Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/zanD_Us8dBGhViwVbHdjZ1KnOyY.roa
File: zanD_Us8dBGhViwVbHdjZ1KnOyY.roa (raw, json)
Hash identifier: 8YK5aDnlFgCf1IslrmnzJ2YHYk3ZAoh0qEssJ/f413k=
Subject key identifier: CD:A9:C3:FD:4B:3C:74:11:A1:56:2C:15:6C:77:63:67:52:A7:3B:26
Certificate issuer: /CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Certificate serial: 019758D5ABDAFC1F58D40CBD1C0ACBB948DD
Authority key identifier: 2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/zanD_Us8dBGhViwVbHdjZ1KnOyY.roa
Signing time: Tue 10 Jun 2025 07:54:47 +0000
ROA not before: Tue 10 Jun 2025 07:54:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50873
IP address blocks: 37.228.130.0/24 maxlen: 24
94.247.143.0/24 maxlen: 24
185.97.4.0/22 maxlen: 22
185.97.6.0/24 maxlen: 24
194.104.114.0/23 maxlen: 23
194.104.149.0/24 maxlen: 24
2a06:1c0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 18 Jun 2025 19:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:58:d5:ab:da:fc:1f:58:d4:0c:bd:1c:0a:cb:b9:48:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2dd596c1ea7ecbb1be1777fc0d38ed06ca40eabe
Validity
Not Before: Jun 10 07:54:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cda9c3fd4b3c7411a1562c156c77636752a73b26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8e:0e:cf:31:d1:b9:e7:12:40:ff:52:00:a1:
bc:96:59:4e:a8:65:5a:39:ad:be:65:83:9c:e6:6e:
9e:7f:83:93:2a:9b:6b:6b:02:06:d1:4e:87:2e:1c:
0a:11:0e:aa:2e:4e:c1:6c:b4:94:d6:ca:0d:5c:44:
96:3a:20:61:86:04:5d:aa:55:87:0c:3a:2a:ac:aa:
a5:2d:91:13:c4:00:ba:ea:ec:61:d2:86:36:c9:d2:
73:0d:4d:2f:91:15:91:44:f7:08:8f:b0:ed:cd:cd:
ef:03:87:d6:08:9b:82:32:38:45:91:87:46:22:c3:
ae:5b:8f:9c:99:f6:96:5b:2a:7f:0c:ed:13:b5:aa:
a4:f6:97:6d:fd:23:43:e9:fa:77:8f:43:9c:4a:f2:
15:e0:15:e1:be:e9:fc:bd:6e:54:51:49:44:8d:08:
ec:c2:45:09:80:5a:2a:2a:6b:e5:84:3c:e3:4e:6c:
0c:5c:1f:57:48:77:be:af:2b:cb:91:39:63:81:1c:
58:1b:fc:3b:42:00:9a:59:a7:47:48:7a:82:af:75:
92:b1:d7:07:5f:fc:65:5b:15:76:c8:8d:df:4f:76:
22:2d:f1:df:19:8c:3f:00:82:89:d8:46:41:02:20:
8b:52:bb:9b:f0:be:e3:6a:2f:86:88:f4:54:34:ff:
c9:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A9:C3:FD:4B:3C:74:11:A1:56:2C:15:6C:77:63:67:52:A7:3B:26
X509v3 Authority Key Identifier:
keyid:2D:D5:96:C1:EA:7E:CB:B1:BE:17:77:FC:0D:38:ED:06:CA:40:EA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LdWWwep-y7G-F3f8DTjtBspA6r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/zanD_Us8dBGhViwVbHdjZ1KnOyY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/363ecc-2aa1-4281-95b1-8b0fc07858d6/1/LdWWwep-y7G-F3f8DTjtBspA6r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.228.130.0/24
