Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/zrNvMg5io5pMpIrO6TDYvG8kJjM.roa
File: zrNvMg5io5pMpIrO6TDYvG8kJjM.roa (raw, json)
Hash identifier: NNiMoJ3mCFhCHNy/9nb06xy4EL/lhZ12ezrpRXLWkFs=
Subject key identifier: CE:B3:6F:32:0E:62:A3:9A:4C:A4:8A:CE:E9:30:D8:BC:6F:24:26:33
Certificate issuer: /CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Certificate serial: 0195C8DE0BB74297A1F1BBF59911A92CC24E
Authority key identifier: 42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/zrNvMg5io5pMpIrO6TDYvG8kJjM.roa
Signing time: Mon 24 Mar 2025 15:55:49 +0000
ROA not before: Mon 24 Mar 2025 15:55:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5065
IP address blocks: 217.147.165.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Apr 2025 06:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:c8:de:0b:b7:42:97:a1:f1:bb:f5:99:11:a9:2c:c2:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42f8ab2ba24879e45c445486fceb21af46656d5a
Validity
Not Before: Mar 24 15:55:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ceb36f320e62a39a4ca48acee930d8bc6f242633
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:a5:ea:6c:ca:e7:98:c4:27:b1:92:5d:6c:b7:
fe:2f:37:fd:40:84:fa:f0:21:a6:27:d8:86:21:f9:
a7:9e:8a:89:b8:d1:9a:1e:bc:8a:57:72:45:1e:48:
bf:d5:c9:06:a9:bf:de:d3:71:75:20:4e:ee:04:83:
75:8f:d4:ad:55:0d:70:86:bf:e4:44:18:21:4d:9a:
0a:b1:cd:0f:be:a8:46:09:9c:35:16:b2:0b:06:06:
b1:32:b4:ad:52:6d:2f:aa:aa:48:53:3b:fb:9f:49:
7f:2b:af:ca:8a:f8:e8:2a:e3:c8:69:76:96:5b:5f:
f9:18:b4:cb:13:d4:74:86:75:ac:c4:43:91:fc:52:
68:91:82:4d:40:95:fb:20:62:d4:6c:c1:5f:9e:01:
10:73:dd:f9:a1:8f:e1:e8:63:74:63:32:01:32:51:
bc:74:2b:50:53:c0:cb:0e:ef:99:1e:04:64:2c:2b:
fa:91:8a:30:cd:03:7a:53:c4:a3:90:da:52:8e:d4:
d9:45:d8:ef:3b:b4:ec:83:f1:15:c5:a9:21:d9:ad:
70:0e:95:30:77:05:bf:af:97:42:cd:89:4a:bf:a9:
69:15:26:bb:ef:33:ba:0f:53:e2:38:bb:0a:13:c5:
9e:bf:55:5b:bd:03:ef:d2:5c:13:7b:a2:ae:f8:b5:
7b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B3:6F:32:0E:62:A3:9A:4C:A4:8A:CE:E9:30:D8:BC:6F:24:26:33
X509v3 Authority Key Identifier:
keyid:42:F8:AB:2B:A2:48:79:E4:5C:44:54:86:FC:EB:21:AF:46:65:6D:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QvirK6JIeeRcRFSG_Oshr0ZlbVo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/zrNvMg5io5pMpIrO6TDYvG8kJjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/c17c5d-7543-440f-878f-1769fef6be96/1/QvirK6JIeeRcRFSG_Oshr0ZlbVo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.147.165.0/24
