Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/9c5768-e80a-4110-a46d-0ff86ef95e0f/1/zraU6JUbMiPLRortKHmXEnAo1OE.roa
File: zraU6JUbMiPLRortKHmXEnAo1OE.roa (raw, json)
Hash identifier: HMXC6yKtO8g8Ym91NRBLoqlps2ZqE/0U22YJBVZue4c=
Subject key identifier: CE:B6:94:E8:95:1B:32:23:CB:46:8A:ED:28:79:97:12:70:28:D4:E1
Certificate issuer: /CN=1cd3c30939b906a4515a1c65c08836829b6a3289
Certificate serial: 0194258FA605B964D96EE2AE2E4E95F674E2
Authority key identifier: 1C:D3:C3:09:39:B9:06:A4:51:5A:1C:65:C0:88:36:82:9B:6A:32:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HNPDCTm5BqRRWhxlwIg2gptqMok.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/9c5768-e80a-4110-a46d-0ff86ef95e0f/1/zraU6JUbMiPLRortKHmXEnAo1OE.roa
Signing time: Thu 02 Jan 2025 05:49:18 +0000
ROA not before: Thu 02 Jan 2025 05:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49122
IP address blocks: 94.229.112.0/22 maxlen: 22
94.229.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/9c5768-e80a-4110-a46d-0ff86ef95e0f/1/HNPDCTm5BqRRWhxlwIg2gptqMok.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/9c5768-e80a-4110-a46d-0ff86ef95e0f/1/HNPDCTm5BqRRWhxlwIg2gptqMok.mft
rsync://rpki.ripe.net/repository/DEFAULT/HNPDCTm5BqRRWhxlwIg2gptqMok.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Apr 2025 05:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:8f:a6:05:b9:64:d9:6e:e2:ae:2e:4e:95:f6:74:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1cd3c30939b906a4515a1c65c08836829b6a3289
Validity
Not Before: Jan 2 05:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ceb694e8951b3223cb468aed287997127028d4e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:26:a6:93:ae:ca:ef:82:60:58:78:6b:7c:9a:
c6:72:c3:e6:ad:9d:f2:e2:38:dd:c2:a1:03:1b:b2:
3c:85:23:85:5e:22:d3:a9:91:ed:00:90:52:9a:a4:
1b:64:3e:9d:35:d6:da:3c:69:94:bd:c1:84:c0:ae:
43:8c:57:ae:b5:5f:98:1d:d6:a7:d5:62:f2:7c:46:
af:7d:e6:1e:7d:cf:52:7f:63:73:08:66:55:36:7c:
51:e6:3d:70:d3:81:98:1c:ac:9e:68:1c:58:7e:12:
36:70:19:b7:6d:84:bd:68:1e:91:57:ea:79:76:c2:
ce:8e:07:b5:2c:d3:83:68:60:20:9d:82:66:3d:05:
61:18:18:f3:c4:4c:27:93:75:e1:79:2d:dd:3f:52:
0d:fc:d6:38:23:72:48:6e:19:14:d5:f0:68:fb:dd:
0f:24:99:c9:9b:7e:54:5f:f8:d3:e9:b9:96:c5:9a:
4a:48:ea:61:b9:6d:24:40:43:9a:6b:71:d6:36:ac:
bb:27:65:de:2d:8d:fa:f1:64:e4:8c:a9:46:e6:68:
e8:63:8f:f2:02:c9:93:0c:67:9e:c3:4d:5a:cb:e0:
00:5f:36:06:8c:6e:82:d3:48:49:80:7c:8e:54:b0:
8f:71:4a:44:a1:28:60:71:8c:88:bc:2a:51:e2:f2:
14:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B6:94:E8:95:1B:32:23:CB:46:8A:ED:28:79:97:12:70:28:D4:E1
X509v3 Authority Key Identifier:
