Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/Z1aPPPc81U2W2p-hUbb2wEiLSrc.roa
File: Z1aPPPc81U2W2p-hUbb2wEiLSrc.roa (raw, json)
Hash identifier: 2YYRPX4gY5ODPttZebzHcbGfP4UENAWKSJvWHEPrLO0=
Subject key identifier: 67:56:8F:3C:F7:3C:D5:4D:96:DA:9F:A1:51:B6:F6:C0:48:8B:4A:B7
Certificate issuer: /CN=1efa596a3126ace029c6d70d529257e07b38ba06
Certificate serial: 019423D7DB5F1414AA4D8F170D46EAEEE6A1
Authority key identifier: 1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/Z1aPPPc81U2W2p-hUbb2wEiLSrc.roa
Signing time: Wed 01 Jan 2025 21:48:56 +0000
ROA not before: Wed 01 Jan 2025 21:48:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 128.139.0.0/17 maxlen: 17
128.139.128.0/17 maxlen: 17
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.mft
rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 07 Apr 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:d7:db:5f:14:14:aa:4d:8f:17:0d:46:ea:ee:e6:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1efa596a3126ace029c6d70d529257e07b38ba06
Validity
Not Before: Jan 1 21:48:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67568f3cf73cd54d96da9fa151b6f6c0488b4ab7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ac:11:37:74:31:c0:34:83:b0:4c:53:84:b2:
54:ea:b2:1e:54:34:48:74:e5:45:77:b2:81:ae:08:
cf:f5:41:e9:43:0a:1a:87:6f:7c:a4:45:a2:35:00:
99:02:31:38:3e:37:40:fa:10:d2:8e:b0:3b:3b:25:
89:eb:e7:55:2b:f2:25:0f:48:bf:0e:5a:b6:f9:36:
84:16:19:bd:37:90:0a:f8:3c:7e:43:20:cd:52:34:
e9:3d:c9:c7:85:7f:49:90:13:1c:a7:21:83:bd:a5:
80:6a:96:06:b2:8f:38:25:93:13:eb:1c:50:1c:2e:
2d:9e:d6:38:d9:89:38:fe:6e:a3:e6:9c:1c:6c:f8:
7f:0b:a7:73:e7:5d:20:9a:16:15:6b:42:b0:b8:b1:
c1:09:40:48:13:1b:ae:27:9d:19:f8:0c:7d:bb:ba:
64:67:8f:07:51:70:74:d0:11:ed:c4:67:65:0e:6a:
4c:98:2e:47:fb:5b:7b:98:e7:16:6d:0a:d6:c2:6f:
3f:fe:cf:e8:7e:15:61:d2:00:3d:0d:d4:9d:06:dd:
d4:a7:42:6d:da:3d:1e:9e:12:4a:4a:0a:e8:8f:e0:
49:e2:5c:aa:69:89:24:3c:a7:d0:65:1e:60:74:9f:
d2:49:ce:07:a0:92:e3:e8:b9:e5:42:1c:13:a1:fd:
e0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:56:8F:3C:F7:3C:D5:4D:96:DA:9F:A1:51:B6:F6:C0:48:8B:4A:B7
X509v3 Authority Key Identifier:
keyid:1E:FA:59:6A:31:26:AC:E0:29:C6:D7:0D:52:92:57:E0:7B:38:BA:06
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HvpZajEmrOApxtcNUpJX4Hs4ugY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/Z1aPPPc81U2W2p-hUbb2wEiLSrc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/3cc78a-8fb5-475a-8882-9d0c620735f1/1/HvpZajEmrOApxtcNUpJX4Hs4ugY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
