Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/z4dbT2rdI1MPHPzn2a4SSpvkt3E.roa
File: z4dbT2rdI1MPHPzn2a4SSpvkt3E.roa (raw, json)
Hash identifier: pftbqIKgzEeVO9sl0LAVO5XHYPxIgJ6YwaN9JqNCTzk=
Subject key identifier: CF:87:5B:4F:6A:DD:23:53:0F:1C:FC:E7:D9:AE:12:4A:9B:E4:B7:71
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 019426DA052A0E8E32040FD53BD369C9D54A
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/z4dbT2rdI1MPHPzn2a4SSpvkt3E.roa
Signing time: Thu 02 Jan 2025 11:50:09 +0000
ROA not before: Thu 02 Jan 2025 11:50:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62874
IP address blocks: 2a03:f87:caaa::/48 maxlen: 48
2a03:f87:caab::/48 maxlen: 48
2a03:f87:caac::/48 maxlen: 48
2a03:f87:caad::/48 maxlen: 48
2a03:f87:daa1::/48 maxlen: 48
2a03:f87:daa2::/48 maxlen: 48
2a03:f87:daa3::/48 maxlen: 48
2a03:f87:daa4::/48 maxlen: 48
2a03:f87:daaa::/48 maxlen: 48
2a03:f87:daab::/48 maxlen: 48
2a03:f87:daac::/48 maxlen: 48
2a03:f87:daad::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 12:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:da:05:2a:0e:8e:32:04:0f:d5:3b:d3:69:c9:d5:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jan 2 11:50:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf875b4f6add23530f1cfce7d9ae124a9be4b771
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6d:dd:20:94:5f:11:9a:14:85:e1:17:ba:89:
92:78:e2:b8:3d:19:39:9e:8c:3c:85:de:24:86:03:
9f:9c:26:b1:a3:d2:b2:57:76:f2:b4:27:05:3d:a0:
96:dc:23:d5:24:8a:f7:bd:3c:74:d5:72:53:fd:f5:
c2:a1:62:15:15:c1:75:95:de:63:42:7e:bd:14:91:
fb:6d:f8:bc:32:3e:30:5f:25:54:21:0a:a6:46:7e:
7b:4d:89:d8:ad:74:bd:63:04:e2:0a:40:f9:29:00:
02:af:4b:d2:a5:5e:b4:8e:f9:2e:80:a5:8d:4c:a1:
61:5a:63:22:f9:08:89:f4:b9:fd:0c:5e:36:23:58:
35:40:ad:29:8e:27:8c:0c:33:4e:07:b3:ed:9d:81:
b4:20:07:74:71:08:ad:ed:4f:9a:73:6e:f1:40:f3:
e5:90:a9:25:15:bf:73:dd:76:5b:53:45:6b:e3:ae:
bc:a9:94:8d:67:71:80:51:1f:54:7b:87:3e:e7:3b:
cb:53:cf:53:b4:cd:a4:98:98:95:8e:e9:d7:0a:0a:
12:f3:e4:31:c3:83:db:78:26:09:ff:ab:3c:e1:64:
45:d0:09:7e:29:6c:64:42:8c:64:25:82:64:e6:92:
72:46:b4:8f:62:0f:35:55:02:d1:13:76:2c:73:5d:
04:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:87:5B:4F:6A:DD:23:53:0F:1C:FC:E7:D9:AE:12:4A:9B:E4:B7:71
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/z4dbT2rdI1MPHPzn2a4SSpvkt3E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:f87:caaa::-2a03:f87:caad:ffff:ffff:ffff:ffff:ffff
