Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/rzSQEADNAhcXIalIFFah8EBGx6g.roa
File: rzSQEADNAhcXIalIFFah8EBGx6g.roa (raw, json)
Hash identifier: cbqkIaXAvUtNSHXdkHJ+QSFg/T8RKyxYgO0+nbGwa/E=
Subject key identifier: AF:34:90:10:00:CD:02:17:17:21:A9:48:14:56:A1:F0:40:46:C7:A8
Certificate issuer: /CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Certificate serial: 01942748476C75CD028AA6C228DECE6C7B8E
Authority key identifier: F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/rzSQEADNAhcXIalIFFah8EBGx6g.roa
Signing time: Thu 02 Jan 2025 13:50:35 +0000
ROA not before: Thu 02 Jan 2025 13:50:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44812
IP address blocks: 2a0e:dfc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 22:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:47:6c:75:cd:02:8a:a6:c2:28:de:ce:6c:7b:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f75d8b52815f3f2613e948992ec9fe660f6949b4
Validity
Not Before: Jan 2 13:50:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af34901000cd02171721a9481456a1f04046c7a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5f:51:59:63:51:12:2b:c6:1a:85:e9:15:e2:
14:0f:c2:0b:e9:73:0e:9a:44:08:fb:11:7a:c9:73:
d4:38:83:41:26:67:e5:73:66:94:f8:7b:05:3f:7b:
64:de:06:10:66:d4:09:0b:6c:a5:df:b8:33:b2:1b:
af:e3:59:1f:a3:c5:de:df:f5:17:ca:0e:c1:22:bd:
3a:10:55:f5:cf:f9:6f:c8:fd:6b:a4:48:ab:c7:86:
a3:86:e1:7c:0a:d7:af:89:e7:08:4c:d5:db:73:41:
7a:a4:d2:8d:57:33:ea:0f:5c:01:8e:a2:bd:68:01:
c5:91:88:dd:53:f0:48:fe:32:b6:81:8a:bf:ea:63:
36:d9:87:52:4d:9c:2f:24:89:ca:89:36:9e:74:de:
30:e4:e5:b7:0a:3f:d5:06:53:14:af:6c:88:2b:72:
12:30:90:1f:33:ce:f3:89:5f:1f:cd:a2:42:a7:60:
13:9d:82:50:f4:d9:50:5b:07:37:f5:42:a9:fb:c7:
4f:ae:34:29:19:14:92:00:e1:a3:b5:65:6b:b6:da:
e3:97:e0:8c:8f:4c:f4:5c:86:e2:8f:dc:cf:de:5d:
ff:1e:87:37:91:8e:f2:1b:69:70:d6:82:a2:25:35:
39:54:eb:a0:d8:97:e9:a6:ee:f3:41:f9:c3:6b:62:
0c:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:34:90:10:00:CD:02:17:17:21:A9:48:14:56:A1:F0:40:46:C7:A8
X509v3 Authority Key Identifier:
keyid:F7:5D:8B:52:81:5F:3F:26:13:E9:48:99:2E:C9:FE:66:0F:69:49:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/912LUoFfPyYT6UiZLsn-Zg9pSbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/rzSQEADNAhcXIalIFFah8EBGx6g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9514ed-276e-4aba-897e-a4410e10b6f5/1/912LUoFfPyYT6UiZLsn-Zg9pSbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:dfc2::/32
