e:
0e:4d:f5:f8:91:83:f2:61:23:39:9c:04:85:08:02:
8c:f3:87:01:7f:4c:41:7c:ab:1c:41:fc:26:68:ca:
40:7c:db:5d:49:45:da:a9:6c:17:9b:79:10:4f:7f:
f5:ff:83:19:00:47:0f:5d:7c:fc:9a:de:98:a6:dc:
59:f6:f4:03:38:ff:7f:ef:e5:d1:63:42:5f:34:a1:
bd:ef:59:8a:ed:04:4e:00:7d:25:b4:ee:63:1a:ae:
3d:e8:ec:fb:e7:da:1b:5f:f1:bb:05:09:6b:a5:03:
55:5e:43:43:c6:88:ae:f7:46:1b:f3:a1:a4:9e:c4:
22:58:27:74:a4:22:f7:00:7b:3f:05:b3:0b:e9:c5:
2b:73:8d:93:60:e7:fd:82:6e:38:b2:45:41:7b:f6:
ad:15:f6:b5:67:ab:e5:fb:d3:78:43:a6:5b:0a:88:
ac:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:85:33:68:D7:80:F9:DA:81:FD:C4:B8:E0:C2:E7:7F:41:EE:6B:00
X509v3 Authority Key Identifier:
keyid:51:7A:0C:96:84:2B:AF:C9:F6:30:BA:14:B8:3E:A7:9B:D1:2A:53:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UXoMloQrr8n2MLoUuD6nm9EqU7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/ZIUzaNeA-dqB_cS44MLnf0HuawA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/14e492-8525-4eec-84bc-b0eb6715e0af/1/UXoMloQrr8n2MLoUuD6nm9EqU7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.39.255.0/24
IPv6:
2a13:cc80::/31
2a13:cc82:100::/48
Signature Algorithm: sha256WithRSAEncryption
bc:16:a3:6c:51:af:83:e4:5a:5e:d3:7a:b9:e5:88:07:78:a3:
3c:73:e4:a3:34:ec:9d:fc:ef:b9:67:50:89:fb:c3:c0:8b:37:
71:4c:49:76:38:32:b9:ca:26:b6:65:f6:95:ea:e4:03:cc:b8:
1d:41:a8:a4:ce:ef:68:7f:10:a0:e0:70:25:aa:5a:a1:05:96:
d1:d2:f4:83:74:77:98:cf:fa:13:cc:c9:50:c3:3c:d4:cb:ba:
5c:d7:2a:0e:5e:48:a7:10:8f:b1:28:99:ba:ee:2a:ca:8f:d6:
02:58:98:8b:91:e0:ea:c1:85:aa:11:ae:4d:61:07:10:af:06:
38:04:cd:c6:ff:32:fe:f5:7d:39:4f:cd:7b:a4:98:98:a5:8e:
c1:6f:02:d9:ed:8c:f0:8b:76:83:9e:43:80:88:37:d1:bf:be:
e2:c1:7b:7f:92:d6:cf:2a:00:54:05:fb:47:59:68:99:ff:e1:
da:40:82:dc:e4:01:7d:cb:82:52:a7:b7:95:83:a1:cb:32:98:
f4:71:53:8b:2b:c8:db:de:eb:54:5d:58:c7:fc:6c:82:a3:ca:
b2:22:6d:e2:3f:e2:40:d8:3c:cc:35:b9:43:ab:ea:ce:bd:b1:
e2:d0:ab:d2:48:58:b7:1a:40:1e:46:e7:8f:b2:34:01:6a:0c:
89:4d:49:cb
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZQf+glvkU+yM8zANvqrz66aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxN2EwYzk2ODQyYmFmYzlmNjMwYmExNGI4M2VhNzliZDEy
YTUzYjkwHhcNMjUwMTAxMDM0NzQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDg1MzM2OGQ3ODBmOWRhODFmZGM0YjhlMGMyZTc3ZjQxZWU2YjAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rcIwnS87rmU10LbBEO7iJyoetRH
fE0VtwrjmuboZg9Ch8E0R4A5THD+CjDykiTUois2amfjQcZzzadlpW1oalf/3O1k
xx7fdph1zACe9DP00Y0zCGv7oR4OTfX4kYPyYSM5nASFCAKM84cBf0xBfKscQfwm
aMpAfNtdSUXaqWwXm3kQT3/1/4MZAEcPXXz8mt6YptxZ9vQDOP9/7+XRY0JfNKG9
71mK7QROAH0ltO5jGq496Oz759obX/G7BQlrpQNVXkNDxoiu90Yb86GknsQiWCd0
pCL3AHs/BbML6cUrc42TYOf9gm44skVBe/atFfa1Z6vl+9N4Q6ZbCoisYwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGSFM2jXgPnagf3EuODC539B7msAMB8GA1UdIwQY
MBaAFFF6DJaEK6/J9jC6FLg+p5vRKlO5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMt
YjBlYjY3MTVlMGFmLzEvWklVemFOZUEtZHFCX2NTNDRNTG5mMEh1YXdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xNGU0OTItODUyNS00ZWVjLTg0YmMtYjBlYjY3MTVlMGFm
LzEvVVhvTWxvUXJyOG4yTUxvVXVENm5tOUVxVTdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAwif/MBYE
AgACMBADBQEqE8yAAwcAKhPMggEAMA0GCSqGSIb3DQEBCwUAA4IBAQC8FqNsUa+D
5Fpe03q55YgHeKM8c+SjNOyd/O+5Z1CJ+8PAizdxTEl2ODK5yia2ZfaV6uQDzLgd
Qaikzu9ofxCg4HAlqlqhBZbR0vSDdHeYz/oTzMlQwzzUy7pc1yoOXkinEI+xKJm6
7irKj9YCWJiLkeDqwYWqEa5NYQcQrwY4BM3G/zL+9X05T817pJiYpY7BbwLZ7Yzw
i3aDnkOAiDfRv77iwXt/ktbPKgBUBftHWWiZ/+HaQILc5AF9y4JSp7eVg6HLMpj0
cVOLK8jb3utUXVjH/GyCo8qyIm3iP+JA2DzMNblDq+rOvbHi0KvSSFi3GkAeRueP
sjQBagyJTUnL
-----END CERTIFICATE-----
Generated at Wed Apr 16 00:02:36 2025 by rpki-client