keyid:1C:D3:C3:09:39:B9:06:A4:51:5A:1C:65:C0:88:36:82:9B:6A:32:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HNPDCTm5BqRRWhxlwIg2gptqMok.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9c5768-e80a-4110-a46d-0ff86ef95e0f/1/zraU6JUbMiPLRortKHmXEnAo1OE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/9c5768-e80a-4110-a46d-0ff86ef95e0f/1/HNPDCTm5BqRRWhxlwIg2gptqMok.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.229.112.0/22
94.229.124.0/22
Signature Algorithm: sha256WithRSAEncryption
44:5b:44:ef:bb:0b:a7:b2:fd:30:f1:dd:24:4e:1a:fb:66:af:
27:d9:69:ea:bc:fb:58:61:22:cd:f7:2b:15:26:82:0e:a7:fb:
53:43:b8:df:ea:54:e4:5c:57:4c:35:3b:a1:aa:39:1d:e0:d1:
48:90:67:2e:56:0d:40:77:e1:46:8c:df:d3:b1:d7:0d:a9:55:
2c:28:96:a1:8a:23:4f:b6:68:ab:f7:67:44:ff:29:62:23:77:
6c:ca:ef:f5:cb:86:7e:69:44:28:36:b0:8f:17:70:6a:0c:06:
76:09:27:70:b2:a3:c5:c0:fe:5d:76:dc:12:cf:58:e4:c2:f2:
c4:b9:ba:1c:5e:5f:9d:d6:7e:ae:12:a9:89:cf:5f:f3:53:52:
b1:50:69:16:b5:d2:a5:bd:b7:1f:27:ec:e9:67:7b:c4:ed:d6:
0e:55:f0:d4:f0:dd:71:66:25:96:af:67:bd:b1:57:d4:ce:10:
fb:8d:c2:f3:11:a9:59:d1:e0:48:77:6c:52:a5:82:f9:b5:cd:
d7:f4:9e:fb:62:74:4b:39:c9:e6:bb:63:a9:8e:69:2b:4e:81:
b6:5c:e1:2b:29:f1:7e:1f:a5:8e:51:af:56:70:28:15:62:63:
fe:4c:c4:32:db:2e:0d:67:f8:be:02:24:f6:1c:7b:2c:ab:cb:
48:7e:e6:4b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQlj6YFuWTZbuKuLk6V9nTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjZDNjMzA5MzliOTA2YTQ1MTVhMWM2NWMwODgzNjgyOWI2
YTMyODkwHhcNMjUwMTAyMDU0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWI2OTRlODk1MWIzMjIzY2I0NjhhZWQyODc5OTcxMjcwMjhkNGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSamk67K74JgWHhrfJrGcsPmrZ3y
4jjdwqEDG7I8hSOFXiLTqZHtAJBSmqQbZD6dNdbaPGmUvcGEwK5DjFeutV+YHdan
1WLyfEavfeYefc9Sf2NzCGZVNnxR5j1w04GYHKyeaBxYfhI2cBm3bYS9aB6RV+p5
dsLOjge1LNODaGAgnYJmPQVhGBjzxEwnk3XheS3dP1IN/NY4I3JIbhkU1fBo+90P
JJnJm35UX/jT6bmWxZpKSOphuW0kQEOaa3HWNqy7J2XeLY368WTkjKlG5mjoY4/y
AsmTDGeew01ay+AAXzYGjG6C00hJgHyOVLCPcUpEoShgcYyIvCpR4vIUTwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM62lOiVGzIjy0aK7Sh5lxJwKNThMB8GA1UdIwQY
MBaAFBzTwwk5uQakUVocZcCINoKbajKJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSE5QRENUbTVCcVJSV2h4bHdJZzJncHRxTW9rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi85YzU3NjgtZTgwYS00MTEwLWE0NmQt
MGZmODZlZjk1ZTBmLzEvenJhVTZKVWJNaVBMUm9ydEtIbVhFbkFvMU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi85YzU3NjgtZTgwYS00MTEwLWE0NmQtMGZmODZlZjk1ZTBm
LzEvSE5QRENUbTVCcVJSV2h4bHdJZzJncHRxTW9rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXuVwAwQC
XuV8MA0GCSqGSIb3DQEBCwUAA4IBAQBEW0Tvuwunsv0w8d0kThr7Zq8n2WnqvPtY
YSLN9ysVJoIOp/tTQ7jf6lTkXFdMNTuhqjkd4NFIkGcuVg1Ad+FGjN/TsdcNqVUs
KJahiiNPtmir92dE/yliI3dsyu/1y4Z+aUQoNrCPF3BqDAZ2CSdwsqPFwP5ddtwS
z1jkwvLEubocXl+d1n6uEqmJz1/zU1KxUGkWtdKlvbcfJ+zpZ3vE7dYOVfDU8N1x
ZiWWr2e9sVfUzhD7jcLzEalZ0eBId2xSpYL5tc3X9J77YnRLOcnmu2OpjmkrToG2
XOErKfF+H6WOUa9WcCgVYmP+TMQy2y4NZ/i+AiT2HHssq8tIfuZL
-----END CERTIFICATE-----
Generated at Sun Apr 20 13:12:21 2025 by rpki-client