Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/ZZ126kZc2Gs9amlt5Rc0VmUZOPw.roa
File: ZZ126kZc2Gs9amlt5Rc0VmUZOPw.roa (raw, json)
Hash identifier: laA9ImB0VtnpNlOC8RmvM5URSIvzaqpg8ewZvS5hOLw=
Subject key identifier: 65:9D:76:EA:46:5C:D8:6B:3D:6A:69:6D:E5:17:34:56:65:19:38:FC
Certificate issuer: /CN=768feeb6a90a86acf11871e4e578a2ea7ec281d9
Certificate serial: 01964920D4C3F1508ADB45408491ED22728A
Authority key identifier: 76:8F:EE:B6:A9:0A:86:AC:F1:18:71:E4:E5:78:A2:EA:7E:C2:81:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/do_utqkKhqzxGHHk5Xii6n7Cgdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/ZZ126kZc2Gs9amlt5Rc0VmUZOPw.roa
Signing time: Fri 18 Apr 2025 13:40:10 +0000
ROA not before: Fri 18 Apr 2025 13:40:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8893
IP address blocks: 217.72.128.0/20 maxlen: 20
2a02:d6a0::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/do_utqkKhqzxGHHk5Xii6n7Cgdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/do_utqkKhqzxGHHk5Xii6n7Cgdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/do_utqkKhqzxGHHk5Xii6n7Cgdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Apr 2025 13:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:49:20:d4:c3:f1:50:8a:db:45:40:84:91:ed:22:72:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=768feeb6a90a86acf11871e4e578a2ea7ec281d9
Validity
Not Before: Apr 18 13:40:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=659d76ea465cd86b3d6a696de5173456651938fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:86:7c:89:a2:ab:2f:35:ae:f8:92:09:51:80:
7d:51:9f:ce:8f:3a:f1:68:cb:ea:e4:ce:2f:f8:cc:
9c:1f:77:57:7e:86:ba:db:53:a3:74:ff:52:05:e1:
f8:23:89:3c:7b:c8:c9:1a:d8:14:18:a2:0f:cd:3d:
44:13:b2:cb:fe:d8:3b:e2:b6:59:eb:60:41:72:4a:
65:93:15:86:a4:bf:9e:a4:07:f7:90:f7:58:4a:2c:
f5:19:3e:bd:6d:02:e8:b2:3c:49:10:1d:71:86:a1:
e1:c8:5f:98:0f:08:07:f3:48:b8:8f:39:86:86:35:
90:33:49:c6:64:47:0c:d6:ff:fd:59:36:3f:16:bb:
5f:80:a0:0e:1b:cf:b9:13:e7:eb:d9:94:7c:d8:65:
13:67:5c:8b:00:10:25:b2:36:e1:8c:5d:52:eb:e1:
4a:7d:6e:01:9b:82:a1:46:c9:cc:a0:b3:5e:d6:39:
dc:d0:43:21:f3:44:29:85:1e:65:97:9c:96:ba:3c:
81:4a:41:42:6f:b3:98:06:4c:e7:5a:93:d4:da:f1:
e7:94:95:0f:34:68:74:ee:42:8e:80:4b:94:b9:6f:
c8:65:3a:15:a1:bc:be:78:2d:92:8e:69:d5:92:9c:
db:65:53:77:13:60:05:b4:4b:50:59:04:56:6c:84:
41:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:9D:76:EA:46:5C:D8:6B:3D:6A:69:6D:E5:17:34:56:65:19:38:FC
X509v3 Authority Key Identifier:
keyid:76:8F:EE:B6:A9:0A:86:AC:F1:18:71:E4:E5:78:A2:EA:7E:C2:81:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/do_utqkKhqzxGHHk5Xii6n7Cgdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/ZZ126kZc2Gs9amlt5Rc0VmUZOPw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/66663a-eaf1-4a89-804c-0c1f4d33783e/1/do_utqkKhqzxGHHk5Xii6n7Cgdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.72.128.0/20