Signature Algorithm: sha256WithRSAEncryption
d3:dc:75:d2:59:b5:71:e7:77:d4:f6:c4:da:16:4c:6e:ab:de:
a1:82:89:65:52:cb:c2:27:ed:ec:6d:7e:ae:cd:bc:e4:37:9b:
14:67:b8:de:c8:77:b0:49:6d:d1:55:07:84:24:38:db:5d:f5:
53:d2:e4:6f:bb:5e:fa:2c:4a:70:04:2a:22:97:ed:7b:bd:e3:
bf:98:0f:dd:f1:65:60:8b:8d:6e:7d:e2:f6:2b:72:c3:20:66:
75:d8:00:3b:53:ad:e7:01:01:c8:d8:8f:59:fd:b0:39:d7:ad:
8d:db:af:f6:15:13:65:84:b2:dd:dd:61:e0:63:a2:5f:aa:f7:
42:c6:c1:9f:ab:25:8a:84:a9:e8:0b:e0:3e:d1:67:43:e7:46:
ad:f7:31:83:a0:0d:b2:11:23:f0:63:95:5c:ee:2b:93:d3:9f:
b8:bf:c9:b2:46:1d:24:0a:74:c1:8e:48:16:d5:3b:4c:c7:6e:
04:05:74:62:f6:ef:a3:54:b9:69:37:91:f1:75:02:17:be:63:
76:67:c4:fd:e9:f6:84:6a:a0:6c:9a:fd:f0:ad:62:69:47:68:
0a:0e:26:5a:42:26:6f:96:83:01:9f:2e:7d:8f:25:c7:05:84:
0b:e3:f4:db:dd:25:bb:b4:bb:7c:2a:7f:be:27:5e:e0:f4:66:
ea:5a:7d:a5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZXI3gu3Qpeh8bv1mRGpLMJOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZjhhYjJiYTI0ODc5ZTQ1YzQ0NTQ4NmZjZWIyMWFmNDY2
NTZkNWEwHhcNMjUwMzI0MTU1NTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWIzNmYzMjBlNjJhMzlhNGNhNDhhY2VlOTMwZDhiYzZmMjQyNjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzaXqbMrnmMQnsZJdbLf+Lzf9QIT6
8CGmJ9iGIfmnnoqJuNGaHryKV3JFHki/1ckGqb/e03F1IE7uBIN1j9StVQ1whr/k
RBghTZoKsc0PvqhGCZw1FrILBgaxMrStUm0vqqpIUzv7n0l/K6/KivjoKuPIaXaW
W1/5GLTLE9R0hnWsxEOR/FJokYJNQJX7IGLUbMFfngEQc935oY/h6GN0YzIBMlG8
dCtQU8DLDu+ZHgRkLCv6kYowzQN6U8SjkNpSjtTZRdjvO7Tsg/EVxakh2a1wDpUw
dwW/r5dCzYlKv6lpFSa77zO6D1PiOLsKE8Wev1VbvQPv0lwTe6Ku+LV74wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM6zbzIOYqOaTKSKzukw2LxvJCYzMB8GA1UdIwQY
MBaAFEL4qyuiSHnkXERUhvzrIa9GZW1aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYt
MTc2OWZlZjZiZTk2LzEvenJOdk1nNWlvNXBNcElyTzZURFl2RzhrSmpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9jMTdjNWQtNzU0My00NDBmLTg3OGYtMTc2OWZlZjZiZTk2
LzEvUXZpcks2SkllZVJjUkZTR19Pc2hyMFpsYlZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA2ZOlMA0G
CSqGSIb3DQEBCwUAA4IBAQDT3HXSWbVx53fU9sTaFkxuq96hgollUsvCJ+3sbX6u
zbzkN5sUZ7jeyHewSW3RVQeEJDjbXfVT0uRvu176LEpwBCoil+17veO/mA/d8WVg
i41ufeL2K3LDIGZ12AA7U63nAQHI2I9Z/bA5162N26/2FRNlhLLd3WHgY6JfqvdC
xsGfqyWKhKnoC+A+0WdD50at9zGDoA2yESPwY5Vc7iuT05+4v8myRh0kCnTBjkgW
1TtMx24EBXRi9u+jVLlpN5HxdQIXvmN2Z8T96faEaqBsmv3wrWJpR2gKDiZaQiZv
loMBny59jyXHBYQL4/Tb3SW7tLt8Kn++J17g9GbqWn2l
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:35:46 2025 by rpki-client