Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/ZAJ6VMfsNQaMq3a6mxEqqST-LEI.roa
File: ZAJ6VMfsNQaMq3a6mxEqqST-LEI.roa (raw, json)
Hash identifier: 0nssuD6tZiK3PJImyyGoie6E0AmKbKGjgd6sV8TvviI=
Subject key identifier: 64:02:7A:54:C7:EC:35:06:8C:AB:76:BA:9B:11:2A:A9:24:FE:2C:42
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 0197AC18E807EF1113ED79844A6F2BE91D57
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/ZAJ6VMfsNQaMq3a6mxEqqST-LEI.roa
Signing time: Thu 26 Jun 2025 11:56:42 +0000
ROA not before: Thu 26 Jun 2025 11:56:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214168
IP address blocks: 2a0d:7340::/29 maxlen: 29
2a0d:be40::/29 maxlen: 29
2a0f:9480::/29 maxlen: 29
2a10:5d40::/29 maxlen: 29
2a10:9580::/29 maxlen: 29
2a11:3d40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ac:18:e8:07:ef:11:13:ed:79:84:4a:6f:2b:e9:1d:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jun 26 11:56:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64027a54c7ec35068cab76ba9b112aa924fe2c42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:4a:bf:23:dc:a0:66:67:36:53:ef:0d:c3:e6:
ad:a0:fd:a7:fd:20:ae:d7:fd:a6:bf:26:3f:8a:47:
5c:98:0e:9b:5e:a0:30:79:ea:6d:b3:3a:03:e3:88:
f5:75:93:11:b5:d9:2a:c7:07:3f:7b:22:f9:6f:6d:
72:81:72:01:e6:4a:ec:55:be:1a:e0:98:f9:cb:e3:
2a:5b:a0:13:1a:b4:bb:8a:61:e7:12:3c:a7:0b:7a:
29:10:2f:68:ac:d2:7b:79:88:da:ff:ab:84:0f:d6:
37:fa:69:31:6c:03:ff:d6:b8:be:f2:92:24:af:a9:
f7:28:f6:d8:22:e1:d5:02:e3:de:f8:8f:ba:e8:94:
8f:f7:4e:12:79:7e:47:5e:ec:47:6e:21:68:38:b6:
e4:83:57:9f:4e:35:1a:5c:6c:23:6a:31:30:6b:be:
19:01:4f:60:0e:8f:4d:aa:b3:33:c4:51:a0:18:78:
76:0c:8b:1e:91:0d:5f:cb:dc:49:95:22:01:c3:77:
3d:d9:92:46:b1:0f:bd:75:88:43:da:95:17:fa:4f:
23:b5:e5:21:ec:ce:4d:26:f8:a0:55:b9:f0:b1:bd:
f9:86:e3:f2:91:ee:8e:45:d8:45:9f:c3:c9:03:3d:
05:90:df:a7:fa:f0:9f:33:e0:89:31:73:09:eb:a7:
82:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:02:7A:54:C7:EC:35:06:8C:AB:76:BA:9B:11:2A:A9:24:FE:2C:42
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/ZAJ6VMfsNQaMq3a6mxEqqST-LEI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:7340::/29
2a0d:be40::/29
2a0f:9480::/29
2a10:5d40::/29
2a10:9580::/29
2a11:3d40::/29
Signature Algorithm: sha256WithRSAEncryption
01:72:2d:2b:9b:9c:3f:e7:24:26:4d:e6:2d:cb:f1:7f:f7:5e:
a0:05:e8:5c:00:d3:5d:65:c0:10:db:7f:7c:c4:74:ee:c0:3e:
c3:90:e5:5b:7d:7d:2f:bf:b7:41:5a:ae:dc:d7:97:3b:45:99:
7f:27:65:c8:0f:d8:c0:9c:c4:7d:ea:fc:a5:a4:65:27:6a:28:
60:1a:ae:e3:fd:80:15:ee:a9:47:0b:dd:8b:7f:d3:c6:da:b9:
20:cf:0f:08:e4:c2:44:1c:58:33:5c:58:47:90:d5:db:ef:e6:
88:13:03:3b:a3:69:f9:3f:97:60:b6:a4:8d:fd:63:02:35:3e:
b5:cd:d5:43:73:9a:82:2d:ea:30:1e:29:a6:8b:79:86:75:a7:
ad:f2:32:89:aa:59:8f:fe:56:59:15:66:3a:8c:20:7e:86:76:
b0:93:37:49:1b:40:59:89:d2:66:a8:e6:84:35:e2:40:06:41:
80:03:ff:6b:a8:ee:4c:55:f7:c3:37:75:0c:00:e1:d1:09:03:
1f:7d:5f:ee:6c:77:17:e3:46:b1:bd:d9:61:40:ad:ac:3a:d8:
f4:e7:18:2e:ea:66:7f:0a:6b:08:8e:c0:5f:bf:28:25:20:1f:
b4:be:11:ac:b6:47:fd:3c:e7:b4:9b:df:18:ce:c1:a8:63:d6:
72:8b:47:1b
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZesGOgH7xET7XmESm8r6R1XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwNjI2MTE1NjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDAyN2E1NGM3ZWMzNTA2OGNhYjc2YmE5YjExMmFhOTI0ZmUyYzQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukq/I9ygZmc2U+8Nw+atoP2n/SCu
1/2mvyY/ikdcmA6bXqAweeptszoD44j1dZMRtdkqxwc/eyL5b21ygXIB5krsVb4a
4Jj5y+MqW6ATGrS7imHnEjynC3opEC9orNJ7eYja/6uED9Y3+mkxbAP/1ri+8pIk
r6n3KPbYIuHVAuPe+I+66JSP904SeX5HXuxHbiFoOLbkg1efTjUaXGwjajEwa74Z
AU9gDo9NqrMzxFGgGHh2DIsekQ1fy9xJlSIBw3c92ZJGsQ+9dYhD2pUX+k8jteUh
7M5NJvigVbnwsb35huPyke6ORdhFn8PJAz0FkN+n+vCfM+CJMXMJ66eCpwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGQCelTH7DUGjKt2upsRKqkk/ixCMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvWkFKNlZNZnNOUWFNcTNhNm14RXFxU1QtTEVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg1zQAMF
AyoNvkADBQMqD5SAAwUDKhBdQAMFAyoQlYADBQMqET1AMA0GCSqGSIb3DQEBCwUA
A4IBAQABci0rm5w/5yQmTeYty/F/916gBehcANNdZcAQ2398xHTuwD7DkOVbfX0v
v7dBWq7c15c7RZl/J2XID9jAnMR96vylpGUnaihgGq7j/YAV7qlHC92Lf9PG2rkg
zw8I5MJEHFgzXFhHkNXb7+aIEwM7o2n5P5dgtqSN/WMCNT61zdVDc5qCLeowHimm
i3mGdaet8jKJqlmP/lZZFWY6jCB+hnawkzdJG0BZidJmqOaENeJABkGAA/9rqO5M
VffDN3UMAOHRCQMffV/ubHcX40axvdlhQK2sOtj05xgu6mZ/CmsIjsBfvyglIB+0
vhGstkf9POe0m98YzsGoY9Zyi0cb
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:36:35 2025 by rpki-client