Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/znAyt_jBZAhoDnHzql64kcQWok8.roa
File: znAyt_jBZAhoDnHzql64kcQWok8.roa (raw, json)
Hash identifier: rGr5XZMR5/sQ+wZVgQmYXlbzsOXYooLIJ9FAXBZkAjY=
Subject key identifier: CE:70:32:B7:F8:C1:64:08:68:0E:71:F3:AA:5E:B8:91:C4:16:A2:4F
Certificate issuer: /CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Certificate serial: 0196E7DC832882A3AC76147DA6AD61B976EE
Authority key identifier: 0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/znAyt_jBZAhoDnHzql64kcQWok8.roa
Signing time: Mon 19 May 2025 09:25:10 +0000
ROA not before: Mon 19 May 2025 09:25:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213893
IP address blocks: 2a0d:d940:10::/48 maxlen: 48
2a0d:d940:11::/48 maxlen: 48
2a0d:d940:13::/48 maxlen: 48
2a0d:d940:14::/48 maxlen: 48
2a0d:d940:15::/48 maxlen: 48
2a0d:d940:18::/48 maxlen: 48
2a0d:d940:19::/48 maxlen: 48
2a0d:d940:1a::/48 maxlen: 48
2a0d:d940:1f00::/40 maxlen: 40
2a0d:d940:9008::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 21:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e7:dc:83:28:82:a3:ac:76:14:7d:a6:ad:61:b9:76:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b4e3b3b84242258863142ed3a19792d97cbbc74
Validity
Not Before: May 19 09:25:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce7032b7f8c16408680e71f3aa5eb891c416a24f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:b8:52:b6:68:8a:bb:7a:b2:ce:b4:78:03:ee:
50:cf:60:3b:bd:e1:2a:a6:fa:46:84:3b:09:0b:ad:
0b:1c:24:77:9b:17:bd:24:b7:b9:0c:30:a0:5e:3e:
8a:85:2c:6a:c3:0e:70:53:0e:5e:82:4c:89:b6:6f:
5e:51:09:a4:3d:03:78:53:f0:a5:fb:49:5f:27:f9:
b2:36:72:99:93:c6:d1:a9:95:af:30:6c:73:d5:f0:
18:61:1a:c5:af:3b:45:e5:69:ce:6f:79:08:93:a1:
99:71:ee:c8:4e:b3:1a:30:1b:74:15:24:3c:1d:af:
18:25:ad:70:9a:06:6e:49:c1:a3:4e:7e:fe:a2:32:
2a:2d:e2:c7:3a:67:c5:28:5b:99:78:49:08:ed:37:
9d:8b:23:7c:0d:01:78:a1:dd:07:98:6d:68:bd:de:
e3:00:79:2b:5a:5b:fb:ba:43:3e:6c:f9:10:4b:4b:
aa:6b:f5:29:1e:48:8c:cc:e5:c2:17:bc:6f:b3:22:
44:55:d6:a7:67:a8:b9:13:9d:d5:0a:f8:a4:1e:25:
46:a6:c9:10:e1:fe:db:ab:63:68:d9:ca:08:2b:76:
a4:a3:74:0e:00:31:b7:c8:f8:95:fa:1b:34:78:8c:
6d:a2:eb:61:39:85:78:37:0b:45:61:b7:37:90:40:
6d:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:70:32:B7:F8:C1:64:08:68:0E:71:F3:AA:5E:B8:91:C4:16:A2:4F
X509v3 Authority Key Identifier:
keyid:0B:4E:3B:3B:84:24:22:58:86:31:42:ED:3A:19:79:2D:97:CB:BC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C047O4QkIliGMULtOhl5LZfLvHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/znAyt_jBZAhoDnHzql64kcQWok8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/7ba1b1-5562-4a32-9f5d-14d238527835/1/C047O4QkIliGMULtOhl5LZfLvHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0d:d940:10::/47
