Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/4l-Zv8K6ETH50yhj6WB6p_9kG5U.roa
File: 4l-Zv8K6ETH50yhj6WB6p_9kG5U.roa (raw, json)
Hash identifier: WZUkyIubye+CfD08jpYH88w+qgPDHpHskfJideChpzA=
Subject key identifier: E2:5F:99:BF:C2:BA:11:31:F9:D3:28:63:E9:60:7A:A7:FF:64:1B:95
Certificate issuer: /CN=f79fcfd2875abdf61e19d3270eafe1effadc6662
Certificate serial: 01971AEA574B6628AD33FE7E70E91D570E1A
Authority key identifier: F7:9F:CF:D2:87:5A:BD:F6:1E:19:D3:27:0E:AF:E1:EF:FA:DC:66:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/95_P0odavfYeGdMnDq_h7_rcZmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/4l-Zv8K6ETH50yhj6WB6p_9kG5U.roa
Signing time: Thu 29 May 2025 07:20:54 +0000
ROA not before: Thu 29 May 2025 07:20:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207160
IP address blocks: 2001:67c:232c::/48 maxlen: 48
2a14:d100::/33 maxlen: 33
2a14:d100::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/95_P0odavfYeGdMnDq_h7_rcZmI.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/95_P0odavfYeGdMnDq_h7_rcZmI.mft
rsync://rpki.ripe.net/repository/DEFAULT/95_P0odavfYeGdMnDq_h7_rcZmI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1a:ea:57:4b:66:28:ad:33:fe:7e:70:e9:1d:57:0e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f79fcfd2875abdf61e19d3270eafe1effadc6662
Validity
Not Before: May 29 07:20:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e25f99bfc2ba1131f9d32863e9607aa7ff641b95
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:28:f0:57:73:f7:95:cc:da:dd:13:d6:59:83:
6a:76:27:47:4a:08:0b:75:8d:14:15:bf:dc:b4:b7:
df:5b:81:0f:51:77:09:ab:f0:db:a8:6c:0d:dd:46:
4f:15:d7:a9:e2:8c:78:d8:31:43:ed:30:88:95:75:
4a:ad:2a:15:dd:ed:ca:e9:d1:47:e8:0f:53:e1:dc:
38:0b:24:22:79:3c:7a:66:1a:50:49:2a:08:30:9d:
e0:bb:69:f4:bc:4e:5c:ac:9c:eb:c1:91:e6:80:01:
5b:53:cb:1a:a1:aa:25:b4:60:cd:85:c2:3e:e1:15:
f9:85:fb:ad:7a:97:4c:ed:40:49:40:ed:f5:a5:35:
85:fb:64:c7:a9:92:b2:ea:62:ad:cd:0e:c9:9a:17:
b9:4d:8d:55:17:e6:85:6c:54:43:54:de:17:8f:86:
a4:9e:01:ce:92:db:ba:0b:f7:a2:a1:b4:d3:91:21:
10:01:1f:3d:e9:a1:d8:7e:22:6e:4b:c6:3f:c0:3b:
cb:0a:74:7b:74:91:31:4c:66:56:88:2e:6b:9f:25:
87:b2:59:5e:c3:2a:f2:78:44:d6:0d:7d:03:d6:54:
a7:06:4e:14:45:e4:53:3c:c2:a0:52:3c:fa:54:05:
42:58:fa:7f:84:59:00:47:a1:42:01:c5:10:7e:88:
4d:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:5F:99:BF:C2:BA:11:31:F9:D3:28:63:E9:60:7A:A7:FF:64:1B:95
X509v3 Authority Key Identifier:
keyid:F7:9F:CF:D2:87:5A:BD:F6:1E:19:D3:27:0E:AF:E1:EF:FA:DC:66:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/95_P0odavfYeGdMnDq_h7_rcZmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/4l-Zv8K6ETH50yhj6WB6p_9kG5U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/b02cb6-86c7-4f6d-99d1-90776f84c9b7/1/95_P0odavfYeGdMnDq_h7_rcZmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2001:67c:232c::/48