2a03:f87:daa1::-2a03:f87:daa4:ffff:ffff:ffff:ffff:ffff
2a03:f87:daaa::-2a03:f87:daad:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
45:17:63:32:52:23:95:ef:ad:cd:3c:05:c6:ee:7d:18:19:d0:
a4:12:f6:44:73:7f:b4:58:43:ce:7d:e7:0b:32:76:57:27:32:
9b:d7:04:72:7b:f1:ae:e4:0e:4f:bf:5c:1e:a6:0b:0d:08:68:
ca:bc:db:87:93:12:09:02:f4:38:02:b6:17:ae:24:c9:09:6a:
61:cf:8c:83:61:0d:0c:a7:d5:d4:6a:49:17:ca:14:70:53:94:
d4:27:7f:48:68:72:05:9a:30:ca:e9:e1:6b:ae:17:23:82:21:
ae:66:dc:db:28:d1:7c:c7:6c:29:08:e9:53:77:45:fc:cc:6b:
33:a2:9e:1e:ad:ed:a4:14:a5:66:d6:7d:de:f7:5b:0f:7d:4f:
00:be:44:1e:97:73:66:68:9a:f2:29:c4:6f:e2:80:1f:c5:26:
6b:1d:24:6b:76:5b:56:db:75:18:d6:6f:c9:6d:19:f2:27:c9:
77:26:c8:1d:79:4f:bd:77:9a:17:9a:9f:fa:5e:28:97:d5:5f:
da:87:a0:8c:62:18:b3:e8:cc:fa:aa:03:d7:3f:87:5d:39:4b:
98:92:50:16:c3:28:fc:1f:15:78:cf:48:47:8c:7f:65:29:a2:
26:53:04:27:bd:7c:11:0f:7b:90:dd:af:71:ad:d1:fb:8f:f2:
90:70:c6:ca
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZQm2gUqDo4yBA/VO9NpydVKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwMTAyMTE1MDA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjg3NWI0ZjZhZGQyMzUzMGYxY2ZjZTdkOWFlMTI0YTliZTRiNzcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm3dIJRfEZoUheEXuomSeOK4PRk5
now8hd4khgOfnCaxo9KyV3bytCcFPaCW3CPVJIr3vTx01XJT/fXCoWIVFcF1ld5j
Qn69FJH7bfi8Mj4wXyVUIQqmRn57TYnYrXS9YwTiCkD5KQACr0vSpV60jvkugKWN
TKFhWmMi+QiJ9Ln9DF42I1g1QK0pjieMDDNOB7PtnYG0IAd0cQit7U+ac27xQPPl
kKklFb9z3XZbU0Vr4668qZSNZ3GAUR9Ue4c+5zvLU89TtM2kmJiVjunXCgoS8+Qx
w4PbeCYJ/6s84WRF0Al+KWxkQoxkJYJk5pJyRrSPYg81VQLRE3Ysc10EvQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFM+HW09q3SNTDxz859muEkqb5LdxMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvejRkYlQycmRJMU1QSFB6bjJhNFNTcHZrdDNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAAjA8MBIDBwEqAw+H
yqoDBwEqAw+HyqwwEgMHACoDD4faoQMHACoDD4fapDASAwcBKgMPh9qqAwcBKgMP
h9qsMA0GCSqGSIb3DQEBCwUAA4IBAQBFF2MyUiOV763NPAXG7n0YGdCkEvZEc3+0
WEPOfecLMnZXJzKb1wRye/Gu5A5Pv1wepgsNCGjKvNuHkxIJAvQ4ArYXriTJCWph
z4yDYQ0Mp9XUakkXyhRwU5TUJ39IaHIFmjDK6eFrrhcjgiGuZtzbKNF8x2wpCOlT
d0X8zGszop4ere2kFKVm1n3e91sPfU8AvkQel3NmaJryKcRv4oAfxSZrHSRrdltW
23UY1m/JbRnyJ8l3JsgdeU+9d5oXmp/6XiiX1V/ah6CMYhiz6Mz6qgPXP4ddOUuY
klAWwyj8HxV4z0hHjH9lKaImUwQnvXwRD3uQ3a9xrdH7j/KQcMbK
-----END CERTIFICATE-----
Generated at Mon Apr 7 16:50:43 2025 by rpki-client