Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zzaArXGUePaNvVodGF-f7YGMm9w.roa
File: zzaArXGUePaNvVodGF-f7YGMm9w.roa (raw, json)
Hash identifier: rBvLrnW8ZCK9WYxt6mBRt9h8x9qJWOyD/bm1llBCLJY=
Subject key identifier: CF:36:80:AD:71:94:78:F6:8D:BD:5A:1D:18:5F:9F:ED:81:8C:9B:DC
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 019422FC036EBDE948B7590A08D8EA2E2493
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zzaArXGUePaNvVodGF-f7YGMm9w.roa
Signing time: Wed 01 Jan 2025 17:48:48 +0000
ROA not before: Wed 01 Jan 2025 17:48:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398549
IP address blocks: 2a0c:9a40:8d00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 04:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fc:03:6e:bd:e9:48:b7:59:0a:08:d8:ea:2e:24:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Jan 1 17:48:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf3680ad719478f68dbd5a1d185f9fed818c9bdc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:34:dc:4e:3e:1f:dd:c7:2a:7e:50:68:6c:41:
85:2d:08:46:a2:36:31:dd:22:d7:15:b7:20:6d:0c:
75:be:74:1f:6f:53:76:62:eb:3a:70:2a:85:81:18:
96:44:ca:09:ed:ec:3b:12:e7:5f:15:e3:d4:0c:a1:
10:4f:76:fe:c8:c1:69:70:72:a0:d6:28:d5:b3:1c:
44:c8:31:e6:74:80:59:e7:d6:42:27:c8:0c:9e:3a:
95:3c:0c:40:90:a1:86:a1:df:2f:d4:e2:8f:23:e7:
bf:00:5a:aa:82:a9:d2:32:a5:ec:fe:2b:fa:0c:86:
9b:56:c1:77:2e:0d:e8:ca:fe:64:00:4a:fc:cf:e8:
40:23:0e:5d:7b:40:f0:01:35:92:f5:81:fc:23:d7:
fb:77:ff:31:60:4e:1a:f7:51:f3:2a:ee:d1:42:af:
2b:a5:9f:cd:4e:79:49:1c:d9:b7:20:96:f1:15:04:
58:a4:0b:a2:56:11:5d:f9:52:2b:37:55:5f:3f:d2:
ed:b1:3e:c7:a9:ab:cb:4d:fc:00:73:df:9f:46:3c:
3f:91:a4:5f:de:f5:02:d8:de:ae:40:9c:6c:16:f0:
0f:ff:78:00:a7:de:83:da:a7:85:be:67:d0:6e:28:
8d:af:95:f8:d8:fb:8d:4a:df:e9:9e:52:7f:50:12:
66:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:36:80:AD:71:94:78:F6:8D:BD:5A:1D:18:5F:9F:ED:81:8C:9B:DC
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/zzaArXGUePaNvVodGF-f7YGMm9w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8d00::/40
Signature Algorithm: sha256WithRSAEncryption
cb:4a:17:b1:a6:b3:05:32:34:b5:b5:7f:3c:6f:f1:0f:0e:a8:
76:29:93:c4:60:93:ff:97:db:72:ed:d9:9f:24:f4:7d:a6:4b:
bb:2d:75:71:0b:3b:b5:31:d6:aa:b9:28:2f:c7:2c:7b:aa:ff:
2b:e7:cf:e0:30:e2:b4:0e:2f:4e:21:80:11:1d:06:b6:de:7e:
6b:fd:b2:f1:0a:64:8b:f2:90:af:e0:7d:b8:98:87:ef:23:ff:
f2:b0:7e:5f:bf:10:ae:ba:af:25:51:fb:20:55:be:2b:05:dc:
f1:4f:13:54:e2:2a:79:7e:45:d5:a8:df:38:53:df:d1:8c:c9:
82:f6:e6:75:bf:8b:09:68:0d:42:8f:23:e4:5d:36:da:58:6a:
3e:60:dd:18:5b:d8:9a:ed:f8:b6:34:45:8c:fe:ab:cf:21:7a:
a9:f0:f7:c8:f2:f6:d7:4e:e6:c6:01:d8:a2:49:52:ea:95:70:
61:fe:54:8f:a2:68:cf:e7:60:6f:ab:d0:3f:7c:c1:48:66:aa:
1c:26:6a:90:a9:48:4f:47:0f:80:a5:9c:ac:6f:4d:36:fa:45:
b7:5f:ba:87:3e:44:03:42:a2:24:19:f5:94:f8:67:03:85:4a:
b8:84:c3:20:c3:5c:52:b0:31:11:7c:ca:73:ff:e0:ac:4b:65:
e1:10:c8:f9
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQi/ANuvelIt1kKCNjqLiSTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUwMTAxMTc0ODQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjM2ODBhZDcxOTQ3OGY2OGRiZDVhMWQxODVmOWZlZDgxOGM5YmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9jTcTj4f3ccqflBobEGFLQhGojYx
3SLXFbcgbQx1vnQfb1N2Yus6cCqFgRiWRMoJ7ew7EudfFePUDKEQT3b+yMFpcHKg
1ijVsxxEyDHmdIBZ59ZCJ8gMnjqVPAxAkKGGod8v1OKPI+e/AFqqgqnSMqXs/iv6
DIabVsF3Lg3oyv5kAEr8z+hAIw5de0DwATWS9YH8I9f7d/8xYE4a91HzKu7RQq8r
pZ/NTnlJHNm3IJbxFQRYpAuiVhFd+VIrN1VfP9LtsT7HqavLTfwAc9+fRjw/kaRf
3vUC2N6uQJxsFvAP/3gAp96D2qeFvmfQbiiNr5X42PuNSt/pnlJ/UBJm9wIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFM82gK1xlHj2jb1aHRhfn+2BjJvcMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvenphQXJYR1VlUGFOdlZvZEdGLWY3WUdNbTl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKgyaQI0w
DQYJKoZIhvcNAQELBQADggEBAMtKF7GmswUyNLW1fzxv8Q8OqHYpk8Rgk/+X23Lt
2Z8k9H2mS7stdXELO7Ux1qq5KC/HLHuq/yvnz+Aw4rQOL04hgBEdBrbefmv9svEK
ZIvykK/gfbiYh+8j//Kwfl+/EK66ryVR+yBVvisF3PFPE1TiKnl+RdWo3zhT39GM
yYL25nW/iwloDUKPI+RdNtpYaj5g3Rhb2Jrt+LY0RYz+q88heqnw98jy9tdO5sYB
2KJJUuqVcGH+VI+iaM/nYG+r0D98wUhmqhwmapCpSE9HD4ClnKxvTTb6Rbdfuoc+
RANCoiQZ9ZT4ZwOFSriEwyDDXFKwMRF8ynP/4KxLZeEQyPk=
-----END CERTIFICATE-----
Generated at Sat Apr 5 09:45:04 2025 by rpki-client