2a0d:d940:13::-2a0d:d940:15:ffff:ffff:ffff:ffff:ffff
2a0d:d940:18::-2a0d:d940:1a:ffff:ffff:ffff:ffff:ffff
2a0d:d940:1f00::/40
2a0d:d940:9008::/48
Signature Algorithm: sha256WithRSAEncryption
5c:9a:35:e0:5c:f2:53:ad:9b:a0:62:4f:4d:b5:45:0a:71:42:
90:4e:42:e1:72:52:fe:bb:7c:52:75:47:e4:35:b7:4e:62:1b:
ef:b0:01:56:e9:db:5a:41:84:59:c1:59:0a:88:d6:41:aa:96:
90:63:ed:0c:6b:aa:1d:e0:f7:d4:28:5b:52:1a:5d:c8:a1:21:
d4:2d:bb:11:5e:e3:2c:21:3a:34:9c:06:d6:70:f7:41:3d:7c:
7f:7f:30:be:b3:25:1f:61:95:e0:0a:e6:a3:ad:34:34:8d:2d:
52:3e:27:18:ae:a7:38:e7:c8:f1:30:99:11:b7:c6:07:95:0c:
7d:15:c5:71:dc:8f:15:28:11:ac:37:5e:6c:06:4b:a2:98:f1:
1d:74:67:33:bc:3c:b4:19:e3:62:3a:30:be:01:17:c5:a6:11:
56:be:e7:78:07:66:6a:58:78:49:b7:ff:d9:0e:b6:7c:78:f9:
a5:b7:99:2f:73:82:f7:22:69:55:86:8a:7b:33:c2:71:48:4c:
d8:c9:35:3d:28:2f:3c:2c:ee:05:f7:27:8c:5d:fa:5d:41:a3:
a5:82:e8:72:25:ab:bb:ad:41:4e:28:8b:99:20:7c:bf:fa:c5:
1d:08:59:e5:0c:67:f4:eb:c7:84:43:ac:5c:d5:29:fa:0c:86:
0a:a0:4f:3a
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZbn3IMogqOsdhR9pq1huXbuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNGUzYjNiODQyNDIyNTg4NjMxNDJlZDNhMTk3OTJkOTdj
YmJjNzQwHhcNMjUwNTE5MDkyNTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTcwMzJiN2Y4YzE2NDA4NjgwZTcxZjNhYTVlYjg5MWM0MTZhMjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3bhStmiKu3qyzrR4A+5Qz2A7veEq
pvpGhDsJC60LHCR3mxe9JLe5DDCgXj6KhSxqww5wUw5egkyJtm9eUQmkPQN4U/Cl
+0lfJ/myNnKZk8bRqZWvMGxz1fAYYRrFrztF5WnOb3kIk6GZce7ITrMaMBt0FSQ8
Ha8YJa1wmgZuScGjTn7+ojIqLeLHOmfFKFuZeEkI7TediyN8DQF4od0HmG1ovd7j
AHkrWlv7ukM+bPkQS0uqa/UpHkiMzOXCF7xvsyJEVdanZ6i5E53VCvikHiVGpskQ
4f7bq2No2coIK3ako3QOADG3yPiV+hs0eIxtouthOYV4NwtFYbc3kEBt2QIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFM5wMrf4wWQIaA5x86peuJHEFqJPMB8GA1UdIwQY
MBaAFAtOOzuEJCJYhjFC7ToZeS2Xy7x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQt
MTRkMjM4NTI3ODM1LzEvem5BeXRfakJaQWhvRG5IenFsNjRrY1FXb2s4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS83YmExYjEtNTU2Mi00YTMyLTlmNWQtMTRkMjM4NTI3ODM1
LzEvQzA0N080UWtJbGlHTVVMdE9obDVMWmZMdkhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAAjBCAwcBKg3ZQAAQ
MBIDBwAqDdlAABMDBwEqDdlAABQwEgMHAyoN2UAAGAMHACoN2UAAGgMGACoN2UAf
AwcAKg3ZQJAIMA0GCSqGSIb3DQEBCwUAA4IBAQBcmjXgXPJTrZugYk9NtUUKcUKQ
TkLhclL+u3xSdUfkNbdOYhvvsAFW6dtaQYRZwVkKiNZBqpaQY+0Ma6od4PfUKFtS
Gl3IoSHULbsRXuMsITo0nAbWcPdBPXx/fzC+syUfYZXgCuajrTQ0jS1SPicYrqc4
58jxMJkRt8YHlQx9FcVx3I8VKBGsN15sBkuimPEddGczvDy0GeNiOjC+ARfFphFW
vud4B2ZqWHhJt//ZDrZ8ePmlt5kvc4L3ImlVhop7M8JxSEzYyTU9KC88LO4F9yeM
XfpdQaOlguhyJau7rUFOKIuZIHy/+sUdCFnlDGf068eEQ6xc1Sn6DIYKoE86
-----END CERTIFICATE-----
Generated at Mon Jun 9 07:39:24 2025 by rpki-client