a1:6e:85:ae:f6:96:ff:c2:5f:a7:1f:f2:fb:19:ae:c6:b4:46:
83:cc:ef:d2:3a:52:66:56:b8:bd:29:8e:1e:2d:54:42:c8:a7:
24:0f:0b:16:1c:23:85:1b:3f:25:6b:d1:ff:a2:77:1c:33:05:
50:72:0b:f8:d8:e8:28:0f:ec:1d:71:02:e4:e6:59:0a:b7:b9:
7d:82:1e:77:4c:c9:67:e0:84:13:2c:40:16:5a:fc:12:d2:80:
29:59:99:85:ae:66:85:76:c7:56:13:51:bb:ab:71:99:a5:e6:
17:6c:2c:f7:9d:d0:e9:c2:8e:91:86:df:2c:fd:73:bc:77:67:
3e:83:b8:3c:93:f0:43:77:ac:2b:eb:66:75:91:cd:24:ff:0d:
6f:7c:a1:b7:24:42:e5:20:35:3f:ad:01:86:66:87:38:9f:2b:
75:95:6d:c2:15:fc:17:6a:a6:ac:e3:aa:6c:89:ab:75:3d:17:
c7:b7:b5:5e:fc:ae:98:89:60:71:87:65:4e:ce:85:83:6b:99:
a7:88:e8:4e:2d:41:b8:ce:05:4a:47:d1:78:38:24:59:fa:28:
eb:99:90:b9:f8:49:d3:0d:d0:4e:1f:88:c5:5f:0e:74:3c:7c:
f4:6a:35:9b:f6:72:53:97:a4:38:50:be:70:14:a8:e3:da:b7:
b8:ce:3b:19
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZQj19tfFBSqTY8XDUbq7uahMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZmE1OTZhMzEyNmFjZTAyOWM2ZDcwZDUyOTI1N2UwN2Iz
OGJhMDYwHhcNMjUwMTAxMjE0ODU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzU2OGYzY2Y3M2NkNTRkOTZkYTlmYTE1MWI2ZjZjMDQ4OGI0YWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKwRN3QxwDSDsExThLJU6rIeVDRI
dOVFd7KBrgjP9UHpQwoah298pEWiNQCZAjE4PjdA+hDSjrA7OyWJ6+dVK/IlD0i/
Dlq2+TaEFhm9N5AK+Dx+QyDNUjTpPcnHhX9JkBMcpyGDvaWAapYGso84JZMT6xxQ
HC4tntY42Yk4/m6j5pwcbPh/C6dz510gmhYVa0KwuLHBCUBIExuuJ50Z+Ax9u7pk
Z48HUXB00BHtxGdlDmpMmC5H+1t7mOcWbQrWwm8//s/ofhVh0gA9DdSdBt3Up0Jt
2j0enhJKSgroj+BJ4lyqaYkkPKfQZR5gdJ/SSc4HoJLj6LnlQhwTof3gOQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFGdWjzz3PNVNltqfoVG29sBIi0q3MB8GA1UdIwQY
MBaAFB76WWoxJqzgKcbXDVKSV+B7OLoGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODIt
OWQwYzYyMDczNWYxLzEvWjFhUFBQYzgxVTJXMnAtaFViYjJ3RWlMU3JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zY2M3OGEtOGZiNS00NzVhLTg4ODItOWQwYzYyMDczNWYx
LzEvSHZwWmFqRW1yT0FweHRjTlVwSlg0SHM0dWdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAgIswDQYJ
KoZIhvcNAQELBQADggEBAKFuha72lv/CX6cf8vsZrsa0RoPM79I6UmZWuL0pjh4t
VELIpyQPCxYcI4UbPyVr0f+idxwzBVByC/jY6CgP7B1xAuTmWQq3uX2CHndMyWfg
hBMsQBZa/BLSgClZmYWuZoV2x1YTUburcZml5hdsLPed0OnCjpGG3yz9c7x3Zz6D
uDyT8EN3rCvrZnWRzST/DW98obckQuUgNT+tAYZmhzifK3WVbcIV/BdqpqzjqmyJ
q3U9F8e3tV78rpiJYHGHZU7OhYNrmaeI6E4tQbjOBUpH0Xg4JFn6KOuZkLn4SdMN
0E4fiMVfDnQ8fPRqNZv2clOXpDhQvnAUqOPat7jOOxk=
-----END CERTIFICATE-----
Generated at Sun Apr 6 10:53:01 2025 by rpki-client