IPv6:
2a02:d6a0::/30
Signature Algorithm: sha256WithRSAEncryption
26:53:4c:cd:2d:be:f4:70:10:c0:2b:da:1d:88:87:ce:8b:9e:
cf:28:25:44:53:a4:07:02:eb:20:c9:cc:53:86:a6:c4:b7:5d:
d4:10:2d:91:13:ab:66:30:45:ec:1e:ef:b5:5c:8b:e1:50:7d:
99:8a:cd:c8:56:39:0b:0b:ab:d6:d1:4b:1d:85:54:f7:fd:64:
fb:d1:00:d6:a7:24:0c:d3:a6:66:7e:b5:7b:68:03:14:f5:c5:
c8:ef:fc:8f:d5:fa:33:3d:79:b9:44:ff:11:45:c9:e6:ed:c6:
6a:f9:21:9a:db:b7:0a:6f:e1:5f:30:64:73:35:84:8d:13:8c:
63:fb:7b:1c:36:9b:c3:ed:28:41:a0:1e:b1:73:08:68:27:b0:
d9:75:68:21:f4:c0:c0:aa:9c:7f:01:e1:02:3a:a0:bf:d8:a5:
f4:49:6a:4f:f6:00:af:4f:f4:d4:f5:c0:30:4f:8f:bc:3e:7d:
39:73:c8:56:2b:fd:1b:7f:b0:d1:dc:97:4f:0b:25:e2:95:d6:
5c:55:fa:a3:34:f9:4c:e9:f7:80:cb:83:fb:9b:73:07:03:2e:
77:8d:7b:74:e2:f8:0c:42:13:92:df:75:4d:83:63:f8:49:7b:
13:a2:ac:2f:d7:fd:15:36:97:75:63:bf:8b:71:0a:77:9c:5c:
95:bc:02:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZZJINTD8VCK20VAhJHtInKKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2OGZlZWI2YTkwYTg2YWNmMTE4NzFlNGU1NzhhMmVhN2Vj
MjgxZDkwHhcNMjUwNDE4MTM0MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTlkNzZlYTQ2NWNkODZiM2Q2YTY5NmRlNTE3MzQ1NjY1MTkzOGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt4Z8iaKrLzWu+JIJUYB9UZ/Ojzrx
aMvq5M4v+MycH3dXfoa621OjdP9SBeH4I4k8e8jJGtgUGKIPzT1EE7LL/tg74rZZ
62BBckplkxWGpL+epAf3kPdYSiz1GT69bQLosjxJEB1xhqHhyF+YDwgH80i4jzmG
hjWQM0nGZEcM1v/9WTY/FrtfgKAOG8+5E+fr2ZR82GUTZ1yLABAlsjbhjF1S6+FK
fW4Bm4KhRsnMoLNe1jnc0EMh80QphR5ll5yWujyBSkFCb7OYBkznWpPU2vHnlJUP
NGh07kKOgEuUuW/IZToVoby+eC2SjmnVkpzbZVN3E2AFtEtQWQRWbIRBWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFGWddupGXNhrPWppbeUXNFZlGTj8MB8GA1UdIwQY
MBaAFHaP7rapCoas8Rhx5OV4oup+woHZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZG9fdXRxa0tocXp4R0hIazVYaWk2bjdDZ2RrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi82NjY2M2EtZWFmMS00YTg5LTgwNGMt
MGMxZjRkMzM3ODNlLzEvWloxMjZrWmMyR3M5YW1sdDVSYzBWbVVaT1B3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi82NjY2M2EtZWFmMS00YTg5LTgwNGMtMGMxZjRkMzM3ODNl
LzEvZG9fdXRxa0tocXp4R0hIazVYaWk2bjdDZ2RrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQE2UiAMA0E
AgACMAcDBQIqAtagMA0GCSqGSIb3DQEBCwUAA4IBAQAmU0zNLb70cBDAK9odiIfO
i57PKCVEU6QHAusgycxThqbEt13UEC2RE6tmMEXsHu+1XIvhUH2Zis3IVjkLC6vW
0UsdhVT3/WT70QDWpyQM06ZmfrV7aAMU9cXI7/yP1fozPXm5RP8RRcnm7cZq+SGa
27cKb+FfMGRzNYSNE4xj+3scNpvD7ShBoB6xcwhoJ7DZdWgh9MDAqpx/AeECOqC/
2KX0SWpP9gCvT/TU9cAwT4+8Pn05c8hWK/0bf7DR3JdPCyXildZcVfqjNPlM6feA
y4P7m3MHAy53jXt04vgMQhOS33VNg2P4SXsToqwv1/0VNpd1Y7+LcQp3nFyVvAJX
-----END CERTIFICATE-----
Generated at Mon Apr 21 22:56:39 2025 by rpki-client