2a14:d100::/33
Signature Algorithm: sha256WithRSAEncryption
0d:31:85:c8:37:51:cf:c0:78:06:83:22:b1:4b:3b:71:7f:81:
35:a6:b8:1a:42:d2:f5:08:e5:43:86:0d:bd:c4:a8:97:f0:bf:
8a:f2:82:d6:7a:b0:72:49:e8:d1:21:3e:7c:74:66:d5:03:70:
bd:f3:f1:87:13:47:41:a0:f5:18:d7:e2:c8:6e:82:8e:a1:0b:
be:e9:dc:69:38:9c:d1:18:16:b5:d0:6c:aa:6f:0c:9b:0d:71:
16:c8:c2:e9:ea:98:dd:d3:db:16:92:52:d1:ac:71:32:82:e7:
c3:ef:bb:a3:9a:d4:3f:02:9f:f0:32:07:25:26:ad:fd:10:5b:
c2:bb:01:2d:c5:20:a4:31:c8:10:b7:cd:6d:cf:ab:12:26:ea:
14:64:21:52:01:80:db:81:c8:b7:35:2a:db:f2:8b:97:7e:7b:
cb:9e:4c:47:c7:10:05:01:3a:67:9d:3c:42:56:ac:34:ff:47:
05:1e:c5:bf:46:8f:51:db:8a:7a:86:c4:c8:37:33:18:07:57:
d3:b9:22:51:89:d7:b7:ba:b5:13:02:8d:af:d1:81:f5:e8:79:
4b:68:f1:9b:f4:61:20:86:67:75:42:6c:a0:96:24:82:86:b1:
f1:c3:45:3a:70:60:04:74:e4:72:2c:f4:d9:9c:20:8d:15:a0:
0b:c9:41:c3
-----BEGIN CERTIFICATE-----
MIIFCDCCA/CgAwIBAgISAZca6ldLZiitM/5+cOkdVw4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3OWZjZmQyODc1YWJkZjYxZTE5ZDMyNzBlYWZlMWVmZmFk
YzY2NjIwHhcNMjUwNTI5MDcyMDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMjVmOTliZmMyYmExMTMxZjlkMzI4NjNlOTYwN2FhN2ZmNjQxYjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4yjwV3P3lcza3RPWWYNqdidHSggL
dY0UFb/ctLffW4EPUXcJq/DbqGwN3UZPFdep4ox42DFD7TCIlXVKrSoV3e3K6dFH
6A9T4dw4CyQieTx6ZhpQSSoIMJ3gu2n0vE5crJzrwZHmgAFbU8saoaoltGDNhcI+
4RX5hfutepdM7UBJQO31pTWF+2THqZKy6mKtzQ7Jmhe5TY1VF+aFbFRDVN4Xj4ak
ngHOktu6C/eiobTTkSEQAR896aHYfiJuS8Y/wDvLCnR7dJExTGZWiC5rnyWHslle
wyryeETWDX0D1lSnBk4UReRTPMKgUjz6VAVCWPp/hFkAR6FCAcUQfohN5wIDAQAB
o4ICFDCCAhAwHQYDVR0OBBYEFOJfmb/CuhEx+dMoY+lgeqf/ZBuVMB8GA1UdIwQY
MBaAFPefz9KHWr32HhnTJw6v4e/63GZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOTVfUDBvZGF2ZlllR2RNbkRxX2g3X3JjWm1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9iMDJjYjYtODZjNy00ZjZkLTk5ZDEt
OTA3NzZmODRjOWI3LzEvNGwtWnY4SzZFVEg1MHloajZXQjZwXzlrRzVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9iMDJjYjYtODZjNy00ZjZkLTk5ZDEtOTA3NzZmODRjOWI3
LzEvOTVfUDBvZGF2ZlllR2RNbkRxX2g3X3JjWm1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCoGCCsGAQUFBwEHAQH/BBswGTAXBAIAAjARAwcAIAEGfCMs
AwYHKhTRAAAwDQYJKoZIhvcNAQELBQADggEBAA0xhcg3Uc/AeAaDIrFLO3F/gTWm
uBpC0vUI5UOGDb3EqJfwv4rygtZ6sHJJ6NEhPnx0ZtUDcL3z8YcTR0Gg9RjX4shu
go6hC77p3Gk4nNEYFrXQbKpvDJsNcRbIwunqmN3T2xaSUtGscTKC58Pvu6Oa1D8C
n/AyByUmrf0QW8K7AS3FIKQxyBC3zW3PqxIm6hRkIVIBgNuByLc1Ktvyi5d+e8ue
TEfHEAUBOmedPEJWrDT/RwUexb9Gj1HbinqGxMg3MxgHV9O5IlGJ17e6tRMCja/R
gfXoeUto8Zv0YSCGZ3VCbKCWJIKGsfHDRTpwYAR05HIs9NmcII0VoAvJQcM=
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:21:21 2025 by rpki-client