94.247.143.0/24
185.97.4.0/22
194.104.114.0/23
194.104.149.0/24
IPv6:
2a06:1c0::/30
Signature Algorithm: sha256WithRSAEncryption
1a:71:6e:54:69:c8:fb:3d:31:47:15:ec:15:ab:0d:1b:c6:b8:
92:da:ae:1d:3e:b3:c9:bb:c3:c6:82:98:e9:f9:1b:8d:02:d8:
4a:da:b5:bc:7b:e6:f3:a4:15:c0:82:0e:50:4b:6e:6b:2f:ab:
94:ff:09:32:4b:08:7d:1c:15:44:f0:8c:a9:0a:bc:ee:50:49:
c8:d8:6d:b1:83:5e:b9:b7:0c:47:19:f8:b7:3d:d7:af:f2:89:
9a:12:49:29:fa:93:fc:fe:ba:7d:31:78:fa:47:7a:97:e9:d7:
b6:9a:37:a9:9e:bf:e0:ab:93:d0:f6:28:14:e5:52:17:84:a9:
bc:df:d6:8e:98:03:ec:cc:be:7f:5a:18:d4:6f:68:23:27:d3:
ec:30:ce:ae:f2:66:d8:3e:f7:a4:12:a3:69:1f:16:69:8f:46:
87:36:80:c1:5e:d8:c0:6d:ec:26:7d:1e:db:c4:e5:24:41:17:
20:e5:c8:f9:32:5e:03:b8:77:85:2f:40:11:26:0c:80:d9:e9:
3b:9c:49:50:77:b6:ec:c1:7b:4b:8f:07:f4:0e:47:92:08:ae:
15:8d:5d:75:de:8a:02:d4:83:2c:e5:e3:3a:9b:c5:71:16:3f:
3a:ff:ea:e2:f1:0d:21:9e:b1:b0:c2:99:78:e0:91:c7:18:73:
af:d4:fc:1f
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZdY1ava/B9Y1Ay9HArLuUjdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkZDU5NmMxZWE3ZWNiYjFiZTE3NzdmYzBkMzhlZDA2Y2E0
MGVhYmUwHhcNMjUwNjEwMDc1NDQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGE5YzNmZDRiM2M3NDExYTE1NjJjMTU2Yzc3NjM2NzUyYTczYjI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxY4OzzHRuecSQP9SAKG8lllOqGVa
Oa2+ZYOc5m6ef4OTKptrawIG0U6HLhwKEQ6qLk7BbLSU1soNXESWOiBhhgRdqlWH
DDoqrKqlLZETxAC66uxh0oY2ydJzDU0vkRWRRPcIj7Dtzc3vA4fWCJuCMjhFkYdG
IsOuW4+cmfaWWyp/DO0Ttaqk9pdt/SND6fp3j0OcSvIV4BXhvun8vW5UUUlEjQjs
wkUJgFoqKmvlhDzjTmwMXB9XSHe+ryvLkTljgRxYG/w7QgCaWadHSHqCr3WSsdcH
X/xlWxV2yI3fT3YiLfHfGYw/AIKJ2EZBAiCLUrub8L7jai+GiPRUNP/JtwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFM2pw/1LPHQRoVYsFWx3Y2dSpzsmMB8GA1UdIwQY
MBaAFC3VlsHqfsuxvhd3/A047QbKQOq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEt
OGIwZmMwNzg1OGQ2LzEvemFuRF9VczhkQkdoVml3VmJIZGpaMUtuT3lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8zNjNlY2MtMmFhMS00MjgxLTk1YjEtOGIwZmMwNzg1OGQ2
LzEvTGRXV3dlcC15N0ctRjNmOERUanRCc3BBNnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAJeSCAwQA
XvePAwQCuWEEAwQBwmhyAwQAwmiVMA0EAgACMAcDBQIqBgHAMA0GCSqGSIb3DQEB
CwUAA4IBAQAacW5Uacj7PTFHFewVqw0bxriS2q4dPrPJu8PGgpjp+RuNAthK2rW8
e+bzpBXAgg5QS25rL6uU/wkySwh9HBVE8IypCrzuUEnI2G2xg165twxHGfi3Pdev
8omaEkkp+pP8/rp9MXj6R3qX6de2mjepnr/gq5PQ9igU5VIXhKm839aOmAPszL5/
WhjUb2gjJ9PsMM6u8mbYPvekEqNpHxZpj0aHNoDBXtjAbewmfR7bxOUkQRcg5cj5
Ml4DuHeFL0ARJgyA2ek7nElQd7bswXtLjwf0DkeSCK4VjV113ooC1IMs5eM6m8Vx
Fj86/+ri8Q0hnrGwwpl44JHHGHOv1Pwf
-----END CERTIFICATE-----
Generated at Wed Jun 18 05:15:43 2025 by rpki-client