Signature Algorithm: sha256WithRSAEncryption
c6:c4:bb:38:6d:39:33:81:95:8f:73:25:98:7a:52:36:99:a1:
cb:70:f3:71:60:2b:fb:0c:86:e7:8c:cb:20:a6:0d:81:4a:82:
56:05:cd:e8:cc:d3:7a:aa:01:fc:ba:f4:ba:0d:5c:61:05:c5:
66:13:48:33:2c:02:71:ce:b7:df:a3:d0:f3:8e:dd:ed:06:36:
37:13:fa:f1:17:3a:ab:e8:66:1e:8c:2a:74:f3:0c:85:45:8c:
8b:10:a8:80:63:2f:3b:bc:25:df:3b:cf:d6:d6:63:fd:b2:82:
13:9a:61:74:18:54:90:56:38:21:ba:d8:15:87:40:b5:d0:a5:
91:c2:81:c2:d2:ef:a8:42:f9:f7:eb:79:7c:ac:62:99:c1:16:
47:69:cb:6a:d3:05:b6:e0:28:fb:4e:c1:ea:9e:d2:a2:bf:63:
c9:01:0a:d1:ae:fd:cd:96:3b:0d:5a:eb:c7:e6:a3:e3:ce:ea:
d3:34:f8:35:ad:9f:1a:fd:bc:55:a7:37:26:e9:1e:db:54:b0:
c8:da:7e:1d:34:fa:c9:db:4b:8b:f3:b2:4f:ba:b3:a2:26:8f:
ee:35:dc:43:14:e5:1d:ba:71:d5:6f:81:d9:e8:af:d3:bc:72:
e5:00:f6:67:33:5f:96:2f:ff:8e:dc:46:eb:cd:a2:b7:45:78:
1b:35:a8:96
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZQnSEdsdc0CiqbCKN7ObHuOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3NWQ4YjUyODE1ZjNmMjYxM2U5NDg5OTJlYzlmZTY2MGY2
OTQ5YjQwHhcNMjUwMTAyMTM1MDM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjM0OTAxMDAwY2QwMjE3MTcyMWE5NDgxNDU2YTFmMDQwNDZjN2E4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtV9RWWNREivGGoXpFeIUD8IL6XMO
mkQI+xF6yXPUOINBJmflc2aU+HsFP3tk3gYQZtQJC2yl37gzshuv41kfo8Xe3/UX
yg7BIr06EFX1z/lvyP1rpEirx4ajhuF8CteviecITNXbc0F6pNKNVzPqD1wBjqK9
aAHFkYjdU/BI/jK2gYq/6mM22YdSTZwvJInKiTaedN4w5OW3Cj/VBlMUr2yIK3IS
MJAfM87ziV8fzaJCp2ATnYJQ9NlQWwc39UKp+8dPrjQpGRSSAOGjtWVrttrjl+CM
j0z0XIbij9zP3l3/Hoc3kY7yG2lw1oKiJTU5VOug2Jfppu7zQfnDa2IMgQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK80kBAAzQIXFyGpSBRWofBARseoMB8GA1UdIwQY
MBaAFPddi1KBXz8mE+lImS7J/mYPaUm0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2Ut
YTQ0MTBlMTBiNmY1LzEvcnpTUUVBRE5BaGNYSWFsSUZGYWg4RUJHeDZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85NTE0ZWQtMjc2ZS00YWJhLTg5N2UtYTQ0MTBlMTBiNmY1
LzEvOTEyTFVvRmZQeVlUNlVpWkxzbi1aZzlwU2JRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKg7fwjAN
BgkqhkiG9w0BAQsFAAOCAQEAxsS7OG05M4GVj3MlmHpSNpmhy3DzcWAr+wyG54zL
IKYNgUqCVgXN6MzTeqoB/Lr0ug1cYQXFZhNIMywCcc6336PQ847d7QY2NxP68Rc6
q+hmHowqdPMMhUWMixCogGMvO7wl3zvP1tZj/bKCE5phdBhUkFY4IbrYFYdAtdCl
kcKBwtLvqEL59+t5fKximcEWR2nLatMFtuAo+07B6p7Sor9jyQEK0a79zZY7DVrr
x+aj487q0zT4Na2fGv28Vac3Juke21SwyNp+HTT6ydtLi/OyT7qzoiaP7jXcQxTl
Hbpx1W+B2eiv07xy5QD2ZzNfli//jtxG682it0V4GzWolg==
-----END CERTIFICATE-----
Generated at Sun Apr 6 07:48:47 2025 by rpki-client