Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ZqyZV6Uj180r532j29KadO_ZbOM.roa
File: ZqyZV6Uj180r532j29KadO_ZbOM.roa (raw, json)
Hash identifier: 0tUtV374v0bUUo5oRKCShIKf/jgipzWlUTvY4RJyo6k=
Subject key identifier: 66:AC:99:57:A5:23:D7:CD:2B:E7:7D:A3:DB:D2:9A:74:EF:D9:6C:E3
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FBEDEE24F387AABE2A9BDA2D8F93E6
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ZqyZV6Uj180r532j29KadO_ZbOM.roa
Signing time: Wed 01 Jan 2025 17:48:43 +0000
ROA not before: Wed 01 Jan 2025 17:48:43 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213733
IP address blocks: 2a0c:9a40:8ae0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:ed:ee:24:f3:87:aa:be:2a:9b:da:2d:8f:93:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:43 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66ac9957a523d7cd2be77da3dbd29a74efd96ce3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:1a:b9:ca:02:f4:cd:2a:a5:1d:0c:e4:ee:e2:
d9:29:13:ef:0e:96:1e:ff:1a:25:d1:74:a2:5b:cb:
9c:44:4a:c7:40:94:2b:45:be:e4:3c:d2:1e:d7:28:
f2:15:f3:c7:7c:16:6f:9e:09:d6:b2:0a:8d:93:e2:
67:83:89:24:33:51:9c:15:12:f1:01:39:f7:cb:79:
c7:6d:f2:06:a6:e0:12:52:f2:3d:ad:7f:f9:b6:90:
ca:4c:30:4e:13:60:17:e2:9f:4a:5a:9a:08:bd:34:
f7:07:71:db:cc:06:bd:15:cb:60:72:df:87:3f:55:
ba:9d:91:ec:a8:3d:05:fc:59:68:ba:f9:64:43:39:
4b:69:25:41:f6:13:62:d8:cc:bc:6b:24:0f:32:fb:
ea:1d:a8:99:7d:cd:35:d7:84:d7:f2:d5:82:08:57:
7d:8b:ba:a8:84:68:83:66:0f:06:68:84:6e:81:4c:
07:10:61:0b:11:8b:8a:84:f3:8b:15:77:14:56:e6:
a5:0e:e2:5a:1e:d7:76:ec:95:38:71:1f:8f:e1:14:
d0:83:4c:35:31:97:b7:1f:e3:22:33:14:5c:c8:fd:
ca:52:c0:98:2b:6d:b3:65:7f:1e:5a:ac:97:59:96:
66:13:94:81:d2:2e:34:29:26:68:90:18:46:32:3b:
ca:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:AC:99:57:A5:23:D7:CD:2B:E7:7D:A3:DB:D2:9A:74:EF:D9:6C:E3
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/ZqyZV6Uj180r532j29KadO_ZbOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8ae0::/48
Signature Algorithm: sha256WithRSAEncryption
95:43:10:63:8c:c4:88:4c:99:bd:85:b1:d7:38:6b:7a:01:be:
2c:a7:0b:76:5d:d9:6b:86:aa:37:53:8d:42:46:fb:fe:79:95:
ca:0e:3c:0d:ff:c7:74:05:29:88:26:b9:d5:8c:53:99:a9:1c:
2e:4c:58:fd:75:16:e4:ef:67:79:27:ac:f1:2c:f0:41:39:e7:
e1:69:3b:78:d8:6d:f5:b0:eb:dc:3e:cc:b0:23:a4:10:9c:b4:
43:cc:d8:22:60:16:c8:65:7c:2c:3a:a1:a4:0d:24:e6:ff:36:
8e:ac:46:89:88:7e:fb:fe:77:f6:6c:b7:9b:e7:bb:1b:b0:19:
43:c7:8a:3f:cf:8f:2b:ff:2f:3a:19:43:fa:3b:ab:f8:44:c2:
f7:b6:e4:eb:9a:d9:23:8b:11:1f:6f:09:23:19:ec:36:e9:98:
ed:18:29:8d:bd:0d:4f:d7:7d:0f:6a:59:f6:6a:a6:f1:2b:3b:
ea:2f:a6:de:2d:22:82:ce:c3:fe:95:e5:c2:46:e4:45:34:2a:
1d:88:27:9f:bf:71:70:dc:30:2a:4e:b1:9d:92:cf:ef:c8:6e:
8e:28:b6:7e:4d:45:8d:5f:46:05:46:18:99:d0:99:f7:8f:1f:
eb:12:b4:73:bc:48:44:9e:e5:d1:75:85:a2:e5:d9:42:a2:08:
7e:0f:ac:d5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZQi++3uJPOHqr4qm9otj5PmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmFjOTk1N2E1MjNkN2NkMmJlNzdkYTNkYmQyOWE3NGVmZDk2Y2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hq5ygL0zSqlHQzk7uLZKRPvDpYe
/xol0XSiW8ucRErHQJQrRb7kPNIe1yjyFfPHfBZvngnWsgqNk+Jng4kkM1GcFRLx
ATn3y3nHbfIGpuASUvI9rX/5tpDKTDBOE2AX4p9KWpoIvTT3B3HbzAa9Fctgct+H
P1W6nZHsqD0F/FlouvlkQzlLaSVB9hNi2My8ayQPMvvqHaiZfc0114TX8tWCCFd9
i7qohGiDZg8GaIRugUwHEGELEYuKhPOLFXcUVualDuJaHtd27JU4cR+P4RTQg0w1
MZe3H+MiMxRcyP3KUsCYK22zZX8eWqyXWZZmE5SB0i40KSZokBhGMjvKSwIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGasmVelI9fNK+d9o9vSmnTv2WzjMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvWnF5WlY2VWoxODByNTMyajI5S2FkT19aYk9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIrg
MA0GCSqGSIb3DQEBCwUAA4IBAQCVQxBjjMSITJm9hbHXOGt6Ab4spwt2Xdlrhqo3
U41CRvv+eZXKDjwN/8d0BSmIJrnVjFOZqRwuTFj9dRbk72d5J6zxLPBBOefhaTt4
2G31sOvcPsywI6QQnLRDzNgiYBbIZXwsOqGkDSTm/zaOrEaJiH77/nf2bLeb57sb
sBlDx4o/z48r/y86GUP6O6v4RML3tuTrmtkjixEfbwkjGew26ZjtGCmNvQ1P130P
aln2aqbxKzvqL6beLSKCzsP+leXCRuRFNCodiCefv3Fw3DAqTrGdks/vyG6OKLZ+
TUWNX0YFRhiZ0Jn3jx/rErRzvEhEnuXRdYWi5dlCogh+D6zV
-----END CERTIFICATE-----
Generated at Sat Apr 5 10:05:17 2025 by rpki-client